212.142.224.166

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: Elhuyar Fundazioa

Hostname: unknown

Organization: unknown

Usage Type: Organization

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Dec 15 01:53:22 server sshd\[19144\]: Invalid user squid from 212.142.224.166 Dec 15 01:53:22 server sshd\[19144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.212-142-224.static.clientes.euskaltel.es Dec 15 01:53:24 server sshd\[19144\]: Failed password for invalid user squid from 212.142.224.166 port 56478 ssh2 Dec 15 02:19:30 server sshd\[26884\]: Invalid user server from 212.142.224.166 Dec 15 02:19:30 server sshd\[26884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.212-142-224.static.clientes.euskaltel.es ...	2019-12-15 07:25:31

Type

Details

Datetime

attackbots

Dec 15 01:53:22 server sshd\[19144\]: Invalid user squid from 212.142.224.166
Dec 15 01:53:22 server sshd\[19144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.212-142-224.static.clientes.euskaltel.es 
Dec 15 01:53:24 server sshd\[19144\]: Failed password for invalid user squid from 212.142.224.166 port 56478 ssh2
Dec 15 02:19:30 server sshd\[26884\]: Invalid user server from 212.142.224.166
Dec 15 02:19:30 server sshd\[26884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.212-142-224.static.clientes.euskaltel.es 
...

2019-12-15 07:25:31

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.142.224.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29775
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.142.224.166.		IN	A

;; AUTHORITY SECTION:
.			332	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121401 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 15 07:25:28 CST 2019
;; MSG SIZE  rcvd: 119

Host info

166.224.142.212.in-addr.arpa domain name pointer 166.212-142-224.static.clientes.euskaltel.es.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
166.224.142.212.in-addr.arpa	name = 166.212-142-224.static.clientes.euskaltel.es.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.110.89.253	attackspam	"SMTP brute force auth login attempt."	2020-01-23 18:51:23
103.107.228.150	attack	Portscan or hack attempt detected by psad/fwsnort	2020-01-23 18:48:57
51.91.122.140	attackbots	Jan 23 11:26:11 sd-53420 sshd\[15065\]: Invalid user devin from 51.91.122.140 Jan 23 11:26:11 sd-53420 sshd\[15065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.122.140 Jan 23 11:26:14 sd-53420 sshd\[15065\]: Failed password for invalid user devin from 51.91.122.140 port 40706 ssh2 Jan 23 11:28:20 sd-53420 sshd\[15427\]: User root from 51.91.122.140 not allowed because none of user's groups are listed in AllowGroups Jan 23 11:28:20 sd-53420 sshd\[15427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.122.140 user=root ...	2020-01-23 18:53:17
102.40.21.197	attackspam	"SMTP brute force auth login attempt."	2020-01-23 19:09:07
177.8.244.38	attackspambots	Unauthorized connection attempt detected from IP address 177.8.244.38 to port 2220 [J]	2020-01-23 19:10:16
115.159.25.60	attackspambots	Unauthorized connection attempt detected from IP address 115.159.25.60 to port 2220 [J]	2020-01-23 18:42:06
45.33.70.146	attack	Unauthorized connection attempt detected from IP address 45.33.70.146 to port 22 [J]	2020-01-23 19:11:45
185.220.101.46	attackspambots	Unauthorized connection attempt detected from IP address 185.220.101.46 to port 5923 [J]	2020-01-23 18:47:18
128.199.166.224	attackspambots	Unauthorized connection attempt detected from IP address 128.199.166.224 to port 2220 [J]	2020-01-23 19:03:27
86.35.37.186	attackspambots	Unauthorized connection attempt detected from IP address 86.35.37.186 to port 2220 [J]	2020-01-23 18:51:05
115.29.3.34	attackbotsspam	"SSH brute force auth login attempt."	2020-01-23 18:47:41
189.135.128.129	attackspam	Unauthorized connection attempt detected from IP address 189.135.128.129 to port 2220 [J]	2020-01-23 18:46:33
77.147.91.221	attackspambots	Unauthorized connection attempt detected from IP address 77.147.91.221 to port 2220 [J]	2020-01-23 18:52:56
62.86.25.151	attack	Unauthorized connection attempt detected from IP address 62.86.25.151 to port 80 [J]	2020-01-23 19:15:45
91.219.110.173	attack	"relaying denied"	2020-01-23 18:52:27

Recently Reported IPs

6.196.204.151	234.191.192.71	125.128.192.116	69.33.199.204
131.239.143.3	87.245.138.194	113.120.195.207	109.63.112.58
104.243.244.156	34.194.178.236	49.233.192.233	1.56.246.253
202.162.197.141	117.53.42.116	6.226.91.163	119.112.49.167
111.72.195.173	125.43.24.193	104.244.73.223	77.49.104.21