City: unknown
Region: unknown
Country: Romania
Internet Service Provider: UPC Romania SRL
Hostname: unknown
Organization: Liberty Global B.V.
Usage Type: Fixed Line ISP
| Type | Details | Datetime |
|---|---|---|
| attackspambots | Sep 1 03:20:18 web9 sshd\[3069\]: Invalid user gts from 89.42.252.124 Sep 1 03:20:18 web9 sshd\[3069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Sep 1 03:20:20 web9 sshd\[3069\]: Failed password for invalid user gts from 89.42.252.124 port 57230 ssh2 Sep 1 03:23:39 web9 sshd\[3427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root Sep 1 03:23:41 web9 sshd\[3427\]: Failed password for root from 89.42.252.124 port 53918 ssh2 |
2020-09-01 21:36:34 |
| attack | Aug 6 11:56:28 Tower sshd[26797]: Connection from 89.42.252.124 port 33840 on 192.168.10.220 port 22 rdomain "" Aug 6 11:56:30 Tower sshd[26797]: Failed password for root from 89.42.252.124 port 33840 ssh2 Aug 6 11:56:30 Tower sshd[26797]: Received disconnect from 89.42.252.124 port 33840:11: Bye Bye [preauth] Aug 6 11:56:30 Tower sshd[26797]: Disconnected from authenticating user root 89.42.252.124 port 33840 [preauth] |
2020-08-07 00:44:17 |
| attackbotsspam | Jul 11 20:22:38 rush sshd[11464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jul 11 20:22:39 rush sshd[11464]: Failed password for invalid user saikrushna from 89.42.252.124 port 58940 ssh2 Jul 11 20:26:02 rush sshd[11534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ... |
2020-07-12 04:47:48 |
| attack | Total attacks: 2 |
2020-07-11 16:31:19 |
| attack | Jul 9 07:14:49 onepixel sshd[1089167]: Invalid user kurama from 89.42.252.124 port 54430 Jul 9 07:14:49 onepixel sshd[1089167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jul 9 07:14:49 onepixel sshd[1089167]: Invalid user kurama from 89.42.252.124 port 54430 Jul 9 07:14:51 onepixel sshd[1089167]: Failed password for invalid user kurama from 89.42.252.124 port 54430 ssh2 Jul 9 07:18:12 onepixel sshd[1091097]: Invalid user april from 89.42.252.124 port 51250 |
2020-07-09 17:30:58 |
| attackbotsspam | Jun 24 08:32:11 ns392434 sshd[27295]: Invalid user hadoop from 89.42.252.124 port 41172 Jun 24 08:32:11 ns392434 sshd[27295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jun 24 08:32:11 ns392434 sshd[27295]: Invalid user hadoop from 89.42.252.124 port 41172 Jun 24 08:32:13 ns392434 sshd[27295]: Failed password for invalid user hadoop from 89.42.252.124 port 41172 ssh2 Jun 24 08:36:26 ns392434 sshd[27325]: Invalid user ubuntu from 89.42.252.124 port 51156 Jun 24 08:36:26 ns392434 sshd[27325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Jun 24 08:36:26 ns392434 sshd[27325]: Invalid user ubuntu from 89.42.252.124 port 51156 Jun 24 08:36:29 ns392434 sshd[27325]: Failed password for invalid user ubuntu from 89.42.252.124 port 51156 ssh2 Jun 24 08:37:57 ns392434 sshd[27331]: Invalid user sk from 89.42.252.124 port 38110 |
2020-06-24 15:06:50 |
| attackspam | Jun 22 17:34:48 firewall sshd[15184]: Invalid user mc from 89.42.252.124 Jun 22 17:34:50 firewall sshd[15184]: Failed password for invalid user mc from 89.42.252.124 port 34170 ssh2 Jun 22 17:36:36 firewall sshd[15277]: Invalid user prueba1 from 89.42.252.124 ... |
2020-06-23 05:27:04 |
| attackbotsspam | Jun 21 04:07:02 django-0 sshd[27084]: Failed password for invalid user userftp from 89.42.252.124 port 38172 ssh2 Jun 21 04:12:47 django-0 sshd[27121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root Jun 21 04:12:49 django-0 sshd[27121]: Failed password for root from 89.42.252.124 port 37910 ssh2 ... |
2020-06-21 12:30:03 |
| attackspambots | $f2bV_matches |
2020-05-21 18:18:19 |
| attackbots | 2020-05-10T13:42:37.348668shield sshd\[5086\]: Invalid user name from 89.42.252.124 port 18413 2020-05-10T13:42:37.352238shield sshd\[5086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 2020-05-10T13:42:38.826004shield sshd\[5086\]: Failed password for invalid user name from 89.42.252.124 port 18413 ssh2 2020-05-10T13:48:23.215217shield sshd\[7023\]: Invalid user odoo from 89.42.252.124 port 38806 2020-05-10T13:48:23.218997shield sshd\[7023\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 |
2020-05-11 03:06:56 |
| attack | web-1 [ssh_2] SSH Attack |
2020-05-06 15:43:45 |
