80.211.136.164

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Aruba S.p.A. - Cloud Services Farm

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 68 - port: 6192 proto: TCP cat: Misc Attack	2020-04-06 04:47:56
attackspam	Port 940 scan denied	2020-04-02 04:59:30
attackspam	Feb 10 23:11:38 wbs sshd\[1588\]: Invalid user eho from 80.211.136.164 Feb 10 23:11:38 wbs sshd\[1588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.164 Feb 10 23:11:39 wbs sshd\[1588\]: Failed password for invalid user eho from 80.211.136.164 port 52304 ssh2 Feb 10 23:17:40 wbs sshd\[2050\]: Invalid user jop from 80.211.136.164 Feb 10 23:17:40 wbs sshd\[2050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.164	2020-02-11 20:45:58
attack	Feb 8 13:46:41 php1 sshd\[20598\]: Invalid user uwm from 80.211.136.164 Feb 8 13:46:41 php1 sshd\[20598\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.164 Feb 8 13:46:43 php1 sshd\[20598\]: Failed password for invalid user uwm from 80.211.136.164 port 46046 ssh2 Feb 8 13:52:07 php1 sshd\[20986\]: Invalid user ftk from 80.211.136.164 Feb 8 13:52:07 php1 sshd\[20986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.164	2020-02-09 08:07:03
attackspambots	$f2bV_matches	2020-02-06 00:07:32
attack	Jan 15 09:20:16 vps647732 sshd[18958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.164 Jan 15 09:20:18 vps647732 sshd[18958]: Failed password for invalid user glen from 80.211.136.164 port 49716 ssh2 ...	2020-01-15 21:06:59
attackbotsspam	Dec 30 21:14:24 andromeda sshd\[22520\]: Invalid user chriss from 80.211.136.164 port 52664 Dec 30 21:14:24 andromeda sshd\[22520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.164 Dec 30 21:14:26 andromeda sshd\[22520\]: Failed password for invalid user chriss from 80.211.136.164 port 52664 ssh2	2019-12-31 04:31:35
attackbotsspam	5x Failed Password	2019-12-29 21:10:12

Comments on same subnet:

IP	Type	Details	Datetime
80.211.136.132	attackbotsspam	Unauthorized connection attempt detected from IP address 80.211.136.132 to port 80 [J]	2020-01-28 18:04:56
80.211.136.132	attack	ZTE Router Exploit Scanner	2020-01-21 22:35:48
80.211.136.203	attackspam	2019-09-21T03:48:49.621689hub.schaetter.us sshd\[27322\]: Invalid user teamspeak from 80.211.136.203 2019-09-21T03:48:49.658320hub.schaetter.us sshd\[27322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203 2019-09-21T03:48:52.102938hub.schaetter.us sshd\[27322\]: Failed password for invalid user teamspeak from 80.211.136.203 port 49934 ssh2 2019-09-21T03:53:08.490754hub.schaetter.us sshd\[27341\]: Invalid user test1 from 80.211.136.203 2019-09-21T03:53:08.539274hub.schaetter.us sshd\[27341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203 ...	2019-09-21 15:01:37
80.211.136.203	attackspam	Sep 12 21:38:00 hpm sshd\[26627\]: Invalid user ubuntu from 80.211.136.203 Sep 12 21:38:00 hpm sshd\[26627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203 Sep 12 21:38:02 hpm sshd\[26627\]: Failed password for invalid user ubuntu from 80.211.136.203 port 57106 ssh2 Sep 12 21:42:04 hpm sshd\[27076\]: Invalid user sysadmin from 80.211.136.203 Sep 12 21:42:04 hpm sshd\[27076\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203	2019-09-13 18:04:40
80.211.136.203	attackspambots	Sep 12 05:04:22 web9 sshd\[25500\]: Invalid user test from 80.211.136.203 Sep 12 05:04:22 web9 sshd\[25500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203 Sep 12 05:04:24 web9 sshd\[25500\]: Failed password for invalid user test from 80.211.136.203 port 49766 ssh2 Sep 12 05:09:56 web9 sshd\[26647\]: Invalid user steam from 80.211.136.203 Sep 12 05:09:56 web9 sshd\[26647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203	2019-09-12 23:26:18
80.211.136.203	attackbots	Sep 10 12:41:18 auw2 sshd\[12006\]: Invalid user hadoopuser from 80.211.136.203 Sep 10 12:41:18 auw2 sshd\[12006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203 Sep 10 12:41:20 auw2 sshd\[12006\]: Failed password for invalid user hadoopuser from 80.211.136.203 port 47848 ssh2 Sep 10 12:46:33 auw2 sshd\[12506\]: Invalid user csadmin from 80.211.136.203 Sep 10 12:46:33 auw2 sshd\[12506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203	2019-09-11 06:53:59
80.211.136.203	attackbotsspam	Automated report - ssh fail2ban: Aug 30 05:59:41 authentication failure Aug 30 05:59:44 wrong password, user=volvo, port=48356, ssh2 Aug 30 06:03:57 authentication failure	2019-08-30 12:39:55
80.211.136.203	attack	Aug 24 17:02:53 vpn01 sshd\[23947\]: Invalid user lynn from 80.211.136.203 Aug 24 17:02:53 vpn01 sshd\[23947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203 Aug 24 17:02:56 vpn01 sshd\[23947\]: Failed password for invalid user lynn from 80.211.136.203 port 42206 ssh2	2019-08-25 02:33:14
80.211.136.203	attackspambots	Invalid user ks from 80.211.136.203 port 48946	2019-08-23 19:22:02
80.211.136.203	attackspambots	Aug 20 19:19:51 mail sshd\[12019\]: Failed password for invalid user bai from 80.211.136.203 port 54976 ssh2 Aug 20 19:24:14 mail sshd\[12613\]: Invalid user jking from 80.211.136.203 port 44902 Aug 20 19:24:14 mail sshd\[12613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.136.203 Aug 20 19:24:16 mail sshd\[12613\]: Failed password for invalid user jking from 80.211.136.203 port 44902 ssh2 Aug 20 19:28:33 mail sshd\[13016\]: Invalid user jack from 80.211.136.203 port 34824	2019-08-21 01:33:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.211.136.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31928
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.211.136.164.			IN	A

