79.58.50.145 - IPInfo

Basic Info

City: Padova

Region: Veneto

Country: Italy

Internet Service Provider: Telecom Italia S.p.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2019-10-21T14:22:18.994257suse-nuc sshd[9583]: Invalid user www from 79.58.50.145 port 59031 ...	2020-02-18 06:24:54
attackbotsspam	sshd jail - ssh hack attempt	2020-01-03 21:20:10
attackspambots	Dec 18 14:38:09 thevastnessof sshd[18277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.58.50.145 ...	2019-12-18 22:50:00
attackspam	SSH Brute Force, server-1 sshd[6082]: Failed password for invalid user admin from 79.58.50.145 port 39885 ssh2	2019-12-07 08:13:24
attackbots	2019-10-26T03:28:26.858028enmeeting.mahidol.ac.th sshd\[15376\]: Invalid user nagios from 79.58.50.145 port 41872 2019-10-26T03:28:26.871598enmeeting.mahidol.ac.th sshd\[15376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host145-50-static.58-79-b.business.telecomitalia.it 2019-10-26T03:28:29.298895enmeeting.mahidol.ac.th sshd\[15376\]: Failed password for invalid user nagios from 79.58.50.145 port 41872 ssh2 ...	2019-10-26 05:28:26
attack	Invalid user user from 79.58.50.145 port 59456	2019-10-25 03:00:53
attackbots	2019-10-08T20:52:53.615193abusebot-5.cloudsearch.cf sshd\[9047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host145-50-static.58-79-b.business.telecomitalia.it user=root	2019-10-09 05:31:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 79.58.50.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;79.58.50.145.			IN	A

;; AUTHORITY SECTION:
.			312	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100801 1800 900 604800 86400

;; Query time: 129 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 09 03:57:11 CST 2019
;; MSG SIZE  rcvd: 116

