93.49.2.157 - IPInfo

Basic Info

City: Rovato

Region: Lombardy

Country: Italy

Internet Service Provider: Fastweb SpA

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Banned IP Access	2020-06-27 07:24:36

Comments on same subnet:

IP	Type	Details	Datetime
93.49.247.15	attack	intense connection	2024-03-15 14:24:51
93.49.2.47	spambotsattackproxynormal	93.49.2.47	2022-03-27 07:38:26
93.49.250.77	attackspam	Unauthorised access (Oct 1) SRC=93.49.250.77 LEN=44 TTL=46 ID=55650 TCP DPT=8080 WINDOW=36574 SYN Unauthorised access (Sep 30) SRC=93.49.250.77 LEN=44 TTL=48 ID=34175 TCP DPT=8080 WINDOW=32895 SYN Unauthorised access (Sep 30) SRC=93.49.250.77 LEN=44 TTL=48 ID=29612 TCP DPT=8080 WINDOW=32895 SYN Unauthorised access (Sep 29) SRC=93.49.250.77 LEN=44 TTL=50 ID=39771 TCP DPT=23 WINDOW=29209 SYN	2020-10-02 07:29:34
93.49.250.77	attackspam	Unauthorised access (Oct 1) SRC=93.49.250.77 LEN=44 TTL=46 ID=55650 TCP DPT=8080 WINDOW=36574 SYN Unauthorised access (Sep 30) SRC=93.49.250.77 LEN=44 TTL=48 ID=34175 TCP DPT=8080 WINDOW=32895 SYN Unauthorised access (Sep 30) SRC=93.49.250.77 LEN=44 TTL=48 ID=29612 TCP DPT=8080 WINDOW=32895 SYN Unauthorised access (Sep 29) SRC=93.49.250.77 LEN=44 TTL=50 ID=39771 TCP DPT=23 WINDOW=29209 SYN	2020-10-02 00:01:53
93.49.250.77	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-01 16:08:32
93.49.250.77	attackbotsspam	Unauthorized connection attempt detected from IP address 93.49.250.77 to port 9530 [T]	2020-08-16 02:52:58
93.49.215.218	attackspam	Automatic report - XMLRPC Attack	2020-06-10 19:30:30
93.49.247.215	attackbots	firewall-block, port(s): 23/tcp	2020-06-04 03:43:35
93.49.241.27	attackbots	Unauthorized connection attempt detected from IP address 93.49.241.27 to port 23	2020-05-08 12:45:56
93.49.253.145	attackspam	May 4 07:55:52 vserver sshd\[14977\]: Invalid user xbmc from 93.49.253.145May 4 07:55:54 vserver sshd\[14977\]: Failed password for invalid user xbmc from 93.49.253.145 port 46061 ssh2May 4 08:05:24 vserver sshd\[15010\]: Invalid user oracleuser from 93.49.253.145May 4 08:05:27 vserver sshd\[15010\]: Failed password for invalid user oracleuser from 93.49.253.145 port 58488 ssh2 ...	2020-05-04 15:06:14
93.49.241.27	attack	unauthorized connection attempt	2020-02-26 17:06:21
93.49.215.232	attackbotsspam	Unauthorized connection attempt detected from IP address 93.49.215.232 to port 445	2019-12-22 18:02:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.49.2.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39456
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.49.2.157.			IN	A

