194.39.196.14 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
194.39.196.42	attackspam	Sep 7 11:20:13 mail.srvfarm.net postfix/smtpd[1028351]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed: Sep 7 11:20:14 mail.srvfarm.net postfix/smtpd[1028351]: lost connection after AUTH from unknown[194.39.196.42] Sep 7 11:23:44 mail.srvfarm.net postfix/smtps/smtpd[1026476]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed: Sep 7 11:23:44 mail.srvfarm.net postfix/smtps/smtpd[1026476]: lost connection after AUTH from unknown[194.39.196.42] Sep 7 11:29:45 mail.srvfarm.net postfix/smtpd[1028343]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed:	2020-09-12 03:00:59
194.39.196.42	attackbots	Sep 7 11:20:13 mail.srvfarm.net postfix/smtpd[1028351]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed: Sep 7 11:20:14 mail.srvfarm.net postfix/smtpd[1028351]: lost connection after AUTH from unknown[194.39.196.42] Sep 7 11:23:44 mail.srvfarm.net postfix/smtps/smtpd[1026476]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed: Sep 7 11:23:44 mail.srvfarm.net postfix/smtps/smtpd[1026476]: lost connection after AUTH from unknown[194.39.196.42] Sep 7 11:29:45 mail.srvfarm.net postfix/smtpd[1028343]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed:	2020-09-11 18:59:50
194.39.196.27	attackspam	SASL PLAIN auth failed: ruser=...	2020-09-10 01:18:42
194.39.196.42	attack	Aug 16 05:34:17 mail.srvfarm.net postfix/smtpd[1888509]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed: Aug 16 05:34:17 mail.srvfarm.net postfix/smtpd[1888509]: lost connection after AUTH from unknown[194.39.196.42] Aug 16 05:39:10 mail.srvfarm.net postfix/smtpd[1907805]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed: Aug 16 05:39:10 mail.srvfarm.net postfix/smtpd[1907805]: lost connection after AUTH from unknown[194.39.196.42] Aug 16 05:42:47 mail.srvfarm.net postfix/smtps/smtpd[1906553]: warning: unknown[194.39.196.42]: SASL PLAIN authentication failed:	2020-08-16 12:17:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.39.196.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41958
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;194.39.196.14.			IN	A

;; AUTHORITY SECTION:
.			320	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 22:49:21 CST 2022
;; MSG SIZE  rcvd: 106

Host info

14.196.39.194.in-addr.arpa domain name pointer 194-39-196-14.ipv4.krusz-lan.pl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
14.196.39.194.in-addr.arpa	name = 194-39-196-14.ipv4.krusz-lan.pl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.39.64.155	attackspambots	Automatic report - Banned IP Access	2019-11-10 03:57:47
45.125.65.99	attack	\[2019-11-09 14:19:12\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T14:19:12.867-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6264901148343508002",SessionID="0x7fdf2caef968",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/49426",ACLName="no_extension_match" \[2019-11-09 14:19:24\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T14:19:24.043-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6923601148585359060",SessionID="0x7fdf2c8a8ab8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/50233",ACLName="no_extension_match" \[2019-11-09 14:19:39\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T14:19:39.393-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6583601148556213011",SessionID="0x7fdf2cd1cd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/51874",ACLNam	2019-11-10 03:36:50
218.235.29.87	attackspambots	Failed password for root from 218.235.29.87 port 41748 ssh2	2019-11-10 03:33:55
24.46.160.12	attackspambots	TCP Port Scanning	2019-11-10 03:45:36
60.190.148.2	attack	Automatic report - Banned IP Access	2019-11-10 03:29:11
81.177.139.181	attack	81.177.139.181 - - [09/Nov/2019:17:17:00 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:00 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:01 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:01 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-10 03:38:39
50.199.94.84	attack	Nov 9 06:50:06 eddieflores sshd\[14281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.199.94.84 user=root Nov 9 06:50:08 eddieflores sshd\[14281\]: Failed password for root from 50.199.94.84 port 54074 ssh2 Nov 9 06:53:43 eddieflores sshd\[14577\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.199.94.84 user=root Nov 9 06:53:45 eddieflores sshd\[14577\]: Failed password for root from 50.199.94.84 port 34992 ssh2 Nov 9 06:57:33 eddieflores sshd\[14862\]: Invalid user 123 from 50.199.94.84 Nov 9 06:57:33 eddieflores sshd\[14862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.199.94.84	2019-11-10 03:42:35
92.253.23.7	attackspambots	Nov 9 11:29:57 ny01 sshd[1005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.253.23.7 Nov 9 11:29:58 ny01 sshd[1005]: Failed password for invalid user erpnext from 92.253.23.7 port 47634 ssh2 Nov 9 11:34:30 ny01 sshd[1757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.253.23.7	2019-11-10 03:51:47
213.238.240.151	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/213.238.240.151/ SE - 1H : (15) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SE NAME ASN : ASN2119 IP : 213.238.240.151 CIDR : 213.238.192.0/18 PREFIX COUNT : 187 UNIQUE IP COUNT : 5285632 ATTACKS DETECTED ASN2119 : 1H - 1 3H - 2 6H - 5 12H - 5 24H - 5 DateTime : 2019-11-09 17:16:25 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-10 03:59:09
179.198.207.234	attackbotsspam	Telnet Server BruteForce Attack	2019-11-10 04:05:34
115.112.47.126	attackbots	SSH/22 MH Probe, BF, Hack -	2019-11-10 03:31:37
198.46.248.190	attack	Microsoft-Windows-Security-Auditing	2019-11-10 03:30:32
106.12.54.182	attackbotsspam	Nov 9 06:51:02 hanapaa sshd\[10823\]: Invalid user test from 106.12.54.182 Nov 9 06:51:02 hanapaa sshd\[10823\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.54.182 Nov 9 06:51:04 hanapaa sshd\[10823\]: Failed password for invalid user test from 106.12.54.182 port 60084 ssh2 Nov 9 06:55:46 hanapaa sshd\[11169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.54.182 user=root Nov 9 06:55:47 hanapaa sshd\[11169\]: Failed password for root from 106.12.54.182 port 38390 ssh2	2019-11-10 03:41:06
180.166.187.146	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/180.166.187.146/ CN - 1H : (126) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4812 IP : 180.166.187.146 CIDR : 180.166.128.0/17 PREFIX COUNT : 543 UNIQUE IP COUNT : 8614144 ATTACKS DETECTED ASN4812 : 1H - 1 3H - 2 6H - 3 12H - 4 24H - 10 DateTime : 2019-11-09 17:17:09 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-11-10 03:32:39
187.177.165.8	attackbotsspam	Automatic report - Port Scan Attack	2019-11-10 03:35:09

Recently Reported IPs

187.167.75.66	34.79.237.14	91.11.46.6	177.119.233.21
89.218.113.106	36.72.218.183	175.107.1.211	76.10.176.119
20.120.35.190	220.129.98.68	85.119.3.65	61.90.22.108
193.233.83.171	223.91.218.118	50.208.199.189	27.43.205.48
59.89.214.86	49.232.168.102	203.175.73.148	125.41.168.225