Host info

145.50.58.79.in-addr.arpa domain name pointer host145-50-static.58-79-b.business.telecomitalia.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
145.50.58.79.in-addr.arpa	name = host-79-58-50-145.business.telecomitalia.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.78	attack	Sep 24 08:28:44 debian sshd[6157]: Unable to negotiate with 49.88.112.78 port 54163: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Sep 24 09:42:11 debian sshd[11823]: Unable to negotiate with 49.88.112.78 port 27040: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ...	2019-09-24 21:50:25
51.68.126.243	attackbotsspam	Sep 24 14:41:57 SilenceServices sshd[5148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.126.243 Sep 24 14:41:59 SilenceServices sshd[5148]: Failed password for invalid user h from 51.68.126.243 port 47938 ssh2 Sep 24 14:46:11 SilenceServices sshd[6361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.126.243	2019-09-24 21:29:37
103.26.99.143	attack	Sep 24 14:46:11 ArkNodeAT sshd\[30869\]: Invalid user temp from 103.26.99.143 Sep 24 14:46:11 ArkNodeAT sshd\[30869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.99.143 Sep 24 14:46:13 ArkNodeAT sshd\[30869\]: Failed password for invalid user temp from 103.26.99.143 port 44738 ssh2	2019-09-24 21:27:54
195.159.103.189	attack	Sep 24 03:27:17 web1 sshd\[9116\]: Invalid user craig from 195.159.103.189 Sep 24 03:27:17 web1 sshd\[9116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.159.103.189 Sep 24 03:27:20 web1 sshd\[9116\]: Failed password for invalid user craig from 195.159.103.189 port 60790 ssh2 Sep 24 03:32:45 web1 sshd\[9657\]: Invalid user ky from 195.159.103.189 Sep 24 03:32:45 web1 sshd\[9657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.159.103.189	2019-09-24 21:34:05
91.121.110.97	attack	Sep 24 15:50:41 core sshd[15814]: Invalid user md from 91.121.110.97 port 40412 Sep 24 15:50:43 core sshd[15814]: Failed password for invalid user md from 91.121.110.97 port 40412 ssh2 ...	2019-09-24 21:56:29
197.53.248.6	attackspambots	DATE:2019-09-24 14:36:52, IP:197.53.248.6, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-09-24 21:24:39
167.71.215.72	attackspam	Sep 24 13:46:43 web8 sshd\[27477\]: Invalid user ubnt from 167.71.215.72 Sep 24 13:46:43 web8 sshd\[27477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72 Sep 24 13:46:46 web8 sshd\[27477\]: Failed password for invalid user ubnt from 167.71.215.72 port 15540 ssh2 Sep 24 13:50:57 web8 sshd\[29547\]: Invalid user vw from 167.71.215.72 Sep 24 13:50:57 web8 sshd\[29547\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.215.72	2019-09-24 22:06:05
138.197.93.133	attackbotsspam	Sep 24 15:27:36 microserver sshd[46470]: Invalid user sacre from 138.197.93.133 port 57202 Sep 24 15:27:36 microserver sshd[46470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.93.133 Sep 24 15:27:38 microserver sshd[46470]: Failed password for invalid user sacre from 138.197.93.133 port 57202 ssh2 Sep 24 15:30:58 microserver sshd[47067]: Invalid user pvp from 138.197.93.133 port 41920 Sep 24 15:30:58 microserver sshd[47067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.93.133 Sep 24 15:41:27 microserver sshd[48459]: Invalid user rszhu from 138.197.93.133 port 52534 Sep 24 15:41:27 microserver sshd[48459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.93.133 Sep 24 15:41:29 microserver sshd[48459]: Failed password for invalid user rszhu from 138.197.93.133 port 52534 ssh2 Sep 24 15:44:59 microserver sshd[48647]: Invalid user temp from 138.197.93.133 port 37250	2019-09-24 21:56:50
148.72.207.248	attack	Sep 24 15:42:06 vps01 sshd[23004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.207.248 Sep 24 15:42:09 vps01 sshd[23004]: Failed password for invalid user sit from 148.72.207.248 port 53380 ssh2	2019-09-24 21:53:50
73.90.129.233	attackspambots	Sep 23 03:01:30 saengerschafter sshd[25025]: Invalid user bmuuser from 73.90.129.233 Sep 23 03:01:30 saengerschafter sshd[25025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-73-90-129-233.hsd1.ca.comcast.net Sep 23 03:01:32 saengerschafter sshd[25025]: Failed password for invalid user bmuuser from 73.90.129.233 port 53826 ssh2 Sep 23 03:01:32 saengerschafter sshd[25025]: Received disconnect from 73.90.129.233: 11: Bye Bye [preauth] Sep 23 03:08:46 saengerschafter sshd[25845]: Invalid user ax400 from 73.90.129.233 Sep 23 03:08:46 saengerschafter sshd[25845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-73-90-129-233.hsd1.ca.comcast.net Sep 23 03:08:48 saengerschafter sshd[25845]: Failed password for invalid user ax400 from 73.90.129.233 port 52428 ssh2 Sep 23 03:08:48 saengerschafter sshd[25845]: Received disconnect from 73.90.129.233: 11: Bye Bye [preauth] Sep 23 03:13:44 saenge........ -------------------------------	2019-09-24 22:07:53
41.89.94.30	attackbotsspam	Forbidden directory scan :: 2019/09/24 22:45:34 [error] 1103#1103: *179015 access forbidden by rule, client: 41.89.94.30, server: [censored_4], request: "GET /[censored_4]_mssql.sql HTTP/1.1", host: "[censored_4]", referrer: "http://[censored_4]/[censored_4]_mssql.sql"	2019-09-24 21:58:29
129.213.122.26	attackbotsspam	Lines containing failures of 129.213.122.26 Sep 24 05:03:04 install sshd[31490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.122.26 user=backup Sep 24 05:03:06 install sshd[31490]: Failed password for backup from 129.213.122.26 port 56294 ssh2 Sep 24 05:03:06 install sshd[31490]: Received disconnect from 129.213.122.26 port 56294:11: Bye Bye [preauth] Sep 24 05:03:06 install sshd[31490]: Disconnected from authenticating user backup 129.213.122.26 port 56294 [preauth] Sep 24 05:31:10 install sshd[4101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.122.26 user=admin Sep 24 05:31:11 install sshd[4101]: Failed password for admin from 129.213.122.26 port 52886 ssh2 Sep 24 05:31:11 install sshd[4101]: Received disconnect from 129.213.122.26 port 52886:11: Bye Bye [preauth] Sep 24 05:31:11 install sshd[4101]: Disconnected from authenticating user admin 129.213.122.26 port 52........ ------------------------------	2019-09-24 21:51:44
162.247.74.216	attackspam	2019-09-24T12:41:35.620298abusebot.cloudsearch.cf sshd\[4378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=phoolandevi.tor-exit.calyxinstitute.org user=root	2019-09-24 21:32:07
106.12.109.188	attack	2019-09-24T15:48:12.003989 sshd[14901]: Invalid user ftpimmo from 106.12.109.188 port 59244 2019-09-24T15:48:12.017411 sshd[14901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.109.188 2019-09-24T15:48:12.003989 sshd[14901]: Invalid user ftpimmo from 106.12.109.188 port 59244 2019-09-24T15:48:13.537205 sshd[14901]: Failed password for invalid user ftpimmo from 106.12.109.188 port 59244 ssh2 2019-09-24T15:51:46.823344 sshd[14947]: Invalid user agenda from 106.12.109.188 port 56746 ...	2019-09-24 22:02:32
115.236.190.75	attack	2019-09-24T15:01:25.062664beta postfix/smtpd[26261]: warning: unknown[115.236.190.75]: SASL LOGIN authentication failed: authentication failure 2019-09-24T15:01:29.528116beta postfix/smtpd[26261]: warning: unknown[115.236.190.75]: SASL LOGIN authentication failed: authentication failure 2019-09-24T15:01:35.342352beta postfix/smtpd[26261]: warning: unknown[115.236.190.75]: SASL LOGIN authentication failed: authentication failure ...	2019-09-24 22:07:23

Recently Reported IPs

126.40.53.213	114.27.180.240	66.162.102.32	153.221.71.174
82.238.218.48	220.134.4.102	222.82.221.123	68.231.11.216
59.87.184.188	203.94.66.113	70.192.247.22	45.50.33.246
1.196.213.83	201.49.157.156	46.197.125.102	47.115.105.15
24.57.70.63	116.193.187.135	119.24.123.175	155.68.51.15