80.211.14.166 - IPInfo

Basic Info

City: Arezzo

Region: Tuscany

Country: Italy

Internet Service Provider: Aruba S.p.A. - Cloud Services Farm

Hostname: unknown

Organization: Aruba S.p.A.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	NAME : ARUBA-NET CIDR : 80.211.14.0/24 DDoS attack Italy - block certain countries :) IP: 80.211.14.166 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-08 03:53:29

Type

Details

Datetime

attackspam

NAME : ARUBA-NET CIDR : 80.211.14.0/24 DDoS attack Italy - block certain countries :) IP: 80.211.14.166  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-07-08 03:53:29

Comments on same subnet:

IP	Type	Details	Datetime
80.211.148.173	attackspam	Unauthorized connection attempt: SRC=80.211.148.173 ...	2020-06-26 18:07:18
80.211.146.237	attackbotsspam	Repeated RDP login failures. Last user: administrator	2020-06-12 00:11:53
80.211.143.224	attackspam	Lines containing failures of 80.211.143.224 Apr 13 09:59:14 shared12 sshd[26464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.143.224 user=r.r Apr 13 09:59:16 shared12 sshd[26464]: Failed password for r.r from 80.211.143.224 port 37812 ssh2 Apr 13 09:59:16 shared12 sshd[26464]: Received disconnect from 80.211.143.224 port 37812:11: Bye Bye [preauth] Apr 13 09:59:16 shared12 sshd[26464]: Disconnected from authenticating user r.r 80.211.143.224 port 37812 [preauth] Apr 13 10:12:43 shared12 sshd[30873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.143.224 user=r.r Apr 13 10:12:46 shared12 sshd[30873]: Failed password for r.r from 80.211.143.224 port 49826 ssh2 Apr 13 10:12:46 shared12 sshd[30873]: Received disconnect from 80.211.143.224 port 49826:11: Bye Bye [preauth] Apr 13 10:12:46 shared12 sshd[30873]: Disconnected from authenticating user r.r 80.211.143.224 port 49826........ ------------------------------	2020-04-13 20:39:08
80.211.143.231	attackbots	suspicious action Tue, 10 Mar 2020 15:13:45 -0300	2020-03-11 06:12:10
80.211.141.225	attackspam	22 attempts against mh_ha-misbehave-ban on heat	2020-03-09 21:58:42
80.211.145.66	attack	SSH login attempt	2020-02-19 07:41:29
80.211.143.24	attack	\[2019-12-31 09:49:07\] NOTICE\[2839\] chan_sip.c: Registration from '"603" \' failed for '80.211.143.24:5064' - Wrong password \[2019-12-31 09:49:07\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T09:49:07.956-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="603",SessionID="0x7f0fb4147b68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5064",Challenge="597506ad",ReceivedChallenge="597506ad",ReceivedHash="af2ecd6e9261f7df0ac9e90f732a19d9" \[2019-12-31 09:53:09\] NOTICE\[2839\] chan_sip.c: Registration from '"502" \' failed for '80.211.143.24:5062' - Wrong password \[2019-12-31 09:53:09\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T09:53:09.170-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="502",SessionID="0x7f0fb4702148",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-31 23:48:10
80.211.143.24	attackspambots	\[2019-12-30 03:38:19\] NOTICE\[2839\] chan_sip.c: Registration from '"609" \' failed for '80.211.143.24:5064' - Wrong password \[2019-12-30 03:38:19\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T03:38:19.962-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="609",SessionID="0x7f0fb4a23ed8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5064",Challenge="13bc841e",ReceivedChallenge="13bc841e",ReceivedHash="7ebd34ebc554a19701819a3c459c8743" \[2019-12-30 03:38:29\] NOTICE\[2839\] chan_sip.c: Registration from '"801" \' failed for '80.211.143.24:5072' - Wrong password \[2019-12-30 03:38:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T03:38:29.073-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="801",SessionID="0x7f0fb41a7f38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-30 17:16:41
