168.197.51.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Argentina

Internet Service Provider: Dattatec.com

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 30 08:40:07 cdc sshd[12005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.197.51.94 Jun 30 08:40:08 cdc sshd[12005]: Failed password for invalid user cloudera from 168.197.51.94 port 49336 ssh2	2020-06-30 16:19:52

Type

Details

Datetime

attack

Jun 30 08:40:07 cdc sshd[12005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.197.51.94 
Jun 30 08:40:08 cdc sshd[12005]: Failed password for invalid user cloudera from 168.197.51.94 port 49336 ssh2

2020-06-30 16:19:52

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.197.51.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22783
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;168.197.51.94.			IN	A

;; AUTHORITY SECTION:
.			541	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020063000 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 30 16:19:46 CST 2020
;; MSG SIZE  rcvd: 117

Host info

94.51.197.168.in-addr.arpa domain name pointer sd-1492075-l.dattaweb.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.51.197.168.in-addr.arpa	name = sd-1492075-l.dattaweb.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.69.189.115	attack	Aug 15 03:26:29 marvibiene sshd[6705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.69.189.115 user=root Aug 15 03:26:31 marvibiene sshd[6705]: Failed password for root from 182.69.189.115 port 43244 ssh2 Aug 15 03:57:32 marvibiene sshd[7026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.69.189.115 user=root Aug 15 03:57:34 marvibiene sshd[7026]: Failed password for root from 182.69.189.115 port 35236 ssh2	2020-08-15 12:24:28
185.234.218.83	attackbots	Aug 15 02:42:40 web01.agentur-b-2.de postfix/smtpd[3367138]: warning: unknown[185.234.218.83]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 15 02:42:40 web01.agentur-b-2.de postfix/smtpd[3367138]: lost connection after AUTH from unknown[185.234.218.83] Aug 15 02:43:46 web01.agentur-b-2.de postfix/smtpd[3367138]: warning: unknown[185.234.218.83]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 15 02:43:46 web01.agentur-b-2.de postfix/smtpd[3367138]: lost connection after AUTH from unknown[185.234.218.83] Aug 15 02:49:25 web01.agentur-b-2.de postfix/smtpd[3370668]: warning: unknown[185.234.218.83]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-15 12:35:48
170.80.204.101	attackspam	Aug 15 02:28:25 mail.srvfarm.net postfix/smtps/smtpd[963316]: warning: unknown[170.80.204.101]: SASL PLAIN authentication failed: Aug 15 02:28:25 mail.srvfarm.net postfix/smtps/smtpd[963316]: lost connection after AUTH from unknown[170.80.204.101] Aug 15 02:35:37 mail.srvfarm.net postfix/smtpd[965228]: warning: unknown[170.80.204.101]: SASL PLAIN authentication failed: Aug 15 02:35:37 mail.srvfarm.net postfix/smtpd[965228]: lost connection after AUTH from unknown[170.80.204.101] Aug 15 02:37:59 mail.srvfarm.net postfix/smtps/smtpd[969054]: warning: unknown[170.80.204.101]: SASL PLAIN authentication failed:	2020-08-15 12:40:18
176.112.114.137	attackspam	Aug 15 02:41:33 mail.srvfarm.net postfix/smtpd[965947]: warning: unknown[176.112.114.137]: SASL PLAIN authentication failed: Aug 15 02:41:33 mail.srvfarm.net postfix/smtpd[965947]: lost connection after AUTH from unknown[176.112.114.137] Aug 15 02:45:26 mail.srvfarm.net postfix/smtpd[970999]: warning: unknown[176.112.114.137]: SASL PLAIN authentication failed: Aug 15 02:45:26 mail.srvfarm.net postfix/smtpd[970999]: lost connection after AUTH from unknown[176.112.114.137] Aug 15 02:50:46 mail.srvfarm.net postfix/smtps/smtpd[971724]: warning: unknown[176.112.114.137]: SASL PLAIN authentication failed:	2020-08-15 12:38:52
