82.220.2.159 - IPInfo

Basic Info

City: Basel

Region: Basel-City

Country: Switzerland

Internet Service Provider: BSE Software GmbH

Hostname: unknown

Organization: BSE Software GmbH

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: ds1789744.dedicated.solnet.ch.	2020-01-15 14:24:29
attackspam	SMB Server BruteForce Attack	2019-09-11 09:55:22
attackspambots	445/tcp 445/tcp 445/tcp... [2019-06-02/07-19]5pkt,1pt.(tcp)	2019-07-19 22:40:50
attackbots	445/tcp 445/tcp 445/tcp... [2019-05-04/07-04]7pkt,1pt.(tcp)	2019-07-04 16:12:17
attack	SMB Server BruteForce Attack	2019-07-03 22:00:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 82.220.2.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55443
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;82.220.2.159.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 00:57:38 +08 2019
;; MSG SIZE  rcvd: 116

Host info

159.2.220.82.in-addr.arpa domain name pointer ds1789744.dedicated.solnet.ch.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
159.2.220.82.in-addr.arpa	name = ds1789744.dedicated.solnet.ch.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.152.203.187	attackbotsspam	$f2bV_matches	2020-04-11 03:22:42
189.36.207.142	attackspambots	20/4/10@08:05:20: FAIL: Alarm-Network address from=189.36.207.142 ...	2020-04-11 02:41:37
195.231.3.181	attackspambots	Apr 10 20:13:19 mail.srvfarm.net postfix/smtpd[3242882]: warning: unknown[195.231.3.181]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 10 20:13:19 mail.srvfarm.net postfix/smtpd[3242882]: lost connection after AUTH from unknown[195.231.3.181] Apr 10 20:18:15 mail.srvfarm.net postfix/smtpd[3255796]: warning: unknown[195.231.3.181]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 10 20:18:15 mail.srvfarm.net postfix/smtpd[3255796]: lost connection after AUTH from unknown[195.231.3.181] Apr 10 20:18:20 mail.srvfarm.net postfix/smtpd[3257974]: warning: unknown[195.231.3.181]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 10 20:18:20 mail.srvfarm.net postfix/smtpd[3258368]: warning: unknown[195.231.3.181]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-04-11 02:45:45
81.4.100.188	attack	Apr 10 14:30:26 mail sshd\[41803\]: Invalid user PASSW0RD from 81.4.100.188 Apr 10 14:30:26 mail sshd\[41803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.4.100.188 ...	2020-04-11 03:18:59
181.174.81.244	attackbotsspam	Apr 10 21:08:47 vps647732 sshd[9017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.174.81.244 Apr 10 21:08:50 vps647732 sshd[9017]: Failed password for invalid user user from 181.174.81.244 port 39366 ssh2 ...	2020-04-11 03:20:41
122.155.174.36	attack	SSH Bruteforce attack	2020-04-11 02:58:39
61.177.172.128	attack	Apr 10 20:55:35 srv-ubuntu-dev3 sshd[50361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.128 user=root Apr 10 20:55:37 srv-ubuntu-dev3 sshd[50361]: Failed password for root from 61.177.172.128 port 62641 ssh2 Apr 10 20:55:41 srv-ubuntu-dev3 sshd[50361]: Failed password for root from 61.177.172.128 port 62641 ssh2 Apr 10 20:55:35 srv-ubuntu-dev3 sshd[50361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.128 user=root Apr 10 20:55:37 srv-ubuntu-dev3 sshd[50361]: Failed password for root from 61.177.172.128 port 62641 ssh2 Apr 10 20:55:41 srv-ubuntu-dev3 sshd[50361]: Failed password for root from 61.177.172.128 port 62641 ssh2 Apr 10 20:55:35 srv-ubuntu-dev3 sshd[50361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.128 user=root Apr 10 20:55:37 srv-ubuntu-dev3 sshd[50361]: Failed password for root from 61.177.172.128 port 6264 ...	2020-04-11 03:15:00
36.67.106.109	attack	Apr 10 19:47:42 prod4 sshd\[22989\]: Invalid user admin from 36.67.106.109 Apr 10 19:47:44 prod4 sshd\[22989\]: Failed password for invalid user admin from 36.67.106.109 port 57169 ssh2 Apr 10 19:51:40 prod4 sshd\[23934\]: Invalid user osneider from 36.67.106.109 ...	2020-04-11 02:55:38
185.153.196.80	attack	04/10/2020-13:28:09.841319 185.153.196.80 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-11 03:13:11
80.82.77.234	attackspambots	Fail2Ban Ban Triggered	2020-04-11 02:56:30
139.59.18.197	attack	Apr 10 20:45:04 ns381471 sshd[6746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.18.197 Apr 10 20:45:06 ns381471 sshd[6746]: Failed password for invalid user postgresql from 139.59.18.197 port 46798 ssh2	2020-04-11 03:15:53
218.251.112.129	attackbots	IP blocked	2020-04-11 03:03:30
191.241.32.23	attack	Apr 10 13:56:57 web01.agentur-b-2.de postfix/smtpd[571083]: NOQUEUE: reject: RCPT from unknown[191.241.32.23]: 554 5.7.1 Service unavailable; Client host [191.241.32.23] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/191.241.32.23 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 10 13:57:04 web01.agentur-b-2.de postfix/smtpd[571083]: NOQUEUE: reject: RCPT from unknown[191.241.32.23]: 554 5.7.1 Service unavailable; Client host [191.241.32.23] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/191.241.32.23 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 10 13:57:05 web01.agentur-b-2.de postfix/smtpd[571083]: NOQUEUE: reject: RCPT from unknown[191.241.32.23]: 554 5.7.1 Service unavailable; Client host [191.241.3	2020-04-11 02:46:16
31.182.12.3	attackspambots	Apr 10 13:54:29 web01.agentur-b-2.de postfix/smtpd[571083]: NOQUEUE: reject: RCPT from staticline-31-182-12-3.toya.net.pl[31.182.12.3]: 554 5.7.1 Service unavailable; Client host [31.182.12.3] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/31.182.12.3 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 10 13:54:29 web01.agentur-b-2.de postfix/smtpd[571083]: NOQUEUE: reject: RCPT from staticline-31-182-12-3.toya.net.pl[31.182.12.3]: 554 5.7.1 Service unavailable; Client host [31.182.12.3] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/31.182.12.3 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 10 13:54:29 web01.agentur-b-2.de postfix/smtpd[571083]: NOQUEUE: reject: RCPT from staticline-31-182-12-3.toya.net.pl[31.182.12.3]: 554 5.7.1 Service	2020-04-11 02:54:52
172.81.253.175	attack	Apr 10 14:16:08 scw-6657dc sshd[13468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.253.175 Apr 10 14:16:08 scw-6657dc sshd[13468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.253.175 Apr 10 14:16:11 scw-6657dc sshd[13468]: Failed password for invalid user testftp from 172.81.253.175 port 42880 ssh2 ...	2020-04-11 03:19:38

Recently Reported IPs

151.52.140.227	95.32.168.204	62.234.223.67	175.42.159.80
129.204.3.37	113.161.65.119	1.32.249.142	207.148.9.182
182.245.15.201	78.158.162.86	5.188.86.207	94.25.171.126
192.241.193.219	181.48.14.50	118.70.16.51	60.30.223.16
123.206.214.108	71.19.250.131	123.189.109.255	112.71.25.180