80.211.143.24	attackspambots	\[2019-12-30 00:39:40\] NOTICE\[2839\] chan_sip.c: Registration from '"800" \' failed for '80.211.143.24:5060' - Wrong password \[2019-12-30 00:39:40\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T00:39:40.628-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="800",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5060",Challenge="635d366a",ReceivedChallenge="635d366a",ReceivedHash="e0d3fff53b5c9ab1c9f759e6d39260d2" \[2019-12-30 00:40:10\] NOTICE\[2839\] chan_sip.c: Registration from '"608" \' failed for '80.211.143.24:5073' - Wrong password \[2019-12-30 00:40:10\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T00:40:10.732-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="608",SessionID="0x7f0fb41a7f38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-30 14:03:54
80.211.143.24	attack	\[2019-12-26 07:58:29\] NOTICE\[2839\] chan_sip.c: Registration from '"55555" \' failed for '80.211.143.24:5082' - Wrong password \[2019-12-26 07:58:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-26T07:58:29.281-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="55555",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5082",Challenge="4ac27446",ReceivedChallenge="4ac27446",ReceivedHash="cff0d3cb28346efde55b8befa6741e0e" \[2019-12-26 07:59:22\] NOTICE\[2839\] chan_sip.c: Registration from '"48" \' failed for '80.211.143.24:5098' - Wrong password \[2019-12-26 07:59:22\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-26T07:59:22.427-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="48",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8	2019-12-26 21:21:43
80.211.143.24	attackbotsspam	\[2019-12-25 17:14:52\] NOTICE\[2839\] chan_sip.c: Registration from '"2000" \' failed for '80.211.143.24:5081' - Wrong password \[2019-12-25 17:14:52\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-25T17:14:52.397-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="2000",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5081",Challenge="2110e1df",ReceivedChallenge="2110e1df",ReceivedHash="ed51419056a3aa4deeee4c388931121e" \[2019-12-25 17:16:31\] NOTICE\[2839\] chan_sip.c: Registration from '"4006" \' failed for '80.211.143.24:5087' - Wrong password \[2019-12-25 17:16:31\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-25T17:16:31.918-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4006",SessionID="0x7f0fb43ff028",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-12-26 06:29:56
80.211.140.188	attack	Automatic report - XMLRPC Attack	2019-11-25 13:37:38
80.211.149.194	attackspambots	Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=80.211.149.194	2019-11-23 06:16:49
80.211.140.188	attackspam	notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:34 +0100\] "POST /wp-login.php HTTP/1.1" 200 6539 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:35 +0100\] "POST /wp-login.php HTTP/1.1" 200 6499 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:35 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4142 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-15 14:02:10
80.211.141.67	attackspambots	Unauthorized connection attempt from IP address 80.211.141.67 on Port 3389(RDP)	2019-11-14 03:54:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.211.14.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24037
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.211.14.166.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 03:53:23 CST 2019
;; MSG SIZE  rcvd: 117

