85.42.97.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Grafica Veneta SpA

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 85.42.97.72 to port 445	2020-05-30 03:06:45

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.42.97.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2284
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.42.97.72.			IN	A

;; AUTHORITY SECTION:
.			575	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052901 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 30 03:06:41 CST 2020
;; MSG SIZE  rcvd: 115

Host info

72.97.42.85.in-addr.arpa domain name pointer host72-97-static.42-85-b.business.telecomitalia.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.97.42.85.in-addr.arpa	name = host72-97-static.42-85-b.business.telecomitalia.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
206.189.157.183	attackbotsspam	206.189.157.183 - - [05/Apr/2020:19:24:06 +0300] "POST /wp-login.php HTTP/1.1" 200 2514 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-06 04:50:47
124.156.245.162	attack	32769/udp 19888/tcp 2055/tcp... [2020-03-09/04-05]8pkt,7pt.(tcp),1pt.(udp)	2020-04-06 04:52:33
176.26.22.94	attack	Honeypot Attack, Port 23	2020-04-06 04:53:13
196.52.84.20	attack	196.52.84.20	2020-04-06 04:38:49
119.29.141.207	attackbots	SSH bruteforce	2020-04-06 04:53:40
117.50.62.33	attackspambots	Apr 5 15:11:34 host sshd[8096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.62.33 user=root Apr 5 15:11:36 host sshd[8096]: Failed password for root from 117.50.62.33 port 57002 ssh2 ...	2020-04-06 04:43:55
115.238.228.149	attack	Attempted connection to port 22.	2020-04-06 05:05:10
123.30.188.213	attackspam	1433/tcp 445/tcp... [2020-02-24/04-05]4pkt,2pt.(tcp)	2020-04-06 04:42:23
218.232.135.95	attack	Apr 5 17:17:25 ns382633 sshd\[2388\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.232.135.95 user=root Apr 5 17:17:27 ns382633 sshd\[2388\]: Failed password for root from 218.232.135.95 port 36106 ssh2 Apr 5 17:32:33 ns382633 sshd\[5360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.232.135.95 user=root Apr 5 17:32:35 ns382633 sshd\[5360\]: Failed password for root from 218.232.135.95 port 48044 ssh2 Apr 5 17:37:39 ns382633 sshd\[6279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.232.135.95 user=root	2020-04-06 04:36:45
210.83.70.66	attackbotsspam	1433/tcp 1433/tcp 1433/tcp [2020-02-06/04-05]3pkt	2020-04-06 04:35:06
113.70.134.187	attackspambots	1433/tcp [2020-04-05]1pkt	2020-04-06 05:05:57
217.15.185.122	attackspambots	Apr 6 03:38:38 itv-usvr-01 sshd[26317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.15.185.122 user=root Apr 6 03:38:40 itv-usvr-01 sshd[26317]: Failed password for root from 217.15.185.122 port 51054 ssh2 Apr 6 03:43:27 itv-usvr-01 sshd[26674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.15.185.122 user=root Apr 6 03:43:29 itv-usvr-01 sshd[26674]: Failed password for root from 217.15.185.122 port 56682 ssh2 Apr 6 03:48:06 itv-usvr-01 sshd[27371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.15.185.122 user=root Apr 6 03:48:09 itv-usvr-01 sshd[27371]: Failed password for root from 217.15.185.122 port 34076 ssh2	2020-04-06 04:52:06
177.17.189.255	attackspam	445/tcp 445/tcp [2020-04-05]2pkt	2020-04-06 05:04:26
193.34.55.142	attack	Apr 3 10:52:22 www sshd[16851]: Address 193.34.55.142 maps to pf142.quarto.pl, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Apr 3 10:52:22 www sshd[16851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.34.55.142 user=r.r Apr 3 10:52:25 www sshd[16851]: Failed password for r.r from 193.34.55.142 port 52360 ssh2 Apr 3 10:56:53 www sshd[17899]: Address 193.34.55.142 maps to pf142.quarto.pl, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Apr 3 10:56:53 www sshd[17899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.34.55.142 user=r.r Apr 3 10:56:55 www sshd[17899]: Failed password for r.r from 193.34.55.142 port 55362 ssh2 Apr 3 10:58:33 www sshd[18203]: Address 193.34.55.142 maps to pf142.quarto.pl, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Apr 3 10:58:33 www sshd[18203]: pam_unix(sshd:auth): aut........ -------------------------------	2020-04-06 05:04:01
171.248.126.172	attack	9530/tcp 9530/tcp [2020-04-03]2pkt	2020-04-06 05:00:26

Recently Reported IPs

34.228.245.23	34.68.161.181	31.163.182.188	14.246.87.20
14.157.54.10	2.136.182.204	219.134.153.84	221.213.75.66
220.142.48.233	219.143.174.201	217.23.205.170	211.224.115.99
201.142.211.80	201.74.36.33	200.107.218.94	193.142.146.19
191.183.136.148	189.212.226.66	188.255.246.185	187.149.112.71