89.42.252.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: UPC Romania SRL

Hostname: unknown

Organization: Liberty Global B.V.

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Sep 1 03:20:18 web9 sshd\[3069\]: Invalid user gts from 89.42.252.124 Sep 1 03:20:18 web9 sshd\[3069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Sep 1 03:20:20 web9 sshd\[3069\]: Failed password for invalid user gts from 89.42.252.124 port 57230 ssh2 Sep 1 03:23:39 web9 sshd\[3427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root Sep 1 03:23:41 web9 sshd\[3427\]: Failed password for root from 89.42.252.124 port 53918 ssh2	2020-09-01 21:36:34
attack	Aug 6 11:56:28 Tower sshd[26797]: Connection from 89.42.252.124 port 33840 on 192.168.10.220 port 22 rdomain "" Aug 6 11:56:30 Tower sshd[26797]: Failed password for root from 89.42.252.124 port 33840 ssh2 Aug 6 11:56:30 Tower sshd[26797]: Received disconnect from 89.42.252.124 port 33840:11: Bye Bye [preauth] Aug 6 11:56:30 Tower sshd[26797]: Disconnected from authenticating user root 89.42.252.124 port 33840 [preauth]	2020-08-07 00:44:17
attackbotsspam	Jul 11 20:22:38 rush sshd[11464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jul 11 20:22:39 rush sshd[11464]: Failed password for invalid user saikrushna from 89.42.252.124 port 58940 ssh2 Jul 11 20:26:02 rush sshd[11534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ...	2020-07-12 04:47:48
attack	Total attacks: 2	2020-07-11 16:31:19
attack	Jul 9 07:14:49 onepixel sshd[1089167]: Invalid user kurama from 89.42.252.124 port 54430 Jul 9 07:14:49 onepixel sshd[1089167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jul 9 07:14:49 onepixel sshd[1089167]: Invalid user kurama from 89.42.252.124 port 54430 Jul 9 07:14:51 onepixel sshd[1089167]: Failed password for invalid user kurama from 89.42.252.124 port 54430 ssh2 Jul 9 07:18:12 onepixel sshd[1091097]: Invalid user april from 89.42.252.124 port 51250	2020-07-09 17:30:58
attackbotsspam	Jun 24 08:32:11 ns392434 sshd[27295]: Invalid user hadoop from 89.42.252.124 port 41172 Jun 24 08:32:11 ns392434 sshd[27295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jun 24 08:32:11 ns392434 sshd[27295]: Invalid user hadoop from 89.42.252.124 port 41172 Jun 24 08:32:13 ns392434 sshd[27295]: Failed password for invalid user hadoop from 89.42.252.124 port 41172 ssh2 Jun 24 08:36:26 ns392434 sshd[27325]: Invalid user ubuntu from 89.42.252.124 port 51156 Jun 24 08:36:26 ns392434 sshd[27325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jun 24 08:36:26 ns392434 sshd[27325]: Invalid user ubuntu from 89.42.252.124 port 51156 Jun 24 08:36:29 ns392434 sshd[27325]: Failed password for invalid user ubuntu from 89.42.252.124 port 51156 ssh2 Jun 24 08:37:57 ns392434 sshd[27331]: Invalid user sk from 89.42.252.124 port 38110	2020-06-24 15:06:50
attackspam	Jun 22 17:34:48 firewall sshd[15184]: Invalid user mc from 89.42.252.124 Jun 22 17:34:50 firewall sshd[15184]: Failed password for invalid user mc from 89.42.252.124 port 34170 ssh2 Jun 22 17:36:36 firewall sshd[15277]: Invalid user prueba1 from 89.42.252.124 ...	2020-06-23 05:27:04
attackbotsspam	Jun 21 04:07:02 django-0 sshd[27084]: Failed password for invalid user userftp from 89.42.252.124 port 38172 ssh2 Jun 21 04:12:47 django-0 sshd[27121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root Jun 21 04:12:49 django-0 sshd[27121]: Failed password for root from 89.42.252.124 port 37910 ssh2 ...	2020-06-21 12:30:03
attackspambots	$f2bV_matches	2020-05-21 18:18:19
attackbots	2020-05-10T13:42:37.348668shield sshd\[5086\]: Invalid user name from 89.42.252.124 port 18413 2020-05-10T13:42:37.352238shield sshd\[5086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 2020-05-10T13:42:38.826004shield sshd\[5086\]: Failed password for invalid user name from 89.42.252.124 port 18413 ssh2 2020-05-10T13:48:23.215217shield sshd\[7023\]: Invalid user odoo from 89.42.252.124 port 38806 2020-05-10T13:48:23.218997shield sshd\[7023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124	2020-05-11 03:06:56
attack	web-1 [ssh_2] SSH Attack	2020-05-06 15:43:45
attack	2020-05-01T10:39:08.4330841495-001 sshd[24335]: Invalid user mcc from 89.42.252.124 port 29203 2020-05-01T10:39:10.1696021495-001 sshd[24335]: Failed password for invalid user mcc from 89.42.252.124 port 29203 ssh2 2020-05-01T10:45:37.9652551495-001 sshd[24596]: Invalid user abc1 from 89.42.252.124 port 29203 2020-05-01T10:45:37.9725921495-001 sshd[24596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 2020-05-01T10:45:37.9652551495-001 sshd[24596]: Invalid user abc1 from 89.42.252.124 port 29203 2020-05-01T10:45:39.7722611495-001 sshd[24596]: Failed password for invalid user abc1 from 89.42.252.124 port 29203 ssh2 ...	2020-05-02 00:07:17
