80.211.14.166 - IPInfo

Basic Info

City: Arezzo

Region: Tuscany

Country: Italy

Internet Service Provider: Aruba S.p.A. - Cloud Services Farm

Hostname: unknown

Organization: Aruba S.p.A.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	NAME : ARUBA-NET CIDR : 80.211.14.0/24 DDoS attack Italy - block certain countries :) IP: 80.211.14.166 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-08 03:53:29

Type

Details

Datetime

attackspam

NAME : ARUBA-NET CIDR : 80.211.14.0/24 DDoS attack Italy - block certain countries :) IP: 80.211.14.166  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-07-08 03:53:29

Comments on same subnet:

IP	Type	Details	Datetime
80.211.148.173	attackspam	Unauthorized connection attempt: SRC=80.211.148.173 ...	2020-06-26 18:07:18
80.211.146.237	attackbotsspam	Repeated RDP login failures. Last user: administrator	2020-06-12 00:11:53
80.211.143.224	attackspam	Lines containing failures of 80.211.143.224 Apr 13 09:59:14 shared12 sshd[26464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.143.224 user=r.r Apr 13 09:59:16 shared12 sshd[26464]: Failed password for r.r from 80.211.143.224 port 37812 ssh2 Apr 13 09:59:16 shared12 sshd[26464]: Received disconnect from 80.211.143.224 port 37812:11: Bye Bye [preauth] Apr 13 09:59:16 shared12 sshd[26464]: Disconnected from authenticating user r.r 80.211.143.224 port 37812 [preauth] Apr 13 10:12:43 shared12 sshd[30873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.143.224 user=r.r Apr 13 10:12:46 shared12 sshd[30873]: Failed password for r.r from 80.211.143.224 port 49826 ssh2 Apr 13 10:12:46 shared12 sshd[30873]: Received disconnect from 80.211.143.224 port 49826:11: Bye Bye [preauth] Apr 13 10:12:46 shared12 sshd[30873]: Disconnected from authenticating user r.r 80.211.143.224 port 49826........ ------------------------------	2020-04-13 20:39:08
80.211.143.231	attackbots	suspicious action Tue, 10 Mar 2020 15:13:45 -0300	2020-03-11 06:12:10
80.211.141.225	attackspam	22 attempts against mh_ha-misbehave-ban on heat	2020-03-09 21:58:42
80.211.145.66	attack	SSH login attempt	2020-02-19 07:41:29
80.211.143.24	attack	\[2019-12-31 09:49:07\] NOTICE\[2839\] chan_sip.c: Registration from '"603" \' failed for '80.211.143.24:5064' - Wrong password \[2019-12-31 09:49:07\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T09:49:07.956-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="603",SessionID="0x7f0fb4147b68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5064",Challenge="597506ad",ReceivedChallenge="597506ad",ReceivedHash="af2ecd6e9261f7df0ac9e90f732a19d9" \[2019-12-31 09:53:09\] NOTICE\[2839\] chan_sip.c: Registration from '"502" \' failed for '80.211.143.24:5062' - Wrong password \[2019-12-31 09:53:09\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T09:53:09.170-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="502",SessionID="0x7f0fb4702148",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-31 23:48:10
80.211.143.24	attackspambots	\[2019-12-30 03:38:19\] NOTICE\[2839\] chan_sip.c: Registration from '"609" \' failed for '80.211.143.24:5064' - Wrong password \[2019-12-30 03:38:19\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T03:38:19.962-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="609",SessionID="0x7f0fb4a23ed8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5064",Challenge="13bc841e",ReceivedChallenge="13bc841e",ReceivedHash="7ebd34ebc554a19701819a3c459c8743" \[2019-12-30 03:38:29\] NOTICE\[2839\] chan_sip.c: Registration from '"801" \' failed for '80.211.143.24:5072' - Wrong password \[2019-12-30 03:38:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T03:38:29.073-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="801",SessionID="0x7f0fb41a7f38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-30 17:16:41
