206.214.2.34 - IPInfo

Basic Info

City: St John's

Region: Parish of Saint John

Country: Antigua and Barbuda

Internet Service Provider: Cable & Wireless Antigua and Barbuda Ltd

Hostname: unknown

Organization: Cable & Wireless Dominica

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 26 22:51:32 srv-4 sshd\[18010\]: Invalid user admin from 206.214.2.34 Jul 26 22:51:32 srv-4 sshd\[18010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.214.2.34 Jul 26 22:51:33 srv-4 sshd\[18010\]: Failed password for invalid user admin from 206.214.2.34 port 47227 ssh2 ...	2019-07-27 05:14:06

Type

Details

Datetime

attackspam

Jul 26 22:51:32 srv-4 sshd\[18010\]: Invalid user admin from 206.214.2.34
Jul 26 22:51:32 srv-4 sshd\[18010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.214.2.34
Jul 26 22:51:33 srv-4 sshd\[18010\]: Failed password for invalid user admin from 206.214.2.34 port 47227 ssh2
...

2019-07-27 05:14:06

Comments on same subnet:

IP	Type	Details	Datetime
206.214.2.60	attackbots	2020-07-0813:42:331jt8TB-00074Q-4V\<=info@whatsup2013.chH=$localhost$[115.84.107.186]:56130P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2976id=2ada6c3f341f353da1a412be592d0712b6669b@whatsup2013.chT="Wanttohumpcertainbabesinyourneighborhood\?"forjoelfranco70@icloud.comkingnelo0543@gmail.commelvinelbokio@gmail.com2020-07-0813:45:031jt8Va-0007EK-Iw\<=info@whatsup2013.chH=$localhost$[116.105.231.228]:36610P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2958id=85b02b7873588d81a6e35506f235bfb3891dba74@whatsup2013.chT="Yourlocalhottiesarestarvingforyourcock"forjohnnyjohn16885@icloud.comssbhavani25@gmail.commasi25@gmail.com2020-07-0813:42:421jt8TJ-00075M-D8\<=info@whatsup2013.chH=170-247-41-239.westlink.net.br$localhost$[170.247.41.239]:48207P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2943id=008036656e456f67fbfe48e403775d481b88b3@whatsup2013.chT="Yourlocalgirlsarewantingfo	2020-07-09 02:46:57
206.214.2.70	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-05-06 17:50:06
206.214.2.70	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-05-04 19:52:06
206.214.2.12	attackbots	(eximsyntax) Exim syntax errors from 206.214.2.12 (AG/Antigua and Barbuda/206-214-2-12.candw.ag): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-01 08:23:05 SMTP call from [206.214.2.12] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-04-01 14:53:01
206.214.2.70	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-03-25 14:34:10
206.214.2.70	attackbotsspam	"IMAP brute force auth login attempt."	2020-03-13 00:46:07
206.214.2.130	attackbotsspam	Mar 5 21:59:28 sigma sshd\[23774\]: Invalid user guest from 206.214.2.130Mar 5 21:59:34 sigma sshd\[23774\]: Failed password for invalid user guest from 206.214.2.130 port 41392 ssh2 ...	2020-03-06 06:24:23
206.214.2.172	attackspambots	SpamReport	2019-12-03 04:02:16
206.214.2.133	attackspambots	Invalid user admin from 206.214.2.133 port 57554	2019-10-27 04:05:07
206.214.2.70	attackbotsspam	IMAP brute force ...	2019-10-05 06:37:35
206.214.2.71	attack	Chat Spam	2019-09-22 08:32:03
206.214.2.70	attackbotsspam	failed_logins	2019-07-31 16:19:52
206.214.2.106	attackspam	Jul 31 00:17:44 master sshd[12401]: Failed password for invalid user admin from 206.214.2.106 port 34300 ssh2	2019-07-31 13:01:50
206.214.2.66	attackbotsspam	Tried sshing with brute force.	2019-07-19 17:45:58
206.214.2.16	attackspambots	Jul 5 10:56:58 srv-4 sshd\[20003\]: Invalid user admin from 206.214.2.16 Jul 5 10:56:58 srv-4 sshd\[20003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.214.2.16 Jul 5 10:57:01 srv-4 sshd\[20003\]: Failed password for invalid user admin from 206.214.2.16 port 54462 ssh2 ...	2019-07-05 21:31:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 206.214.2.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4364
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;206.214.2.34.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072602 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 05:14:01 CST 2019
;; MSG SIZE  rcvd: 116

