34.159.2.242 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hessen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.159.2.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45654
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;34.159.2.242.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022000 1800 900 604800 86400

;; Query time: 44 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 15:12:54 CST 2025
;; MSG SIZE  rcvd: 105

Host info

242.2.159.34.in-addr.arpa domain name pointer 242.2.159.34.bc.googleusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.2.159.34.in-addr.arpa	name = 242.2.159.34.bc.googleusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.242.229.113	attackbots	Brute force SMTP login attempts.	2019-09-27 16:43:43
155.4.120.9	attack	firewall-block, port(s): 5555/tcp	2019-09-27 16:26:30
106.12.213.162	attackspam	2019-09-27T09:23:21.896702lon01.zurich-datacenter.net sshd\[6444\]: Invalid user cmschine from 106.12.213.162 port 33534 2019-09-27T09:23:21.901953lon01.zurich-datacenter.net sshd\[6444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.213.162 2019-09-27T09:23:24.406438lon01.zurich-datacenter.net sshd\[6444\]: Failed password for invalid user cmschine from 106.12.213.162 port 33534 ssh2 2019-09-27T09:29:13.581334lon01.zurich-datacenter.net sshd\[6605\]: Invalid user new from 106.12.213.162 port 57160 2019-09-27T09:29:13.587464lon01.zurich-datacenter.net sshd\[6605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.213.162 ...	2019-09-27 16:23:45
109.124.148.164	attackspam	Sep 27 05:49:59 tor-proxy-04 sshd\[9188\]: Invalid user pi from 109.124.148.164 port 36624 Sep 27 05:49:59 tor-proxy-04 sshd\[9188\]: Connection closed by 109.124.148.164 port 36624 \[preauth\] Sep 27 05:50:00 tor-proxy-04 sshd\[9190\]: Invalid user pi from 109.124.148.164 port 36626 Sep 27 05:50:00 tor-proxy-04 sshd\[9190\]: Connection closed by 109.124.148.164 port 36626 \[preauth\] ...	2019-09-27 16:52:00
80.201.156.254	attack	SSH invalid-user multiple login try	2019-09-27 16:51:14
74.63.255.138	attack	\[2019-09-27 09:11:49\] SECURITY\[4657\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-27T09:11:49.584+0200",Severity="Error",Service="SIP",EventVersion="2",AccountID="7",SessionID="0x7fddeeb988a8",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/74.63.255.138/5789",Challenge="14837210",ReceivedChallenge="14837210",ReceivedHash="98ac2a69928a981660c5378d3f7f583a" \[2019-09-27 09:11:49\] SECURITY\[4657\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-27T09:11:49.860+0200",Severity="Error",Service="SIP",EventVersion="2",AccountID="7",SessionID="0x7fddeebec018",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/74.63.255.138/5789",Challenge="24d4a848",ReceivedChallenge="24d4a848",ReceivedHash="9a0dd124c84cc9a1841a0a253c388de3" \[2019-09-27 09:11:49\] SECURITY\[4657\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-27T09:11:49.889+0200",Severity="Error",Service="SIP",EventVersion="2",AccountID= ...	2019-09-27 16:47:36
45.136.109.85	attack	EventTime:Fri Sep 27 18:34:36 AEST 2019,Protocol:TCP,VendorEventCode:RT_FLOW_SESSION_DENY,TargetPort:465,SourceIP:45.136.109.85,SourcePort:41189	2019-09-27 16:48:59
189.69.242.94	attackspambots	Automatic report - Port Scan Attack	2019-09-27 16:48:29
46.238.40.2	attackbots	Sep 26 22:26:03 php1 sshd\[21595\]: Invalid user club123 from 46.238.40.2 Sep 26 22:26:03 php1 sshd\[21595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.238.40.2 Sep 26 22:26:04 php1 sshd\[21595\]: Failed password for invalid user club123 from 46.238.40.2 port 51260 ssh2 Sep 26 22:30:32 php1 sshd\[21968\]: Invalid user 0l0ctyQh243O63uD from 46.238.40.2 Sep 26 22:30:32 php1 sshd\[21968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.238.40.2	2019-09-27 16:43:14
66.240.219.146	attack	09/27/2019-09:57:25.222249 66.240.219.146 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 69	2019-09-27 16:26:47
91.225.122.58	attackbots	Sep 27 09:52:47 fr01 sshd[17786]: Invalid user curt from 91.225.122.58 ...	2019-09-27 16:45:31
106.13.145.106	attackspambots	Sep 27 10:13:39 vps691689 sshd[3138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.145.106 Sep 27 10:13:41 vps691689 sshd[3138]: Failed password for invalid user beavis from 106.13.145.106 port 39832 ssh2 ...	2019-09-27 16:23:16
5.196.75.178	attack	Repeated brute force against a port	2019-09-27 16:15:56
70.162.246.85	attackspam	[FriSep2705:29:55.9631502019][:error][pid3069:tid46955195578112][client70.162.246.85:39552][client70.162.246.85]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"pharabouth.com"][uri"/b.sql"][unique_id"XY2CM4s-INubdgEqSXg9kQAAAAQ"][FriSep2705:50:33.2951442019][:error][pid10000:tid46955187173120][client70.162.246.85:58472][client70.162.246.85]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severit	2019-09-27 16:18:13
94.158.22.92	attack	4.610.182,84-03/02 [bc18/m59] concatform PostRequest-Spammer scoring: Durban02	2019-09-27 16:38:11

Recently Reported IPs

79.103.47.249	27.120.237.193	86.129.7.129	156.153.172.23
68.20.220.123	203.103.63.194	130.167.131.182	157.178.192.212
168.201.106.91	224.212.239.96	109.167.44.242	255.25.219.131
185.76.95.65	240.142.1.151	14.20.43.171	107.21.183.94
130.167.133.240	245.206.240.127	44.236.234.144	3.146.158.172