80.211.50.102 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Aruba S.p.A. - Cloud Services DC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	80.211.50.102 - - \[26/Mar/2020:20:25:32 +0100\] "POST /wp-login.php HTTP/1.0" 200 7556 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 80.211.50.102 - - \[26/Mar/2020:20:25:34 +0100\] "POST /wp-login.php HTTP/1.0" 200 7552 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 80.211.50.102 - - \[26/Mar/2020:20:25:36 +0100\] "POST /wp-login.php HTTP/1.0" 200 7542 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-03-27 04:59:17
attackspambots	80.211.50.102 - - [20/Mar/2020:07:20:34 +0100] "GET /wp-login.php HTTP/1.1" 200 5963 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.50.102 - - [20/Mar/2020:07:20:35 +0100] "POST /wp-login.php HTTP/1.1" 200 6737 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.50.102 - - [20/Mar/2020:07:20:36 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-20 15:17:10
attackspambots	[munged]::443 80.211.50.102 - - [09/Mar/2020:04:49:46 +0100] "POST /[munged]: HTTP/1.1" 200 9128 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [09/Mar/2020:04:49:48 +0100] "POST /[munged]: HTTP/1.1" 200 9128 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [09/Mar/2020:04:49:50 +0100] "POST /[munged]: HTTP/1.1" 200 9128 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [09/Mar/2020:04:49:52 +0100] "POST /[munged]: HTTP/1.1" 200 9128 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [09/Mar/2020:04:49:54 +0100] "POST /[munged]: HTTP/1.1" 200 9128 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [09/Mar/2020:04:49:56 +0100] "POST /[munged]: HTTP/1.1" 200 9128 "-" "Mozilla/5.0 (X11; Ubun	2020-03-09 15:32:15
attackbots	Trolling for resource vulnerabilities	2020-03-07 03:38:11
attackspam	Automatic report - XMLRPC Attack	2020-02-03 18:14:52
attack	80.211.50.102 - - \[06/Jan/2020:15:47:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 80.211.50.102 - - \[06/Jan/2020:15:47:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 80.211.50.102 - - \[06/Jan/2020:15:47:41 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-01-06 23:27:04
attackbots	10 attempts against mh-misc-ban on heat.magehost.pro	2019-12-23 19:59:28
attackspambots	[munged]::443 80.211.50.102 - - [19/Dec/2019:15:38:42 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [19/Dec/2019:15:38:44 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [19/Dec/2019:15:38:44 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [19/Dec/2019:15:38:47 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [19/Dec/2019:15:38:47 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 80.211.50.102 - - [19/Dec/2019:15:38:49 +0100] "POST /[munged]: HTTP/1.1" 200 9082 "-" "Mozilla/5.0 (X11; Ubun	2019-12-19 23:27:24
attack	80.211.50.102 - - [15/Dec/2019:06:27:27 +0000] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.50.102 - - [15/Dec/2019:06:27:28 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-15 17:52:39
attack	WordPress login Brute force / Web App Attack on client site.	2019-11-10 04:02:57
attack	Automatic report - XMLRPC Attack	2019-10-30 14:53:07
attack	Automatic report - XMLRPC Attack	2019-10-23 12:34:22
attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-10-11 17:30:55
attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-05 13:43:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.211.50.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49432
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.211.50.102.			IN	A

;; AUTHORITY SECTION:
.			362	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100500 1800 900 604800 86400

;; Query time: 241 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 05 13:42:59 CST 2019
;; MSG SIZE  rcvd: 117

Host info

102.50.211.80.in-addr.arpa domain name pointer host102-50-211-80.serverdedicati.aruba.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
102.50.211.80.in-addr.arpa	name = host102-50-211-80.serverdedicati.aruba.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.179.148.9	attack	Sep 1 13:26:10 shivevps sshd[27136]: Bad protocol version identification '\024' from 1.179.148.9 port 37941 ...	2020-09-02 04:59:21
103.74.123.158	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-09-02 04:59:52
54.38.218.213	attack	Sep 1 13:26:21 shivevps sshd[26622]: Did not receive identification string from 54.38.218.213 port 36729 ...	2020-09-02 04:49:45
103.239.254.114	attackspam	Sep 1 13:26:32 shivevps sshd[27234]: Did not receive identification string from 103.239.254.114 port 33260 ...	2020-09-02 04:40:03
128.199.193.246	attack	TCP (SYN) 128.199.193.246:51142 -> port 7544, len 44	2020-09-02 05:01:31
104.161.23.34	attackbots	[portscan] Port scan	2020-09-02 05:02:02
173.201.196.61	attackspambots	xmlrpc attack	2020-09-02 04:57:47
138.197.164.222	attackspam	Sep 1 20:52:06 haigwepa sshd[6508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Sep 1 20:52:09 haigwepa sshd[6508]: Failed password for invalid user deploy from 138.197.164.222 port 59404 ssh2 ...	2020-09-02 04:58:41
5.188.84.95	attack	8,65-01/03 [bc01/m10] PostRequest-Spammer scoring: brussels	2020-09-02 04:47:10
103.112.58.252	attackbotsspam	Sep 1 13:26:04 shivevps sshd[27092]: Bad protocol version identification '\024' from 103.112.58.252 port 60487 ...	2020-09-02 05:05:32
84.17.60.216	attackspam	(From wehrle.robby@gmail.com) Hello, I have been informed to contact you. The CIA has been doing intensive research for the past fifty years researching on what we call so called life. That information has been collected and presented for you here https://bit.ly/3lqUJ3u This has been the finding as of seventeen years ago as of today. Now governments and other large organizations have develop technology around these concepts for their own deceptive uses. Soon you will be contacted by other means for counter measures and the part that you play in all this. Please get this as soon as possible because there are powers that be to take down this information about this.	2020-09-02 04:54:53
117.69.231.219	attackbotsspam	Sep 1 13:26:14 shivevps sshd[27181]: Bad protocol version identification '\024' from 117.69.231.219 port 59724 ...	2020-09-02 04:54:18
58.152.128.146	attackbotsspam	Automatic report - Banned IP Access	2020-09-02 04:52:33
218.92.0.208	attack	Sep 1 22:46:32 eventyay sshd[748]: Failed password for root from 218.92.0.208 port 20055 ssh2 Sep 1 22:46:34 eventyay sshd[748]: Failed password for root from 218.92.0.208 port 20055 ssh2 Sep 1 22:46:36 eventyay sshd[748]: Failed password for root from 218.92.0.208 port 20055 ssh2 ...	2020-09-02 04:51:11
51.79.53.139	attackspam	2020-09-01T19:22[Censored Hostname] sshd[6976]: Failed password for root from 51.79.53.139 port 41934 ssh2 2020-09-01T19:22[Censored Hostname] sshd[6976]: Failed password for root from 51.79.53.139 port 41934 ssh2 2020-09-01T19:22[Censored Hostname] sshd[6976]: Failed password for root from 51.79.53.139 port 41934 ssh2[...]	2020-09-02 04:50:12

Recently Reported IPs

106.51.104.155	125.40.230.70	177.50.220.210	67.205.133.144
62.210.180.146	179.111.213.116	129.204.126.140	42.119.75.25
122.31.40.174	159.32.82.223	15.142.75.253	122.61.81.91
216.240.136.147	91.94.242.238	41.182.3.218	71.88.15.73
49.68.95.106	190.16.230.50	183.82.111.77	36.71.236.189