91.82.114.77	attackspam	Aug 15 02:08:43 mail.srvfarm.net postfix/smtpd[948604]: warning: unknown[91.82.114.77]: SASL PLAIN authentication failed: Aug 15 02:08:43 mail.srvfarm.net postfix/smtpd[948604]: lost connection after AUTH from unknown[91.82.114.77] Aug 15 02:14:32 mail.srvfarm.net postfix/smtps/smtpd[963475]: warning: unknown[91.82.114.77]: SASL PLAIN authentication failed: Aug 15 02:14:32 mail.srvfarm.net postfix/smtps/smtpd[963475]: lost connection after AUTH from unknown[91.82.114.77] Aug 15 02:16:09 mail.srvfarm.net postfix/smtpd[948604]: warning: unknown[91.82.114.77]: SASL PLAIN authentication failed:	2020-08-15 12:55:24
193.169.253.138	attackspam	Aug 10 13:18:26 cirrus postfix/smtpd[58864]: connect from unknown[193.169.253.138] Aug 10 13:18:27 cirrus postfix/smtpd[58864]: lost connection after AUTH from unknown[193.169.253.138] Aug 10 13:18:27 cirrus postfix/smtpd[58864]: disconnect from unknown[193.169.253.138] Aug 10 13:43:00 cirrus postfix/smtpd[59135]: connect from unknown[193.169.253.138] Aug 10 13:43:00 cirrus postfix/smtpd[59135]: lost connection after AUTH from unknown[193.169.253.138] Aug 10 13:43:00 cirrus postfix/smtpd[59135]: disconnect from unknown[193.169.253.138] Aug 10 14:14:01 cirrus postfix/smtpd[59747]: connect from unknown[193.169.253.138] Aug 10 14:14:01 cirrus postfix/smtpd[59747]: lost connection after AUTH from unknown[193.169.253.138] Aug 10 14:14:01 cirrus postfix/smtpd[59747]: disconnect from unknown[193.169.253.138] Aug 10 14:20:48 cirrus postfix/smtpd[59890]: connect from unknown[193.169.253.138] Aug 10 14:20:48 cirrus postfix/smtpd[59890]: lost connection after AUTH from unknown[193........ -------------------------------	2020-08-15 12:30:33
186.219.242.48	attackbotsspam	Aug 15 02:40:19 mail.srvfarm.net postfix/smtpd[965955]: warning: unknown[186.219.242.48]: SASL PLAIN authentication failed: Aug 15 02:40:20 mail.srvfarm.net postfix/smtpd[965955]: lost connection after AUTH from unknown[186.219.242.48] Aug 15 02:44:34 mail.srvfarm.net postfix/smtpd[966738]: warning: unknown[186.219.242.48]: SASL PLAIN authentication failed: Aug 15 02:44:35 mail.srvfarm.net postfix/smtpd[966738]: lost connection after AUTH from unknown[186.219.242.48] Aug 15 02:45:45 mail.srvfarm.net postfix/smtpd[970729]: warning: unknown[186.219.242.48]: SASL PLAIN authentication failed:	2020-08-15 12:33:43
202.52.254.75	attackbots	Aug 15 02:31:28 mail.srvfarm.net postfix/smtpd[964399]: warning: unknown[202.52.254.75]: SASL PLAIN authentication failed: Aug 15 02:31:28 mail.srvfarm.net postfix/smtpd[964399]: lost connection after AUTH from unknown[202.52.254.75] Aug 15 02:33:44 mail.srvfarm.net postfix/smtps/smtpd[963401]: warning: unknown[202.52.254.75]: SASL PLAIN authentication failed: Aug 15 02:33:44 mail.srvfarm.net postfix/smtps/smtpd[963401]: lost connection after AUTH from unknown[202.52.254.75] Aug 15 02:35:25 mail.srvfarm.net postfix/smtps/smtpd[963282]: warning: unknown[202.52.254.75]: SASL PLAIN authentication failed:	2020-08-15 12:29:43
186.216.70.29	attackspambots	Aug 15 02:11:34 mail.srvfarm.net postfix/smtps/smtpd[963491]: warning: unknown[186.216.70.29]: SASL PLAIN authentication failed: Aug 15 02:11:35 mail.srvfarm.net postfix/smtps/smtpd[963491]: lost connection after AUTH from unknown[186.216.70.29] Aug 15 02:13:06 mail.srvfarm.net postfix/smtps/smtpd[950236]: warning: unknown[186.216.70.29]: SASL PLAIN authentication failed: Aug 15 02:13:07 mail.srvfarm.net postfix/smtps/smtpd[950236]: lost connection after AUTH from unknown[186.216.70.29] Aug 15 02:15:46 mail.srvfarm.net postfix/smtps/smtpd[964715]: warning: unknown[186.216.70.29]: SASL PLAIN authentication failed:	2020-08-15 12:52:19
