2.231.29.139 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Fastweb SpA

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Brute-force attempt banned	2020-03-10 21:28:54

Comments on same subnet:

IP	Type	Details	Datetime
2.231.29.215	attack	Repeated RDP login failures. Last user: administrator	2020-06-22 19:04:11
2.231.29.215	attack	Repeated RDP login failures. Last user: administrator	2020-06-11 23:54:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.231.29.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30853
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.231.29.139.			IN	A

;; AUTHORITY SECTION:
.			267	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031000 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 10 21:28:49 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 139.29.231.2.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.29.231.2.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
109.159.194.226	attackspam	Invalid user rsw from 109.159.194.226 port 43710	2020-05-23 06:35:09
87.110.181.30	attackbots	May 23 00:55:36 vps647732 sshd[30861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.110.181.30 May 23 00:55:38 vps647732 sshd[30861]: Failed password for invalid user shu from 87.110.181.30 port 33528 ssh2 ...	2020-05-23 07:10:03
222.186.169.194	attackspambots	May 23 00:39:14 vmd48417 sshd[24984]: Failed password for root from 222.186.169.194 port 53568 ssh2	2020-05-23 06:39:46
185.147.215.12	attack	[2020-05-22 18:42:57] NOTICE[1157] chan_sip.c: Registration from '' failed for '185.147.215.12:54489' - Wrong password [2020-05-22 18:42:57] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-22T18:42:57.786-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="38303",SessionID="0x7f5f100266a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.12/54489",Challenge="76cba1a2",ReceivedChallenge="76cba1a2",ReceivedHash="be763f7990fd354199db8ea1efd85bd7" [2020-05-22 18:45:19] NOTICE[1157] chan_sip.c: Registration from '' failed for '185.147.215.12:52687' - Wrong password [2020-05-22 18:45:19] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-22T18:45:19.364-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="40439",SessionID="0x7f5f100266a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.14 ...	2020-05-23 06:56:38
49.234.43.34	attackspam	May 23 00:05:46 sso sshd[2476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.43.34 May 23 00:05:48 sso sshd[2476]: Failed password for invalid user zri from 49.234.43.34 port 55989 ssh2 ...	2020-05-23 06:56:16
149.202.133.43	attackspam	May 23 00:58:50 eventyay sshd[20993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.133.43 May 23 00:58:52 eventyay sshd[20993]: Failed password for invalid user mujr from 149.202.133.43 port 36588 ssh2 May 23 01:03:27 eventyay sshd[21165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.133.43 ...	2020-05-23 07:10:56
114.104.6.203	attack	May 22 22:19:04 onepixel sshd[952936]: Invalid user mvw from 114.104.6.203 port 38378 May 22 22:19:04 onepixel sshd[952936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.104.6.203 May 22 22:19:04 onepixel sshd[952936]: Invalid user mvw from 114.104.6.203 port 38378 May 22 22:19:06 onepixel sshd[952936]: Failed password for invalid user mvw from 114.104.6.203 port 38378 ssh2 May 22 22:24:03 onepixel sshd[953600]: Invalid user vbx from 114.104.6.203 port 42994	2020-05-23 07:00:14
92.63.194.7	attackspam	SSH Brute-Force reported by Fail2Ban	2020-05-23 06:59:44
220.248.30.58	attackspam	Invalid user vhy from 220.248.30.58 port 48439	2020-05-23 06:45:39
51.83.129.158	attack	May 23 00:13:55 piServer sshd[12975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.129.158 May 23 00:13:57 piServer sshd[12975]: Failed password for invalid user nci from 51.83.129.158 port 34752 ssh2 May 23 00:21:01 piServer sshd[13678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.129.158 ...	2020-05-23 07:09:06
125.165.136.143	attackbots	May 22 23:30:38 OPSO sshd\[25765\]: Invalid user fwn from 125.165.136.143 port 48308 May 22 23:30:38 OPSO sshd\[25765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.165.136.143 May 22 23:30:40 OPSO sshd\[25765\]: Failed password for invalid user fwn from 125.165.136.143 port 48308 ssh2 May 22 23:34:33 OPSO sshd\[26311\]: Invalid user ieu from 125.165.136.143 port 54578 May 22 23:34:33 OPSO sshd\[26311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.165.136.143	2020-05-23 06:41:01
52.76.200.38	attackspam	21 attempts against mh-misbehave-ban on air	2020-05-23 06:36:10
104.248.142.140	attack	www.goldgier.de 104.248.142.140 [19/May/2020:08:27:16 +0200] "POST /wp-login.php HTTP/1.1" 200 8695 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.goldgier.de 104.248.142.140 [19/May/2020:08:27:16 +0200] "POST /wp-login.php HTTP/1.1" 200 8695 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-23 07:08:20
3.127.247.113	attackspam	Brute-force general attack.	2020-05-23 07:06:59
188.247.182.146	attackbots	Subject: Low quality medications are to be blamed that many people lose their health and even lives.	2020-05-23 06:38:03

Recently Reported IPs

159.89.97.23	113.178.218.216	192.0.2.2	185.220.101.47
14.236.196.8	14.182.151.90	58.27.192.195	72.77.64.190
171.251.16.101	113.172.164.116	14.236.72.105	110.78.175.87
103.200.22.217	113.57.96.91	59.11.157.64	14.241.39.197
200.88.52.122	216.37.206.125	144.91.116.48	67.212.137.101