192.145.127.212

Basic Info

City: Milan

Region: Lombardy

Country: Italy

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
192.145.127.42	attack	SIP/5060 Probe, BF, Hack -	2020-03-23 13:37:44
192.145.127.42	attackspam	firewall-block, port(s): 1900/tcp	2020-03-09 20:25:36
192.145.127.42	attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-02-21 09:34:01
192.145.127.42	attackbots	SIP/5060 Probe, BF, Hack -	2020-02-19 18:08:32
192.145.127.42	attackbots	Honeypot attack, port: 81, PTR: PTR record not found	2020-02-02 21:32:04
192.145.127.42	attackbotsspam	Dec 14 02:56:01 debian-2gb-vpn-nbg1-1 kernel: [659737.192346] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=192.145.127.42 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=57239 DPT=2222 WINDOW=65535 RES=0x00 SYN URGP=0	2019-12-14 08:33:45
192.145.127.42	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-28 04:33:26
192.145.127.42	attackbots	firewall-block, port(s): 161/udp	2019-09-27 16:18:57

Whois info:

Dig info:

b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 192.145.127.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55014
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;192.145.127.212.		IN	A

;; Query time: 1 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Jun 26 18:09:41 CST 2021
;; MSG SIZE  rcvd: 44

'

Host info

Host 212.127.145.192.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 212.127.145.192.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.206.128.66	attackspambots	firewall-block, port(s): 5060/tcp	2019-08-08 09:32:43
181.48.116.50	attack	2019-08-08T02:32:42.681548lon01.zurich-datacenter.net sshd\[1314\]: Invalid user play from 181.48.116.50 port 55488 2019-08-08T02:32:42.688082lon01.zurich-datacenter.net sshd\[1314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.116.50 2019-08-08T02:32:44.925228lon01.zurich-datacenter.net sshd\[1314\]: Failed password for invalid user play from 181.48.116.50 port 55488 ssh2 2019-08-08T02:36:50.531213lon01.zurich-datacenter.net sshd\[1382\]: Invalid user thiago from 181.48.116.50 port 49026 2019-08-08T02:36:50.537582lon01.zurich-datacenter.net sshd\[1382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.116.50 ...	2019-08-08 09:12:17
81.22.45.225	attackspambots	Aug 8 03:13:59 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.225 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=2156 PROTO=TCP SPT=46262 DPT=9911 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-08 09:17:08
91.192.224.186	attackspambots	91.192.224.186 - - [07/Aug/2019:23:46:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.192.224.186 - - [07/Aug/2019:23:46:19 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.192.224.186 - - [07/Aug/2019:23:46:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.192.224.186 - - [07/Aug/2019:23:46:19 +0200] "POST /wp-login.php HTTP/1.1" 200 1631 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.192.224.186 - - [07/Aug/2019:23:46:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.192.224.186 - - [07/Aug/2019:23:46:20 +0200] "POST /wp-login.php HTTP/1.1" 200 1630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-08 09:33:42
81.22.45.148	attackbots	Port scan on 17 port(s): 8088 8241 8333 8347 8372 8423 8461 8466 8521 8709 8752 8776 8895 8939 8949 8979 9632	2019-08-08 09:34:16
41.204.161.161	attackspam	Aug 6 05:27:02 server6 sshd[13074]: Address 41.204.161.161 maps to oris.nacosti.go.ke, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 6 05:27:02 server6 sshd[13074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 user=r.r Aug 6 05:27:04 server6 sshd[13074]: Failed password for r.r from 41.204.161.161 port 34734 ssh2 Aug 6 05:27:04 server6 sshd[13074]: Received disconnect from 41.204.161.161: 11: Bye Bye [preauth] Aug 6 06:35:47 server6 sshd[9996]: Address 41.204.161.161 maps to oris.nacosti.go.ke, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 6 06:35:48 server6 sshd[9996]: Failed password for invalid user userftp from 41.204.161.161 port 60910 ssh2 Aug 6 06:35:49 server6 sshd[9996]: Received disconnect from 41.204.161.161: 11: Bye Bye [preauth] Aug 6 06:40:46 server6 sshd[14323]: Address 41.204.161.161 maps to oris.nacosti.go.ke, but this does not ma........ -------------------------------	2019-08-08 08:52:57