| attack | 2020-05-01T10:39:08.4330841495-001 sshd[24335]: Invalid user mcc from 89.42.252.124 port 29203 2020-05-01T10:39:10.1696021495-001 sshd[24335]: Failed password for invalid user mcc from 89.42.252.124 port 29203 ssh2 2020-05-01T10:45:37.9652551495-001 sshd[24596]: Invalid user abc1 from 89.42.252.124 port 29203 2020-05-01T10:45:37.9725921495-001 sshd[24596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 2020-05-01T10:45:37.9652551495-001 sshd[24596]: Invalid user abc1 from 89.42.252.124 port 29203 2020-05-01T10:45:39.7722611495-001 sshd[24596]: Failed password for invalid user abc1 from 89.42.252.124 port 29203 ssh2 ... |
2020-05-02 00:07:17 |
| attackbots | Invalid user ubuntu from 89.42.252.124 port 10188 |
2020-04-30 04:10:19 |
| attackspambots | [ssh] SSH attack |
2020-04-27 21:42:35 |
| attack | $f2bV_matches |
2020-04-26 02:52:59 |
| attackbotsspam | 2020-04-22T20:20:58.986239 sshd[17684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root 2020-04-22T20:21:01.010189 sshd[17684]: Failed password for root from 89.42.252.124 port 1787 ssh2 2020-04-22T20:27:16.341856 sshd[17732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root 2020-04-22T20:27:18.927446 sshd[17732]: Failed password for root from 89.42.252.124 port 21012 ssh2 ... |
2020-04-23 02:29:01 |
| attackspambots | Apr 10 04:37:38 server1 sshd\[6073\]: Invalid user ranger from 89.42.252.124 Apr 10 04:37:38 server1 sshd\[6073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Apr 10 04:37:39 server1 sshd\[6073\]: Failed password for invalid user ranger from 89.42.252.124 port 22030 ssh2 Apr 10 04:43:41 server1 sshd\[7938\]: Invalid user admin from 89.42.252.124 Apr 10 04:43:41 server1 sshd\[7938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ... |
2020-04-10 18:55:16 |
| attack | Fail2Ban - SSH Bruteforce Attempt |
2020-04-07 08:53:31 |
| attackspam | Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-04-06 03:26:04 |
| attack | Mar 28 13:14:44 vpn01 sshd[32596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 28 13:14:46 vpn01 sshd[32596]: Failed password for invalid user cjf from 89.42.252.124 port 16028 ssh2 ... |
2020-03-28 20:28:22 |
| attack | Mar 25 22:54:35 meumeu sshd[12311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 25 22:54:37 meumeu sshd[12311]: Failed password for invalid user yamagiwa from 89.42.252.124 port 46842 ssh2 Mar 25 22:58:41 meumeu sshd[12784]: Failed password for sshd from 89.42.252.124 port 24961 ssh2 ... |
2020-03-26 06:26:11 |
| attackbotsspam | Invalid user temp from 89.42.252.124 port 52503 |
2020-03-22 07:50:00 |
| attackspam | (sshd) Failed SSH login from 89.42.252.124 (RO/Romania/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 10 09:04:05 amsweb01 sshd[20452]: Invalid user kigwasshoi from 89.42.252.124 port 47204 Mar 10 09:04:08 amsweb01 sshd[20452]: Failed password for invalid user kigwasshoi from 89.42.252.124 port 47204 ssh2 Mar 10 09:11:57 amsweb01 sshd[21431]: Invalid user try from 89.42.252.124 port 11239 Mar 10 09:11:59 amsweb01 sshd[21431]: Failed password for invalid user try from 89.42.252.124 port 11239 ssh2 Mar 10 09:14:43 amsweb01 sshd[21777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 user=root |
2020-03-10 17:23:16 |
| attack | Mar 6 19:24:03 serwer sshd\[17641\]: Invalid user wy from 89.42.252.124 port 57607 Mar 6 19:24:03 serwer sshd\[17641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Mar 6 19:24:05 serwer sshd\[17641\]: Failed password for invalid user wy from 89.42.252.124 port 57607 ssh2 ... |
2020-03-07 05:34:20 |
| attackbotsspam | Automatic report - Banned IP Access |
2020-02-12 21:31:21 |
| attackbotsspam | Feb 12 01:17:14 IngegnereFirenze sshd[19915]: Failed password for invalid user sather from 89.42.252.124 port 16691 ssh2 ... |
2020-02-12 10:09:23 |
| attackspam | Unauthorized connection attempt detected from IP address 89.42.252.124 to port 2220 [J] |
2020-02-02 00:03:55 |
| attackspambots | Unauthorized connection attempt detected from IP address 89.42.252.124 to port 2220 [J] |
2020-01-30 20:37:37 |
| attack | Dec 27 22:09:23 server sshd\[2233\]: Invalid user usr01 from 89.42.252.124 Dec 27 22:09:23 server sshd\[2233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 Dec 27 22:09:25 server sshd\[2233\]: Failed password for invalid user usr01 from 89.42.252.124 port 24274 ssh2 Dec 27 22:09:53 server sshd\[2280\]: Invalid user usr01 from 89.42.252.124 Dec 27 22:09:53 server sshd\[2280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.252.124 ... |
