93.66.78.199 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: Vodafone Italia S.p.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Autoban 93.66.78.199 AUTH/CONNECT	2019-08-05 07:10:06

Comments on same subnet:

IP	Type	Details	Datetime
93.66.78.18	attackspambots	Total attacks: 2	2020-06-27 18:06:17
93.66.78.18	attackbots	Jun 25 14:10:58 nas sshd[7359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.66.78.18 Jun 25 14:10:59 nas sshd[7359]: Failed password for invalid user mirc from 93.66.78.18 port 50372 ssh2 Jun 25 14:22:21 nas sshd[7783]: Failed password for root from 93.66.78.18 port 37980 ssh2 ...	2020-06-26 02:56:48
93.66.78.18	attackspambots	Jun 2 06:25:48 piServer sshd[23031]: Failed password for root from 93.66.78.18 port 37584 ssh2 Jun 2 06:29:32 piServer sshd[23295]: Failed password for root from 93.66.78.18 port 58778 ssh2 ...	2020-06-02 12:49:35
93.66.78.18	attack	Invalid user majordom from 93.66.78.18 port 59380	2020-05-28 06:10:10
93.66.78.18	attack	Invalid user majordom from 93.66.78.18 port 59380	2020-05-27 17:00:15
93.66.78.18	attackbotsspam	May 13 08:30:09 rotator sshd\[31306\]: Invalid user pjg from 93.66.78.18May 13 08:30:10 rotator sshd\[31306\]: Failed password for invalid user pjg from 93.66.78.18 port 47796 ssh2May 13 08:34:41 rotator sshd\[31924\]: Invalid user usrdata from 93.66.78.18May 13 08:34:43 rotator sshd\[31924\]: Failed password for invalid user usrdata from 93.66.78.18 port 58320 ssh2May 13 08:39:05 rotator sshd\[32733\]: Invalid user ubuntu from 93.66.78.18May 13 08:39:08 rotator sshd\[32733\]: Failed password for invalid user ubuntu from 93.66.78.18 port 40612 ssh2 ...	2020-05-13 18:47:30
93.66.78.18	attackspambots	Bruteforce detected by fail2ban	2020-05-08 04:06:46
93.66.78.18	attackbotsspam	May 7 07:37:40 server1 sshd\[16726\]: Failed password for invalid user gb from 93.66.78.18 port 44576 ssh2 May 7 07:42:21 server1 sshd\[18249\]: Invalid user bup from 93.66.78.18 May 7 07:42:21 server1 sshd\[18249\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.66.78.18 May 7 07:42:23 server1 sshd\[18249\]: Failed password for invalid user bup from 93.66.78.18 port 55400 ssh2 May 7 07:47:02 server1 sshd\[19653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.66.78.18 user=root ...	2020-05-07 21:49:52
93.66.78.18	attack	May 4 12:45:39 *** sshd[6211]: Invalid user ranjeet from 93.66.78.18	2020-05-04 20:46:40
93.66.78.18	attack	(sshd) Failed SSH login from 93.66.78.18 (IT/Italy/net-93-66-78-18.cust.vodafonedsl.it): 5 in the last 3600 secs	2020-05-03 02:53:11
93.66.78.18	attackbots	Apr 26 17:32:59 gw1 sshd[319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.66.78.18 Apr 26 17:33:01 gw1 sshd[319]: Failed password for invalid user monit from 93.66.78.18 port 55242 ssh2 ...	2020-04-26 20:43:38
93.66.78.18	attackbotsspam	Tried sshing with brute force.	2020-04-21 02:14:33
93.66.78.18	attackbots	Invalid user admin from 93.66.78.18 port 60312	2020-04-14 05:38:34
93.66.78.18	attack	Apr 12 15:54:32 host01 sshd[15560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.66.78.18 Apr 12 15:54:34 host01 sshd[15560]: Failed password for invalid user postgres from 93.66.78.18 port 47502 ssh2 Apr 12 15:59:15 host01 sshd[16417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.66.78.18 ...	2020-04-12 22:03:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.66.78.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57319
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.66.78.199.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 07:09:59 CST 2019
;; MSG SIZE  rcvd: 116