80.211.143.24	attackspambots	\[2019-12-30 00:39:40\] NOTICE\[2839\] chan_sip.c: Registration from '"800" \' failed for '80.211.143.24:5060' - Wrong password \[2019-12-30 00:39:40\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T00:39:40.628-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="800",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5060",Challenge="635d366a",ReceivedChallenge="635d366a",ReceivedHash="e0d3fff53b5c9ab1c9f759e6d39260d2" \[2019-12-30 00:40:10\] NOTICE\[2839\] chan_sip.c: Registration from '"608" \' failed for '80.211.143.24:5073' - Wrong password \[2019-12-30 00:40:10\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T00:40:10.732-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="608",SessionID="0x7f0fb41a7f38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-30 14:03:54
80.211.143.24	attack	\[2019-12-26 07:58:29\] NOTICE\[2839\] chan_sip.c: Registration from '"55555" \' failed for '80.211.143.24:5082' - Wrong password \[2019-12-26 07:58:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-26T07:58:29.281-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="55555",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5082",Challenge="4ac27446",ReceivedChallenge="4ac27446",ReceivedHash="cff0d3cb28346efde55b8befa6741e0e" \[2019-12-26 07:59:22\] NOTICE\[2839\] chan_sip.c: Registration from '"48" \' failed for '80.211.143.24:5098' - Wrong password \[2019-12-26 07:59:22\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-26T07:59:22.427-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="48",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8	2019-12-26 21:21:43
80.211.143.24	attackbotsspam	\[2019-12-25 17:14:52\] NOTICE\[2839\] chan_sip.c: Registration from '"2000" \' failed for '80.211.143.24:5081' - Wrong password \[2019-12-25 17:14:52\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-25T17:14:52.397-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="2000",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5081",Challenge="2110e1df",ReceivedChallenge="2110e1df",ReceivedHash="ed51419056a3aa4deeee4c388931121e" \[2019-12-25 17:16:31\] NOTICE\[2839\] chan_sip.c: Registration from '"4006" \' failed for '80.211.143.24:5087' - Wrong password \[2019-12-25 17:16:31\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-25T17:16:31.918-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4006",SessionID="0x7f0fb43ff028",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-12-26 06:29:56
80.211.140.188	attack	Automatic report - XMLRPC Attack	2019-11-25 13:37:38
80.211.149.194	attackspambots	Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=80.211.149.194	2019-11-23 06:16:49
80.211.140.188	attackspam	notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:34 +0100\] "POST /wp-login.php HTTP/1.1" 200 6539 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:35 +0100\] "POST /wp-login.php HTTP/1.1" 200 6499 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:35 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4142 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-15 14:02:10
80.211.141.67	attackspambots	Unauthorized connection attempt from IP address 80.211.141.67 on Port 3389(RDP)	2019-11-14 03:54:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.211.14.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24037
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.211.14.166.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 03:53:23 CST 2019
;; MSG SIZE  rcvd: 117

