197.253.14.6 - IPInfo

Basic Info

City: Suleja

Region: Niger State

Country: Nigeria

Internet Service Provider: MainOne

Hostname: unknown

Organization: MAINONE

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	ssh default account attempted login	2019-07-21 05:10:42
attackspam	fraudulent SSH attempt	2019-07-20 02:37:11
attack	2019-07-18T16:06:52.593376abusebot-8.cloudsearch.cf sshd\[18977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.14.6 user=root	2019-07-19 01:31:20
attackbotsspam	2019-07-17T05:00:01.363220abusebot-5.cloudsearch.cf sshd\[1106\]: Invalid user brian from 197.253.14.6 port 6238	2019-07-17 13:38:00
attackspambots	Jul 16 00:59:06 localhost sshd[25817]: Invalid user polycom from 197.253.14.6 port 56714 Jul 16 00:59:06 localhost sshd[25817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.14.6 Jul 16 00:59:06 localhost sshd[25817]: Invalid user polycom from 197.253.14.6 port 56714 Jul 16 00:59:08 localhost sshd[25817]: Failed password for invalid user polycom from 197.253.14.6 port 56714 ssh2 ...	2019-07-16 01:41:34

Comments on same subnet:

IP	Type	Details	Datetime
197.253.145.6	attackspambots	445/tcp 445/tcp 445/tcp [2020-09-26]3pkt	2020-09-28 06:24:44
197.253.145.6	attack	445/tcp 445/tcp 445/tcp [2020-09-26]3pkt	2020-09-27 22:47:48
197.253.145.6	attackspam	445/tcp 445/tcp 445/tcp [2020-09-26]3pkt	2020-09-27 14:43:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.253.14.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59648
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.253.14.6.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 16 01:41:28 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 6.14.253.197.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 6.14.253.197.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.231.132.94	attack	Dec 14 12:45:56 Tower sshd[18954]: refused connect from 129.211.99.69 (129.211.99.69) Dec 15 01:26:51 Tower sshd[18954]: Connection from 111.231.132.94 port 48420 on 192.168.10.220 port 22 Dec 15 01:26:54 Tower sshd[18954]: Invalid user armida from 111.231.132.94 port 48420 Dec 15 01:26:54 Tower sshd[18954]: error: Could not get shadow information for NOUSER Dec 15 01:26:54 Tower sshd[18954]: Failed password for invalid user armida from 111.231.132.94 port 48420 ssh2 Dec 15 01:26:54 Tower sshd[18954]: Received disconnect from 111.231.132.94 port 48420:11: Bye Bye [preauth] Dec 15 01:26:54 Tower sshd[18954]: Disconnected from invalid user armida 111.231.132.94 port 48420 [preauth]	2019-12-15 18:01:27
175.175.40.26	attackbotsspam	Unauthorised access (Dec 15) SRC=175.175.40.26 LEN=40 TTL=49 ID=27584 TCP DPT=23 WINDOW=35794 SYN	2019-12-15 18:04:34
122.128.107.148	attackbotsspam	SSH Bruteforce attempt	2019-12-15 17:49:45
23.94.46.192	attackbots	2019-12-15T07:55:32.895772abusebot.cloudsearch.cf sshd\[7702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.94.46.192 user=root 2019-12-15T07:55:34.493448abusebot.cloudsearch.cf sshd\[7702\]: Failed password for root from 23.94.46.192 port 44656 ssh2 2019-12-15T08:04:45.281308abusebot.cloudsearch.cf sshd\[7795\]: Invalid user bbh628 from 23.94.46.192 port 43360 2019-12-15T08:04:45.288288abusebot.cloudsearch.cf sshd\[7795\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.94.46.192	2019-12-15 17:47:40