41.78.241.238	attackspambots	Aug 7 21:06:08 master sshd[20660]: Failed password for invalid user hbacoustic from 41.78.241.238 port 58752 ssh2 Aug 7 21:37:48 master sshd[20982]: Failed password for invalid user apeitpanthiya from 41.78.241.238 port 41192 ssh2 Aug 7 21:44:55 master sshd[20984]: Failed password for invalid user anauser from 41.78.241.238 port 36304 ssh2 Aug 7 21:51:18 master sshd[20997]: Failed password for invalid user freebsd from 41.78.241.238 port 59544 ssh2	2019-08-08 08:53:14
192.241.167.200	attackspambots	$f2bV_matches	2019-08-08 09:24:34
23.129.64.213	attackspambots	Aug 7 19:30:28 h2177944 sshd\[31390\]: Invalid user vagrant from 23.129.64.213 port 32049 Aug 7 19:30:28 h2177944 sshd\[31390\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 Aug 7 19:30:29 h2177944 sshd\[31390\]: Failed password for invalid user vagrant from 23.129.64.213 port 32049 ssh2 Aug 7 19:30:34 h2177944 sshd\[31392\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 user=root ...	2019-08-08 09:19:41
139.99.40.27	attackspambots	Aug 7 14:21:13 xtremcommunity sshd\[6130\]: Invalid user johnny from 139.99.40.27 port 50448 Aug 7 14:21:13 xtremcommunity sshd\[6130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27 Aug 7 14:21:15 xtremcommunity sshd\[6130\]: Failed password for invalid user johnny from 139.99.40.27 port 50448 ssh2 Aug 7 14:26:24 xtremcommunity sshd\[11605\]: Invalid user rails from 139.99.40.27 port 44758 Aug 7 14:26:24 xtremcommunity sshd\[11605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27 ...	2019-08-08 09:13:35
213.167.58.36	attackspam	Aug 8 02:29:03 ns1 postfix/smtpd\[19731\]: warning: adm.iile.ru\[213.167.58.36\]: SASL LOGIN authentication failed: authentication failure Aug 8 02:29:08 ns1 postfix/smtpd\[19731\]: warning: adm.iile.ru\[213.167.58.36\]: SASL LOGIN authentication failed: authentication failure Aug 8 02:29:11 ns1 postfix/smtpd\[19731\]: warning: adm.iile.ru\[213.167.58.36\]: SASL LOGIN authentication failed: authentication failure Aug 8 02:29:14 ns1 postfix/smtpd\[19731\]: warning: adm.iile.ru\[213.167.58.36\]: SASL LOGIN authentication failed: authentication failure Aug 8 02:29:17 ns1 postfix/smtpd\[19731\]: warning: adm.iile.ru\[213.167.58.36\]: SASL LOGIN authentication failed: authentication failure Aug 8 02:29:21 ns1 postfix/smtpd\[19731\]: warning: adm.iile.ru\[213.167.58.36\]: SASL LOGIN authentication failed: authentication failure Aug 8 02:29:24 ns1 postfix/smtpd\[19731\]: warning: adm.iile.ru\[213.167.58.36\]: SASL LOGIN authentication failed: authentication failure Aug 8 02:29:27 ns1 postfix/smtpd\[19731\]:	2019-08-08 09:24:17
116.203.194.97	attackbotsspam	Aug 7 19:07:50 mercury wordpress(li147-221.members.linode.com)[19959]: XML-RPC authentication attempt for unknown user cuttingedge from 116.203.194.97 Aug 7 19:07:50 mercury wordpress(li147-221.members.linode.com)[19959]: XML-RPC multicall authentication failure from 116.203.194.97 Aug 7 19:07:50 mercury wordpress(li147-221.members.linode.com)[31340]: XML-RPC authentication attempt for unknown user cuttingedge from 116.203.194.97 Aug 7 19:07:50 mercury wordpress(li147-221.members.linode.com)[30388]: XML-RPC authentication attempt for unknown user cuttingedge from 116.203.194.97 ...	2019-08-08 08:55:17
36.73.104.14	attackbotsspam	firewall-block, port(s): 81/tcp	2019-08-08 09:38:27
46.3.96.67	attack	Unauthorised access (Aug 8) SRC=46.3.96.67 LEN=40 TTL=247 ID=4308 TCP DPT=3306 WINDOW=1024 SYN	2019-08-08 09:37:34
177.10.144.94	attackbots	SpamReport	2019-08-08 09:12:53

Recently Reported IPs

12.177.217.15	186.195.35.143	111.90.50.20	111.90.50.16
152.57.60.218	83.220.236.148	13.71.190.76	52.16.25.145
185.41.141.5	193.42.57.165	100.128.87.109	8.38.148.67
171.22.122.31	213.163.87.156	37.251.220.127	186.189.194.147
103.109.176.158	185.180.12.57	195.133.15.206	23.247.53.89