93.49.2.157 - IPInfo

Basic Info

City: Rovato

Region: Lombardy

Country: Italy

Internet Service Provider: Fastweb SpA

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Banned IP Access	2020-06-27 07:24:36

Comments on same subnet:

IP	Type	Details	Datetime
93.49.247.15	attack	intense connection	2024-03-15 14:24:51
93.49.2.47	spambotsattackproxynormal	93.49.2.47	2022-03-27 07:38:26
93.49.250.77	attackspam	Unauthorised access (Oct 1) SRC=93.49.250.77 LEN=44 TTL=46 ID=55650 TCP DPT=8080 WINDOW=36574 SYN Unauthorised access (Sep 30) SRC=93.49.250.77 LEN=44 TTL=48 ID=34175 TCP DPT=8080 WINDOW=32895 SYN Unauthorised access (Sep 30) SRC=93.49.250.77 LEN=44 TTL=48 ID=29612 TCP DPT=8080 WINDOW=32895 SYN Unauthorised access (Sep 29) SRC=93.49.250.77 LEN=44 TTL=50 ID=39771 TCP DPT=23 WINDOW=29209 SYN	2020-10-02 07:29:34
93.49.250.77	attackspam	Unauthorised access (Oct 1) SRC=93.49.250.77 LEN=44 TTL=46 ID=55650 TCP DPT=8080 WINDOW=36574 SYN Unauthorised access (Sep 30) SRC=93.49.250.77 LEN=44 TTL=48 ID=34175 TCP DPT=8080 WINDOW=32895 SYN Unauthorised access (Sep 30) SRC=93.49.250.77 LEN=44 TTL=48 ID=29612 TCP DPT=8080 WINDOW=32895 SYN Unauthorised access (Sep 29) SRC=93.49.250.77 LEN=44 TTL=50 ID=39771 TCP DPT=23 WINDOW=29209 SYN	2020-10-02 00:01:53
93.49.250.77	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-01 16:08:32
93.49.250.77	attackbotsspam	Unauthorized connection attempt detected from IP address 93.49.250.77 to port 9530 [T]	2020-08-16 02:52:58
93.49.215.218	attackspam	Automatic report - XMLRPC Attack	2020-06-10 19:30:30
93.49.247.215	attackbots	firewall-block, port(s): 23/tcp	2020-06-04 03:43:35
93.49.241.27	attackbots	Unauthorized connection attempt detected from IP address 93.49.241.27 to port 23	2020-05-08 12:45:56
93.49.253.145	attackspam	May 4 07:55:52 vserver sshd\[14977\]: Invalid user xbmc from 93.49.253.145May 4 07:55:54 vserver sshd\[14977\]: Failed password for invalid user xbmc from 93.49.253.145 port 46061 ssh2May 4 08:05:24 vserver sshd\[15010\]: Invalid user oracleuser from 93.49.253.145May 4 08:05:27 vserver sshd\[15010\]: Failed password for invalid user oracleuser from 93.49.253.145 port 58488 ssh2 ...	2020-05-04 15:06:14
93.49.241.27	attack	unauthorized connection attempt	2020-02-26 17:06:21
93.49.215.232	attackbotsspam	Unauthorized connection attempt detected from IP address 93.49.215.232 to port 445	2019-12-22 18:02:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.49.2.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39456
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.49.2.157.			IN	A

