80.52.199.93 - IPInfo

Basic Info

City: Warsaw

Region: Mazovia

Country: Poland

Internet Service Provider: Orange Polska Spolka Akcyjna

Hostname: unknown

Organization: Orange Polska Spolka Akcyjna

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 8 09:18:54 server sshd\[3586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=root Nov 8 09:18:56 server sshd\[3586\]: Failed password for root from 80.52.199.93 port 43408 ssh2 Nov 8 09:22:38 server sshd\[4665\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=root Nov 8 09:22:40 server sshd\[4665\]: Failed password for root from 80.52.199.93 port 53728 ssh2 Nov 8 09:26:18 server sshd\[5728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=mail ...	2019-11-08 18:13:41
attack	Oct 19 10:57:55 eddieflores sshd\[615\]: Invalid user smallcock from 80.52.199.93 Oct 19 10:57:55 eddieflores sshd\[615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl Oct 19 10:57:57 eddieflores sshd\[615\]: Failed password for invalid user smallcock from 80.52.199.93 port 58528 ssh2 Oct 19 11:01:45 eddieflores sshd\[1001\]: Invalid user QWEasd!@\#1234 from 80.52.199.93 Oct 19 11:01:45 eddieflores sshd\[1001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl	2019-10-20 05:56:48
attack	Oct 8 06:29:52 microserver sshd[27917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 user=root Oct 8 06:29:54 microserver sshd[27917]: Failed password for root from 80.52.199.93 port 44984 ssh2 Oct 8 06:34:02 microserver sshd[28531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 user=root Oct 8 06:34:04 microserver sshd[28531]: Failed password for root from 80.52.199.93 port 57054 ssh2 Oct 8 06:38:06 microserver sshd[29112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 user=root Oct 19 14:22:10 microserver sshd[10528]: Invalid user phill from 80.52.199.93 port 36306 Oct 19 14:22:10 microserver sshd[10528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Oct 19 14:22:12 microserver sshd[10528]: Failed password for invalid user phill from 80.52.199.93 port 36306 ssh2 Oct 19 14:28:05 micr	2019-10-19 20:48:42
attackspam	Oct 15 06:42:00 site3 sshd\[13509\]: Invalid user 1234 from 80.52.199.93 Oct 15 06:42:00 site3 sshd\[13509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Oct 15 06:42:02 site3 sshd\[13509\]: Failed password for invalid user 1234 from 80.52.199.93 port 58718 ssh2 Oct 15 06:45:55 site3 sshd\[13594\]: Invalid user thchen!@\# from 80.52.199.93 Oct 15 06:45:55 site3 sshd\[13594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 ...	2019-10-15 17:58:46
attack	Oct 12 19:25:09 php1 sshd\[11264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=root Oct 12 19:25:11 php1 sshd\[11264\]: Failed password for root from 80.52.199.93 port 51912 ssh2 Oct 12 19:29:42 php1 sshd\[11638\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=root Oct 12 19:29:44 php1 sshd\[11638\]: Failed password for root from 80.52.199.93 port 38822 ssh2 Oct 12 19:33:38 php1 sshd\[12109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=root	2019-10-13 14:54:47
attackbotsspam	Jun 25 13:55:28 dallas01 sshd[24132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Jun 25 13:55:30 dallas01 sshd[24132]: Failed password for invalid user can from 80.52.199.93 port 59236 ssh2 Jun 25 13:57:20 dallas01 sshd[24365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93	2019-10-09 01:04:34
attackbotsspam	Oct 7 13:43:59 km20725 sshd\[26798\]: Invalid user Admin\#2017 from 80.52.199.93Oct 7 13:44:00 km20725 sshd\[26798\]: Failed password for invalid user Admin\#2017 from 80.52.199.93 port 52236 ssh2Oct 7 13:48:22 km20725 sshd\[27137\]: Invalid user password!23QweAsd from 80.52.199.93Oct 7 13:48:24 km20725 sshd\[27137\]: Failed password for invalid user password!23QweAsd from 80.52.199.93 port 36016 ssh2 ...	2019-10-07 20:16:43
