196.21.175.54 - IPInfo

Basic Info

City: Nelspruit

Region: Mpumalanga

Country: South Africa

Internet Service Provider: Tenet

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user test2 from 196.21.175.54 port 55056	2020-05-12 01:26:35
attackbotsspam	2020-05-05T01:07:25.714737shield sshd\[10307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=diskspace.ump.ac.za user=root 2020-05-05T01:07:27.241877shield sshd\[10307\]: Failed password for root from 196.21.175.54 port 55936 ssh2 2020-05-05T01:12:43.188079shield sshd\[12444\]: Invalid user skynet from 196.21.175.54 port 39634 2020-05-05T01:12:43.191853shield sshd\[12444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=diskspace.ump.ac.za 2020-05-05T01:12:45.708900shield sshd\[12444\]: Failed password for invalid user skynet from 196.21.175.54 port 39634 ssh2	2020-05-05 09:20:06

Type

Details

Datetime

attackspam

Invalid user test2 from 196.21.175.54 port 55056

2020-05-12 01:26:35

attackbotsspam

2020-05-05T01:07:25.714737shield sshd\[10307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=diskspace.ump.ac.za  user=root
2020-05-05T01:07:27.241877shield sshd\[10307\]: Failed password for root from 196.21.175.54 port 55936 ssh2
2020-05-05T01:12:43.188079shield sshd\[12444\]: Invalid user skynet from 196.21.175.54 port 39634
2020-05-05T01:12:43.191853shield sshd\[12444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=diskspace.ump.ac.za
2020-05-05T01:12:45.708900shield sshd\[12444\]: Failed password for invalid user skynet from 196.21.175.54 port 39634 ssh2

2020-05-05 09:20:06

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.21.175.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43310
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.21.175.54.			IN	A

;; AUTHORITY SECTION:
.			453	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050403 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 05 09:20:03 CST 2020
;; MSG SIZE  rcvd: 117

Host info

54.175.21.196.in-addr.arpa domain name pointer diskspace.ump.ac.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.175.21.196.in-addr.arpa	name = diskspace.ump.ac.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.32.21.139	attack	2019-09-30T07:46:28.6782571495-001 sshd\[37600\]: Invalid user zabbix from 213.32.21.139 port 35970 2019-09-30T07:46:28.6853411495-001 sshd\[37600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.ip-213-32-21.eu 2019-09-30T07:46:30.5519721495-001 sshd\[37600\]: Failed password for invalid user zabbix from 213.32.21.139 port 35970 ssh2 2019-09-30T07:51:44.5670311495-001 sshd\[37998\]: Invalid user kevin from 213.32.21.139 port 49356 2019-09-30T07:51:44.5699161495-001 sshd\[37998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.ip-213-32-21.eu 2019-09-30T07:51:46.4914091495-001 sshd\[37998\]: Failed password for invalid user kevin from 213.32.21.139 port 49356 ssh2 ...	2019-09-30 20:08:41
35.184.159.30	attackbots	F2B jail: sshd. Time: 2019-09-30 14:17:47, Reported by: VKReport	2019-09-30 20:32:59
139.186.23.244	attackbotsspam	Sep 30 09:38:38 vps82406 sshd[11665]: Invalid user ajai from 139.186.23.244 Sep 30 09:38:38 vps82406 sshd[11665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.23.244 Sep 30 09:38:40 vps82406 sshd[11665]: Failed password for invalid user ajai from 139.186.23.244 port 46416 ssh2 Sep 30 09:43:57 vps82406 sshd[11867]: Invalid user saulo from 139.186.23.244 Sep 30 09:43:57 vps82406 sshd[11867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.23.244 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.186.23.244	2019-09-30 20:06:39
159.89.229.244	attackspam	Sep 30 08:17:53 TORMINT sshd\[7742\]: Invalid user admin from 159.89.229.244 Sep 30 08:17:53 TORMINT sshd\[7742\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.229.244 Sep 30 08:17:55 TORMINT sshd\[7742\]: Failed password for invalid user admin from 159.89.229.244 port 55434 ssh2 ...	2019-09-30 20:23:37
89.109.11.209	attackbots	Sep 30 15:09:39 pkdns2 sshd\[38240\]: Invalid user files from 89.109.11.209Sep 30 15:09:41 pkdns2 sshd\[38240\]: Failed password for invalid user files from 89.109.11.209 port 36866 ssh2Sep 30 15:13:40 pkdns2 sshd\[38409\]: Invalid user aiswaria from 89.109.11.209Sep 30 15:13:42 pkdns2 sshd\[38409\]: Failed password for invalid user aiswaria from 89.109.11.209 port 56826 ssh2Sep 30 15:17:38 pkdns2 sshd\[38573\]: Invalid user ednalva from 89.109.11.209Sep 30 15:17:41 pkdns2 sshd\[38573\]: Failed password for invalid user ednalva from 89.109.11.209 port 48555 ssh2 ...	2019-09-30 20:36:18
60.179.251.68	attackspam	Automated reporting of SSH Vulnerability scanning	2019-09-30 20:22:24
141.98.80.128	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-30 20:04:24
192.241.183.220	attackspam	Sep 30 08:13:51 ny01 sshd[9963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.183.220 Sep 30 08:13:53 ny01 sshd[9963]: Failed password for invalid user costin from 192.241.183.220 port 60239 ssh2 Sep 30 08:17:45 ny01 sshd[10689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.183.220	2019-09-30 20:30:41
90.220.44.191	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-09-30 20:20:29
45.80.65.83	attack	Sep 29 22:38:08 wbs sshd\[7655\]: Invalid user tot from 45.80.65.83 Sep 29 22:38:08 wbs sshd\[7655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.83 Sep 29 22:38:10 wbs sshd\[7655\]: Failed password for invalid user tot from 45.80.65.83 port 47134 ssh2 Sep 29 22:42:30 wbs sshd\[8119\]: Invalid user distcache from 45.80.65.83 Sep 29 22:42:30 wbs sshd\[8119\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.83	2019-09-30 19:59:18
217.138.76.66	attackspam	Sep 30 13:55:43 vps01 sshd[10986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.138.76.66 Sep 30 13:55:45 vps01 sshd[10986]: Failed password for invalid user assise from 217.138.76.66 port 60059 ssh2	2019-09-30 20:10:12
138.68.20.158	attackbotsspam	09/30/2019-08:17:57.144099 138.68.20.158 Protocol: 6 ET COMPROMISED Known Compromised or Hostile Host Traffic group 8	2019-09-30 20:26:16
2.38.237.118	attackspambots	$f2bV_matches	2019-09-30 20:17:04
115.213.136.13	attackbotsspam	Automated reporting of SSH Vulnerability scanning	2019-09-30 20:31:59
88.214.26.45	attackbots	09/30/2019-14:17:41.220703 88.214.26.45 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 96	2019-09-30 20:39:00

Recently Reported IPs

101.22.125.99	109.232.2.118	70.99.42.144	200.43.231.1
213.65.97.84	46.173.172.103	121.55.205.43	108.31.194.250
201.208.24.208	54.166.234.54	37.164.187.224	63.34.101.232
98.97.129.162	62.234.150.103	205.185.119.100	187.208.108.168
150.116.161.123	180.52.59.108	178.130.159.56	179.25.225.210