80.213.237.44 - IPInfo

Basic Info

City: Bergen

Region: Vestland

Country: Norway

Internet Service Provider: Telenor

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.213.237.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44862
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.213.237.44.			IN	A

;; AUTHORITY SECTION:
.			190	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020112900 1800 900 604800 86400

;; Query time: 75 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 29 21:41:23 CST 2020
;; MSG SIZE  rcvd: 117

Host info

44.237.213.80.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
44.237.213.80.in-addr.arpa	name = ti0003a400-0552.bb.online.no.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
150.95.112.137	attack	150.95.112.137 - - [04/Jul/2019:15:12:42 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.112.137 - - [04/Jul/2019:15:12:43 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.112.137 - - [04/Jul/2019:15:12:43 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.112.137 - - [04/Jul/2019:15:12:45 +0200] "POST /wp-login.php HTTP/1.1" 200 1631 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.112.137 - - [04/Jul/2019:15:12:46 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.112.137 - - [04/Jul/2019:15:12:47 +0200] "POST /wp-login.php HTTP/1.1" 200 1630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-05 00:23:19
178.128.125.61	attackbots	Jul 4 13:13:09 unicornsoft sshd\[8175\]: Invalid user qin from 178.128.125.61 Jul 4 13:13:09 unicornsoft sshd\[8175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.125.61 Jul 4 13:13:11 unicornsoft sshd\[8175\]: Failed password for invalid user qin from 178.128.125.61 port 33616 ssh2	2019-07-05 00:07:40
189.7.121.28	attackspambots	Jul 4 15:17:28 Proxmox sshd\[28351\]: Invalid user git from 189.7.121.28 port 43058 Jul 4 15:17:28 Proxmox sshd\[28351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.121.28 Jul 4 15:17:30 Proxmox sshd\[28351\]: Failed password for invalid user git from 189.7.121.28 port 43058 ssh2 Jul 4 15:20:44 Proxmox sshd\[31347\]: Invalid user huan from 189.7.121.28 port 56552 Jul 4 15:20:44 Proxmox sshd\[31347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.121.28 Jul 4 15:20:46 Proxmox sshd\[31347\]: Failed password for invalid user huan from 189.7.121.28 port 56552 ssh2	2019-07-04 23:52:19
136.232.28.134	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 11:58:00,564 INFO [shellcode_manager] (136.232.28.134) no match, writing hexdump (9ee5ecb979b73304e0cb4b76d64a0e19 :1866353) - SMB (Unknown)	2019-07-04 23:58:19
88.99.145.83	attackbots	Only those who intend to destroy a site makes "all day" attempts like this below, so if this ip appears on your website block immediately 88.99.0.0/16 is high risk: 88.99.145.83/04/07/2019 02:12/error 403/GET/HTTP/1.1/9/	2019-07-05 00:06:28
201.238.172.126	attack	Jul 4 15:13:53 bouncer sshd\[8226\]: Invalid user jeanne from 201.238.172.126 port 43677 Jul 4 15:13:54 bouncer sshd\[8226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.238.172.126 Jul 4 15:13:55 bouncer sshd\[8226\]: Failed password for invalid user jeanne from 201.238.172.126 port 43677 ssh2 ...	2019-07-04 23:36:18
71.237.171.150	attackbotsspam	Invalid user mario from 71.237.171.150 port 60428 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.237.171.150 Failed password for invalid user mario from 71.237.171.150 port 60428 ssh2 Invalid user ciserve from 71.237.171.150 port 60908 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.237.171.150	2019-07-04 23:58:57
104.46.42.143	attackbotsspam	Malicious/Probing: /wp-includes/wlwmanifest.xml	2019-07-04 23:40:20
203.142.69.226	attackbotsspam	445/tcp 445/tcp [2019-05-13/07-04]2pkt	2019-07-05 00:19:51
129.211.121.113	attack	Jul 4 15:11:08 www sshd[20289]: refused connect from 129.211.121.113 (129.211.121.113) - 3 ssh attempts	2019-07-04 23:32:54
34.229.63.67	attackbots	Jul 4 13:13:37 TCP Attack: SRC=34.229.63.67 DST=[Masked] LEN=250 TOS=0x00 PREC=0x00 TTL=235 DF PROTO=TCP SPT=59974 DPT=80 WINDOW=913 RES=0x00 ACK PSH URGP=0	2019-07-04 23:45:47
178.128.246.54	attackbots	[ssh] SSH attack	2019-07-04 23:25:03
45.79.106.170	attackbots	Port scan: Attack repeated for 24 hours	2019-07-05 00:18:05
217.218.225.36	attackspam	Jul 4 15:49:48 mail sshd\[9389\]: Invalid user nagios from 217.218.225.36 port 35538 Jul 4 15:49:48 mail sshd\[9389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.218.225.36 ...	2019-07-04 23:22:53
66.96.228.198	attack	[Thu Jul 04 20:14:16.142856 2019] [:error] [pid 497:tid 139845410223872] [client 66.96.228.198:38621] [client 66.96.228.198] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XR37qKTMPMkEeDp-x6LfSwAAAAc"] ...	2019-07-04 23:27:51

Recently Reported IPs

92.114.131.13	54.160.216.73	179.113.60.212	189.40.72.251
209.85.219.176	160.163.202.238	181.152.236.133	181.138.212.43
188.126.89.123	119.110.226.21	151.101.4.223	200.185.193.184
200.185.193.169	185.139.136.224	216.222.175.11	59.126.22.8
181.199.52.16	209.85.203.156	74.103.252.8	95.234.191.154