141.8.194.64 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
141.8.194.53	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/141.8.194.53/ RU - 1H : (75) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN35278 IP : 141.8.194.53 CIDR : 141.8.194.0/24 PREFIX COUNT : 10 UNIQUE IP COUNT : 4096 ATTACKS DETECTED ASN35278 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-21 23:59:34 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-11-22 07:18:29

Type

Details

Datetime

141.8.194.53

attackspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/141.8.194.53/ 
 
 RU - 1H : (75)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : RU 
 NAME ASN : ASN35278 
 
 IP : 141.8.194.53 
 
 CIDR : 141.8.194.0/24 
 
 PREFIX COUNT : 10 
 
 UNIQUE IP COUNT : 4096 
 
 
 ATTACKS DETECTED ASN35278 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-11-21 23:59:34 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-11-22 07:18:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.8.194.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34544
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;141.8.194.64.			IN	A

;; AUTHORITY SECTION:
.			379	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:17:42 CST 2022
;; MSG SIZE  rcvd: 105

Host info

64.194.8.141.in-addr.arpa domain name pointer menglod.from.sh.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
64.194.8.141.in-addr.arpa	name = menglod.from.sh.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.159.114.184	attack	Oct 25 14:51:34 webhost01 sshd[17772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.114.184 Oct 25 14:51:36 webhost01 sshd[17772]: Failed password for invalid user ftpuser from 42.159.114.184 port 18028 ssh2 ...	2019-10-25 17:56:28
91.121.67.107	attackspam	Oct 25 05:45:08 SilenceServices sshd[24086]: Failed password for root from 91.121.67.107 port 33726 ssh2 Oct 25 05:49:02 SilenceServices sshd[25179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.67.107 Oct 25 05:49:05 SilenceServices sshd[25179]: Failed password for invalid user zumbusch from 91.121.67.107 port 44120 ssh2	2019-10-25 17:55:27
106.12.176.53	attackbots	web-1 [ssh] SSH Attack	2019-10-25 17:42:18
104.236.214.8	attackspambots	2019-10-25T09:38:42.355630hub.schaetter.us sshd\[22374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.214.8 user=root 2019-10-25T09:38:44.091225hub.schaetter.us sshd\[22374\]: Failed password for root from 104.236.214.8 port 60102 ssh2 2019-10-25T09:44:30.140789hub.schaetter.us sshd\[22414\]: Invalid user debian from 104.236.214.8 port 51219 2019-10-25T09:44:30.156962hub.schaetter.us sshd\[22414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.214.8 2019-10-25T09:44:32.334138hub.schaetter.us sshd\[22414\]: Failed password for invalid user debian from 104.236.214.8 port 51219 ssh2 ...	2019-10-25 18:04:46
92.118.37.99	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 90 - port: 4802 proto: TCP cat: Misc Attack	2019-10-25 17:46:00
80.17.244.2	attackspambots	ssh failed login	2019-10-25 17:49:14
122.152.210.200	attackspambots	Oct 24 23:27:17 tdfoods sshd\[23414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.210.200 user=root Oct 24 23:27:19 tdfoods sshd\[23414\]: Failed password for root from 122.152.210.200 port 51664 ssh2 Oct 24 23:32:30 tdfoods sshd\[23852\]: Invalid user postgres from 122.152.210.200 Oct 24 23:32:30 tdfoods sshd\[23852\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.210.200 Oct 24 23:32:31 tdfoods sshd\[23852\]: Failed password for invalid user postgres from 122.152.210.200 port 56936 ssh2	2019-10-25 17:36:09
132.232.47.41	attack	Oct 25 11:15:36 MK-Soft-VM6 sshd[10644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.47.41 Oct 25 11:15:39 MK-Soft-VM6 sshd[10644]: Failed password for invalid user sf123 from 132.232.47.41 port 54343 ssh2 ...	2019-10-25 18:04:00
186.139.21.29	attackspam	Oct 25 05:18:42 cps sshd[20920]: Invalid user georgete from 186.139.21.29 Oct 25 05:18:42 cps sshd[20920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.139.21.29 Oct 25 05:18:45 cps sshd[20920]: Failed password for invalid user georgete from 186.139.21.29 port 43418 ssh2 Oct 25 05:26:28 cps sshd[22364]: Invalid user samir from 186.139.21.29 Oct 25 05:26:28 cps sshd[22364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.139.21.29 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=186.139.21.29	2019-10-25 18:09:43
123.183.217.82	attackbotsspam	" "	2019-10-25 17:46:56
13.234.31.56	attack	Oct 25 11:45:31 MK-Soft-VM4 sshd[3499]: Failed password for root from 13.234.31.56 port 54814 ssh2 ...	2019-10-25 18:00:10
124.158.9.169	attack	Oct 25 11:33:42 meumeu sshd[24829]: Failed password for root from 124.158.9.169 port 59286 ssh2 Oct 25 11:33:59 meumeu sshd[24859]: Failed password for root from 124.158.9.169 port 59980 ssh2 ...	2019-10-25 17:40:36
36.89.157.197	attackbotsspam	Oct 25 12:47:55 server sshd\[5977\]: User root from 36.89.157.197 not allowed because listed in DenyUsers Oct 25 12:47:55 server sshd\[5977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.157.197 user=root Oct 25 12:47:57 server sshd\[5977\]: Failed password for invalid user root from 36.89.157.197 port 39866 ssh2 Oct 25 12:52:29 server sshd\[30323\]: Invalid user esther from 36.89.157.197 port 50108 Oct 25 12:52:29 server sshd\[30323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.157.197	2019-10-25 18:04:18
64.140.159.115	attackbots	wp bruteforce	2019-10-25 17:58:00
176.31.191.173	attack	fail2ban	2019-10-25 17:44:50

Recently Reported IPs

141.8.195.141	141.8.195.218	141.8.195.163	141.8.195.223
141.8.195.27	141.8.195.205	141.8.195.33	141.8.195.39
141.8.195.65	141.8.195.60	141.8.195.45	141.8.195.82
141.8.196.101	141.8.195.96	141.8.196.15	141.8.196.114
141.8.196.166	141.8.196.54	141.8.196.50	141.8.197.26