80.211.14.166 - IPInfo

Basic Info

City: Arezzo

Region: Tuscany

Country: Italy

Internet Service Provider: Aruba S.p.A. - Cloud Services Farm

Hostname: unknown

Organization: Aruba S.p.A.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	NAME : ARUBA-NET CIDR : 80.211.14.0/24 DDoS attack Italy - block certain countries :) IP: 80.211.14.166 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-08 03:53:29

Type

Details

Datetime

attackspam

NAME : ARUBA-NET CIDR : 80.211.14.0/24 DDoS attack Italy - block certain countries :) IP: 80.211.14.166  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-07-08 03:53:29

Comments on same subnet:

IP	Type	Details	Datetime
80.211.148.173	attackspam	Unauthorized connection attempt: SRC=80.211.148.173 ...	2020-06-26 18:07:18
80.211.146.237	attackbotsspam	Repeated RDP login failures. Last user: administrator	2020-06-12 00:11:53
80.211.143.224	attackspam	Lines containing failures of 80.211.143.224 Apr 13 09:59:14 shared12 sshd[26464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.143.224 user=r.r Apr 13 09:59:16 shared12 sshd[26464]: Failed password for r.r from 80.211.143.224 port 37812 ssh2 Apr 13 09:59:16 shared12 sshd[26464]: Received disconnect from 80.211.143.224 port 37812:11: Bye Bye [preauth] Apr 13 09:59:16 shared12 sshd[26464]: Disconnected from authenticating user r.r 80.211.143.224 port 37812 [preauth] Apr 13 10:12:43 shared12 sshd[30873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.143.224 user=r.r Apr 13 10:12:46 shared12 sshd[30873]: Failed password for r.r from 80.211.143.224 port 49826 ssh2 Apr 13 10:12:46 shared12 sshd[30873]: Received disconnect from 80.211.143.224 port 49826:11: Bye Bye [preauth] Apr 13 10:12:46 shared12 sshd[30873]: Disconnected from authenticating user r.r 80.211.143.224 port 49826........ ------------------------------	2020-04-13 20:39:08
80.211.143.231	attackbots	suspicious action Tue, 10 Mar 2020 15:13:45 -0300	2020-03-11 06:12:10
80.211.141.225	attackspam	22 attempts against mh_ha-misbehave-ban on heat	2020-03-09 21:58:42
80.211.145.66	attack	SSH login attempt	2020-02-19 07:41:29
80.211.143.24	attack	\[2019-12-31 09:49:07\] NOTICE\[2839\] chan_sip.c: Registration from '"603" \' failed for '80.211.143.24:5064' - Wrong password \[2019-12-31 09:49:07\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T09:49:07.956-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="603",SessionID="0x7f0fb4147b68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5064",Challenge="597506ad",ReceivedChallenge="597506ad",ReceivedHash="af2ecd6e9261f7df0ac9e90f732a19d9" \[2019-12-31 09:53:09\] NOTICE\[2839\] chan_sip.c: Registration from '"502" \' failed for '80.211.143.24:5062' - Wrong password \[2019-12-31 09:53:09\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-31T09:53:09.170-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="502",SessionID="0x7f0fb4702148",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-31 23:48:10
80.211.143.24	attackspambots	\[2019-12-30 03:38:19\] NOTICE\[2839\] chan_sip.c: Registration from '"609" \' failed for '80.211.143.24:5064' - Wrong password \[2019-12-30 03:38:19\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T03:38:19.962-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="609",SessionID="0x7f0fb4a23ed8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5064",Challenge="13bc841e",ReceivedChallenge="13bc841e",ReceivedHash="7ebd34ebc554a19701819a3c459c8743" \[2019-12-30 03:38:29\] NOTICE\[2839\] chan_sip.c: Registration from '"801" \' failed for '80.211.143.24:5072' - Wrong password \[2019-12-30 03:38:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T03:38:29.073-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="801",SessionID="0x7f0fb41a7f38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-30 17:16:41
