80.104.2.39 - IPInfo

Basic Info

City: Pavia

Region: Lombardy

Country: Italy

Internet Service Provider: unknown

Hostname: unknown

Organization: Telecom Italia

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
80.104.201.188	attack	Unauthorized connection attempt detected from IP address 80.104.201.188 to port 5555 [J]	2020-01-16 07:44:25
80.104.21.68	attackbots	Port Scan	2019-10-24 00:33:42
80.104.202.234	attack	Brute force attempt	2019-07-23 16:29:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.104.2.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16651
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.104.2.39.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073002 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 31 04:06:35 CST 2019
;; MSG SIZE  rcvd: 115

Host info

39.2.104.80.in-addr.arpa domain name pointer host39-2-dynamic.104-80-r.retail.telecomitalia.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
39.2.104.80.in-addr.arpa	name = host39-2-dynamic.104-80-r.retail.telecomitalia.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.88.188	attack	F2B jail: sshd. Time: 2019-09-27 08:56:06, Reported by: VKReport	2019-09-27 18:07:26
186.109.81.185	attackbots	Invalid user teste from 186.109.81.185 port 13604	2019-09-27 18:16:17
49.234.56.201	attack	Sep 26 23:32:05 php1 sshd\[19110\]: Invalid user ubuntu from 49.234.56.201 Sep 26 23:32:05 php1 sshd\[19110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.56.201 Sep 26 23:32:06 php1 sshd\[19110\]: Failed password for invalid user ubuntu from 49.234.56.201 port 44554 ssh2 Sep 26 23:36:53 php1 sshd\[19670\]: Invalid user ts from 49.234.56.201 Sep 26 23:36:53 php1 sshd\[19670\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.56.201	2019-09-27 17:45:15
181.40.73.86	attackspambots	Sep 27 11:29:43 markkoudstaal sshd[27655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.73.86 Sep 27 11:29:45 markkoudstaal sshd[27655]: Failed password for invalid user qq from 181.40.73.86 port 6981 ssh2 Sep 27 11:34:32 markkoudstaal sshd[28153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.73.86	2019-09-27 17:46:54
77.247.110.134	attackbots	\[2019-09-27 05:45:17\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T05:45:17.919-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="710801148767414002",SessionID="0x7f1e1c20d2a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.134/54018",ACLName="no_extension_match" \[2019-09-27 05:45:19\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T05:45:19.035-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="992011901148122518022",SessionID="0x7f1e1c1c7ef8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.134/57379",ACLName="no_extension_match" \[2019-09-27 05:45:47\] SECURITY\[2006\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-27T05:45:47.540-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="243301148134454003",SessionID="0x7f1e1c1e96b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.134/55803",	2019-09-27 18:01:03
80.82.77.240	attackspambots	09/27/2019-03:33:52.613243 80.82.77.240 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82	2019-09-27 18:21:59
240e:390:7d4e:715f:103e:41ef:868a:80ca	attack	SS5,WP GET /wp-login.php	2019-09-27 17:49:01
5.54.166.141	attackbots	Telnet Server BruteForce Attack	2019-09-27 17:51:42
111.204.86.194	attack	Sep 27 11:29:46 andromeda postfix/smtpd\[52642\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure Sep 27 11:29:49 andromeda postfix/smtpd\[49558\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure Sep 27 11:29:53 andromeda postfix/smtpd\[52642\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure Sep 27 11:29:58 andromeda postfix/smtpd\[45429\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure Sep 27 11:30:04 andromeda postfix/smtpd\[52642\]: warning: unknown\[111.204.86.194\]: SASL LOGIN authentication failed: authentication failure	2019-09-27 17:43:55
220.202.194.167	attackspam	[Aegis] @ 2019-09-27 04:48:21 0100 -> Sendmail rejected due to pre-greeting.	2019-09-27 17:47:37
178.32.105.63	attackspambots	Sep 27 11:35:51 server sshd[22952]: Failed password for invalid user atlas from 178.32.105.63 port 32850 ssh2 Sep 27 11:49:20 server sshd[24846]: Failed password for invalid user abran from 178.32.105.63 port 41260 ssh2 Sep 27 11:52:56 server sshd[25335]: Failed password for invalid user templates from 178.32.105.63 port 53772 ssh2	2019-09-27 18:17:59
103.192.76.120	attackbots	Sep 27 05:48:24 dev sshd\[2570\]: Invalid user admin from 103.192.76.120 port 32790 Sep 27 05:48:24 dev sshd\[2570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.192.76.120 Sep 27 05:48:26 dev sshd\[2570\]: Failed password for invalid user admin from 103.192.76.120 port 32790 ssh2	2019-09-27 17:54:51
104.50.8.212	attackbots	Sep 27 06:31:59 localhost sshd\[31134\]: Invalid user reward from 104.50.8.212 port 59176 Sep 27 06:31:59 localhost sshd\[31134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.50.8.212 Sep 27 06:32:00 localhost sshd\[31134\]: Failed password for invalid user reward from 104.50.8.212 port 59176 ssh2 ...	2019-09-27 18:20:16
185.143.221.186	attackspambots	09/27/2019-05:18:59.954962 185.143.221.186 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-27 18:15:58
218.41.188.136	attack	Unauthorised access (Sep 27) SRC=218.41.188.136 LEN=40 TTL=53 ID=35264 TCP DPT=8080 WINDOW=10215 SYN Unauthorised access (Sep 27) SRC=218.41.188.136 LEN=40 TTL=53 ID=38547 TCP DPT=8080 WINDOW=10215 SYN Unauthorised access (Sep 26) SRC=218.41.188.136 LEN=40 TTL=53 ID=33227 TCP DPT=8080 WINDOW=10215 SYN Unauthorised access (Sep 25) SRC=218.41.188.136 LEN=40 TTL=53 ID=35139 TCP DPT=8080 WINDOW=10215 SYN	2019-09-27 18:11:45

Recently Reported IPs

49.234.179.127	170.94.53.11	96.138.64.159	74.21.138.211
220.58.94.42	149.24.71.8	147.235.142.75	192.87.9.31
106.110.147.74	114.109.95.232	14.52.76.104	140.207.112.196
60.50.125.157	51.75.121.21	222.223.188.246	8.106.144.111
49.81.93.12	173.126.255.99	110.146.194.63	119.51.82.102