Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: UPC Romania SRL

Hostname: unknown

Organization: Liberty Global B.V.

Usage Type: Fixed Line ISP

Comments:
Type Details Datetime
attackspambots
Sep  1 03:20:18 web9 sshd\[3069\]: Invalid user gts from 89.42.252.124
Sep  1 03:20:18 web9 sshd\[3069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
Sep  1 03:20:20 web9 sshd\[3069\]: Failed password for invalid user gts from 89.42.252.124 port 57230 ssh2
Sep  1 03:23:39 web9 sshd\[3427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124  user=root
Sep  1 03:23:41 web9 sshd\[3427\]: Failed password for root from 89.42.252.124 port 53918 ssh2
2020-09-01 21:36:34
attack
Aug  6 11:56:28 Tower sshd[26797]: Connection from 89.42.252.124 port 33840 on 192.168.10.220 port 22 rdomain ""
Aug  6 11:56:30 Tower sshd[26797]: Failed password for root from 89.42.252.124 port 33840 ssh2
Aug  6 11:56:30 Tower sshd[26797]: Received disconnect from 89.42.252.124 port 33840:11: Bye Bye [preauth]
Aug  6 11:56:30 Tower sshd[26797]: Disconnected from authenticating user root 89.42.252.124 port 33840 [preauth]
2020-08-07 00:44:17
attackbotsspam
Jul 11 20:22:38 rush sshd[11464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
Jul 11 20:22:39 rush sshd[11464]: Failed password for invalid user saikrushna from 89.42.252.124 port 58940 ssh2
Jul 11 20:26:02 rush sshd[11534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
...
2020-07-12 04:47:48
attack
Total attacks: 2
2020-07-11 16:31:19
attack
Jul  9 07:14:49 onepixel sshd[1089167]: Invalid user kurama from 89.42.252.124 port 54430
Jul  9 07:14:49 onepixel sshd[1089167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 
Jul  9 07:14:49 onepixel sshd[1089167]: Invalid user kurama from 89.42.252.124 port 54430
Jul  9 07:14:51 onepixel sshd[1089167]: Failed password for invalid user kurama from 89.42.252.124 port 54430 ssh2
Jul  9 07:18:12 onepixel sshd[1091097]: Invalid user april from 89.42.252.124 port 51250
2020-07-09 17:30:58
attackbotsspam
Jun 24 08:32:11 ns392434 sshd[27295]: Invalid user hadoop from 89.42.252.124 port 41172
Jun 24 08:32:11 ns392434 sshd[27295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
Jun 24 08:32:11 ns392434 sshd[27295]: Invalid user hadoop from 89.42.252.124 port 41172
Jun 24 08:32:13 ns392434 sshd[27295]: Failed password for invalid user hadoop from 89.42.252.124 port 41172 ssh2
Jun 24 08:36:26 ns392434 sshd[27325]: Invalid user ubuntu from 89.42.252.124 port 51156
Jun 24 08:36:26 ns392434 sshd[27325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
Jun 24 08:36:26 ns392434 sshd[27325]: Invalid user ubuntu from 89.42.252.124 port 51156
Jun 24 08:36:29 ns392434 sshd[27325]: Failed password for invalid user ubuntu from 89.42.252.124 port 51156 ssh2
Jun 24 08:37:57 ns392434 sshd[27331]: Invalid user sk from 89.42.252.124 port 38110
2020-06-24 15:06:50
attackspam
Jun 22 17:34:48 firewall sshd[15184]: Invalid user mc from 89.42.252.124
