131.1.254.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Olivetti S.p.A.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	F2B jail: sshd. Time: 2019-09-16 20:59:56, Reported by: VKReport	2019-09-17 03:07:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.1.254.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2969
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.1.254.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 03:07:29 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 142.254.1.131.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 142.254.1.131.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.236.255.117	attackspam	1581514814 - 02/12/2020 14:40:14 Host: 190.236.255.117/190.236.255.117 Port: 445 TCP Blocked	2020-02-13 04:49:31
5.165.80.162	attackspam	1581514837 - 02/12/2020 14:40:37 Host: 5.165.80.162/5.165.80.162 Port: 23 TCP Blocked	2020-02-13 04:26:59
118.68.201.175	attackspam	1581514849 - 02/12/2020 14:40:49 Host: 118.68.201.175/118.68.201.175 Port: 445 TCP Blocked	2020-02-13 04:12:28
87.237.238.106	attackspam	Automatic report - Port Scan Attack	2020-02-13 04:46:06
151.237.94.16	attackbots	23/tcp 23/tcp 23/tcp... [2020-01-05/02-12]4pkt,1pt.(tcp)	2020-02-13 04:26:34
173.245.203.224	attack	[2020-02-12 14:55:18] NOTICE[1148] chan_sip.c: Registration from '' failed for '173.245.203.224:50059' - Wrong password [2020-02-12 14:55:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-12T14:55:18.197-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1000",SessionID="0x7fd82c5547b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/173.245.203.224/50059",Challenge="7212a920",ReceivedChallenge="7212a920",ReceivedHash="ee1c3557f818495bdc2e82834b05a602" [2020-02-12 14:56:05] NOTICE[1148] chan_sip.c: Registration from '' failed for '173.245.203.224:53722' - Wrong password [2020-02-12 14:56:05] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-12T14:56:05.430-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="7001",SessionID="0x7fd82c5547b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/173.245 ...	2020-02-13 04:16:50
1.245.61.144	attackspambots	Feb 12 16:29:31 vpn01 sshd[1651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.245.61.144 Feb 12 16:29:33 vpn01 sshd[1651]: Failed password for invalid user oraprobe from 1.245.61.144 port 54918 ssh2 ...	2020-02-13 04:07:32
222.186.15.158	attackspambots	Feb 12 21:26:59 localhost sshd\[1146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root Feb 12 21:27:01 localhost sshd\[1146\]: Failed password for root from 222.186.15.158 port 35470 ssh2 Feb 12 21:27:04 localhost sshd\[1146\]: Failed password for root from 222.186.15.158 port 35470 ssh2	2020-02-13 04:30:28
46.153.116.153	attackbotsspam	1581514837 - 02/12/2020 14:40:37 Host: 46.153.116.153/46.153.116.153 Port: 445 TCP Blocked	2020-02-13 04:27:46
192.160.102.166	attack	02/12/2020-14:40:41.812285 192.160.102.166 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 38	2020-02-13 04:22:44
181.30.27.11	attackbots	Feb 12 15:01:44 web8 sshd\[2841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.30.27.11 user=root Feb 12 15:01:46 web8 sshd\[2841\]: Failed password for root from 181.30.27.11 port 48516 ssh2 Feb 12 15:06:47 web8 sshd\[5444\]: Invalid user csgoserver from 181.30.27.11 Feb 12 15:06:47 web8 sshd\[5444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.30.27.11 Feb 12 15:06:49 web8 sshd\[5444\]: Failed password for invalid user csgoserver from 181.30.27.11 port 59263 ssh2	2020-02-13 04:31:30
27.78.203.172	attackspambots	Automatic report - Port Scan Attack	2020-02-13 04:38:11
218.85.80.49	attack	2020-02-12T09:47:55.453375-07:00 suse-nuc sshd[16605]: Invalid user kethari from 218.85.80.49 port 48006 ...	2020-02-13 04:44:53
118.163.210.192	attackbots	Caught in portsentry honeypot	2020-02-13 04:41:24
64.113.32.29	attackspam	02/12/2020-18:31:20.560812 64.113.32.29 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 76	2020-02-13 04:15:06

Recently Reported IPs

41.182.130.110	11.172.52.228	109.149.231.14	45.136.108.11
151.74.228.199	2a01:4f8:191:93ee::2	185.245.84.58	113.68.24.29
50.206.82.201	20.195.209.210	220.168.85.107	51.15.161.122
18.214.105.148	185.137.233.215	130.246.112.195	118.104.116.93
107.81.173.73	134.209.151.198	132.148.26.79	151.93.144.45