Host info

199.78.66.93.in-addr.arpa domain name pointer net-93-66-78-199.cust.vodafonedsl.it.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
199.78.66.93.in-addr.arpa	name = net-93-66-78-199.cust.vodafonedsl.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.206.105.217	attackbots	195.206.105.217 (CH/Switzerland/-), 7 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 14 13:44:05 server2 sshd[7812]: Invalid user admin from 62.210.37.82 Sep 14 13:43:42 server2 sshd[7456]: Invalid user admin from 162.247.74.217 Sep 14 13:43:45 server2 sshd[7456]: Failed password for invalid user admin from 162.247.74.217 port 51736 ssh2 Sep 14 13:44:08 server2 sshd[7812]: Failed password for invalid user admin from 62.210.37.82 port 36772 ssh2 Sep 14 13:43:38 server2 sshd[7404]: Invalid user admin from 195.206.105.217 Sep 14 13:43:40 server2 sshd[7404]: Failed password for invalid user admin from 195.206.105.217 port 55792 ssh2 Sep 14 13:44:32 server2 sshd[7925]: Invalid user admin from 107.189.10.245 IP Addresses Blocked: 62.210.37.82 (FR/France/-) 162.247.74.217 (US/United States/-)	2020-09-15 03:30:26
37.18.255.242	attack	RDP brute-forcing	2020-09-15 03:29:29
190.211.243.82	attackbotsspam	TCP ports : 7102 / 20672	2020-09-15 03:29:48
51.83.129.228	attackbots	SSH invalid-user multiple login try	2020-09-15 03:56:45
91.83.161.153	attackspam	Sep 13 18:33:46 mail.srvfarm.net postfix/smtpd[1233116]: warning: unknown[91.83.161.153]: SASL PLAIN authentication failed: Sep 13 18:33:46 mail.srvfarm.net postfix/smtpd[1233116]: lost connection after AUTH from unknown[91.83.161.153] Sep 13 18:38:17 mail.srvfarm.net postfix/smtpd[1232281]: warning: unknown[91.83.161.153]: SASL PLAIN authentication failed: Sep 13 18:38:17 mail.srvfarm.net postfix/smtpd[1232281]: lost connection after AUTH from unknown[91.83.161.153] Sep 13 18:41:52 mail.srvfarm.net postfix/smtpd[1234121]: warning: unknown[91.83.161.153]: SASL PLAIN authentication failed:	2020-09-15 03:40:46
18.196.81.81	attackbots	CMS (WordPress or Joomla) login attempt.	2020-09-15 03:33:04
186.250.203.144	attackbots	(smtpauth) Failed SMTP AUTH login from 186.250.203.144 (BR/Brazil/186-250-203-144.ibl.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-09-13 22:00:48 plain authenticator failed for ([186.250.203.144]) [186.250.203.144]: 535 Incorrect authentication data (set_id=int)	2020-09-15 03:46:41
186.96.197.191	attack	Sep 13 18:12:19 mail.srvfarm.net postfix/smtpd[1215356]: warning: unknown[186.96.197.191]: SASL PLAIN authentication failed: Sep 13 18:12:20 mail.srvfarm.net postfix/smtpd[1215356]: lost connection after AUTH from unknown[186.96.197.191] Sep 13 18:12:55 mail.srvfarm.net postfix/smtps/smtpd[1228782]: warning: unknown[186.96.197.191]: SASL PLAIN authentication failed: Sep 13 18:12:56 mail.srvfarm.net postfix/smtps/smtpd[1228782]: lost connection after AUTH from unknown[186.96.197.191] Sep 13 18:20:33 mail.srvfarm.net postfix/smtpd[1214684]: warning: unknown[186.96.197.191]: SASL PLAIN authentication failed:	2020-09-15 03:47:30
193.169.253.128	attackspam	smtp brute force login	2020-09-15 03:37:19
5.188.206.30	attackbots	5.188.206.30:63067 - - [13/Sep/2020:18:44:02 +0200] "\x03" 400 311	2020-09-15 03:36:36
180.166.208.56	attack	(smtpauth) Failed SMTP AUTH login from 180.166.208.56 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-09-14 19:54:59 login authenticator failed for (mail.tookatarh.com) [180.166.208.56]: 535 Incorrect authentication data (set_id=nologin)	2020-09-15 03:35:36
175.173.145.154	attackspambots	IP 175.173.145.154 attacked honeypot on port: 23 at 9/13/2020 9:50:02 AM	2020-09-15 03:27:36
218.92.0.250	attack	2020-09-14T14:16:40.494403dreamphreak.com sshd[297398]: Failed password for root from 218.92.0.250 port 4276 ssh2 2020-09-14T14:16:44.902650dreamphreak.com sshd[297398]: Failed password for root from 218.92.0.250 port 4276 ssh2 ...	2020-09-15 03:22:38
188.166.248.209	attack	Automatically reported by fail2ban report script (mx1)	2020-09-15 03:28:29
20.48.102.92	attackspam	Time: Sun Sep 13 23:23:21 2020 -0300 IP: 20.48.102.92 (US/United States/-) Failures: 30 (smtpauth) Interval: 3600 seconds Blocked: Permanent Block	2020-09-15 03:42:48

Recently Reported IPs

93.34.231.80	93.34.222.103	93.34.138.229	93.204.92.136
23.254.215.14	93.186.96.152	93.185.36.222	201.244.0.35
122.143.178.163	93.138.0.222	93.122.248.1	203.150.78.21
117.158.61.231	93.120.156.71	92.9.102.84	89.120.207.250
92.86.55.204	45.252.248.192	92.86.55.101	92.85.219.205