Host info

166.14.211.80.in-addr.arpa domain name pointer host166-14-211-80.serverdedicati.aruba.it.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
166.14.211.80.in-addr.arpa	name = host166-14-211-80.serverdedicati.aruba.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.63	attackspambots	Jan 8 00:36:23 v22018076622670303 sshd\[31293\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.63 user=root Jan 8 00:36:25 v22018076622670303 sshd\[31293\]: Failed password for root from 49.88.112.63 port 39770 ssh2 Jan 8 00:36:28 v22018076622670303 sshd\[31293\]: Failed password for root from 49.88.112.63 port 39770 ssh2 ...	2020-01-08 07:36:46
218.92.0.204	attack	2020-01-07T23:10:07.634070abusebot-8.cloudsearch.cf sshd[29509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root 2020-01-07T23:10:09.563492abusebot-8.cloudsearch.cf sshd[29509]: Failed password for root from 218.92.0.204 port 30835 ssh2 2020-01-07T23:10:11.008999abusebot-8.cloudsearch.cf sshd[29509]: Failed password for root from 218.92.0.204 port 30835 ssh2 2020-01-07T23:10:07.634070abusebot-8.cloudsearch.cf sshd[29509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.204 user=root 2020-01-07T23:10:09.563492abusebot-8.cloudsearch.cf sshd[29509]: Failed password for root from 218.92.0.204 port 30835 ssh2 2020-01-07T23:10:11.008999abusebot-8.cloudsearch.cf sshd[29509]: Failed password for root from 218.92.0.204 port 30835 ssh2 2020-01-07T23:10:07.634070abusebot-8.cloudsearch.cf sshd[29509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rho ...	2020-01-08 07:16:57
218.29.108.186	attackspam	2020-01-07 dovecot_login authenticator failed for \(REMOVED\) \[218.29.108.186\]: 535 Incorrect authentication data \(set_id=nologin\) 2020-01-07 dovecot_login authenticator failed for \(REMOVED\) \[218.29.108.186\]: 535 Incorrect authentication data \(set_id=admin@REMOVED\) 2020-01-07 dovecot_login authenticator failed for \(REMOVED\) \[218.29.108.186\]: 535 Incorrect authentication data \(set_id=admin\)	2020-01-08 07:14:53
137.74.166.77	attackbots	Jan 7 20:22:28 vps46666688 sshd[20192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.166.77 Jan 7 20:22:30 vps46666688 sshd[20192]: Failed password for invalid user org from 137.74.166.77 port 48282 ssh2 ...	2020-01-08 07:47:54
222.186.15.91	attackspambots	Jan 8 00:24:58 MK-Soft-VM6 sshd[13135]: Failed password for root from 222.186.15.91 port 20681 ssh2 Jan 8 00:25:02 MK-Soft-VM6 sshd[13135]: Failed password for root from 222.186.15.91 port 20681 ssh2 ...	2020-01-08 07:25:38
46.103.48.8	attack	Brute force attempt	2020-01-08 07:42:02
119.205.235.251	attack	k+ssh-bruteforce	2020-01-08 07:35:37
189.42.239.34	attack	Jan 7 23:45:09 SilenceServices sshd[7309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.42.239.34 Jan 7 23:45:10 SilenceServices sshd[7309]: Failed password for invalid user yrh from 189.42.239.34 port 55750 ssh2 Jan 7 23:48:38 SilenceServices sshd[9982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.42.239.34	2020-01-08 07:30:37
40.124.4.131	attackspambots	Jan 7 21:18:14 powerpi2 sshd[2447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.124.4.131 Jan 7 21:18:14 powerpi2 sshd[2447]: Invalid user postgres from 40.124.4.131 port 34506 Jan 7 21:18:16 powerpi2 sshd[2447]: Failed password for invalid user postgres from 40.124.4.131 port 34506 ssh2 ...	2020-01-08 07:21:35
58.45.4.157	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2020-01-08 07:13:38
190.48.65.26	attackspambots	Telnet/23 MH Probe, BF, Hack -	2020-01-08 07:23:31
51.75.206.42	attack	Jan 7 23:52:20 SilenceServices sshd[12894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.206.42 Jan 7 23:52:21 SilenceServices sshd[12894]: Failed password for invalid user test from 51.75.206.42 port 58794 ssh2 Jan 7 23:54:45 SilenceServices sshd[14753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.206.42	2020-01-08 07:33:22
190.3.79.52	attack	Unauthorized connection attempt detected from IP address 190.3.79.52 to port 2222	2020-01-08 07:27:23
85.221.221.234	attack	Unauthorized connection attempt detected from IP address 85.221.221.234 to port 4567 [J]	2020-01-08 07:10:59
101.95.111.142	attackspambots	Unauthorized SSH connection attempt	2020-01-08 07:11:19

Recently Reported IPs

144.79.162.72	103.95.120.220	124.179.142.212	157.58.180.251
170.244.13.226	49.148.114.39	79.85.200.8	203.66.70.138
125.64.12.45	5.39.80.220	199.119.129.251	117.247.246.198
14.204.59.233	5.77.182.8	171.227.187.251	88.250.138.178
5.88.27.5	189.51.201.4	113.183.237.157	200.93.78.8