2019-12-28 03:32:26 |
| attackbots | Automatic report - Banned IP Access |
2019-12-24 17:11:49 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.42.252.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60495
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.42.252.124. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:21:44 +08 2019
;; MSG SIZE rcvd: 117
Host 124.252.42.89.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
*** Can't find 124.252.42.89.in-addr.arpa.: No answer
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 137.74.206.80 | attack | May 25 05:55:17 wordpress wordpress(www.ruhnke.cloud)[69153]: Blocked authentication attempt for admin from ::ffff:137.74.206.80 |
2020-05-25 12:57:54 |
| 106.12.222.60 | attackspam | May 25 05:52:42 vps647732 sshd[11376]: Failed password for root from 106.12.222.60 port 39002 ssh2 ... |
2020-05-25 12:35:49 |
| 184.105.139.124 | attack | scan z |
2020-05-25 12:23:05 |
| 62.210.105.116 | attack | CMS (WordPress or Joomla) login attempt. |
2020-05-25 12:53:40 |
| 14.160.139.148 | attackbots | 1590378916 - 05/25/2020 05:55:16 Host: 14.160.139.148/14.160.139.148 Port: 445 TCP Blocked |
2020-05-25 12:59:24 |
| 112.85.42.174 | attack | May 25 06:29:10 MainVPS sshd[2824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root May 25 06:29:12 MainVPS sshd[2824]: Failed password for root from 112.85.42.174 port 47355 ssh2 May 25 06:29:25 MainVPS sshd[2824]: error: maximum authentication attempts exceeded for root from 112.85.42.174 port 47355 ssh2 [preauth] May 25 06:29:10 MainVPS sshd[2824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root May 25 06:29:12 MainVPS sshd[2824]: Failed password for root from 112.85.42.174 port 47355 ssh2 May 25 06:29:25 MainVPS sshd[2824]: error: maximum authentication attempts exceeded for root from 112.85.42.174 port 47355 ssh2 [preauth] May 25 06:29:29 MainVPS sshd[3026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root May 25 06:29:31 MainVPS sshd[3026]: Failed password for root from 112.85.42.174 port 12992 ssh2 ... |
2020-05-25 12:31:26 |
| 185.88.100.17 | attackspambots | Chat Spam |
2020-05-25 12:55:15 |
| 222.186.173.226 | attackbots | 2020-05-25T06:37:15.432405 sshd[9647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root 2020-05-25T06:37:17.975870 sshd[9647]: Failed password for root from 222.186.173.226 port 57272 ssh2 2020-05-25T06:37:23.490575 sshd[9647]: Failed password for root from 222.186.173.226 port 57272 ssh2 2020-05-25T06:37:15.432405 sshd[9647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root 2020-05-25T06:37:17.975870 sshd[9647]: Failed password for root from 222.186.173.226 port 57272 ssh2 2020-05-25T06:37:23.490575 sshd[9647]: Failed password for root from 222.186.173.226 port 57272 ssh2 ... |
2020-05-25 12:46:31 |
| 138.185.37.234 | attackbotsspam | port scan and connect, tcp 80 (http) |
2020-05-25 12:41:45 |
| 120.237.118.144 | attack | May 25 06:18:49 plex sshd[6630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.237.118.144 user=root May 25 06:18:51 plex sshd[6630]: Failed password for root from 120.237.118.144 port 38374 ssh2 |
2020-05-25 12:48:04 |
| 223.240.80.31 | attackbots | 2020-05-25T10:52:17.518174billing sshd[27645]: Failed password for invalid user admin from 223.240.80.31 port 34763 ssh2 2020-05-25T10:55:39.310220billing sshd[2948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.80.31 user=root 2020-05-25T10:55:41.196271billing sshd[2948]: Failed password for root from 223.240.80.31 port 60230 ssh2 ... |
2020-05-25 12:36:14 |
| 94.102.51.17 | attackbots | [H1.VM4] Blocked by UFW |
2020-05-25 12:29:45 |
| 49.234.31.158 | attack | May 25 06:45:54 vpn01 sshd[4198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.31.158 May 25 06:45:57 vpn01 sshd[4198]: Failed password for invalid user rr from 49.234.31.158 port 60964 ssh2 ... |
2020-05-25 13:02:30 |
| 63.141.231.10 | attackspam | 20 attempts against mh-misbehave-ban on milky |
2020-05-25 12:30:28 |
| 218.92.0.172 | attackbotsspam | May 25 06:53:13 melroy-server sshd[31896]: Failed password for root from 218.92.0.172 port 20563 ssh2 May 25 06:53:16 melroy-server sshd[31896]: Failed password for root from 218.92.0.172 port 20563 ssh2 ... |
2020-05-25 12:56:22 |