207.154.242.82

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 207.154.242.82:37473 -> port 22, len 44	2020-09-27 05:40:04
attackspam	Sep 26 15:55:24 localhost sshd\[8919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.82 user=root Sep 26 15:55:26 localhost sshd\[8919\]: Failed password for root from 207.154.242.82 port 43264 ssh2 Sep 26 15:55:27 localhost sshd\[8921\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.82 user=root Sep 26 15:55:28 localhost sshd\[8921\]: Failed password for root from 207.154.242.82 port 49242 ssh2 Sep 26 15:55:30 localhost sshd\[8923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.82 user=root ...	2020-09-26 21:56:45
attackspam	Sep 26 05:34:44 ip-172-31-61-156 sshd[19012]: Failed password for root from 207.154.242.82 port 50176 ssh2 Sep 26 05:34:45 ip-172-31-61-156 sshd[19017]: Invalid user admin from 207.154.242.82 Sep 26 05:34:45 ip-172-31-61-156 sshd[19017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.82 Sep 26 05:34:45 ip-172-31-61-156 sshd[19017]: Invalid user admin from 207.154.242.82 Sep 26 05:34:47 ip-172-31-61-156 sshd[19017]: Failed password for invalid user admin from 207.154.242.82 port 55826 ssh2 ...	2020-09-26 13:39:10
attackspam	...	2020-09-26 07:15:46
attackbotsspam	Sep 25 09:54:02 santamaria sshd\[9291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.82 user=root Sep 25 09:54:04 santamaria sshd\[9291\]: Failed password for root from 207.154.242.82 port 34790 ssh2 Sep 25 09:54:05 santamaria sshd\[9298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.82 user=root ...	2020-09-25 16:01:39

Comments on same subnet:

IP	Type	Details	Datetime
207.154.242.155	attackspam	Oct 11 06:25:02 pixelmemory sshd[2295380]: Invalid user nicusor from 207.154.242.155 port 57086 Oct 11 06:25:02 pixelmemory sshd[2295380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.155 Oct 11 06:25:02 pixelmemory sshd[2295380]: Invalid user nicusor from 207.154.242.155 port 57086 Oct 11 06:25:04 pixelmemory sshd[2295380]: Failed password for invalid user nicusor from 207.154.242.155 port 57086 ssh2 Oct 11 06:30:04 pixelmemory sshd[2315442]: Invalid user heinz from 207.154.242.155 port 35172 ...	2020-10-12 00:22:11
207.154.242.155	attackspam	Oct 11 10:14:47 sshgateway sshd\[11517\]: Invalid user wow from 207.154.242.155 Oct 11 10:14:47 sshgateway sshd\[11517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.155 Oct 11 10:14:49 sshgateway sshd\[11517\]: Failed password for invalid user wow from 207.154.242.155 port 37778 ssh2	2020-10-11 16:20:15
207.154.242.155	attackbotsspam	Oct 9 00:08:53 v26 sshd[18967]: Invalid user allan from 207.154.242.155 port 35850 Oct 9 00:08:53 v26 sshd[18967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.155 Oct 9 00:08:55 v26 sshd[18967]: Failed password for invalid user allan from 207.154.242.155 port 35850 ssh2 Oct 9 00:08:55 v26 sshd[18967]: Received disconnect from 207.154.242.155 port 35850:11: Bye Bye [preauth] Oct 9 00:08:55 v26 sshd[18967]: Disconnected from 207.154.242.155 port 35850 [preauth] Oct 9 00:29:25 v26 sshd[22769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.242.155 user=r.r Oct 9 00:29:27 v26 sshd[22769]: Failed password for r.r from 207.154.242.155 port 58878 ssh2 Oct 9 00:29:27 v26 sshd[22769]: Received disconnect from 207.154.242.155 port 58878:11: Bye Bye [preauth] Oct 9 00:29:27 v26 sshd[22769]: Disconnected from 207.154.242.155 port 58878 [preauth] Oct 9 00:34:26 v26 ssh........ -------------------------------	2020-10-11 09:39:13
207.154.242.25	attackspambots	Invalid user admin from 207.154.242.25 port 53600	2020-10-01 07:27:07
207.154.242.83	attackbots	Sep 27 03:50:18 : SSH login attempts with invalid user	2020-10-01 06:35:59
207.154.242.25	attack	Invalid user admin from 207.154.242.25 port 53966	2020-09-30 23:55:03
207.154.242.83	attack	Invalid user admin from 207.154.242.83 port 36950	2020-09-30 22:58:43
207.154.242.25	attackbotsspam	Port 22 Scan, PTR: None	2020-09-30 16:20:07
207.154.242.83	attackspam	Port scan denied	2020-09-30 15:32:02
207.154.242.83	attackbots	/GponForm/diag_Form%3Fstyle/	2020-09-29 05:16:02
207.154.242.83	attackspambots	none	2020-09-28 21:35:25
207.154.242.83	attackbots	Invalid user admin from 207.154.242.83 port 60154	2020-09-28 13:41:53
207.154.242.83	attack	Invalid user admin from 207.154.242.83 port 58536	2020-09-26 02:35:48
207.154.242.83	attackbots	Sep 24 01:48:18 ns sshd[15122]: Connection from 207.154.242.83 port 55502 on 134.119.39.98 port 22 Sep 24 01:48:18 ns sshd[15122]: Did not receive identification string from 207.154.242.83 port 55502 Sep 24 01:48:19 ns sshd[15269]: Connection from 207.154.242.83 port 57240 on 134.119.39.98 port 22 Sep 24 01:48:19 ns sshd[15286]: Connection from 207.154.242.83 port 57274 on 134.119.39.98 port 22 Sep 24 01:48:19 ns sshd[15300]: Connection from 207.154.242.83 port 57554 on 134.119.39.98 port 22 Sep 24 01:48:19 ns sshd[15269]: User r.r from 207.154.242.83 not allowed because not listed in AllowUsers Sep 24 01:48:19 ns sshd[15269]: Failed password for invalid user r.r from 207.154.242.83 port 57240 ssh2 Sep 24 01:48:19 ns sshd[15269]: Received disconnect from 207.154.242.83 port 57240:11: Normal Shutdown, Thank you for playing [preauth] Sep 24 01:48:19 ns sshd[15269]: Disconnected from 207.154.242.83 port 57240 [preauth] Sep 24 01:48:19 ns sshd[15286]: User r.r from 207.154......... -------------------------------	2020-09-25 18:20:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 207.154.242.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4855
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;207.154.242.82.			IN	A