;; AUTHORITY SECTION:
.			276	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062602 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 27 07:24:31 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 157.2.49.93.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.2.49.93.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.207.7.159	attackbotsspam	Attempted Brute Force (dovecot)	2020-09-13 17:37:16
52.186.165.217	attackspam	Sep 13 10:36:01 vpn01 sshd[4846]: Failed password for root from 52.186.165.217 port 54497 ssh2 ...	2020-09-13 17:45:08
191.53.238.69	attack	Sep 12 17:57:08 mail.srvfarm.net postfix/smtpd[532238]: warning: unknown[191.53.238.69]: SASL PLAIN authentication failed: Sep 12 17:57:09 mail.srvfarm.net postfix/smtpd[532238]: lost connection after AUTH from unknown[191.53.238.69] Sep 12 18:01:48 mail.srvfarm.net postfix/smtps/smtpd[531487]: warning: unknown[191.53.238.69]: SASL PLAIN authentication failed: Sep 12 18:01:49 mail.srvfarm.net postfix/smtps/smtpd[531487]: lost connection after AUTH from unknown[191.53.238.69] Sep 12 18:07:00 mail.srvfarm.net postfix/smtpd[533998]: warning: unknown[191.53.238.69]: SASL PLAIN authentication failed:	2020-09-13 17:28:05
181.52.249.177	attackbots	Sep 13 12:39:41 pkdns2 sshd\[55697\]: Failed password for root from 181.52.249.177 port 40929 ssh2Sep 13 12:40:21 pkdns2 sshd\[55781\]: Failed password for root from 181.52.249.177 port 44321 ssh2Sep 13 12:41:01 pkdns2 sshd\[55793\]: Failed password for root from 181.52.249.177 port 47713 ssh2Sep 13 12:41:38 pkdns2 sshd\[55834\]: Invalid user invite from 181.52.249.177Sep 13 12:41:41 pkdns2 sshd\[55834\]: Failed password for invalid user invite from 181.52.249.177 port 51106 ssh2Sep 13 12:42:20 pkdns2 sshd\[55861\]: Failed password for root from 181.52.249.177 port 54502 ssh2 ...	2020-09-13 17:49:37
45.167.10.251	attackspam	Sep 12 18:12:15 mail.srvfarm.net postfix/smtps/smtpd[546436]: warning: unknown[45.167.10.251]: SASL PLAIN authentication failed: Sep 12 18:12:15 mail.srvfarm.net postfix/smtps/smtpd[546436]: lost connection after AUTH from unknown[45.167.10.251] Sep 12 18:14:53 mail.srvfarm.net postfix/smtps/smtpd[546438]: warning: unknown[45.167.10.251]: SASL PLAIN authentication failed: Sep 12 18:14:54 mail.srvfarm.net postfix/smtps/smtpd[546438]: lost connection after AUTH from unknown[45.167.10.251] Sep 12 18:15:30 mail.srvfarm.net postfix/smtps/smtpd[530836]: warning: unknown[45.167.10.251]: SASL PLAIN authentication failed:	2020-09-13 17:42:31
142.44.139.12	attack	(sshd) Failed SSH login from 142.44.139.12 (CA/Canada/ns552097.ip-142-44-139.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 13 07:45:47 amsweb01 sshd[6776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.139.12 user=root Sep 13 07:45:49 amsweb01 sshd[6776]: Failed password for root from 142.44.139.12 port 39114 ssh2 Sep 13 07:45:51 amsweb01 sshd[6776]: Failed password for root from 142.44.139.12 port 39114 ssh2 Sep 13 07:45:54 amsweb01 sshd[6776]: Failed password for root from 142.44.139.12 port 39114 ssh2 Sep 13 07:45:56 amsweb01 sshd[6776]: Failed password for root from 142.44.139.12 port 39114 ssh2	2020-09-13 17:15:49
192.35.168.31	attack	TCP (SYN) 192.35.168.31:35367 -> port 88, len 44	2020-09-13 17:44:15
