Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Grafica Veneta SpA

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:
Type Details Datetime
attack
Unauthorized connection attempt detected from IP address 85.42.97.72 to port 445
2020-05-30 03:06:45
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.42.97.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2284
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.42.97.72.			IN	A

;; AUTHORITY SECTION:
.			575	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052901 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 30 03:06:41 CST 2020
;; MSG SIZE  rcvd: 115
Host info
72.97.42.85.in-addr.arpa domain name pointer host72-97-static.42-85-b.business.telecomitalia.it.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.97.42.85.in-addr.arpa	name = host72-97-static.42-85-b.business.telecomitalia.it.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
206.189.157.183 attackbotsspam
206.189.157.183 - - [05/Apr/2020:19:24:06 +0300] "POST /wp-login.php HTTP/1.1" 200 2514 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-04-06 04:50:47
124.156.245.162 attack
32769/udp 19888/tcp 2055/tcp...
[2020-03-09/04-05]8pkt,7pt.(tcp),1pt.(udp)
2020-04-06 04:52:33
176.26.22.94 attack
Honeypot Attack, Port 23
2020-04-06 04:53:13
196.52.84.20 attack
196.52.84.20
2020-04-06 04:38:49
119.29.141.207 attackbots
SSH bruteforce
2020-04-06 04:53:40
117.50.62.33 attackspambots
Apr  5 15:11:34 host sshd[8096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.62.33  user=root
Apr  5 15:11:36 host sshd[8096]: Failed password for root from 117.50.62.33 port 57002 ssh2
...
2020-04-06 04:43:55
115.238.228.149 attack
Attempted connection to port 22.
2020-04-06 05:05:10
123.30.188.213 attackspam
1433/tcp 445/tcp...
[2020-02-24/04-05]4pkt,2pt.(tcp)
2020-04-06 04:42:23
218.232.135.95 attack
Apr  5 17:17:25 ns382633 sshd\[2388\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.232.135.95  user=root
Apr  5 17:17:27 ns382633 sshd\[2388\]: Failed password for root from 218.232.135.95 port 36106 ssh2
Apr  5 17:32:33 ns382633 sshd\[5360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.232.135.95  user=root
Apr  5 17:32:35 ns382633 sshd\[5360\]: Failed password for root from 218.232.135.95 port 48044 ssh2
Apr  5 17:37:39 ns382633 sshd\[6279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.232.135.95  user=root
2020-04-06 04:36:45
210.83.70.66 attackbotsspam
1433/tcp 1433/tcp 1433/tcp
[2020-02-06/04-05]3pkt
2020-04-06 04:35:06
113.70.134.187 attackspambots
1433/tcp
[2020-04-05]1pkt
2020-04-06 05:05:57
217.15.185.122 attackspambots
Apr  6 03:38:38 itv-usvr-01 sshd[26317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.15.185.122  user=root
Apr  6 03:38:40 itv-usvr-01 sshd[26317]: Failed password for root from 217.15.185.122 port 51054 ssh2
Apr  6 03:43:27 itv-usvr-01 sshd[26674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.15.185.122  user=root
Apr  6 03:43:29 itv-usvr-01 sshd[26674]: Failed password for root from 217.15.185.122 port 56682 ssh2
Apr  6 03:48:06 itv-usvr-01 sshd[27371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.15.185.122  user=root
Apr  6 03:48:09 itv-usvr-01 sshd[27371]: Failed password for root from 217.15.185.122 port 34076 ssh2
2020-04-06 04:52:06
177.17.189.255 attackspam
445/tcp 445/tcp
[2020-04-05]2pkt
2020-04-06 05:04:26
193.34.55.142 attack
Apr  3 10:52:22 www sshd[16851]: Address 193.34.55.142 maps to pf142.quarto.pl, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr  3 10:52:22 www sshd[16851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.34.55.142  user=r.r
Apr  3 10:52:25 www sshd[16851]: Failed password for r.r from 193.34.55.142 port 52360 ssh2
Apr  3 10:56:53 www sshd[17899]: Address 193.34.55.142 maps to pf142.quarto.pl, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr  3 10:56:53 www sshd[17899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.34.55.142  user=r.r
Apr  3 10:56:55 www sshd[17899]: Failed password for r.r from 193.34.55.142 port 55362 ssh2
Apr  3 10:58:33 www sshd[18203]: Address 193.34.55.142 maps to pf142.quarto.pl, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Apr  3 10:58:33 www sshd[18203]: pam_unix(sshd:auth): aut........
-------------------------------
2020-04-06 05:04:01
171.248.126.172 attack
9530/tcp 9530/tcp
[2020-04-03]2pkt
2020-04-06 05:00:26

Recently Reported IPs

34.228.245.23 34.68.161.181 31.163.182.188 14.246.87.20
14.157.54.10 2.136.182.204 219.134.153.84 221.213.75.66
220.142.48.233 219.143.174.201 217.23.205.170 211.224.115.99
201.142.211.80 201.74.36.33 200.107.218.94 193.142.146.19
191.183.136.148 189.212.226.66 188.255.246.185 187.149.112.71