80.211.143.24	attackspambots	\[2019-12-30 00:39:40\] NOTICE\[2839\] chan_sip.c: Registration from '"800" \' failed for '80.211.143.24:5060' - Wrong password \[2019-12-30 00:39:40\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T00:39:40.628-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="800",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5060",Challenge="635d366a",ReceivedChallenge="635d366a",ReceivedHash="e0d3fff53b5c9ab1c9f759e6d39260d2" \[2019-12-30 00:40:10\] NOTICE\[2839\] chan_sip.c: Registration from '"608" \' failed for '80.211.143.24:5073' - Wrong password \[2019-12-30 00:40:10\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-30T00:40:10.732-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="608",SessionID="0x7f0fb41a7f38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.2	2019-12-30 14:03:54
80.211.143.24	attack	\[2019-12-26 07:58:29\] NOTICE\[2839\] chan_sip.c: Registration from '"55555" \' failed for '80.211.143.24:5082' - Wrong password \[2019-12-26 07:58:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-26T07:58:29.281-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="55555",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5082",Challenge="4ac27446",ReceivedChallenge="4ac27446",ReceivedHash="cff0d3cb28346efde55b8befa6741e0e" \[2019-12-26 07:59:22\] NOTICE\[2839\] chan_sip.c: Registration from '"48" \' failed for '80.211.143.24:5098' - Wrong password \[2019-12-26 07:59:22\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-26T07:59:22.427-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="48",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8	2019-12-26 21:21:43
80.211.143.24	attackbotsspam	\[2019-12-25 17:14:52\] NOTICE\[2839\] chan_sip.c: Registration from '"2000" \' failed for '80.211.143.24:5081' - Wrong password \[2019-12-25 17:14:52\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-25T17:14:52.397-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="2000",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.211.143.24/5081",Challenge="2110e1df",ReceivedChallenge="2110e1df",ReceivedHash="ed51419056a3aa4deeee4c388931121e" \[2019-12-25 17:16:31\] NOTICE\[2839\] chan_sip.c: Registration from '"4006" \' failed for '80.211.143.24:5087' - Wrong password \[2019-12-25 17:16:31\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-25T17:16:31.918-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4006",SessionID="0x7f0fb43ff028",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-12-26 06:29:56
80.211.140.188	attack	Automatic report - XMLRPC Attack	2019-11-25 13:37:38
80.211.149.194	attackspambots	Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=80.211.149.194	2019-11-23 06:16:49
80.211.140.188	attackspam	notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:34 +0100\] "POST /wp-login.php HTTP/1.1" 200 6539 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:35 +0100\] "POST /wp-login.php HTTP/1.1" 200 6499 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" notenschluessel-fulda.de 80.211.140.188 \[15/Nov/2019:05:58:35 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4142 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-15 14:02:10
80.211.141.67	attackspambots	Unauthorized connection attempt from IP address 80.211.141.67 on Port 3389(RDP)	2019-11-14 03:54:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.211.14.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24037
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.211.14.166.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 03:53:23 CST 2019
;; MSG SIZE  rcvd: 117