;; AUTHORITY SECTION:
.			482	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092500 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 25 16:01:27 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 82.242.154.207.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 82.242.154.207.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.109.2.136	attackbotsspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 09:09:07
103.20.188.94	attackbotsspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:50:27
103.105.195.226	attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 09:12:04
92.62.139.103	attackspam	Aug 6 00:29:22 MK-Soft-VM5 sshd\[6066\]: Invalid user administrator from 92.62.139.103 port 42684 Aug 6 00:29:22 MK-Soft-VM5 sshd\[6066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.62.139.103 Aug 6 00:29:24 MK-Soft-VM5 sshd\[6066\]: Failed password for invalid user administrator from 92.62.139.103 port 42684 ssh2 ...	2019-08-06 08:53:21
103.1.92.35	attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 09:17:40
103.216.82.153	attackbotsspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:28:01
103.21.163.81	attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:48:33
103.212.147.125	attackspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:34:21
103.130.197.158	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:54:13
103.207.97.199	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:37:17
103.23.101.30	attackspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:46:59
103.109.0.242	attack	Mail sent to address harvested from public web site	2019-08-06 09:09:33
103.20.191.242	attackspambots	SPF Fail sender not permitted to send mail for @1mundo.net / Mail sent to address harvested from public web site	2019-08-06 08:49:53
103.18.132.169	attackbotsspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:52:33
103.195.37.101	attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:44:06

Recently Reported IPs

39.247.37.54	223.119.31.168	144.38.91.107	165.232.42.63
93.207.186.150	10.36.74.112	137.117.36.154	83.65.71.26
2.204.87.233	191.96.249.195	70.84.98.251	157.49.221.232
61.85.104.244	188.166.84.195	165.232.42.12	148.70.93.205
181.41.173.77	56.86.48.32	55.58.58.2	129.146.171.238