85.42.97.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Grafica Veneta SpA

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 85.42.97.72 to port 445	2020-05-30 03:06:45

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.42.97.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2284
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.42.97.72.			IN	A

;; AUTHORITY SECTION:
.			575	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052901 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 30 03:06:41 CST 2020
;; MSG SIZE  rcvd: 115

Host info

72.97.42.85.in-addr.arpa domain name pointer host72-97-static.42-85-b.business.telecomitalia.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.97.42.85.in-addr.arpa	name = host72-97-static.42-85-b.business.telecomitalia.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.248.167.131	attackbotsspam	Automatic report - Banned IP Access	2019-09-30 18:59:11
37.49.230.31	attack	[portscan] udp/123 [NTP] *(RWIN=-)(09300929)	2019-09-30 19:04:26
216.218.206.66	attackbotsspam	firewall-block, port(s): 500/udp	2019-09-30 19:38:20
113.187.70.197	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 30-09-2019 04:50:12.	2019-09-30 19:31:03
181.49.117.166	attackspambots	Sep 30 01:42:37 TORMINT sshd\[5121\]: Invalid user produccion from 181.49.117.166 Sep 30 01:42:37 TORMINT sshd\[5121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.117.166 Sep 30 01:42:39 TORMINT sshd\[5121\]: Failed password for invalid user produccion from 181.49.117.166 port 57424 ssh2 ...	2019-09-30 19:02:35
106.12.83.164	attackbots	Sep 30 05:34:56 xb3 sshd[16551]: Failed password for invalid user aarthun from 106.12.83.164 port 54156 ssh2 Sep 30 05:34:57 xb3 sshd[16551]: Received disconnect from 106.12.83.164: 11: Bye Bye [preauth] Sep 30 05:42:49 xb3 sshd[11002]: Failed password for invalid user fps from 106.12.83.164 port 50220 ssh2 Sep 30 05:42:49 xb3 sshd[11002]: Received disconnect from 106.12.83.164: 11: Bye Bye [preauth] Sep 30 05:46:52 xb3 sshd[9006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.83.164 user=sys Sep 30 05:46:54 xb3 sshd[9006]: Failed password for sys from 106.12.83.164 port 55332 ssh2 Sep 30 05:46:54 xb3 sshd[9006]: Received disconnect from 106.12.83.164: 11: Bye Bye [preauth] Sep 30 05:51:01 xb3 sshd[7128]: Failed password for invalid user user from 106.12.83.164 port 60450 ssh2 Sep 30 05:51:01 xb3 sshd[7128]: Received disconnect from 106.12.83.164: 11: Bye Bye [preauth] Sep 30 05:55:12 xb3 sshd[28118]: Failed password for........ -------------------------------	2019-09-30 19:15:14
106.12.85.12	attack	Automatic report - Banned IP Access	2019-09-30 19:17:03
84.54.158.75	attackspam	WordPress wp-login brute force :: 84.54.158.75 0.116 BYPASS [30/Sep/2019:16:24:24 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-30 18:53:19
77.247.110.202	attackbots	\[2019-09-30 06:46:35\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '77.247.110.202:56671' - Wrong password \[2019-09-30 06:46:35\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-30T06:46:35.534-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8094",SessionID="0x7f1e1c927c78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.202/56671",Challenge="0e745bde",ReceivedChallenge="0e745bde",ReceivedHash="7095ebcf80ea96d8d4556258d1110883" \[2019-09-30 06:46:35\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '77.247.110.202:56665' - Wrong password \[2019-09-30 06:46:35\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-30T06:46:35.535-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8094",SessionID="0x7f1e1ce10a68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.202/56665",	2019-09-30 18:56:17
155.94.254.64	attackspambots	Sep 30 08:07:01 vtv3 sshd\[11044\]: Invalid user love from 155.94.254.64 port 34150 Sep 30 08:07:01 vtv3 sshd\[11044\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.254.64 Sep 30 08:07:03 vtv3 sshd\[11044\]: Failed password for invalid user love from 155.94.254.64 port 34150 ssh2 Sep 30 08:10:36 vtv3 sshd\[12859\]: Invalid user andreea from 155.94.254.64 port 46822 Sep 30 08:10:36 vtv3 sshd\[12859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.254.64 Sep 30 08:22:00 vtv3 sshd\[18376\]: Invalid user hydra from 155.94.254.64 port 56600 Sep 30 08:22:00 vtv3 sshd\[18376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.254.64 Sep 30 08:22:02 vtv3 sshd\[18376\]: Failed password for invalid user hydra from 155.94.254.64 port 56600 ssh2 Sep 30 08:25:53 vtv3 sshd\[20403\]: Invalid user aloko from 155.94.254.64 port 41038 Sep 30 08:25:53 vtv3 sshd\[20403\]: pam_u	2019-09-30 19:23:52
223.25.62.220	attackbotsspam	C1,WP GET /nelson/wp-login.php	2019-09-30 19:10:41
106.12.78.199	attack	Sep 30 11:25:48 [munged] sshd[19813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.199	2019-09-30 19:02:52
187.188.251.219	attackspam	Sep 30 06:50:50 bouncer sshd\[17586\]: Invalid user test from 187.188.251.219 port 59198 Sep 30 06:50:50 bouncer sshd\[17586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.251.219 Sep 30 06:50:52 bouncer sshd\[17586\]: Failed password for invalid user test from 187.188.251.219 port 59198 ssh2 ...	2019-09-30 19:36:41
82.232.32.214	attackbotsspam	Total attacks: 2	2019-09-30 19:06:55
148.72.75.43	attackbotsspam	SQL Injection attack	2019-09-30 18:55:29

Recently Reported IPs

34.228.245.23	34.68.161.181	31.163.182.188	14.246.87.20
14.157.54.10	2.136.182.204	219.134.153.84	221.213.75.66
220.142.48.233	219.143.174.201	217.23.205.170	211.224.115.99
201.142.211.80	201.74.36.33	200.107.218.94	193.142.146.19
191.183.136.148	189.212.226.66	188.255.246.185	187.149.112.71