54.39.138.246	attack	Dec 15 10:29:42 icinga sshd[4848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.246 Dec 15 10:29:44 icinga sshd[4848]: Failed password for invalid user helstrom from 54.39.138.246 port 60254 ssh2 ...	2019-12-15 18:04:19
139.199.25.110	attack	Dec 15 09:31:51 MainVPS sshd[21220]: Invalid user admin from 139.199.25.110 port 42896 Dec 15 09:31:51 MainVPS sshd[21220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.25.110 Dec 15 09:31:51 MainVPS sshd[21220]: Invalid user admin from 139.199.25.110 port 42896 Dec 15 09:31:53 MainVPS sshd[21220]: Failed password for invalid user admin from 139.199.25.110 port 42896 ssh2 Dec 15 09:38:11 MainVPS sshd[304]: Invalid user ftp from 139.199.25.110 port 34716 ...	2019-12-15 17:54:34
95.110.154.101	attack	Dec 15 10:26:54 legacy sshd[22197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.110.154.101 Dec 15 10:26:56 legacy sshd[22197]: Failed password for invalid user alex from 95.110.154.101 port 52192 ssh2 Dec 15 10:32:34 legacy sshd[22394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.110.154.101 ...	2019-12-15 17:39:32
183.88.177.252	attackspam	Dec 15 09:52:13 * sshd[23840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.88.177.252 Dec 15 09:52:16 * sshd[23840]: Failed password for invalid user marl from 183.88.177.252 port 43458 ssh2	2019-12-15 17:44:08
137.74.47.22	attackbots	Dec 15 07:42:44 vps691689 sshd[31983]: Failed password for root from 137.74.47.22 port 45384 ssh2 Dec 15 07:47:51 vps691689 sshd[32135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.47.22 ...	2019-12-15 18:11:25
159.89.111.136	attackspam	Dec 15 08:53:39 meumeu sshd[3769]: Failed password for root from 159.89.111.136 port 41766 ssh2 Dec 15 08:58:46 meumeu sshd[4646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.111.136 Dec 15 08:58:47 meumeu sshd[4646]: Failed password for invalid user tomcat from 159.89.111.136 port 48742 ssh2 ...	2019-12-15 17:52:10
167.86.103.240	attack	Unauthorized connection attempt detected from IP address 167.86.103.240 to port 993	2019-12-15 17:34:27
134.209.81.110	attackbotsspam	400 BAD REQUEST	2019-12-15 18:04:03
159.203.81.28	attack	Dec 15 10:27:47 root sshd[1138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.81.28 Dec 15 10:27:49 root sshd[1138]: Failed password for invalid user chunok from 159.203.81.28 port 40517 ssh2 Dec 15 10:33:17 root sshd[1280]: Failed password for root from 159.203.81.28 port 43894 ssh2 ...	2019-12-15 17:48:36
113.221.22.184	attackbots	Scanning	2019-12-15 17:45:30
218.92.0.157	attackspambots	Dec 15 10:54:40 srv206 sshd[24393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.157 user=root Dec 15 10:54:42 srv206 sshd[24393]: Failed password for root from 218.92.0.157 port 57156 ssh2 Dec 15 10:54:45 srv206 sshd[24393]: Failed password for root from 218.92.0.157 port 57156 ssh2 Dec 15 10:54:40 srv206 sshd[24393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.157 user=root Dec 15 10:54:42 srv206 sshd[24393]: Failed password for root from 218.92.0.157 port 57156 ssh2 Dec 15 10:54:45 srv206 sshd[24393]: Failed password for root from 218.92.0.157 port 57156 ssh2 ...	2019-12-15 17:59:18

Recently Reported IPs

151.132.188.78	112.33.39.25	71.114.217.230	45.173.160.124
193.195.24.112	206.138.47.6	152.228.22.63	51.15.221.228
187.74.143.211	196.255.80.51	114.238.124.150	53.64.105.199
86.55.74.177	103.68.21.110	146.228.61.243	86.55.74.175
46.60.1.10	117.147.244.247	38.39.192.78	218.67.142.34