attackbots	Invalid user ubuntu from 89.42.252.124 port 10188	2020-04-30 04:10:19
attackspambots	[ssh] SSH attack	2020-04-27 21:42:35
attack	$f2bV_matches	2020-04-26 02:52:59
attackbotsspam	2020-04-22T20:20:58.986239 sshd[17684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root 2020-04-22T20:21:01.010189 sshd[17684]: Failed password for root from 89.42.252.124 port 1787 ssh2 2020-04-22T20:27:16.341856 sshd[17732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root 2020-04-22T20:27:18.927446 sshd[17732]: Failed password for root from 89.42.252.124 port 21012 ssh2 ...	2020-04-23 02:29:01
attackspambots	Apr 10 04:37:38 server1 sshd\[6073\]: Invalid user ranger from 89.42.252.124 Apr 10 04:37:38 server1 sshd\[6073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Apr 10 04:37:39 server1 sshd\[6073\]: Failed password for invalid user ranger from 89.42.252.124 port 22030 ssh2 Apr 10 04:43:41 server1 sshd\[7938\]: Invalid user admin from 89.42.252.124 Apr 10 04:43:41 server1 sshd\[7938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ...	2020-04-10 18:55:16
attack	Fail2Ban - SSH Bruteforce Attempt	2020-04-07 08:53:31
attackspam	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-06 03:26:04
attack	Mar 28 13:14:44 vpn01 sshd[32596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 28 13:14:46 vpn01 sshd[32596]: Failed password for invalid user cjf from 89.42.252.124 port 16028 ssh2 ...	2020-03-28 20:28:22
attack	Mar 25 22:54:35 meumeu sshd[12311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 25 22:54:37 meumeu sshd[12311]: Failed password for invalid user yamagiwa from 89.42.252.124 port 46842 ssh2 Mar 25 22:58:41 meumeu sshd[12784]: Failed password for sshd from 89.42.252.124 port 24961 ssh2 ...	2020-03-26 06:26:11
attackbotsspam	Invalid user temp from 89.42.252.124 port 52503	2020-03-22 07:50:00
attackspam	(sshd) Failed SSH login from 89.42.252.124 (RO/Romania/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 10 09:04:05 amsweb01 sshd[20452]: Invalid user kigwasshoi from 89.42.252.124 port 47204 Mar 10 09:04:08 amsweb01 sshd[20452]: Failed password for invalid user kigwasshoi from 89.42.252.124 port 47204 ssh2 Mar 10 09:11:57 amsweb01 sshd[21431]: Invalid user try from 89.42.252.124 port 11239 Mar 10 09:11:59 amsweb01 sshd[21431]: Failed password for invalid user try from 89.42.252.124 port 11239 ssh2 Mar 10 09:14:43 amsweb01 sshd[21777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root	2020-03-10 17:23:16
attack	Mar 6 19:24:03 serwer sshd\[17641\]: Invalid user wy from 89.42.252.124 port 57607 Mar 6 19:24:03 serwer sshd\[17641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 6 19:24:05 serwer sshd\[17641\]: Failed password for invalid user wy from 89.42.252.124 port 57607 ssh2 ...	2020-03-07 05:34:20
attackbotsspam	Automatic report - Banned IP Access	2020-02-12 21:31:21
attackbotsspam	Feb 12 01:17:14 IngegnereFirenze sshd[19915]: Failed password for invalid user sather from 89.42.252.124 port 16691 ssh2 ...	2020-02-12 10:09:23
attackspam	Unauthorized connection attempt detected from IP address 89.42.252.124 to port 2220 [J]	2020-02-02 00:03:55
attackspambots	Unauthorized connection attempt detected from IP address 89.42.252.124 to port 2220 [J]	2020-01-30 20:37:37
attack	Dec 27 22:09:23 server sshd\[2233\]: Invalid user usr01 from 89.42.252.124 Dec 27 22:09:23 server sshd\[2233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Dec 27 22:09:25 server sshd\[2233\]: Failed password for invalid user usr01 from 89.42.252.124 port 24274 ssh2 Dec 27 22:09:53 server sshd\[2280\]: Invalid user usr01 from 89.42.252.124 Dec 27 22:09:53 server sshd\[2280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ...	2019-12-28 03:32:26
attackbots	Automatic report - Banned IP Access	2019-12-24 17:11:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.42.252.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60495
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.42.252.124.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:21:44 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 124.252.42.89.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 124.252.42.89.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
176.62.124.235	attackspambots	Port probing on unauthorized port 445	2020-04-13 15:59:50
