82.50.134.235 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Telecom Italia S.p.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 3 06:58:42 debian kernel: [59287.069108] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=82.50.134.235 DST=89.252.131.35 LEN=44 TOS=0x00 PREC=0x00 TTL=236 ID=19739 DF PROTO=TCP SPT=62596 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0	2020-06-03 12:41:13

Type

Details

Datetime

attack

Jun  3 06:58:42 debian kernel: [59287.069108] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=82.50.134.235 DST=89.252.131.35 LEN=44 TOS=0x00 PREC=0x00 TTL=236 ID=19739 DF PROTO=TCP SPT=62596 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0

2020-06-03 12:41:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 82.50.134.235
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54396
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;82.50.134.235.			IN	A

;; AUTHORITY SECTION:
.			571	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060202 1800 900 604800 86400

;; Query time: 154 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 03 12:41:09 CST 2020
;; MSG SIZE  rcvd: 117

Host info

235.134.50.82.in-addr.arpa domain name pointer host235-134-dynamic.50-82-r.retail.telecomitalia.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
235.134.50.82.in-addr.arpa	name = host235-134-dynamic.50-82-r.retail.telecomitalia.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.149.40.45	attackspam	2019-09-17T01:50:19.944582centos sshd\[10566\]: Invalid user alex from 185.149.40.45 port 36564 2019-09-17T01:50:19.951212centos sshd\[10566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d340.default-host.net 2019-09-17T01:50:22.096215centos sshd\[10566\]: Failed password for invalid user alex from 185.149.40.45 port 36564 ssh2	2019-09-17 08:40:52
207.154.209.159	attack	Sep 16 21:15:15 localhost sshd\[23890\]: Invalid user m from 207.154.209.159 port 33640 Sep 16 21:15:15 localhost sshd\[23890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.209.159 Sep 16 21:15:17 localhost sshd\[23890\]: Failed password for invalid user m from 207.154.209.159 port 33640 ssh2	2019-09-17 09:05:18
176.31.250.160	attackbots	Sep 16 05:16:31 XXX sshd[32710]: Invalid user friends from 176.31.250.160 port 45268	2019-09-17 08:55:57
168.126.85.225	attack	Invalid user bandit from 168.126.85.225 port 51418	2019-09-17 09:22:48
59.92.180.205	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 17:19:46,929 INFO [amun_request_handler] PortScan Detected on Port: 445 (59.92.180.205)	2019-09-17 08:54:54
179.33.137.117	attackbots	Sep 17 03:37:16 itv-usvr-01 sshd[7981]: Invalid user luciano from 179.33.137.117 Sep 17 03:37:16 itv-usvr-01 sshd[7981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.33.137.117 Sep 17 03:37:16 itv-usvr-01 sshd[7981]: Invalid user luciano from 179.33.137.117 Sep 17 03:37:18 itv-usvr-01 sshd[7981]: Failed password for invalid user luciano from 179.33.137.117 port 53858 ssh2 Sep 17 03:45:23 itv-usvr-01 sshd[8951]: Invalid user test001 from 179.33.137.117	2019-09-17 08:53:37
14.225.3.37	attackbots	Unauthorised access (Sep 17) SRC=14.225.3.37 LEN=40 TTL=54 ID=42904 TCP DPT=23 WINDOW=31561 SYN Unauthorised access (Sep 16) SRC=14.225.3.37 LEN=40 TTL=54 ID=42904 TCP DPT=23 WINDOW=31561 SYN Unauthorised access (Sep 16) SRC=14.225.3.37 LEN=40 TTL=54 ID=42904 TCP DPT=23 WINDOW=31561 SYN Unauthorised access (Sep 15) SRC=14.225.3.37 LEN=40 PREC=0x20 TTL=54 ID=61331 TCP DPT=23 WINDOW=8161 SYN	2019-09-17 09:09:12
14.161.37.94	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 17:15:53,849 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.161.37.94)	2019-09-17 09:15:30
115.248.68.169	attackspam	Sep 17 03:55:45 server sshd\[18520\]: Invalid user mill from 115.248.68.169 port 23551 Sep 17 03:55:45 server sshd\[18520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.248.68.169 Sep 17 03:55:47 server sshd\[18520\]: Failed password for invalid user mill from 115.248.68.169 port 23551 ssh2 Sep 17 04:01:20 server sshd\[7259\]: Invalid user kong from 115.248.68.169 port 44035 Sep 17 04:01:20 server sshd\[7259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.248.68.169	2019-09-17 09:19:38
139.99.144.191	attackbotsspam	Sep 16 22:23:04 icinga sshd[26550]: Failed password for nagios from 139.99.144.191 port 56080 ssh2 Sep 16 22:35:07 icinga sshd[34706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191 Sep 16 22:35:10 icinga sshd[34706]: Failed password for invalid user client from 139.99.144.191 port 50212 ssh2 ...	2019-09-17 09:23:10
188.166.34.129	attackbotsspam	Sep 16 23:23:08 OPSO sshd\[13552\]: Invalid user test from 188.166.34.129 port 57880 Sep 16 23:23:08 OPSO sshd\[13552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.34.129 Sep 16 23:23:10 OPSO sshd\[13552\]: Failed password for invalid user test from 188.166.34.129 port 57880 ssh2 Sep 16 23:27:34 OPSO sshd\[14381\]: Invalid user ubnt from 188.166.34.129 port 48842 Sep 16 23:27:34 OPSO sshd\[14381\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.34.129	2019-09-17 09:05:47
200.35.109.132	attackspambots	Attempt To attack host OS, exploiting network vulnerabilities, on 16-09-2019 22:13:47.	2019-09-17 09:13:04
183.157.174.216	attack	SSHScan	2019-09-17 08:59:09
140.143.15.169	attack	Sep 16 21:13:43 localhost sshd\[23668\]: Invalid user ftpuser from 140.143.15.169 port 60834 Sep 16 21:13:44 localhost sshd\[23668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.15.169 Sep 16 21:13:46 localhost sshd\[23668\]: Failed password for invalid user ftpuser from 140.143.15.169 port 60834 ssh2	2019-09-17 09:27:09
156.220.215.83	attack	Unauthorised access (Sep 16) SRC=156.220.215.83 LEN=40 TTL=52 ID=50507 TCP DPT=23 WINDOW=48905 SYN	2019-09-17 09:17:32

Recently Reported IPs

106.162.5.195	191.191.137.221	39.175.136.228	128.225.202.96
175.6.36.97	235.143.57.199	217.179.36.5	147.147.196.168
166.80.105.239	20.43.59.229	123.30.23.181	113.174.246.42
113.186.183.153	49.68.145.203	113.23.29.127	87.246.7.107
39.152.34.50	124.112.205.8	163.53.204.86	125.73.58.49