;; AUTHORITY SECTION:
.			276	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062602 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 27 07:24:31 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 157.2.49.93.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.2.49.93.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.199.161.244	attackbotsspam	Automatic report - XMLRPC Attack	2020-05-15 08:43:56
190.210.231.34	attackbots	May 15 09:45:14 localhost sshd[1803779]: Invalid user stan from 190.210.231.34 port 58640 ...	2020-05-15 09:00:29
14.230.253.49	attack	May 15 03:29:07 sshd[6433]: Did not receive identification string from 14.230.253.49 May 15 03:29:10 sshd[6459]: Address 14.230.253.49 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 15 03:29:10 sshd[6459]: Invalid user dircreate from 14.230.253.49 May 15 03:29:10 sshd[6459]: input_userauth_request: invalid user dircreate [preauth] May 15 03:29:10 sshd[6459]: pam_unix(sshd:auth): check pass; user unknown May 15 03:29:10 sshd[6459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.230.253.49 May 15 03:29:12 sshd[6459]: Failed password for invalid user dircreate from 14.230.253.49 port 64350 ssh2	2020-05-15 09:40:20
49.165.96.21	attack	2020-05-15T00:27:03.735907shield sshd\[17303\]: Invalid user samba1 from 49.165.96.21 port 38890 2020-05-15T00:27:03.752009shield sshd\[17303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.165.96.21 2020-05-15T00:27:05.920878shield sshd\[17303\]: Failed password for invalid user samba1 from 49.165.96.21 port 38890 ssh2 2020-05-15T00:31:13.542094shield sshd\[18592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.165.96.21 user=root 2020-05-15T00:31:15.365379shield sshd\[18592\]: Failed password for root from 49.165.96.21 port 47666 ssh2	2020-05-15 08:47:32
201.40.244.146	attack	Scanned 3 times in the last 24 hours on port 22	2020-05-15 08:57:33
182.43.134.224	attackbotsspam	2020-05-14T20:23:46.125277xentho-1 sshd[491897]: Invalid user test from 182.43.134.224 port 39908 2020-05-14T20:23:48.260560xentho-1 sshd[491897]: Failed password for invalid user test from 182.43.134.224 port 39908 ssh2 2020-05-14T20:26:08.407836xentho-1 sshd[491937]: Invalid user alfred from 182.43.134.224 port 42640 2020-05-14T20:26:08.416862xentho-1 sshd[491937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.43.134.224 2020-05-14T20:26:08.407836xentho-1 sshd[491937]: Invalid user alfred from 182.43.134.224 port 42640 2020-05-14T20:26:10.372526xentho-1 sshd[491937]: Failed password for invalid user alfred from 182.43.134.224 port 42640 ssh2 2020-05-14T20:28:35.310511xentho-1 sshd[491994]: Invalid user valentino from 182.43.134.224 port 45426 2020-05-14T20:28:35.317930xentho-1 sshd[491994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.43.134.224 2020-05-14T20:28:35.310511xentho-1 sshd[491994] ...	2020-05-15 08:45:28
192.200.158.118	attackspam	[2020-05-14 21:01:16] NOTICE[1157] chan_sip.c: Registration from '' failed for '192.200.158.118:57931' - Wrong password [2020-05-14 21:01:16] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-14T21:01:16.505-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8735",SessionID="0x7f5f100266a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.200.158.118/57931",Challenge="1d75cf32",ReceivedChallenge="1d75cf32",ReceivedHash="b77d5b55ca931afb2568c0efdcf3115a" [2020-05-14 21:01:28] NOTICE[1157] chan_sip.c: Registration from '' failed for '192.200.158.118:65386' - Wrong password [2020-05-14 21:01:28] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-14T21:01:28.441-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="922",SessionID="0x7f5f10b1c8b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.200.1 ...	2020-05-15 09:12:43
94.102.51.29	attack	May 15 02:20:01 debian-2gb-nbg1-2 kernel: \[11760852.562487\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.29 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=10529 PROTO=TCP SPT=46894 DPT=3390 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-15 08:40:00
178.128.144.14	attack	Ssh brute force	2020-05-15 08:46:45
144.217.243.216	attack	2020-05-14T23:29:49.741595Z f465185162da New connection: 144.217.243.216:51770 (172.17.0.6:2222) [session: f465185162da] 2020-05-14T23:35:00.218949Z fde2f4e12037 New connection: 144.217.243.216:34858 (172.17.0.6:2222) [session: fde2f4e12037]	2020-05-15 08:45:43
82.171.113.33	attack	DATE:2020-05-14 23:20:14, IP:82.171.113.33, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-15 08:54:26
159.203.13.64	attackspambots	2020-05-14T22:48:22.086928v22018076590370373 sshd[767]: Failed password for invalid user test from 159.203.13.64 port 32800 ssh2 2020-05-14T22:51:33.415070v22018076590370373 sshd[9053]: Invalid user weblogic from 159.203.13.64 port 41738 2020-05-14T22:51:33.422483v22018076590370373 sshd[9053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.13.64 2020-05-14T22:51:33.415070v22018076590370373 sshd[9053]: Invalid user weblogic from 159.203.13.64 port 41738 2020-05-14T22:51:35.529750v22018076590370373 sshd[9053]: Failed password for invalid user weblogic from 159.203.13.64 port 41738 ssh2 ...	2020-05-15 09:08:08
95.0.206.13	attack	SMB Server BruteForce Attack	2020-05-15 08:39:30
207.107.139.150	attackspambots	May 14 22:51:36 mail sshd\[27683\]: Invalid user uriel from 207.107.139.150 May 14 22:51:36 mail sshd\[27683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.107.139.150 May 14 22:51:39 mail sshd\[27683\]: Failed password for invalid user uriel from 207.107.139.150 port 63108 ssh2 ...	2020-05-15 09:04:04
120.211.61.239	attack	May 15 03:24:59 ns342949 sshd[3284]: Connection closed by 120.211.61.239 [preauth]	2020-05-15 09:38:07

Recently Reported IPs

243.138.230.246	94.11.212.52	254.19.46.167	176.241.210.14
14.18.190.5	41.148.196.4	175.85.71.126	66.181.127.220
174.229.226.5	176.130.255.87	120.152.97.7	87.251.74.93
31.62.174.3	97.167.171.117	140.158.45.146	96.254.197.239
52.250.116.142	162.78.66.241	123.185.210.147	191.174.168.209