2.42.95.24 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Vodafone Italia S.p.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack		2020-08-14 21:59:38

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.42.95.24
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59102
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.42.95.24.			IN	A

;; AUTHORITY SECTION:
.			449	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081400 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 14 21:59:31 CST 2020
;; MSG SIZE  rcvd: 114

Host info

24.95.42.2.in-addr.arpa domain name pointer net-2-42-95-24.cust.vodafonedsl.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
24.95.42.2.in-addr.arpa	name = net-2-42-95-24.cust.vodafonedsl.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
163.172.178.167	attackspambots	SSH bruteforce	2020-06-05 12:06:28
51.68.11.195	attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-05 12:21:24
222.186.190.2	attackspam	Jun 5 06:02:53 vps sshd[389694]: Failed password for root from 222.186.190.2 port 37290 ssh2 Jun 5 06:02:56 vps sshd[389694]: Failed password for root from 222.186.190.2 port 37290 ssh2 Jun 5 06:02:59 vps sshd[389694]: Failed password for root from 222.186.190.2 port 37290 ssh2 Jun 5 06:03:01 vps sshd[389694]: Failed password for root from 222.186.190.2 port 37290 ssh2 Jun 5 06:03:05 vps sshd[389694]: Failed password for root from 222.186.190.2 port 37290 ssh2 ...	2020-06-05 12:08:25
46.40.2.173	attackbotsspam	(RS/Serbia/-) SMTP Bruteforcing attempts	2020-06-05 12:04:14
222.186.175.169	attackspambots	Jun 5 06:12:56 home sshd[26434]: Failed password for root from 222.186.175.169 port 5344 ssh2 Jun 5 06:12:59 home sshd[26434]: Failed password for root from 222.186.175.169 port 5344 ssh2 Jun 5 06:13:03 home sshd[26434]: Failed password for root from 222.186.175.169 port 5344 ssh2 Jun 5 06:13:10 home sshd[26434]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 5344 ssh2 [preauth] ...	2020-06-05 12:18:43
77.9.14.231	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2020-06-05 12:05:28
115.159.214.247	attackspam	Jun 5 05:56:05 * sshd[28611]: Failed password for root from 115.159.214.247 port 39690 ssh2	2020-06-05 12:28:08
213.180.203.158	attackbotsspam	[Fri Jun 05 10:59:01.597031 2020] [:error] [pid 10209:tid 140479447713536] [client 213.180.203.158:32792] [client 213.180.203.158] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XtnDBfkTo31H6ukccoOMzQAAAcI"] ...	2020-06-05 12:04:28
45.7.138.40	attackbotsspam	(sshd) Failed SSH login from 45.7.138.40 (MX/Mexico/ws-pop-ags-45-7-138-40.wibo.mx): 5 in the last 3600 secs	2020-06-05 12:23:34
222.186.190.14	attackbotsspam	Jun 5 06:26:55 legacy sshd[17584]: Failed password for root from 222.186.190.14 port 58929 ssh2 Jun 5 06:27:03 legacy sshd[17591]: Failed password for root from 222.186.190.14 port 23149 ssh2 ...	2020-06-05 12:32:32
95.7.49.172	attack	Automatic report - Port Scan Attack	2020-06-05 08:36:42
171.235.79.29	attack	Automatic report - Port Scan Attack	2020-06-05 12:27:27
77.247.181.162	attack	[MK-Root1] Blocked by UFW	2020-06-05 12:02:56
125.227.26.20	attack	SSH Brute-Force Attack	2020-06-05 12:04:55
14.124.100.127	attack	SSH bruteforce	2020-06-05 12:14:36

Recently Reported IPs

185.192.70.200	173.93.209.88	35.17.170.177	47.79.134.171
84.8.122.0	185.132.177.136	252.150.143.49	184.75.210.54
182.75.107.70	179.61.172.230	176.25.0.46	24.50.70.65
61.92.251.82	172.94.22.47	10.232.231.233	129.205.124.238
10.4.208.129	212.87.168.247	227.173.58.131	253.62.93.54