93.149.26.94 - IPInfo

Basic Info

City: unknown

Region: Lombardy

Country: Italy

Internet Service Provider: Vodafone Italia S.p.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	(sshd) Failed SSH login from 93.149.26.94 (IT/Italy/net-93-149-26-94.cust.vodafonedsl.it): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 19 19:54:08 amsweb01 sshd[5578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.149.26.94 user=root Jul 19 19:54:11 amsweb01 sshd[5578]: Failed password for root from 93.149.26.94 port 40662 ssh2 Jul 19 19:54:12 amsweb01 sshd[5586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.149.26.94 user=root Jul 19 19:54:12 amsweb01 sshd[5580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.149.26.94 user=root Jul 19 19:54:14 amsweb01 sshd[5586]: Failed password for root from 93.149.26.94 port 41864 ssh2	2020-07-20 04:08:46
attack	Jul 7 00:32:28 vps sshd[965418]: Failed password for root from 93.149.26.94 port 44899 ssh2 Jul 7 00:32:31 vps sshd[965599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-93-149-26-94.cust.vodafonedsl.it user=root Jul 7 00:32:33 vps sshd[965599]: Failed password for root from 93.149.26.94 port 45980 ssh2 Jul 7 00:32:35 vps sshd[965923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-93-149-26-94.cust.vodafonedsl.it user=root Jul 7 00:32:36 vps sshd[965923]: Failed password for root from 93.149.26.94 port 47648 ssh2 ...	2020-07-07 08:18:52
attack	Jun 16 13:03:05 rotator sshd\[7452\]: Failed password for root from 93.149.26.94 port 43294 ssh2Jun 16 13:03:09 rotator sshd\[7454\]: Failed password for root from 93.149.26.94 port 44798 ssh2Jun 16 13:03:12 rotator sshd\[7456\]: Failed password for root from 93.149.26.94 port 46530 ssh2Jun 16 13:03:16 rotator sshd\[7458\]: Failed password for root from 93.149.26.94 port 48252 ssh2Jun 16 13:03:20 rotator sshd\[7460\]: Failed password for root from 93.149.26.94 port 49833 ssh2Jun 16 13:03:24 rotator sshd\[7463\]: Failed password for root from 93.149.26.94 port 52332 ssh2Jun 16 13:03:25 rotator sshd\[7467\]: Invalid user infidati from 93.149.26.94 ...	2020-06-16 19:14:28
attackbotsspam	prod8 ...	2020-06-01 12:56:49
attackbots	5x Failed Password	2020-04-05 20:12:23
attackspambots	3x Failed Password	2020-04-02 00:34:48
attackspam	Brute-force attempt banned	2020-03-31 12:20:49
attackspam	DATE:2020-03-30 07:59:10, IP:93.149.26.94, PORT:ssh SSH brute force auth (docker-dc)	2020-03-30 14:48:57
attack	Mar 26 20:34:24 xeon sshd[17139]: Failed password for invalid user e from 93.149.26.94 port 38763 ssh2	2020-03-27 05:22:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.149.26.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62909
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.149.26.94.			IN	A

;; AUTHORITY SECTION:
.			217	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032601 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 27 05:22:40 CST 2020
;; MSG SIZE  rcvd: 116