attackspam	Oct 6 18:45:27 kapalua sshd\[11127\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=root Oct 6 18:45:29 kapalua sshd\[11127\]: Failed password for root from 80.52.199.93 port 53706 ssh2 Oct 6 18:49:32 kapalua sshd\[11480\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=root Oct 6 18:49:33 kapalua sshd\[11480\]: Failed password for root from 80.52.199.93 port 37112 ssh2 Oct 6 18:53:34 kapalua sshd\[11815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gwt93.internetdsl.tpnet.pl user=root	2019-10-07 13:17:09
attackbots	Oct 2 05:36:02 TORMINT sshd\[24223\]: Invalid user lollipop from 80.52.199.93 Oct 2 05:36:02 TORMINT sshd\[24223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Oct 2 05:36:04 TORMINT sshd\[24223\]: Failed password for invalid user lollipop from 80.52.199.93 port 50602 ssh2 ...	2019-10-02 19:27:43
attackspam	Sep 25 09:31:06 saschabauer sshd[23509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Sep 25 09:31:08 saschabauer sshd[23509]: Failed password for invalid user fk from 80.52.199.93 port 37148 ssh2	2019-09-25 16:02:50
attackspambots	2019-09-23T13:14:06.221588abusebot.cloudsearch.cf sshd\[17722\]: Invalid user guest from 80.52.199.93 port 45622	2019-09-23 21:40:18
attackbots	$f2bV_matches	2019-09-23 04:41:25
attackbotsspam	Sep 2 20:40:42 debian sshd\[24752\]: Invalid user webster123 from 80.52.199.93 port 55604 Sep 2 20:40:42 debian sshd\[24752\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 ...	2019-09-03 03:52:53
attackspam	Automatic report	2019-08-22 07:26:09
attack	Aug 16 07:42:28 web8 sshd\[10027\]: Invalid user network from 80.52.199.93 Aug 16 07:42:28 web8 sshd\[10027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Aug 16 07:42:29 web8 sshd\[10027\]: Failed password for invalid user network from 80.52.199.93 port 48122 ssh2 Aug 16 07:47:48 web8 sshd\[12576\]: Invalid user georges from 80.52.199.93 Aug 16 07:47:48 web8 sshd\[12576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93	2019-08-16 20:18:07
attack	Aug 16 03:02:21 web8 sshd\[27302\]: Invalid user narendra from 80.52.199.93 Aug 16 03:02:21 web8 sshd\[27302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Aug 16 03:02:24 web8 sshd\[27302\]: Failed password for invalid user narendra from 80.52.199.93 port 42662 ssh2 Aug 16 03:07:51 web8 sshd\[30156\]: Invalid user vinay from 80.52.199.93 Aug 16 03:07:51 web8 sshd\[30156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93	2019-08-16 11:09:57
attack	Aug 14 06:05:44 MK-Soft-Root2 sshd\[29506\]: Invalid user pm from 80.52.199.93 port 50036 Aug 14 06:05:44 MK-Soft-Root2 sshd\[29506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Aug 14 06:05:47 MK-Soft-Root2 sshd\[29506\]: Failed password for invalid user pm from 80.52.199.93 port 50036 ssh2 ...	2019-08-14 12:33:49
attackbots	$f2bV_matches	2019-08-05 15:35:59
attack	Automatic report - Banned IP Access	2019-07-31 20:41:08
attackspam	Invalid user iraf from 80.52.199.93 port 32822 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93 Failed password for invalid user iraf from 80.52.199.93 port 32822 ssh2 Invalid user anonymous from 80.52.199.93 port 58758 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.52.199.93	2019-07-20 03:53:18
attackbots	Triggered by Fail2Ban	2019-07-10 11:15:38
attack	Triggered by Fail2Ban	2019-07-02 20:34:53
attack	Invalid user ubuntu from 80.52.199.93 port 37306	2019-06-26 09:45:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.52.199.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12508
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.52.199.93.			IN	A