Jun 22 17:34:50 firewall sshd[15184]: Failed password for invalid user mc from 89.42.252.124 port 34170 ssh2
Jun 22 17:36:36 firewall sshd[15277]: Invalid user prueba1 from 89.42.252.124
...
2020-06-23 05:27:04
attackbotsspam
Jun 21 04:07:02 django-0 sshd[27084]: Failed password for invalid user userftp from 89.42.252.124 port 38172 ssh2
Jun 21 04:12:47 django-0 sshd[27121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124  user=root
Jun 21 04:12:49 django-0 sshd[27121]: Failed password for root from 89.42.252.124 port 37910 ssh2
...
2020-06-21 12:30:03
attackspambots
$f2bV_matches
2020-05-21 18:18:19
attackbots
2020-05-10T13:42:37.348668shield sshd\[5086\]: Invalid user name from 89.42.252.124 port 18413
2020-05-10T13:42:37.352238shield sshd\[5086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
2020-05-10T13:42:38.826004shield sshd\[5086\]: Failed password for invalid user name from 89.42.252.124 port 18413 ssh2
2020-05-10T13:48:23.215217shield sshd\[7023\]: Invalid user odoo from 89.42.252.124 port 38806
2020-05-10T13:48:23.218997shield sshd\[7023\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
2020-05-11 03:06:56
attack
web-1 [ssh_2] SSH Attack
2020-05-06 15:43:45
attack
2020-05-01T10:39:08.4330841495-001 sshd[24335]: Invalid user mcc from 89.42.252.124 port 29203
2020-05-01T10:39:10.1696021495-001 sshd[24335]: Failed password for invalid user mcc from 89.42.252.124 port 29203 ssh2
2020-05-01T10:45:37.9652551495-001 sshd[24596]: Invalid user abc1 from 89.42.252.124 port 29203
2020-05-01T10:45:37.9725921495-001 sshd[24596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
2020-05-01T10:45:37.9652551495-001 sshd[24596]: Invalid user abc1 from 89.42.252.124 port 29203
2020-05-01T10:45:39.7722611495-001 sshd[24596]: Failed password for invalid user abc1 from 89.42.252.124 port 29203 ssh2
...
2020-05-02 00:07:17
attackbots
Invalid user ubuntu from 89.42.252.124 port 10188
2020-04-30 04:10:19
attackspambots
[ssh] SSH attack
2020-04-27 21:42:35
attack
$f2bV_matches
2020-04-26 02:52:59
attackbotsspam
2020-04-22T20:20:58.986239  sshd[17684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124  user=root
2020-04-22T20:21:01.010189  sshd[17684]: Failed password for root from 89.42.252.124 port 1787 ssh2
2020-04-22T20:27:16.341856  sshd[17732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124  user=root
2020-04-22T20:27:18.927446  sshd[17732]: Failed password for root from 89.42.252.124 port 21012 ssh2
...
2020-04-23 02:29:01
attackspambots
Apr 10 04:37:38 server1 sshd\[6073\]: Invalid user ranger from 89.42.252.124
Apr 10 04:37:38 server1 sshd\[6073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 
Apr 10 04:37:39 server1 sshd\[6073\]: Failed password for invalid user ranger from 89.42.252.124 port 22030 ssh2
Apr 10 04:43:41 server1 sshd\[7938\]: Invalid user admin from 89.42.252.124
Apr 10 04:43:41 server1 sshd\[7938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 
...
2020-04-10 18:55:16
attack
Fail2Ban - SSH Bruteforce Attempt
