2.42.212.159 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Vodafone Italia S.p.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Repeated RDP login failures. Last user: administrator	2020-06-11 23:27:58

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.42.212.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38082
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.42.212.159.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061100 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 23:27:44 CST 2020
;; MSG SIZE  rcvd: 116

Host info

159.212.42.2.in-addr.arpa domain name pointer net-2-42-212-159.cust.vodafonedsl.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
159.212.42.2.in-addr.arpa	name = net-2-42-212-159.cust.vodafonedsl.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
221.163.8.108	attackbotsspam	2020-09-05T16:52:21.018377n23.at sshd[2761905]: Failed password for invalid user test01 from 221.163.8.108 port 42922 ssh2 2020-09-05T17:00:31.495490n23.at sshd[2769043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.163.8.108 user=root 2020-09-05T17:00:33.355500n23.at sshd[2769043]: Failed password for root from 221.163.8.108 port 53350 ssh2 ...	2020-09-06 01:04:37
37.152.178.44	attackbots	2020-09-05T14:59:44.466142shield sshd\[8242\]: Invalid user oracle from 37.152.178.44 port 35688 2020-09-05T14:59:44.475318shield sshd\[8242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.152.178.44 2020-09-05T14:59:46.550750shield sshd\[8242\]: Failed password for invalid user oracle from 37.152.178.44 port 35688 ssh2 2020-09-05T15:04:09.716075shield sshd\[8495\]: Invalid user atul from 37.152.178.44 port 39706 2020-09-05T15:04:09.725605shield sshd\[8495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.152.178.44	2020-09-06 01:10:27
142.0.162.24	attackbotsspam	Spam	2020-09-06 00:38:53
210.13.111.26	attack	Sep 4 22:26:07 firewall sshd[30538]: Invalid user status from 210.13.111.26 Sep 4 22:26:09 firewall sshd[30538]: Failed password for invalid user status from 210.13.111.26 port 36441 ssh2 Sep 4 22:27:46 firewall sshd[30620]: Invalid user admin1 from 210.13.111.26 ...	2020-09-06 00:59:06
45.154.168.201	attackbots	2020-09-05 11:36:43.744261-0500 localhost sshd[41861]: Failed password for root from 45.154.168.201 port 33766 ssh2	2020-09-06 00:42:19
51.75.195.80	attack	WordPress login Brute force / Web App Attack on client site.	2020-09-06 00:43:26
95.151.7.147	attackspambots	Sep 4 18:48:42 mellenthin postfix/smtpd[29435]: NOQUEUE: reject: RCPT from unknown[95.151.7.147]: 554 5.7.1 Service unavailable; Client host [95.151.7.147] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/95.151.7.147; from= to= proto=ESMTP helo=<[95.151.7.147]>	2020-09-06 00:48:21
192.241.234.234	attackbots	Port Scan ...	2020-09-06 00:52:24
200.121.203.113	attackspambots	Sep 4 18:48:47 mellenthin postfix/smtpd[31026]: NOQUEUE: reject: RCPT from unknown[200.121.203.113]: 554 5.7.1 Service unavailable; Client host [200.121.203.113] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/200.121.203.113; from= to= proto=ESMTP helo=	2020-09-06 00:43:38
45.82.136.236	attackspam	Sep 1 14:56:06 euve59663 sshd[15993]: Did not receive identification s= tring from 45.82.136.236 Sep 1 14:56:09 euve59663 sshd[15994]: Invalid user ansible from 45.82.= 136.236 Sep 1 14:56:09 euve59663 sshd[15994]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D45.= 82.136.236=20 Sep 1 14:56:11 euve59663 sshd[15994]: Failed password for invalid user= ansible from 45.82.136.236 port 48408 ssh2 Sep 1 14:56:11 euve59663 sshd[15994]: Received disconnect from 45.82.1= 36.236: 11: Normal Shutdown, Thank you for playing [preauth] Sep 1 14:56:17 euve59663 sshd[15996]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D45.= 82.136.236 user=3Dr.r Sep 1 14:56:19 euve59663 sshd[15996]: Failed password for r.r from 45= .82.136.236 port 53924 ssh2 Sep 1 14:56:19 euve59663 sshd[15996]: Received disconnect from 45.82.1= 36.236: 11: Normal Shutdown, Thank you for playing [........ -------------------------------	2020-09-06 00:36:49
192.35.168.232	attackbotsspam	Port Scan/VNC login attempt ...	2020-09-06 01:02:20
192.241.224.140	attack	firewall-block, port(s): 5984/tcp	2020-09-06 00:53:16
1.52.220.68	attack	Brute Force	2020-09-06 01:09:10
192.241.233.90	attack	Lines containing failures of 192.241.233.90 2020-09-05 11:52:42 SMTP protocol synchronization error (input sent whostnamehout wahostnameing for greeting): rejected connection from H=[192.241.233.90] input="EHLO zg-0823b-161 " ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.241.233.90	2020-09-06 00:31:36
61.185.40.130	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-06 01:08:50

Recently Reported IPs

48.7.180.201	181.66.169.30	34.43.71.61	79.197.208.166
179.6.216.223	203.209.202.79	230.192.185.88	188.125.174.47
87.48.31.198	132.39.66.184	95.207.56.140	188.92.8.22
48.130.5.232	225.153.86.229	185.49.144.197	139.136.139.243
1.143.103.190	201.49.245.10	185.42.173.101	185.7.64.84