;; AUTHORITY SECTION:
.			2072	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040400 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 01:44:28 +08 2019
;; MSG SIZE  rcvd: 116

Host info

93.199.52.80.in-addr.arpa domain name pointer gwt93.internetdsl.tpnet.pl.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
93.199.52.80.in-addr.arpa	name = gwt93.internetdsl.tpnet.pl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.15.158	attackspambots	Jun 25 23:35:21 vm0 sshd[27955]: Failed password for root from 222.186.15.158 port 64485 ssh2 ...	2020-06-26 05:35:57
167.250.96.162	attackbotsspam	Jun 25 22:12:39 mail.srvfarm.net postfix/smtps/smtpd[2056776]: warning: unknown[167.250.96.162]: SASL PLAIN authentication failed: Jun 25 22:12:39 mail.srvfarm.net postfix/smtps/smtpd[2056776]: lost connection after AUTH from unknown[167.250.96.162] Jun 25 22:20:26 mail.srvfarm.net postfix/smtps/smtpd[2072902]: warning: unknown[167.250.96.162]: SASL PLAIN authentication failed: Jun 25 22:20:27 mail.srvfarm.net postfix/smtps/smtpd[2072902]: lost connection after AUTH from unknown[167.250.96.162] Jun 25 22:21:16 mail.srvfarm.net postfix/smtps/smtpd[2071632]: warning: unknown[167.250.96.162]: SASL PLAIN authentication failed:	2020-06-26 05:29:57
212.70.149.50	attack	Jun 25 22:39:18 mail postfix/smtpd\[15780\]: warning: unknown\[212.70.149.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 25 22:39:49 mail postfix/smtpd\[15648\]: warning: unknown\[212.70.149.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 25 22:40:20 mail postfix/smtpd\[15780\]: warning: unknown\[212.70.149.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 25 23:10:53 mail postfix/smtpd\[17241\]: warning: unknown\[212.70.149.50\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-06-26 05:22:35
190.181.86.70	attackspam	Jun 25 21:58:18 mail.srvfarm.net postfix/smtps/smtpd[2056243]: warning: unknown[190.181.86.70]: SASL PLAIN authentication failed: Jun 25 21:58:19 mail.srvfarm.net postfix/smtps/smtpd[2056243]: lost connection after AUTH from unknown[190.181.86.70] Jun 25 22:00:27 mail.srvfarm.net postfix/smtpd[2054387]: warning: unknown[190.181.86.70]: SASL PLAIN authentication failed: Jun 25 22:00:28 mail.srvfarm.net postfix/smtpd[2054387]: lost connection after AUTH from unknown[190.181.86.70] Jun 25 22:06:36 mail.srvfarm.net postfix/smtpd[2056274]: warning: unknown[190.181.86.70]: SASL PLAIN authentication failed:	2020-06-26 05:37:33
132.148.167.225	attack	WordPress login Brute force / Web App Attack on client site.	2020-06-26 05:48:00
170.246.205.241	attackspambots	Jun 25 22:13:16 mail.srvfarm.net postfix/smtps/smtpd[2056307]: warning: unknown[170.246.205.241]: SASL PLAIN authentication failed: Jun 25 22:13:16 mail.srvfarm.net postfix/smtps/smtpd[2056307]: lost connection after AUTH from unknown[170.246.205.241] Jun 25 22:14:24 mail.srvfarm.net postfix/smtpd[2071449]: warning: unknown[170.246.205.241]: SASL PLAIN authentication failed: Jun 25 22:14:25 mail.srvfarm.net postfix/smtpd[2071449]: lost connection after AUTH from unknown[170.246.205.241] Jun 25 22:18:40 mail.srvfarm.net postfix/smtps/smtpd[2071633]: warning: unknown[170.246.205.241]: SASL PLAIN authentication failed:	2020-06-26 05:29:01
49.232.113.115	attackbots	WordPress brute force	2020-06-26 05:48:56
49.232.165.242	attack	$f2bV_matches	2020-06-26 05:45:53