106.12.52.98	attack	$f2bV_matches	2020-04-13 16:04:19
182.74.25.246	attackbots	Apr 13 06:40:51 ns382633 sshd\[7732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.25.246 user=root Apr 13 06:40:54 ns382633 sshd\[7732\]: Failed password for root from 182.74.25.246 port 29786 ssh2 Apr 13 06:49:44 ns382633 sshd\[8967\]: Invalid user chile from 182.74.25.246 port 8213 Apr 13 06:49:44 ns382633 sshd\[8967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.25.246 Apr 13 06:49:45 ns382633 sshd\[8967\]: Failed password for invalid user chile from 182.74.25.246 port 8213 ssh2	2020-04-13 15:55:15
67.80.150.104	attack	Unauthorized connection attempt detected from IP address 67.80.150.104 to port 4567	2020-04-13 15:49:08
51.178.62.240	attackbots	SSH/22 MH Probe, BF, Hack -	2020-04-13 16:19:25
222.186.15.62	attackspambots	04/13/2020-04:02:37.467472 222.186.15.62 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-13 16:10:03
45.143.220.209	attackbots	[2020-04-13 03:58:05] NOTICE[12114][C-00005129] chan_sip.c: Call from '' (45.143.220.209:53593) to extension '00441205804657' rejected because extension not found in context 'public'. [2020-04-13 03:58:05] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-13T03:58:05.514-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441205804657",SessionID="0x7f020c0db748",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.209/53593",ACLName="no_extension_match" [2020-04-13 03:58:53] NOTICE[12114][C-0000512b] chan_sip.c: Call from '' (45.143.220.209:64193) to extension '011441205804657' rejected because extension not found in context 'public'. [2020-04-13 03:58:53] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-13T03:58:53.570-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441205804657",SessionID="0x7f020c088288",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4 ...	2020-04-13 16:01:13
104.248.94.159	attack	Apr 13 09:19:38 server sshd[17894]: Failed password for root from 104.248.94.159 port 53698 ssh2 Apr 13 10:00:18 server sshd[28994]: Failed password for invalid user st1lesha from 104.248.94.159 port 46312 ssh2 Apr 13 10:03:40 server sshd[30054]: Failed password for root from 104.248.94.159 port 54064 ssh2	2020-04-13 16:11:30
14.186.51.18	attack	(smtpauth) Failed SMTP AUTH login from 14.186.51.18 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-13 08:24:34 plain authenticator failed for ([127.0.0.1]) [14.186.51.18]: 535 Incorrect authentication data (set_id=info@sbp-pasar.com)	2020-04-13 16:02:42
112.85.42.181	attack	Apr 13 09:49:17 silence02 sshd[24839]: Failed password for root from 112.85.42.181 port 43791 ssh2 Apr 13 09:49:30 silence02 sshd[24839]: error: maximum authentication attempts exceeded for root from 112.85.42.181 port 43791 ssh2 [preauth] Apr 13 09:49:42 silence02 sshd[24857]: Failed password for root from 112.85.42.181 port 20550 ssh2	2020-04-13 16:18:36
144.217.47.174	attackspambots	Port probing on unauthorized port 30568	2020-04-13 15:45:36
112.85.42.172	attackspambots	2020-04-13T09:31:23.586925ns386461 sshd\[30377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root 2020-04-13T09:31:25.418472ns386461 sshd\[30377\]: Failed password for root from 112.85.42.172 port 62304 ssh2 2020-04-13T09:31:28.122099ns386461 sshd\[30377\]: Failed password for root from 112.85.42.172 port 62304 ssh2 2020-04-13T09:31:31.914496ns386461 sshd\[30377\]: Failed password for root from 112.85.42.172 port 62304 ssh2 2020-04-13T09:31:35.230186ns386461 sshd\[30377\]: Failed password for root from 112.85.42.172 port 62304 ssh2 ...	2020-04-13 15:53:32
122.114.79.84	attackspambots	[12/Apr/2020:23:53:57 -0400] clown.local 122.114.79.84 - - "POST /Admin1472b9cd/Login.php HTTP/1.1" 404 1236 [12/Apr/2020:23:53:59 -0400] clown.local 122.114.79.84 - - "GET /l.php HTTP/1.1" 404 705 [12/Apr/2020:23:54:00 -0400] clown.local 122.114.79.84 - - "GET /phpinfo.php HTTP/1.1" 404 705 ...	2020-04-13 16:21:33
180.241.44.159	attackspam	20/4/12@23:55:03: FAIL: Alarm-Network address from=180.241.44.159 20/4/12@23:55:03: FAIL: Alarm-Network address from=180.241.44.159 ...	2020-04-13 15:44:48
101.109.250.72	attackbots	TH_MAINT-TH-TOT_<177>1586750100 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 101.109.250.72:52721	2020-04-13 15:45:59

Recently Reported IPs

222.242.104.188	109.190.132.235	42.200.198.53	192.34.61.38
190.193.92.26	177.106.24.168	117.48.206.48	51.68.220.249
178.62.14.176	92.62.131.113	3.80.242.14	45.64.126.88
89.40.116.98	185.227.182.183	142.4.208.21	198.108.67.41
189.8.68.56	169.56.104.165	103.89.90.83	190.178.225.181