1.10.246.179	attackspambots	Lines containing failures of 1.10.246.179 Sep 12 05:56:47 kmh-vmh-002-fsn07 sshd[24145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.10.246.179 user=r.r Sep 12 05:56:49 kmh-vmh-002-fsn07 sshd[24145]: Failed password for r.r from 1.10.246.179 port 45838 ssh2 Sep 12 05:56:51 kmh-vmh-002-fsn07 sshd[24145]: Received disconnect from 1.10.246.179 port 45838:11: Bye Bye [preauth] Sep 12 05:56:51 kmh-vmh-002-fsn07 sshd[24145]: Disconnected from authenticating user r.r 1.10.246.179 port 45838 [preauth] Sep 12 05:58:46 kmh-vmh-002-fsn07 sshd[27115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.10.246.179 user=r.r Sep 12 05:58:48 kmh-vmh-002-fsn07 sshd[27115]: Failed password for r.r from 1.10.246.179 port 39416 ssh2 Sep 12 05:58:49 kmh-vmh-002-fsn07 sshd[27115]: Received disconnect from 1.10.246.179 port 39416:11: Bye Bye [preauth] Sep 12 05:58:49 kmh-vmh-002-fsn07 sshd[27115]: Disconnecte........ ------------------------------	2020-09-13 17:44:03
103.16.145.135	attackspambots	Sep 12 18:23:18 mail.srvfarm.net postfix/smtpd[533893]: warning: unknown[103.16.145.135]: SASL PLAIN authentication failed: Sep 12 18:23:19 mail.srvfarm.net postfix/smtpd[533893]: lost connection after AUTH from unknown[103.16.145.135] Sep 12 18:24:48 mail.srvfarm.net postfix/smtpd[534038]: warning: unknown[103.16.145.135]: SASL PLAIN authentication failed: Sep 12 18:24:48 mail.srvfarm.net postfix/smtpd[534038]: lost connection after AUTH from unknown[103.16.145.135] Sep 12 18:28:41 mail.srvfarm.net postfix/smtpd[534020]: warning: unknown[103.16.145.135]: SASL PLAIN authentication failed:	2020-09-13 17:39:09
211.108.168.106	attack	SSH Brute Force	2020-09-13 17:47:23
51.15.191.81	attackspambots	Automatic report - Banned IP Access	2020-09-13 17:13:12
106.12.73.204	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-13 17:14:50
218.92.0.133	attackspambots	Sep 13 10:25:28 ajax sshd[32706]: Failed password for root from 218.92.0.133 port 27340 ssh2 Sep 13 10:25:32 ajax sshd[32706]: Failed password for root from 218.92.0.133 port 27340 ssh2	2020-09-13 17:48:04
139.99.219.208	attackbotsspam	Sep 13 00:07:18 ns382633 sshd\[14114\]: Invalid user bonny from 139.99.219.208 port 42879 Sep 13 00:07:18 ns382633 sshd\[14114\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.219.208 Sep 13 00:07:21 ns382633 sshd\[14114\]: Failed password for invalid user bonny from 139.99.219.208 port 42879 ssh2 Sep 13 00:15:10 ns382633 sshd\[15712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.219.208 user=root Sep 13 00:15:11 ns382633 sshd\[15712\]: Failed password for root from 139.99.219.208 port 35770 ssh2	2020-09-13 17:12:40
91.238.166.136	attackbotsspam	Sep 12 21:42:34 mail.srvfarm.net postfix/smtps/smtpd[616038]: warning: unknown[91.238.166.136]: SASL PLAIN authentication failed: Sep 12 21:42:34 mail.srvfarm.net postfix/smtps/smtpd[616038]: lost connection after AUTH from unknown[91.238.166.136] Sep 12 21:46:21 mail.srvfarm.net postfix/smtpd[615136]: warning: unknown[91.238.166.136]: SASL PLAIN authentication failed: Sep 12 21:46:22 mail.srvfarm.net postfix/smtpd[615136]: lost connection after AUTH from unknown[91.238.166.136] Sep 12 21:47:18 mail.srvfarm.net postfix/smtps/smtpd[616037]: warning: unknown[91.238.166.136]: SASL PLAIN authentication failed:	2020-09-13 17:23:34

Recently Reported IPs

243.138.230.246	94.11.212.52	254.19.46.167	176.241.210.14
14.18.190.5	41.148.196.4	175.85.71.126	66.181.127.220
174.229.226.5	176.130.255.87	120.152.97.7	87.251.74.93
31.62.174.3	97.167.171.117	140.158.45.146	96.254.197.239
52.250.116.142	162.78.66.241	123.185.210.147	191.174.168.209