Host info

166.14.211.80.in-addr.arpa domain name pointer host166-14-211-80.serverdedicati.aruba.it.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
166.14.211.80.in-addr.arpa	name = host166-14-211-80.serverdedicati.aruba.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.148.213.99	attack	2019-10-04T22:34:46.392570abusebot-3.cloudsearch.cf sshd\[20705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.148.213.99 user=root	2019-10-05 06:48:19
51.75.126.115	attackbotsspam	Oct 4 12:23:36 php1 sshd\[28189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.115 user=root Oct 4 12:23:38 php1 sshd\[28189\]: Failed password for root from 51.75.126.115 port 48304 ssh2 Oct 4 12:27:06 php1 sshd\[28455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.115 user=root Oct 4 12:27:08 php1 sshd\[28455\]: Failed password for root from 51.75.126.115 port 60504 ssh2 Oct 4 12:30:42 php1 sshd\[28720\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.115 user=root	2019-10-05 06:32:16
129.213.135.233	attackspambots	Oct 4 22:21:58 game-panel sshd[6732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.135.233 Oct 4 22:22:00 game-panel sshd[6732]: Failed password for invalid user P4rol4_123 from 129.213.135.233 port 50116 ssh2 Oct 4 22:26:26 game-panel sshd[6861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.135.233	2019-10-05 06:31:44
190.96.49.189	attackspam	2019-10-04T18:22:57.4405651495-001 sshd\[27521\]: Invalid user P@ssword2017 from 190.96.49.189 port 39006 2019-10-04T18:22:57.4441841495-001 sshd\[27521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.96.49.189 2019-10-04T18:22:59.0853021495-001 sshd\[27521\]: Failed password for invalid user P@ssword2017 from 190.96.49.189 port 39006 ssh2 2019-10-04T18:28:11.7478061495-001 sshd\[27872\]: Invalid user p4ssw0rd1 from 190.96.49.189 port 52044 2019-10-04T18:28:11.7548681495-001 sshd\[27872\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.96.49.189 2019-10-04T18:28:13.8379461495-001 sshd\[27872\]: Failed password for invalid user p4ssw0rd1 from 190.96.49.189 port 52044 ssh2 ...	2019-10-05 06:51:59
191.252.195.141	attackbots	fail2ban	2019-10-05 06:50:25
51.68.228.85	attack	[munged]::443 51.68.228.85 - - [04/Oct/2019:22:52:42 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 51.68.228.85 - - [04/Oct/2019:22:52:42 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 51.68.228.85 - - [04/Oct/2019:22:52:43 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 51.68.228.85 - - [04/Oct/2019:22:52:44 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 51.68.228.85 - - [04/Oct/2019:22:52:44 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 51.68.228.85 - - [04/Oct/2019:22:52:45 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Li	2019-10-05 07:07:07
206.214.2.70	attackbotsspam	IMAP brute force ...	2019-10-05 06:37:35
88.214.26.8	attack	Oct 4 21:08:26 thevastnessof sshd[27029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.214.26.8 ...	2019-10-05 06:56:22
138.68.136.152	attackspambots	WordPress wp-login brute force :: 138.68.136.152 0.128 BYPASS [05/Oct/2019:06:25:24 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-05 06:39:02
177.177.129.195	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 04-10-2019 21:25:18.	2019-10-05 06:45:53
49.88.112.70	attackbotsspam	Oct 4 23:28:33 MK-Soft-VM3 sshd[9142]: Failed password for root from 49.88.112.70 port 53579 ssh2 Oct 4 23:28:37 MK-Soft-VM3 sshd[9142]: Failed password for root from 49.88.112.70 port 53579 ssh2 ...	2019-10-05 06:32:57
68.183.105.52	attack	2019-10-04T21:42:23.842105abusebot-6.cloudsearch.cf sshd\[12080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.105.52 user=root	2019-10-05 06:57:36
71.198.140.17	attackbots	Oct 4 22:25:20 dedicated sshd[5740]: Failed password for root from 71.198.140.17 port 50258 ssh2 Oct 4 22:25:24 dedicated sshd[5740]: Failed password for root from 71.198.140.17 port 50258 ssh2 Oct 4 22:25:26 dedicated sshd[5740]: Failed password for root from 71.198.140.17 port 50258 ssh2 Oct 4 22:25:28 dedicated sshd[5740]: Failed password for root from 71.198.140.17 port 50258 ssh2 Oct 4 22:25:31 dedicated sshd[5740]: Failed password for root from 71.198.140.17 port 50258 ssh2	2019-10-05 06:34:22
40.73.97.99	attackspambots	Oct 4 22:19:03 herz-der-gamer sshd[21805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.97.99 user=root Oct 4 22:19:04 herz-der-gamer sshd[21805]: Failed password for root from 40.73.97.99 port 41544 ssh2 Oct 4 22:25:31 herz-der-gamer sshd[22019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.97.99 user=root Oct 4 22:25:33 herz-der-gamer sshd[22019]: Failed password for root from 40.73.97.99 port 60450 ssh2 ...	2019-10-05 06:33:56
103.115.227.18	attackbots	Oct 4 10:39:00 sachi sshd\[1932\]: Invalid user Senha@123 from 103.115.227.18 Oct 4 10:39:00 sachi sshd\[1932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.115.227.18 Oct 4 10:39:02 sachi sshd\[1932\]: Failed password for invalid user Senha@123 from 103.115.227.18 port 30180 ssh2 Oct 4 10:43:41 sachi sshd\[2425\]: Invalid user D3bian2016 from 103.115.227.18 Oct 4 10:43:41 sachi sshd\[2425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.115.227.18	2019-10-05 06:37:05

Recently Reported IPs

144.79.162.72	103.95.120.220	124.179.142.212	157.58.180.251
170.244.13.226	49.148.114.39	79.85.200.8	203.66.70.138
125.64.12.45	5.39.80.220	199.119.129.251	117.247.246.198
14.204.59.233	5.77.182.8	171.227.187.251	88.250.138.178
5.88.27.5	189.51.201.4	113.183.237.157	200.93.78.8