194.243.132.91

Basic Info

City: unknown

Region: unknown

Country: Italy

Internet Service Provider: A.D. Motor S.p.A.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Mar 9 17:09:42 ns382633 sshd\[16706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.243.132.91 user=root Mar 9 17:09:43 ns382633 sshd\[16706\]: Failed password for root from 194.243.132.91 port 36165 ssh2 Mar 9 17:16:33 ns382633 sshd\[18200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.243.132.91 user=root Mar 9 17:16:36 ns382633 sshd\[18200\]: Failed password for root from 194.243.132.91 port 54133 ssh2 Mar 9 17:19:21 ns382633 sshd\[18460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.243.132.91 user=root	2020-03-10 02:57:37
attack	SSH brute force	2020-03-04 09:01:13
attack	Mar 2 23:53:57 lukav-desktop sshd\[32480\]: Invalid user meteor from 194.243.132.91 Mar 2 23:53:57 lukav-desktop sshd\[32480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.243.132.91 Mar 2 23:53:59 lukav-desktop sshd\[32480\]: Failed password for invalid user meteor from 194.243.132.91 port 40266 ssh2 Mar 3 00:02:28 lukav-desktop sshd\[32677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.243.132.91 user=root Mar 3 00:02:30 lukav-desktop sshd\[32677\]: Failed password for root from 194.243.132.91 port 60490 ssh2	2020-03-03 06:05:35
attackbots	Feb 24 23:10:52 XXX sshd[40795]: Invalid user user from 194.243.132.91 port 39555	2020-02-25 11:33:15
attack	Automatic report - SSH Brute-Force Attack	2020-02-22 14:19:28

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.243.132.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59156
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;194.243.132.91.			IN	A

;; AUTHORITY SECTION:
.			480	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022102 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 22 14:19:23 CST 2020
;; MSG SIZE  rcvd: 118

Host info

91.132.243.194.in-addr.arpa domain name pointer host91-132-static.243-194-b.business.telecomitalia.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
91.132.243.194.in-addr.arpa	name = host91-132-static.243-194-b.business.telecomitalia.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.28.185.104	attackspam	1601930231 - 10/05/2020 22:37:11 Host: 77.28.185.104/77.28.185.104 Port: 445 TCP Blocked	2020-10-06 19:31:41
129.204.82.4	attackspambots	20 attempts against mh-ssh on cloud	2020-10-06 20:03:12
50.116.17.250	attack	T: f2b ssh aggressive 3x	2020-10-06 20:09:33
172.105.57.157	attack	Oct 6 12:20:23 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=172.105.57.157 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=44431 PROTO=TCP SPT=59454 DPT=2375 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 6 12:28:16 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=172.105.57.157 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=20821 PROTO=TCP SPT=59911 DPT=2376 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 6 12:36:58 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=172.105.57.157 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=53326 PROTO=TCP SPT=40368 DPT=2377 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 6 12:45:24 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=172.105.57.157 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=64871 PROTO=TCP SPT=40850 DPT=4243 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 6 12:52:00 *hidd ...	2020-10-06 19:43:39
50.87.144.97	attackspambots	[Drupal AbuseIPDB module] Request path is blacklisted. /old/wp-admin	2020-10-06 19:44:55
123.31.29.14	attackspam	Oct 6 04:33:15 hidden sshd[56061]: Failed password for hidden from 123.31.29.14 port 55644 ssh2 Oct 6 04:35:09 hidden sshd[56103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.29.14 user=root Oct 6 04:35:11 hidden sshd[56103]: Failed password for hidden from 123.31.29.14 port 55366 ssh2	2020-10-06 19:55:16
119.84.8.43	attack	SSH invalid-user multiple login try	2020-10-06 19:58:08
182.61.18.154	attackbotsspam	Invalid user nikita from 182.61.18.154 port 39210	2020-10-06 19:50:18
34.107.31.61	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-06 19:41:25
200.150.77.93	attackspam	Oct 6 15:55:11 web1 sshd[22072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.150.77.93 user=root Oct 6 15:55:13 web1 sshd[22072]: Failed password for root from 200.150.77.93 port 47474 ssh2 Oct 6 16:06:45 web1 sshd[25914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.150.77.93 user=root Oct 6 16:06:48 web1 sshd[25914]: Failed password for root from 200.150.77.93 port 57277 ssh2 Oct 6 16:11:20 web1 sshd[27421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.150.77.93 user=root Oct 6 16:11:22 web1 sshd[27421]: Failed password for root from 200.150.77.93 port 60862 ssh2 Oct 6 16:15:49 web1 sshd[28879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.150.77.93 user=root Oct 6 16:15:51 web1 sshd[28879]: Failed password for root from 200.150.77.93 port 36213 ssh2 Oct 6 16:20:18 web1 sshd[30713]: pa ...	2020-10-06 19:54:19
132.232.66.227	attackbotsspam	Oct 6 08:35:43 marvibiene sshd[23235]: Failed password for root from 132.232.66.227 port 45456 ssh2	2020-10-06 19:46:21
139.198.191.86	attackbots	IP blocked	2020-10-06 19:54:44
217.62.155.9	attack	(smtpauth) Failed SMTP AUTH login from 217.62.155.9 (NL/Netherlands/217-62-155-9.cable.dynamic.v4.ziggo.nl): 5 in the last 3600 secs	2020-10-06 20:04:54
95.158.200.202	attackspambots	Attempted BruteForce on Port 21 on 5 different Servers	2020-10-06 19:52:51
200.38.224.156	attackspambots	port	2020-10-06 20:06:09

Recently Reported IPs

134.56.228.178	180.249.92.141	76.123.72.218	13.234.213.182
90.187.236.247	187.111.220.23	220.194.60.95	178.46.211.33
165.22.96.165	36.72.217.129	156.239.159.180	186.228.173.100
0.168.88.35	14.182.136.228	173.91.116.15	51.161.86.97
47.111.232.88	43.241.124.230	193.112.15.111	74.222.22.228