3.249.2.42 - IPInfo

Basic Info

City: Dublin

Region: Leinster

Country: Ireland

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.249.2.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47769
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3.249.2.42.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025051002 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 11 11:30:36 CST 2025
;; MSG SIZE  rcvd: 103

Host info

42.2.249.3.in-addr.arpa domain name pointer ec2-3-249-2-42.eu-west-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.2.249.3.in-addr.arpa	name = ec2-3-249-2-42.eu-west-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.204	attackspambots	2020-02-27T21:32:35.745534vps751288.ovh.net sshd\[20831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root 2020-02-27T21:32:37.387164vps751288.ovh.net sshd\[20831\]: Failed password for root from 218.92.0.204 port 28692 ssh2 2020-02-27T21:32:39.893954vps751288.ovh.net sshd\[20831\]: Failed password for root from 218.92.0.204 port 28692 ssh2 2020-02-27T21:32:42.480964vps751288.ovh.net sshd\[20831\]: Failed password for root from 218.92.0.204 port 28692 ssh2 2020-02-27T21:33:55.639910vps751288.ovh.net sshd\[20857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root	2020-02-28 04:37:35
89.248.168.202	attackbotsspam	Feb 27 20:40:53 h2177944 kernel: \[6030202.316502\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.202 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=50887 PROTO=TCP SPT=53577 DPT=6207 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 27 20:40:53 h2177944 kernel: \[6030202.316519\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.202 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=50887 PROTO=TCP SPT=53577 DPT=6207 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 27 21:23:11 h2177944 kernel: \[6032740.047464\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.202 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=54788 PROTO=TCP SPT=53577 DPT=6211 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 27 21:23:11 h2177944 kernel: \[6032740.047479\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.202 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=54788 PROTO=TCP SPT=53577 DPT=6211 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 27 21:31:45 h2177944 kernel: \[6033253.473114\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.168.202 DST=85.214.	2020-02-28 04:46:59
218.92.0.189	attackspambots	Feb 27 21:25:33 legacy sshd[12057]: Failed password for root from 218.92.0.189 port 40620 ssh2 Feb 27 21:26:35 legacy sshd[12064]: Failed password for root from 218.92.0.189 port 56893 ssh2 ...	2020-02-28 04:44:00
119.254.78.216	attackbots	Port probing on unauthorized port 1433	2020-02-28 04:22:14
113.128.105.198	attack	113.128.105.198 - - \[27/Feb/2020:16:20:44 +0200\] "HEAD http://123.125.114.144/ HTTP/1.1" 200 - "-" "Mozilla/5.01732016 Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\; rv:55.0\) Gecko/20100101 Firefox/55.0"	2020-02-28 04:46:37
189.252.38.211	attack	1582813239 - 02/27/2020 15:20:39 Host: 189.252.38.211/189.252.38.211 Port: 445 TCP Blocked	2020-02-28 04:51:54
114.34.215.166	attack	suspicious action Thu, 27 Feb 2020 11:20:54 -0300	2020-02-28 04:36:23
190.70.1.69	attackspambots	suspicious action Thu, 27 Feb 2020 11:20:44 -0300	2020-02-28 04:47:19
201.186.134.34	attack	DATE:2020-02-27 16:36:50, IP:201.186.134.34, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2020-02-28 04:23:04
132.232.42.33	attack	Feb 27 20:32:47 lnxweb61 sshd[23418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.42.33	2020-02-28 04:46:07
174.60.121.175	attack	Feb 27 09:59:03 web1 sshd\[26663\]: Invalid user sito from 174.60.121.175 Feb 27 09:59:03 web1 sshd\[26663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.60.121.175 Feb 27 09:59:05 web1 sshd\[26663\]: Failed password for invalid user sito from 174.60.121.175 port 47634 ssh2 Feb 27 10:07:56 web1 sshd\[27434\]: Invalid user noc from 174.60.121.175 Feb 27 10:07:56 web1 sshd\[27434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.60.121.175	2020-02-28 04:21:57
103.207.11.10	attackspambots	Feb 27 21:10:55 jane sshd[32416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.11.10 Feb 27 21:10:57 jane sshd[32416]: Failed password for invalid user xbot from 103.207.11.10 port 43288 ssh2 ...	2020-02-28 04:35:38
83.1.195.205	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 04:57:28
37.23.246.172	attackbots	Feb 27 15:11:29 h1637304 sshd[7511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.23.246.172 user=r.r Feb 27 15:11:31 h1637304 sshd[7511]: Failed password for r.r from 37.23.246.172 port 42383 ssh2 Feb 27 15:11:33 h1637304 sshd[7511]: Failed password for r.r from 37.23.246.172 port 42383 ssh2 Feb 27 15:11:35 h1637304 sshd[7511]: Failed password for r.r from 37.23.246.172 port 42383 ssh2 Feb 27 15:11:37 h1637304 sshd[7511]: Failed password for r.r from 37.23.246.172 port 42383 ssh2 Feb 27 15:11:39 h1637304 sshd[7511]: Failed password for r.r from 37.23.246.172 port 42383 ssh2 Feb 27 15:11:41 h1637304 sshd[7511]: Failed password for r.r from 37.23.246.172 port 42383 ssh2 Feb 27 15:11:41 h1637304 sshd[7511]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.23.246.172 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.23.246.172	2020-02-28 04:17:59
84.38.180.44	attackbotsspam	Lines containing failures of 84.38.180.44 Feb 27 10:09:54 UTC__SANYALnet-Labs__cac1 sshd[4606]: Connection from 84.38.180.44 port 51318 on 104.167.106.93 port 22 Feb 27 10:09:55 UTC__SANYALnet-Labs__cac1 sshd[4606]: Address 84.38.180.44 maps to rm01.ru, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 27 10:09:55 UTC__SANYALnet-Labs__cac1 sshd[4606]: Invalid user at from 84.38.180.44 port 51318 Feb 27 10:09:55 UTC__SANYALnet-Labs__cac1 sshd[4606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.38.180.44 Feb 27 10:09:57 UTC__SANYALnet-Labs__cac1 sshd[4606]: Failed password for invalid user at from 84.38.180.44 port 51318 ssh2 Feb 27 10:09:57 UTC__SANYALnet-Labs__cac1 sshd[4606]: Received disconnect from 84.38.180.44 port 51318:11: Bye Bye [preauth] Feb 27 10:09:57 UTC__SANYALnet-Labs__cac1 sshd[4606]: Disconnected from 84.38.180.44 port 51318 [preauth] Feb 27 10:36:11 UTC__SANYALnet-Labs__cac1 sshd[5320........ ------------------------------	2020-02-28 04:15:08

Recently Reported IPs

25.244.70.0	188.220.4.54	38.244.42.168	34.141.147.241
185.247.137.123	93.19.64.8	120.235.173.214	147.185.133.152
85.208.84.139	65.49.1.84	37.60.241.154	113.215.189.234
10.57.99.252	42.83.147.53	161.35.85.22	76.154.1.88
113.215.189.228	81.70.60.218	230.65.4.125	25.7.6.16