192.99.34.142	attack	192.99.34.142 - - [15/Aug/2020:05:51:31 +0100] "POST /wp-login.php HTTP/1.1" 200 5389 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.142 - - [15/Aug/2020:05:53:56 +0100] "POST /wp-login.php HTTP/1.1" 200 5389 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.142 - - [15/Aug/2020:05:56:13 +0100] "POST /wp-login.php HTTP/1.1" 200 5389 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-15 12:58:36
91.240.68.149	attack	Aug 15 02:12:34 mail.srvfarm.net postfix/smtps/smtpd[963316]: warning: unknown[91.240.68.149]: SASL PLAIN authentication failed: Aug 15 02:12:34 mail.srvfarm.net postfix/smtps/smtpd[963316]: lost connection after AUTH from unknown[91.240.68.149] Aug 15 02:14:14 mail.srvfarm.net postfix/smtps/smtpd[964716]: warning: unknown[91.240.68.149]: SASL PLAIN authentication failed: Aug 15 02:14:14 mail.srvfarm.net postfix/smtps/smtpd[964716]: lost connection after AUTH from unknown[91.240.68.149] Aug 15 02:20:54 mail.srvfarm.net postfix/smtpd[963159]: warning: unknown[91.240.68.149]: SASL PLAIN authentication failed:	2020-08-15 12:54:47
177.137.130.19	attack	Aug 15 02:14:26 mail.srvfarm.net postfix/smtps/smtpd[949850]: warning: unknown[177.137.130.19]: SASL PLAIN authentication failed: Aug 15 02:14:27 mail.srvfarm.net postfix/smtps/smtpd[949850]: lost connection after AUTH from unknown[177.137.130.19] Aug 15 02:18:16 mail.srvfarm.net postfix/smtps/smtpd[963282]: warning: unknown[177.137.130.19]: SASL PLAIN authentication failed: Aug 15 02:18:17 mail.srvfarm.net postfix/smtps/smtpd[963282]: lost connection after AUTH from unknown[177.137.130.19] Aug 15 02:21:13 mail.srvfarm.net postfix/smtps/smtpd[963278]: warning: unknown[177.137.130.19]: SASL PLAIN authentication failed:	2020-08-15 12:53:07
212.70.149.19	attackbots	Aug 15 06:19:53 vmanager6029 postfix/smtpd\[32238\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 15 06:20:16 vmanager6029 postfix/smtpd\[32238\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-15 12:28:57
5.190.234.215	attackspambots	Aug 15 02:37:41 mail.srvfarm.net postfix/smtps/smtpd[964714]: warning: unknown[5.190.234.215]: SASL PLAIN authentication failed: Aug 15 02:37:42 mail.srvfarm.net postfix/smtps/smtpd[964714]: lost connection after AUTH from unknown[5.190.234.215] Aug 15 02:38:07 mail.srvfarm.net postfix/smtpd[966843]: warning: unknown[5.190.234.215]: SASL PLAIN authentication failed: Aug 15 02:38:07 mail.srvfarm.net postfix/smtpd[966843]: lost connection after AUTH from unknown[5.190.234.215] Aug 15 02:43:12 mail.srvfarm.net postfix/smtpd[965952]: warning: unknown[5.190.234.215]: SASL PLAIN authentication failed:	2020-08-15 12:46:16
172.82.239.21	attack	Aug 15 02:49:17 mail.srvfarm.net postfix/smtpd[970999]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 15 02:51:26 mail.srvfarm.net postfix/smtpd[971000]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 15 02:52:28 mail.srvfarm.net postfix/smtpd[972858]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 15 02:54:33 mail.srvfarm.net postfix/smtpd[972893]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 15 02:55:45 mail.srvfarm.net postfix/smtpd[972706]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21]	2020-08-15 12:39:08

Recently Reported IPs

104.37.191.52	123.59.28.66	14.250.48.60	190.0.246.2
119.123.227.201	114.122.6.197	120.194.91.198	198.113.98.45
208.126.121.251	182.253.174.32	121.138.174.51	183.80.120.31
192.241.227.216	118.25.124.182	110.144.80.177	106.255.246.195
209.86.200.44	45.29.198.77	196.19.136.78	189.69.115.159