;; AUTHORITY SECTION:
.			515	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122900 1800 900 604800 86400

;; Query time: 506 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 29 21:10:07 CST 2019
;; MSG SIZE  rcvd: 118

Host info

164.136.211.80.in-addr.arpa domain name pointer host164-136-211-80.serverdedicati.aruba.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.136.211.80.in-addr.arpa	name = host164-136-211-80.serverdedicati.aruba.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.127.125.9	attackspam	GPON Home Routers Remote Code Execution Vulnerability CVE 2018-10562, PTR: PTR record not found	2020-05-25 21:37:46
107.158.163.151	attackbots	2020-05-25 06:56:17.635059-0500 localhost smtpd[45551]: NOQUEUE: reject: RCPT from unknown[107.158.163.151]: 450 4.7.25 Client host rejected: cannot find your hostname, [107.158.163.151]; from= to= proto=ESMTP helo=<009bdcd7.aswdrt.xyz>	2020-05-25 21:34:32
222.186.190.14	attackspam	May 25 15:36:24 dev0-dcde-rnet sshd[15689]: Failed password for root from 222.186.190.14 port 12423 ssh2 May 25 15:36:33 dev0-dcde-rnet sshd[15691]: Failed password for root from 222.186.190.14 port 27108 ssh2	2020-05-25 21:41:34
49.231.201.242	attackbotsspam	May 25 15:46:04 localhost sshd\[2902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.201.242 user=root May 25 15:46:06 localhost sshd\[2902\]: Failed password for root from 49.231.201.242 port 57778 ssh2 May 25 15:50:18 localhost sshd\[3309\]: Invalid user phion from 49.231.201.242 May 25 15:50:18 localhost sshd\[3309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.201.242 May 25 15:50:20 localhost sshd\[3309\]: Failed password for invalid user phion from 49.231.201.242 port 49712 ssh2 ...	2020-05-25 21:51:39
193.111.79.211	attackspam	Lines containing failures of 193.111.79.211 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=193.111.79.211	2020-05-25 21:33:29
178.128.23.6	attackbots	May 25 15:11:11 ns381471 sshd[29386]: Failed password for root from 178.128.23.6 port 49184 ssh2	2020-05-25 21:18:45
111.229.208.44	attack	Lines containing failures of 111.229.208.44 May 25 00:56:24 nextcloud sshd[27957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.208.44 user=r.r May 25 00:56:25 nextcloud sshd[27957]: Failed password for r.r from 111.229.208.44 port 59846 ssh2 May 25 00:56:25 nextcloud sshd[27957]: Received disconnect from 111.229.208.44 port 59846:11: Bye Bye [preauth] May 25 00:56:25 nextcloud sshd[27957]: Disconnected from authenticating user r.r 111.229.208.44 port 59846 [preauth] May 25 01:01:48 nextcloud sshd[28413]: Invalid user snadendla from 111.229.208.44 port 60140 May 25 01:01:48 nextcloud sshd[28413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.208.44 May 25 01:01:51 nextcloud sshd[28413]: Failed password for invalid user snadendla from 111.229.208.44 port 60140 ssh2 May 25 01:01:51 nextcloud sshd[28413]: Received disconnect from 111.229.208.44 port 60140:11: Bye Bye [preau........ ------------------------------	2020-05-25 21:28:48
