185.94.213.54 - IPInfo

Basic Info

City: Simferopol

Region: Crimea

Country: Ukraine

Internet Service Provider: JSC CrimeaTelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 185.94.213.54 on Port 445(SMB)	2020-08-17 08:09:46

Comments on same subnet:

IP	Type	Details	Datetime
185.94.213.218	attack	Unauthorized connection attempt detected from IP address 185.94.213.218 to port 445	2019-12-23 17:08:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 185.94.213.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49692
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;185.94.213.54.			IN	A

;; AUTHORITY SECTION:
.			409	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081601 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 17 08:09:43 CST 2020
;; MSG SIZE  rcvd: 117

Host info

54.213.94.185.in-addr.arpa domain name pointer 185-94-213-54.dynamic.ktkru.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.213.94.185.in-addr.arpa	name = 185-94-213-54.dynamic.ktkru.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.217.243.157	attack	Jul 8 17:20:49 h1946882 sshd[22411]: reveeclipse mapping checking getaddri= nfo for node-103-217-243-157.alliancebroadband.in [103.217.243.157] fai= led - POSSIBLE BREAK-IN ATTEMPT! Jul 8 17:20:49 h1946882 sshd[22411]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D103.= 217.243.157=20 Jul 8 17:20:51 h1946882 sshd[22411]: Failed password for invalid user = roberts from 103.217.243.157 port 42742 ssh2 Jul 8 17:20:51 h1946882 sshd[22411]: Received disconnect from 103.217.= 243.157: 11: Bye Bye [preauth] Jul 8 17:40:02 h1946882 sshd[23036]: reveeclipse mapping checking getaddri= nfo for node-103-217-243-157.alliancebroadband.in [103.217.243.157] fai= led - POSSIBLE BREAK-IN ATTEMPT! Jul 8 17:40:02 h1946882 sshd[23036]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D103.= 217.243.157=20 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.217.243.15	2020-07-12 23:00:01
188.40.198.250	attack		2020-07-12 23:16:44
106.54.117.51	attackbotsspam	2020-07-12T11:53:28.372854abusebot-8.cloudsearch.cf sshd[28249]: Invalid user tanx from 106.54.117.51 port 46030 2020-07-12T11:53:28.383259abusebot-8.cloudsearch.cf sshd[28249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.117.51 2020-07-12T11:53:28.372854abusebot-8.cloudsearch.cf sshd[28249]: Invalid user tanx from 106.54.117.51 port 46030 2020-07-12T11:53:30.686033abusebot-8.cloudsearch.cf sshd[28249]: Failed password for invalid user tanx from 106.54.117.51 port 46030 ssh2 2020-07-12T11:57:40.240018abusebot-8.cloudsearch.cf sshd[28297]: Invalid user paul from 106.54.117.51 port 33304 2020-07-12T11:57:40.249873abusebot-8.cloudsearch.cf sshd[28297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.117.51 2020-07-12T11:57:40.240018abusebot-8.cloudsearch.cf sshd[28297]: Invalid user paul from 106.54.117.51 port 33304 2020-07-12T11:57:41.478940abusebot-8.cloudsearch.cf sshd[28297]: Failed pass ...	2020-07-12 23:20:44
185.143.72.27	attackbotsspam	Jul 12 16:47:41 srv01 postfix/smtpd\[10315\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 16:48:10 srv01 postfix/smtpd\[1933\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 16:48:41 srv01 postfix/smtpd\[23129\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 16:49:11 srv01 postfix/smtpd\[5455\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 12 16:49:42 srv01 postfix/smtpd\[8326\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-12 23:04:42
143.255.242.2	attack	Automatic report - Port Scan Attack	2020-07-12 23:02:56
129.211.138.177	attackbots	Jul 12 10:03:34 NPSTNNYC01T sshd[562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.138.177 Jul 12 10:03:36 NPSTNNYC01T sshd[562]: Failed password for invalid user mihai from 129.211.138.177 port 33124 ssh2 Jul 12 10:08:35 NPSTNNYC01T sshd[1208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.138.177 ...	2020-07-12 23:34:37
91.21.42.138	attackbots	Bruteforce detected by fail2ban	2020-07-12 23:13:46
141.0.146.227	attackspam	prod11 ...	2020-07-12 23:29:02
183.250.216.67	attackbotsspam	Jul 12 14:28:54 vps sshd[709656]: Failed password for invalid user test from 183.250.216.67 port 42552 ssh2 Jul 12 14:31:59 vps sshd[724750]: Invalid user matsuno from 183.250.216.67 port 57942 Jul 12 14:31:59 vps sshd[724750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.250.216.67 Jul 12 14:32:01 vps sshd[724750]: Failed password for invalid user matsuno from 183.250.216.67 port 57942 ssh2 Jul 12 14:35:02 vps sshd[736083]: Invalid user debian from 183.250.216.67 port 45100 ...	2020-07-12 23:00:31
1.161.36.144	attackspambots	port scan and connect, tcp 23 (telnet)	2020-07-12 23:13:20
103.144.10.252	attackspambots	Port Scan ...	2020-07-12 23:40:48
103.92.26.252	attackbots	Jul 12 18:55:11 gw1 sshd[23684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.26.252 Jul 12 18:55:13 gw1 sshd[23684]: Failed password for invalid user linneya from 103.92.26.252 port 32970 ssh2 ...	2020-07-12 23:27:25
157.245.76.169	attackspam	Jul 12 14:51:40 rocket sshd[4947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.76.169 Jul 12 14:51:42 rocket sshd[4947]: Failed password for invalid user conti from 157.245.76.169 port 35604 ssh2 Jul 12 14:54:58 rocket sshd[5199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.76.169 ...	2020-07-12 23:39:46
194.116.237.218	attackspambots		2020-07-12 23:16:12
51.178.142.220	attack	Jul 12 15:00:43 * sshd[14613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.142.220 Jul 12 15:00:45 * sshd[14613]: Failed password for invalid user ding from 51.178.142.220 port 47870 ssh2	2020-07-12 23:15:02

Recently Reported IPs

81.90.6.166	2.102.100.151	153.173.36.235	176.242.117.216
84.146.7.254	144.136.225.234	101.99.35.4	32.56.190.31
100.24.47.38	220.146.247.250	32.8.110.147	45.135.187.45
52.245.32.229	220.238.177.207	70.234.176.160	1.205.63.135
191.49.95.136	41.29.73.145	106.122.46.94	130.50.203.133