2020-04-07 08:53:31
attackspam
Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)
2020-04-06 03:26:04
attack
Mar 28 13:14:44 vpn01 sshd[32596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
Mar 28 13:14:46 vpn01 sshd[32596]: Failed password for invalid user cjf from 89.42.252.124 port 16028 ssh2
...
2020-03-28 20:28:22
attack
Mar 25 22:54:35 meumeu sshd[12311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 
Mar 25 22:54:37 meumeu sshd[12311]: Failed password for invalid user yamagiwa from 89.42.252.124 port 46842 ssh2
Mar 25 22:58:41 meumeu sshd[12784]: Failed password for sshd from 89.42.252.124 port 24961 ssh2
...
2020-03-26 06:26:11
attackbotsspam
Invalid user temp from 89.42.252.124 port 52503
2020-03-22 07:50:00
attackspam
(sshd) Failed SSH login from 89.42.252.124 (RO/Romania/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 10 09:04:05 amsweb01 sshd[20452]: Invalid user kigwasshoi from 89.42.252.124 port 47204
Mar 10 09:04:08 amsweb01 sshd[20452]: Failed password for invalid user kigwasshoi from 89.42.252.124 port 47204 ssh2
Mar 10 09:11:57 amsweb01 sshd[21431]: Invalid user try from 89.42.252.124 port 11239
Mar 10 09:11:59 amsweb01 sshd[21431]: Failed password for invalid user try from 89.42.252.124 port 11239 ssh2
Mar 10 09:14:43 amsweb01 sshd[21777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124  user=root
2020-03-10 17:23:16
attack
Mar  6 19:24:03 serwer sshd\[17641\]: Invalid user wy from 89.42.252.124 port 57607
Mar  6 19:24:03 serwer sshd\[17641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124
Mar  6 19:24:05 serwer sshd\[17641\]: Failed password for invalid user wy from 89.42.252.124 port 57607 ssh2
...
2020-03-07 05:34:20
attackbotsspam
Automatic report - Banned IP Access
2020-02-12 21:31:21
attackbotsspam
Feb 12 01:17:14 IngegnereFirenze sshd[19915]: Failed password for invalid user sather from 89.42.252.124 port 16691 ssh2
...
2020-02-12 10:09:23
attackspam
Unauthorized connection attempt detected from IP address 89.42.252.124 to port 2220 [J]
2020-02-02 00:03:55
attackspambots
Unauthorized connection attempt detected from IP address 89.42.252.124 to port 2220 [J]
2020-01-30 20:37:37
attack
Dec 27 22:09:23 server sshd\[2233\]: Invalid user usr01 from 89.42.252.124
Dec 27 22:09:23 server sshd\[2233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 
Dec 27 22:09:25 server sshd\[2233\]: Failed password for invalid user usr01 from 89.42.252.124 port 24274 ssh2
Dec 27 22:09:53 server sshd\[2280\]: Invalid user usr01 from 89.42.252.124
Dec 27 22:09:53 server sshd\[2280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 
...
2019-12-28 03:32:26
attackbots
Automatic report - Banned IP Access
2019-12-24 17:11:49
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.42.252.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60495
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.42.252.124.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:21:44 +08 2019
;; MSG SIZE  rcvd: 117