Host info

34.2.214.206.in-addr.arpa domain name pointer 206-214-2-34.candw.ag.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
34.2.214.206.in-addr.arpa	name = 206-214-2-34.candw.ag.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
93.42.126.148	attackspambots	$f2bV_matches	2019-10-14 23:01:08
193.159.246.242	attackbots	Oct 14 17:14:26 sauna sshd[190837]: Failed password for root from 193.159.246.242 port 46686 ssh2 ...	2019-10-14 22:51:09
159.65.189.115	attackspam	Oct 14 15:40:22 heissa sshd\[8293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.189.115 user=root Oct 14 15:40:24 heissa sshd\[8293\]: Failed password for root from 159.65.189.115 port 51274 ssh2 Oct 14 15:44:01 heissa sshd\[8873\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.189.115 user=root Oct 14 15:44:04 heissa sshd\[8873\]: Failed password for root from 159.65.189.115 port 34526 ssh2 Oct 14 15:47:45 heissa sshd\[9373\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.189.115 user=root	2019-10-14 23:08:28
193.32.163.104	attackspam	Port scan on 5 port(s): 3974 3976 3979 3982 3985	2019-10-14 23:05:07
103.35.64.73	attackspambots	2019-10-14T13:49:00.191951abusebot-8.cloudsearch.cf sshd\[22601\]: Invalid user zei from 103.35.64.73 port 49570	2019-10-14 22:32:56
192.227.252.24	attackspambots	Oct 14 01:46:27 php1 sshd\[28899\]: Invalid user P@\$\$WORD2017 from 192.227.252.24 Oct 14 01:46:27 php1 sshd\[28899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.227.252.24 Oct 14 01:46:29 php1 sshd\[28899\]: Failed password for invalid user P@\$\$WORD2017 from 192.227.252.24 port 48838 ssh2 Oct 14 01:50:48 php1 sshd\[29408\]: Invalid user P@\$\$WORD2017 from 192.227.252.24 Oct 14 01:50:48 php1 sshd\[29408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.227.252.24	2019-10-14 22:50:38
3.91.25.18	attackspam	POP3	2019-10-14 23:05:42
191.101.239.230	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-14 23:09:43
112.85.42.72	attackspambots	Oct 14 10:38:36 xentho sshd[27043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root Oct 14 10:38:38 xentho sshd[27043]: Failed password for root from 112.85.42.72 port 10808 ssh2 Oct 14 10:38:36 xentho sshd[27043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root Oct 14 10:38:38 xentho sshd[27043]: Failed password for root from 112.85.42.72 port 10808 ssh2 Oct 14 10:38:41 xentho sshd[27043]: Failed password for root from 112.85.42.72 port 10808 ssh2 Oct 14 10:38:36 xentho sshd[27043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=root Oct 14 10:38:38 xentho sshd[27043]: Failed password for root from 112.85.42.72 port 10808 ssh2 Oct 14 10:38:41 xentho sshd[27043]: Failed password for root from 112.85.42.72 port 10808 ssh2 Oct 14 10:38:43 xentho sshd[27043]: Failed password for root from 112.85.42.72 po ...	2019-10-14 22:58:40
164.132.42.32	attackspambots	Oct 14 13:56:07 apollo sshd\[11966\]: Failed password for root from 164.132.42.32 port 55082 ssh2Oct 14 14:00:32 apollo sshd\[11989\]: Invalid user wz from 164.132.42.32Oct 14 14:00:34 apollo sshd\[11989\]: Failed password for invalid user wz from 164.132.42.32 port 45934 ssh2 ...	2019-10-14 23:21:44
103.92.84.102	attackbotsspam	Oct 14 16:03:20 MK-Soft-VM7 sshd[12548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.84.102 Oct 14 16:03:23 MK-Soft-VM7 sshd[12548]: Failed password for invalid user 123 from 103.92.84.102 port 41964 ssh2 ...	2019-10-14 22:56:33
51.79.49.225	attackspambots	$f2bV_matches	2019-10-14 22:44:15
106.13.48.201	attack	Oct 14 13:45:27 root sshd[17947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.48.201 Oct 14 13:45:29 root sshd[17947]: Failed password for invalid user Haslo from 106.13.48.201 port 36922 ssh2 Oct 14 13:51:12 root sshd[17978]: Failed password for root from 106.13.48.201 port 45598 ssh2 ...	2019-10-14 22:34:48
138.68.24.138	attackspambots	WordPress wp-login brute force :: 138.68.24.138 0.124 BYPASS [14/Oct/2019:22:50:59 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-14 22:42:34
185.53.88.102	attack	\[2019-10-14 10:31:18\] NOTICE\[1887\] chan_sip.c: Registration from '"3001" \' failed for '185.53.88.102:5949' - Wrong password \[2019-10-14 10:31:18\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-14T10:31:18.264-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3001",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.102/5949",Challenge="3855e3b2",ReceivedChallenge="3855e3b2",ReceivedHash="9604a3475fbade7ddcf7374ee1954d18" \[2019-10-14 10:31:18\] NOTICE\[1887\] chan_sip.c: Registration from '"3001" \' failed for '185.53.88.102:5949' - Wrong password \[2019-10-14 10:31:18\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-14T10:31:18.374-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3001",SessionID="0x7fc3ac2ed548",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-10-14 23:00:06

Recently Reported IPs

76.28.64.63	122.90.28.222	103.6.54.194	185.183.2.175
105.18.78.43	81.134.41.100	131.128.141.113	137.59.45.16
102.77.195.170	37.114.130.118	3.214.242.102	70.28.42.199
83.239.98.166	168.165.16.176	147.135.161.142	93.77.145.72
217.247.234.153	167.136.30.96	183.255.148.10	180.76.168.78