Host info

166.14.211.80.in-addr.arpa domain name pointer host166-14-211-80.serverdedicati.aruba.it.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
166.14.211.80.in-addr.arpa	name = host166-14-211-80.serverdedicati.aruba.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.167.46.84	attack	$f2bV_matches	2019-11-26 13:42:48
118.25.152.227	attackspam	F2B jail: sshd. Time: 2019-11-26 06:30:34, Reported by: VKReport	2019-11-26 13:43:31
118.24.114.192	attackspam	Nov 26 05:44:24 icinga sshd[24360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.114.192 Nov 26 05:44:26 icinga sshd[24360]: Failed password for invalid user roeising from 118.24.114.192 port 50634 ssh2 Nov 26 05:55:07 icinga sshd[34644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.114.192 ...	2019-11-26 13:29:37
106.13.110.30	attackbotsspam	Nov 26 05:47:41 localhost sshd\[3302\]: Invalid user admin from 106.13.110.30 Nov 26 05:47:41 localhost sshd\[3302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.30 Nov 26 05:47:43 localhost sshd\[3302\]: Failed password for invalid user admin from 106.13.110.30 port 54418 ssh2 Nov 26 05:55:17 localhost sshd\[3749\]: Invalid user nashif from 106.13.110.30 Nov 26 05:55:17 localhost sshd\[3749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.110.30 ...	2019-11-26 13:18:38
222.186.173.183	attackspam	Nov 26 06:41:57 amit sshd\[11284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root Nov 26 06:41:59 amit sshd\[11284\]: Failed password for root from 222.186.173.183 port 37916 ssh2 Nov 26 06:42:03 amit sshd\[11284\]: Failed password for root from 222.186.173.183 port 37916 ssh2 ...	2019-11-26 13:44:47
222.186.175.140	attackbots	Nov 26 06:48:17 vps691689 sshd[26489]: Failed password for root from 222.186.175.140 port 31690 ssh2 Nov 26 06:48:20 vps691689 sshd[26489]: Failed password for root from 222.186.175.140 port 31690 ssh2 Nov 26 06:48:23 vps691689 sshd[26489]: Failed password for root from 222.186.175.140 port 31690 ssh2 ...	2019-11-26 13:50:51
49.232.15.79	attackbotsspam	404 NOT FOUND	2019-11-26 13:25:46
62.4.17.32	attack	Nov 26 07:54:45 debian sshd\[11726\]: Invalid user winston from 62.4.17.32 port 40752 Nov 26 07:54:45 debian sshd\[11726\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.4.17.32 Nov 26 07:54:47 debian sshd\[11726\]: Failed password for invalid user winston from 62.4.17.32 port 40752 ssh2 ...	2019-11-26 13:46:19
118.70.233.6	attack	Unauthorised access (Nov 26) SRC=118.70.233.6 LEN=52 TTL=109 ID=17633 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 26) SRC=118.70.233.6 LEN=52 TTL=112 ID=26478 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-26 13:36:09
206.217.139.201	attack	Probing sign-up form.	2019-11-26 13:32:14
185.143.223.77	attack	Nov 26 04:52:22 TCP Attack: SRC=185.143.223.77 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=241 PROTO=TCP SPT=8080 DPT=7286 WINDOW=1024 RES=0x00 SYN URGP=0	2019-11-26 13:25:25
121.15.11.9	attackbots	Nov 25 19:08:25 wbs sshd\[14345\]: Invalid user lkjhgfdsa from 121.15.11.9 Nov 25 19:08:25 wbs sshd\[14345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.15.11.9 Nov 25 19:08:26 wbs sshd\[14345\]: Failed password for invalid user lkjhgfdsa from 121.15.11.9 port 32384 ssh2 Nov 25 19:13:00 wbs sshd\[14849\]: Invalid user bqol from 121.15.11.9 Nov 25 19:13:01 wbs sshd\[14849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.15.11.9	2019-11-26 13:19:25
222.186.175.154	attack	Nov 26 06:08:55 MK-Soft-VM7 sshd[15632]: Failed password for root from 222.186.175.154 port 37836 ssh2 Nov 26 06:08:59 MK-Soft-VM7 sshd[15632]: Failed password for root from 222.186.175.154 port 37836 ssh2 ...	2019-11-26 13:17:22
172.81.250.106	attackspambots	SSH invalid-user multiple login try	2019-11-26 13:33:23
222.186.180.223	attack	Nov 26 06:21:08 vmanager6029 sshd\[11356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root Nov 26 06:21:10 vmanager6029 sshd\[11356\]: Failed password for root from 222.186.180.223 port 3872 ssh2 Nov 26 06:21:12 vmanager6029 sshd\[11356\]: Failed password for root from 222.186.180.223 port 3872 ssh2	2019-11-26 13:24:04

Recently Reported IPs

144.79.162.72	103.95.120.220	124.179.142.212	157.58.180.251
170.244.13.226	49.148.114.39	79.85.200.8	203.66.70.138
125.64.12.45	5.39.80.220	199.119.129.251	117.247.246.198
14.204.59.233	5.77.182.8	171.227.187.251	88.250.138.178
5.88.27.5	189.51.201.4	113.183.237.157	200.93.78.8