Host info
Host 124.252.42.89.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 124.252.42.89.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:
Related comments:
IP Type Details Datetime
61.177.172.102 attackbots
Jul 20 18:59:48 vps sshd[68863]: Failed password for root from 61.177.172.102 port 54745 ssh2
Jul 20 18:59:50 vps sshd[68863]: Failed password for root from 61.177.172.102 port 54745 ssh2
Jul 20 18:59:58 vps sshd[69534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102  user=root
Jul 20 18:59:59 vps sshd[69534]: Failed password for root from 61.177.172.102 port 13000 ssh2
Jul 20 19:00:02 vps sshd[69534]: Failed password for root from 61.177.172.102 port 13000 ssh2
...
2020-07-21 01:00:31
74.82.47.29 attack
srv02 Mass scanning activity detected Target: 17  ..
2020-07-21 01:31:18
125.43.69.155 attackspambots
Jul 20 14:28:13 host sshd[5635]: Invalid user lmy from 125.43.69.155 port 48132
...
2020-07-21 01:22:46
142.93.60.53 attackspam
Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-20T15:47:57Z and 2020-07-20T15:55:56Z
2020-07-21 01:30:19
165.22.143.3 attackbots
Jul 20 16:23:14 debian-2gb-nbg1-2 kernel: \[17513534.054528\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=165.22.143.3 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=34908 PROTO=TCP SPT=41894 DPT=7604 WINDOW=1024 RES=0x00 SYN URGP=0
2020-07-21 00:57:08
182.23.3.226 attack
Jul 20 16:43:14 onepixel sshd[1739294]: Invalid user web3 from 182.23.3.226 port 36080
Jul 20 16:43:14 onepixel sshd[1739294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.3.226 
Jul 20 16:43:14 onepixel sshd[1739294]: Invalid user web3 from 182.23.3.226 port 36080
Jul 20 16:43:16 onepixel sshd[1739294]: Failed password for invalid user web3 from 182.23.3.226 port 36080 ssh2
Jul 20 16:48:09 onepixel sshd[1742017]: Invalid user clara from 182.23.3.226 port 47048
2020-07-21 01:15:34
185.51.215.226 attackspambots
Unauthorized connection attempt detected from IP address 185.51.215.226 to port 445
2020-07-21 01:25:10
132.232.68.138 attackbots
2020-07-20T14:52:18.722775abusebot-2.cloudsearch.cf sshd[3923]: Invalid user alistair from 132.232.68.138 port 38230
2020-07-20T14:52:18.729295abusebot-2.cloudsearch.cf sshd[3923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.68.138
2020-07-20T14:52:18.722775abusebot-2.cloudsearch.cf sshd[3923]: Invalid user alistair from 132.232.68.138 port 38230
2020-07-20T14:52:21.126949abusebot-2.cloudsearch.cf sshd[3923]: Failed password for invalid user alistair from 132.232.68.138 port 38230 ssh2
2020-07-20T14:55:15.717479abusebot-2.cloudsearch.cf sshd[3972]: Invalid user carl from 132.232.68.138 port 34462
2020-07-20T14:55:15.721447abusebot-2.cloudsearch.cf sshd[3972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.68.138
2020-07-20T14:55:15.717479abusebot-2.cloudsearch.cf sshd[3972]: Invalid user carl from 132.232.68.138 port 34462
2020-07-20T14:55:17.752561abusebot-2.cloudsearch.cf sshd[3972]: 
...
2020-07-21 00:53:51
178.239.151.237 attackspambots
Automatic report - Port Scan Attack
2020-07-21 01:06:29
45.95.168.124 attackbots
SSH Server BruteForce Attack
2020-07-21 01:33:06
64.227.79.125 attackbots
Jul 20 19:07:14 dhoomketu sshd[1702075]: Invalid user deepesh from 64.227.79.125 port 38656
Jul 20 19:07:14 dhoomketu sshd[1702075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.79.125 
Jul 20 19:07:14 dhoomketu sshd[1702075]: Invalid user deepesh from 64.227.79.125 port 38656
Jul 20 19:07:16 dhoomketu sshd[1702075]: Failed password for invalid user deepesh from 64.227.79.125 port 38656 ssh2
Jul 20 19:11:07 dhoomketu sshd[1702196]: Invalid user croissant from 64.227.79.125 port 50004
...
2020-07-21 01:15:57
222.186.169.192 attackbots
Jul 20 19:00:08 ns381471 sshd[8907]: Failed password for root from 222.186.169.192 port 1034 ssh2
Jul 20 19:00:11 ns381471 sshd[8907]: Failed password for root from 222.186.169.192 port 1034 ssh2
2020-07-21 01:03:53
54.76.120.237 attack
20 attempts against mh-misbehave-ban on sonic
2020-07-21 00:59:08
114.98.231.143 attack
Connection to SSH Honeypot - Detected by HoneypotDB
2020-07-21 01:30:39
223.207.226.137 attack
Port Scan
...
2020-07-21 01:29:46

Recently Reported IPs

222.242.104.188 109.190.132.235 42.200.198.53 192.34.61.38
190.193.92.26 177.106.24.168 117.48.206.48 51.68.220.249
178.62.14.176 92.62.131.113 3.80.242.14 45.64.126.88
89.40.116.98 185.227.182.183 142.4.208.21 198.108.67.41
189.8.68.56 169.56.104.165 103.89.90.83 190.178.225.181