180.164.94.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 180.164.94.58 on Port 445(SMB)	2019-07-10 09:03:09

Comments on same subnet:

IP	Type	Details	Datetime
180.164.94.115	attackspam	Fail2Ban Ban Triggered	2020-08-06 18:14:07
180.164.94.145	attack	Unauthorized connection attempt detected from IP address 180.164.94.145 to port 445	2020-07-23 06:50:24
180.164.94.173	attackbots	Jul 28 19:41:41 TORMINT sshd\[24594\]: Invalid user kje from 180.164.94.173 Jul 28 19:41:41 TORMINT sshd\[24594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.164.94.173 Jul 28 19:41:44 TORMINT sshd\[24594\]: Failed password for invalid user kje from 180.164.94.173 port 49366 ssh2 ...	2019-07-29 12:24:42

Type

Details

Datetime

180.164.94.115

attackspam

Fail2Ban Ban Triggered

2020-08-06 18:14:07

180.164.94.145

attack

Unauthorized connection attempt detected from IP address 180.164.94.145 to port 445

2020-07-23 06:50:24

180.164.94.173

attackbots

Jul 28 19:41:41 TORMINT sshd\[24594\]: Invalid user kje from 180.164.94.173
Jul 28 19:41:41 TORMINT sshd\[24594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.164.94.173
Jul 28 19:41:44 TORMINT sshd\[24594\]: Failed password for invalid user kje from 180.164.94.173 port 49366 ssh2
...

2019-07-29 12:24:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.164.94.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14291
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.164.94.58.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070901 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 10 09:02:57 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 58.94.164.180.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 58.94.164.180.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.21.243.204	attackspam	Jan 10 22:59:58 server sshd\[2557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-243-204.static.digikabel.hu user=root Jan 10 22:59:59 server sshd\[2557\]: Failed password for root from 94.21.243.204 port 51244 ssh2 Jan 10 23:03:17 server sshd\[3532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-243-204.static.digikabel.hu user=root Jan 10 23:03:19 server sshd\[3532\]: Failed password for root from 94.21.243.204 port 38274 ssh2 Jan 10 23:04:45 server sshd\[3783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-243-204.static.digikabel.hu user=root ...	2020-01-11 04:14:26
36.99.141.211	attackspambots	Jan 10 16:10:19 legacy sshd[22856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.99.141.211 Jan 10 16:10:21 legacy sshd[22856]: Failed password for invalid user barison from 36.99.141.211 port 51338 ssh2 Jan 10 16:15:35 legacy sshd[23111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.99.141.211 ...	2020-01-11 04:24:12
91.217.68.81	attackspambots	Jan 10 19:35:48 grey postfix/smtpd\[31963\]: NOQUEUE: reject: RCPT from unknown\[91.217.68.81\]: 554 5.7.1 Service unavailable\; Client host \[91.217.68.81\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[91.217.68.81\]\; from=\ to=\ proto=ESMTP helo=\<81-68.milan.kiev.ua\> ...	2020-01-11 04:19:52
89.248.172.85	attackspambots	Multiport scan : 16 ports scanned 1235 1240 1253 1289 1318 1390 1421 1422 1506 1516 1520 1540 12354 33090 33391 33394	2020-01-11 04:00:34
14.247.107.39	attackspam	1578660716 - 01/10/2020 13:51:56 Host: 14.247.107.39/14.247.107.39 Port: 445 TCP Blocked	2020-01-11 04:27:59
185.176.27.2	attackbotsspam	Jan 10 21:22:47 debian-2gb-nbg1-2 kernel: \[947076.436947\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.2 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=3979 PROTO=TCP SPT=49927 DPT=1999 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-11 04:39:38
51.77.119.185	attackspam	WordPress wp-login brute force :: 51.77.119.185 0.176 - [10/Jan/2020:16:32:19 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-11 04:33:03
182.61.2.238	attack	Jan 10 15:31:15 localhost sshd\[15534\]: Invalid user postgresql from 182.61.2.238 port 59928 Jan 10 15:31:15 localhost sshd\[15534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.2.238 Jan 10 15:31:17 localhost sshd\[15534\]: Failed password for invalid user postgresql from 182.61.2.238 port 59928 ssh2	2020-01-11 04:20:19
114.231.46.218	attackbotsspam	2020-01-10 06:51:35 dovecot_login authenticator failed for (blyhl) [114.231.46.218]:54443 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lining@lerctr.org) 2020-01-10 06:51:42 dovecot_login authenticator failed for (icxcz) [114.231.46.218]:54443 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lining@lerctr.org) 2020-01-10 06:51:54 dovecot_login authenticator failed for (zwbmc) [114.231.46.218]:54443 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lining@lerctr.org) ...	2020-01-11 04:28:43
45.224.86.24	attackspam	Jan 10 13:52:26 grey postfix/smtpd\[30258\]: NOQUEUE: reject: RCPT from unknown\[45.224.86.24\]: 554 5.7.1 Service unavailable\; Client host \[45.224.86.24\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?45.224.86.24\; from=\ to=\ proto=ESMTP helo=\<\[45.224.86.24\]\> ...	2020-01-11 04:06:48
178.34.152.180	attack	Port scan on 1 port(s): 3389	2020-01-11 04:17:14
180.106.83.17	attackspambots	Jan 10 16:16:40 DAAP sshd[3096]: Invalid user oracle from 180.106.83.17 port 49190 Jan 10 16:16:40 DAAP sshd[3096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.106.83.17 Jan 10 16:16:40 DAAP sshd[3096]: Invalid user oracle from 180.106.83.17 port 49190 Jan 10 16:16:41 DAAP sshd[3096]: Failed password for invalid user oracle from 180.106.83.17 port 49190 ssh2 Jan 10 16:20:41 DAAP sshd[3200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.106.83.17 user=root Jan 10 16:20:43 DAAP sshd[3200]: Failed password for root from 180.106.83.17 port 43652 ssh2 ...	2020-01-11 04:25:35
125.64.94.211	attack	10.01.2020 20:16:59 Connection to port 9200 blocked by firewall	2020-01-11 04:21:07
178.57.105.226	attackbots	1578660711 - 01/10/2020 13:51:51 Host: 178.57.105.226/178.57.105.226 Port: 445 TCP Blocked	2020-01-11 04:30:26
37.17.38.196	attackspambots	Jan 10 13:51:20 karger wordpress(buerg)[979]: XML-RPC authentication failure for reiner from 37.17.38.196 Jan 10 13:51:27 karger wordpress(buerg)[979]: XML-RPC authentication failure for reiner from 37.17.38.196 Jan 10 13:51:32 karger wordpress(buerg)[979]: XML-RPC authentication failure for reiner from 37.17.38.196 ...	2020-01-11 04:37:48

Recently Reported IPs

183.80.230.111	38.102.69.111	105.244.87.151	186.162.29.84
122.118.12.236	129.150.65.9	220.117.237.54	46.34.180.143
33.238.32.109	198.252.196.149	46.24.18.34	27.201.127.33
30.122.200.253	105.61.112.176	20.17.201.50	14.230.240.201
135.57.224.193	60.96.117.70	146.228.146.203	10.170.156.17