222.186.15.62	attackspam	May 25 15:42:42 h2779839 sshd[27229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root May 25 15:42:43 h2779839 sshd[27229]: Failed password for root from 222.186.15.62 port 15204 ssh2 May 25 15:42:51 h2779839 sshd[27235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root May 25 15:42:53 h2779839 sshd[27235]: Failed password for root from 222.186.15.62 port 20284 ssh2 May 25 15:42:51 h2779839 sshd[27235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root May 25 15:42:53 h2779839 sshd[27235]: Failed password for root from 222.186.15.62 port 20284 ssh2 May 25 15:42:55 h2779839 sshd[27235]: Failed password for root from 222.186.15.62 port 20284 ssh2 May 25 15:42:51 h2779839 sshd[27235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root May ...	2020-05-25 21:43:24
176.50.67.125	attackbots	May 25 13:29:24 master sshd[4300]: Failed password for invalid user admin from 176.50.67.125 port 54190 ssh2	2020-05-25 21:30:39
206.248.172.128	attack	DistributedAbnormallyLongRequest	2020-05-25 21:55:09
85.239.35.161	attackspambots	May 25 15:54:23 server2 sshd\[5008\]: User root from 85.239.35.161 not allowed because not listed in AllowUsers May 25 15:54:23 server2 sshd\[5010\]: User root from 85.239.35.161 not allowed because not listed in AllowUsers May 25 15:54:25 server2 sshd\[5012\]: User root from 85.239.35.161 not allowed because not listed in AllowUsers May 25 15:54:25 server2 sshd\[5009\]: Invalid user support from 85.239.35.161 May 25 15:54:25 server2 sshd\[5011\]: Invalid user support from 85.239.35.161 May 25 15:54:25 server2 sshd\[5017\]: Invalid user support from 85.239.35.161	2020-05-25 21:36:16
1.9.128.13	attackspam	May 25 14:04:44 cdc sshd[11183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.128.13 May 25 14:04:45 cdc sshd[11183]: Failed password for invalid user mylo from 1.9.128.13 port 49201 ssh2	2020-05-25 21:42:30
182.122.6.77	attackspambots	May 25 12:00:16 ip-172-31-61-156 sshd[12678]: Failed password for root from 182.122.6.77 port 3012 ssh2 May 25 12:03:10 ip-172-31-61-156 sshd[12773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.6.77 user=root May 25 12:03:13 ip-172-31-61-156 sshd[12773]: Failed password for root from 182.122.6.77 port 48574 ssh2 May 25 12:03:10 ip-172-31-61-156 sshd[12773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.6.77 user=root May 25 12:03:13 ip-172-31-61-156 sshd[12773]: Failed password for root from 182.122.6.77 port 48574 ssh2 ...	2020-05-25 21:21:18
165.90.205.197	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-05-25 21:19:18
189.90.114.58	attackspambots	odoo8 ...	2020-05-25 21:31:47

Recently Reported IPs

7.86.143.7	20.161.168.226	149.207.33.81	45.168.0.7
216.226.120.25	120.181.239.5	13.195.250.115	44.95.8.121
129.149.241.106	255.19.119.67	125.211.28.163	75.13.251.58
69.246.197.224	221.0.134.46	78.188.112.65	183.88.234.241
36.24.157.65	115.79.112.225	181.226.177.3	18.224.251.17