91.236.172.19	attackspam	Jun 25 22:16:06 mail.srvfarm.net postfix/smtpd[2071450]: warning: unknown[91.236.172.19]: SASL PLAIN authentication failed: Jun 25 22:16:06 mail.srvfarm.net postfix/smtpd[2071450]: lost connection after AUTH from unknown[91.236.172.19] Jun 25 22:16:17 mail.srvfarm.net postfix/smtpd[2073223]: warning: unknown[91.236.172.19]: SASL PLAIN authentication failed: Jun 25 22:16:17 mail.srvfarm.net postfix/smtpd[2073223]: lost connection after AUTH from unknown[91.236.172.19] Jun 25 22:17:04 mail.srvfarm.net postfix/smtps/smtpd[2058632]: warning: unknown[91.236.172.19]: SASL PLAIN authentication failed:	2020-06-26 05:31:52
177.190.88.11	attackbots	Jun 25 22:12:09 mail.srvfarm.net postfix/smtps/smtpd[2058632]: warning: 177-190-88-11.adsnet-telecom.net.br[177.190.88.11]: SASL PLAIN authentication failed: Jun 25 22:12:09 mail.srvfarm.net postfix/smtps/smtpd[2058632]: lost connection after AUTH from 177-190-88-11.adsnet-telecom.net.br[177.190.88.11] Jun 25 22:16:42 mail.srvfarm.net postfix/smtpd[2073223]: warning: 177-190-88-11.adsnet-telecom.net.br[177.190.88.11]: SASL PLAIN authentication failed: Jun 25 22:16:42 mail.srvfarm.net postfix/smtpd[2073223]: lost connection after AUTH from 177-190-88-11.adsnet-telecom.net.br[177.190.88.11] Jun 25 22:20:26 mail.srvfarm.net postfix/smtpd[2073914]: warning: 177-190-88-11.adsnet-telecom.net.br[177.190.88.11]: SASL PLAIN authentication failed:	2020-06-26 05:27:45
188.75.190.194	attackbotsspam	Jun 25 22:07:09 mail.srvfarm.net postfix/smtpd[2071450]: warning: unknown[188.75.190.194]: SASL PLAIN authentication failed: Jun 25 22:07:09 mail.srvfarm.net postfix/smtpd[2071450]: lost connection after AUTH from unknown[188.75.190.194] Jun 25 22:12:35 mail.srvfarm.net postfix/smtpd[2071449]: warning: unknown[188.75.190.194]: SASL PLAIN authentication failed: Jun 25 22:12:35 mail.srvfarm.net postfix/smtpd[2071449]: lost connection after AUTH from unknown[188.75.190.194] Jun 25 22:13:12 mail.srvfarm.net postfix/smtpd[2072454]: warning: unknown[188.75.190.194]: SASL PLAIN authentication failed:	2020-06-26 05:38:14
186.216.64.245	attackspam	Jun 25 22:29:49 mail.srvfarm.net postfix/smtps/smtpd[2072912]: warning: unknown[186.216.64.245]: SASL PLAIN authentication failed: Jun 25 22:29:50 mail.srvfarm.net postfix/smtps/smtpd[2072912]: lost connection after AUTH from unknown[186.216.64.245] Jun 25 22:35:52 mail.srvfarm.net postfix/smtps/smtpd[2075564]: warning: unknown[186.216.64.245]: SASL PLAIN authentication failed: Jun 25 22:35:53 mail.srvfarm.net postfix/smtps/smtpd[2075564]: lost connection after AUTH from unknown[186.216.64.245] Jun 25 22:36:16 mail.srvfarm.net postfix/smtps/smtpd[2075568]: warning: unknown[186.216.64.245]: SASL PLAIN authentication failed:	2020-06-26 05:27:04
177.21.207.241	attackbotsspam	Jun 25 21:56:55 mail.srvfarm.net postfix/smtps/smtpd[2058023]: warning: unknown[177.21.207.241]: SASL PLAIN authentication failed: Jun 25 21:56:55 mail.srvfarm.net postfix/smtps/smtpd[2058023]: lost connection after AUTH from unknown[177.21.207.241] Jun 25 22:06:10 mail.srvfarm.net postfix/smtpd[2056378]: warning: unknown[177.21.207.241]: SASL PLAIN authentication failed: Jun 25 22:06:11 mail.srvfarm.net postfix/smtpd[2056378]: lost connection after AUTH from unknown[177.21.207.241] Jun 25 22:06:37 mail.srvfarm.net postfix/smtps/smtpd[2056143]: warning: unknown[177.21.207.241]: SASL PLAIN authentication failed:	2020-06-26 05:40:54
47.56.234.187	attackbots	WordPress brute force	2020-06-26 05:56:42
202.163.101.69	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-26 05:54:07

Recently Reported IPs

94.13.104.204	144.217.165.223	91.210.224.198	188.253.2.8
91.134.16.250	45.252.250.110	5.39.92.185	213.213.194.116
165.22.138.75	91.236.116.214	202.134.145.143	86.105.50.97
125.62.178.185	69.90.223.232	185.156.177.44	193.112.28.150
118.193.31.182	202.46.29.43	93.90.204.115	159.89.13.0