Host info

94.26.149.93.in-addr.arpa domain name pointer net-93-149-26-94.cust.vodafonedsl.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.26.149.93.in-addr.arpa	name = net-93-149-26-94.cust.vodafonedsl.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
66.249.66.94	attackspam	Automatic report - Banned IP Access	2019-09-25 12:43:01
185.176.27.34	attackspam	09/25/2019-06:26:46.477916 185.176.27.34 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-25 12:33:37
68.70.221.23	attackspam	Unauthorised access (Sep 25) SRC=68.70.221.23 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=65266 TCP DPT=23 WINDOW=46116 SYN Unauthorised access (Sep 24) SRC=68.70.221.23 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=52743 TCP DPT=8080 WINDOW=52316 SYN Unauthorised access (Sep 24) SRC=68.70.221.23 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=9737 TCP DPT=8080 WINDOW=8669 SYN	2019-09-25 12:20:16
148.70.35.109	attackbots	Sep 25 06:57:43 nextcloud sshd\[11817\]: Invalid user wasadrc from 148.70.35.109 Sep 25 06:57:43 nextcloud sshd\[11817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.35.109 Sep 25 06:57:45 nextcloud sshd\[11817\]: Failed password for invalid user wasadrc from 148.70.35.109 port 42784 ssh2 ...	2019-09-25 12:58:45
62.110.66.66	attack	Sep 25 06:14:02 microserver sshd[35825]: Invalid user test from 62.110.66.66 port 59824 Sep 25 06:14:02 microserver sshd[35825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.110.66.66 Sep 25 06:14:04 microserver sshd[35825]: Failed password for invalid user test from 62.110.66.66 port 59824 ssh2 Sep 25 06:19:20 microserver sshd[36491]: Invalid user owen from 62.110.66.66 port 44960 Sep 25 06:19:20 microserver sshd[36491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.110.66.66 Sep 25 06:30:05 microserver sshd[38059]: Invalid user pw from 62.110.66.66 port 43492 Sep 25 06:30:05 microserver sshd[38059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.110.66.66 Sep 25 06:30:07 microserver sshd[38059]: Failed password for invalid user pw from 62.110.66.66 port 43492 ssh2 Sep 25 06:35:19 microserver sshd[39021]: Invalid user ot from 62.110.66.66 port 56864 Sep 25 06:35:19 microserve	2019-09-25 12:55:31
3.17.187.194	attackbots	Sep 24 18:26:06 auw2 sshd\[3576\]: Invalid user hayden from 3.17.187.194 Sep 24 18:26:06 auw2 sshd\[3576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-17-187-194.us-east-2.compute.amazonaws.com Sep 24 18:26:08 auw2 sshd\[3576\]: Failed password for invalid user hayden from 3.17.187.194 port 33050 ssh2 Sep 24 18:30:30 auw2 sshd\[4013\]: Invalid user testftp from 3.17.187.194 Sep 24 18:30:30 auw2 sshd\[4013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-17-187-194.us-east-2.compute.amazonaws.com	2019-09-25 12:40:22
185.244.212.29	attackspam	PBX: blocked for too many failed authentications; User-Agent: Avaya	2019-09-25 12:37:09
106.12.98.7	attackspam	Sep 25 00:30:27 xtremcommunity sshd\[448202\]: Invalid user gpadmin from 106.12.98.7 port 55356 Sep 25 00:30:27 xtremcommunity sshd\[448202\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.98.7 Sep 25 00:30:29 xtremcommunity sshd\[448202\]: Failed password for invalid user gpadmin from 106.12.98.7 port 55356 ssh2 Sep 25 00:34:34 xtremcommunity sshd\[448305\]: Invalid user chef from 106.12.98.7 port 59016 Sep 25 00:34:34 xtremcommunity sshd\[448305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.98.7 ...	2019-09-25 12:47:23
221.178.157.244	attackspam	Sep 25 03:55:59 work-partkepr sshd\[8484\]: Invalid user vowell from 221.178.157.244 port 16929 Sep 25 03:55:59 work-partkepr sshd\[8484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.178.157.244 ...	2019-09-25 12:32:35
208.187.166.187	attackbots	Spam mails sent to address hacked/leaked from Nexus Mods in July 2013	2019-09-25 12:22:04
198.57.203.54	attack	Sep 24 18:23:34 auw2 sshd\[3359\]: Invalid user test from 198.57.203.54 Sep 24 18:23:34 auw2 sshd\[3359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=server.scme-nm.net Sep 24 18:23:36 auw2 sshd\[3359\]: Failed password for invalid user test from 198.57.203.54 port 54078 ssh2 Sep 24 18:27:36 auw2 sshd\[3721\]: Invalid user zz from 198.57.203.54 Sep 24 18:27:36 auw2 sshd\[3721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=server.scme-nm.net	2019-09-25 12:36:50
118.71.38.88	attackbotsspam	Unauthorised access (Sep 25) SRC=118.71.38.88 LEN=40 TTL=47 ID=38694 TCP DPT=8080 WINDOW=42512 SYN Unauthorised access (Sep 24) SRC=118.71.38.88 LEN=40 TTL=47 ID=57618 TCP DPT=8080 WINDOW=57896 SYN Unauthorised access (Sep 24) SRC=118.71.38.88 LEN=40 TTL=47 ID=23294 TCP DPT=8080 WINDOW=42512 SYN Unauthorised access (Sep 23) SRC=118.71.38.88 LEN=40 TTL=47 ID=12978 TCP DPT=8080 WINDOW=42512 SYN	2019-09-25 12:56:42
212.90.148.121	attack	Scanning and Vuln Attempts	2019-09-25 12:44:43
106.12.185.58	attack	Sep 25 09:48:43 gw1 sshd[6954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.185.58 Sep 25 09:48:46 gw1 sshd[6954]: Failed password for invalid user arkserverpass from 106.12.185.58 port 36964 ssh2 ...	2019-09-25 12:53:57
176.121.209.113	attackspam	[portscan] Port scan	2019-09-25 12:28:50

Recently Reported IPs

80.231.126.199	68.30.59.132	191.245.149.140	222.28.187.239
20.39.51.20	27.195.184.127	62.0.70.127	14.142.182.207
5.166.195.254	49.189.134.7	18.158.240.244	49.72.64.75
85.202.83.21	86.82.33.2	112.10.145.250	91.34.28.88
50.98.106.106	45.27.153.4	1.52.195.179	200.56.187.109