94.102.210.97 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Vautron Rechenzentrum AG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2020-04-11T20:47:48.303405librenms sshd[30864]: Failed password for root from 94.102.210.97 port 41354 ssh2 2020-04-11T20:51:11.834183librenms sshd[31488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1a-7740.antagus.de user=root 2020-04-11T20:51:13.731317librenms sshd[31488]: Failed password for root from 94.102.210.97 port 50132 ssh2 ...	2020-04-12 04:51:57

Type

Details

Datetime

attackbotsspam

2020-04-11T20:47:48.303405librenms sshd[30864]: Failed password for root from 94.102.210.97 port 41354 ssh2
2020-04-11T20:51:11.834183librenms sshd[31488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1a-7740.antagus.de  user=root
2020-04-11T20:51:13.731317librenms sshd[31488]: Failed password for root from 94.102.210.97 port 50132 ssh2
...

2020-04-12 04:51:57

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.210.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56847
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.210.97.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041001 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 17:26:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

97.210.102.94.in-addr.arpa domain name pointer 1a-7740.antagus.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
97.210.102.94.in-addr.arpa	name = 1a-7740.antagus.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.23	attackbots	Jul 26 19:59:09 rush sshd[3620]: Failed password for root from 222.186.175.23 port 14820 ssh2 Jul 26 19:59:13 rush sshd[3620]: Failed password for root from 222.186.175.23 port 14820 ssh2 Jul 26 19:59:16 rush sshd[3620]: Failed password for root from 222.186.175.23 port 14820 ssh2 ...	2020-07-27 04:08:03
210.245.119.136	attack	" "	2020-07-27 04:09:04
106.13.233.4	attack	Jul 26 17:56:53 journals sshd\[98045\]: Invalid user admin from 106.13.233.4 Jul 26 17:56:53 journals sshd\[98045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.233.4 Jul 26 17:56:55 journals sshd\[98045\]: Failed password for invalid user admin from 106.13.233.4 port 39832 ssh2 Jul 26 17:58:46 journals sshd\[98200\]: Invalid user rafael from 106.13.233.4 Jul 26 17:58:46 journals sshd\[98200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.233.4 ...	2020-07-27 04:07:42
166.62.80.109	attack	166.62.80.109 - - [26/Jul/2020:20:43:12 +0100] "POST /wp-login.php HTTP/1.1" 200 2132 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.80.109 - - [26/Jul/2020:20:43:15 +0100] "POST /wp-login.php HTTP/1.1" 200 2100 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.80.109 - - [26/Jul/2020:20:43:17 +0100] "POST /wp-login.php HTTP/1.1" 200 2101 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-27 04:03:33
142.93.107.175	attackspambots	2020-07-26 19:48:25,982 fail2ban.actions: WARNING [ssh] Ban 142.93.107.175	2020-07-27 04:18:55
109.196.55.45	attackspambots	Jul 26 20:16:01 scw-6657dc sshd[13957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.196.55.45 Jul 26 20:16:01 scw-6657dc sshd[13957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.196.55.45 Jul 26 20:16:03 scw-6657dc sshd[13957]: Failed password for invalid user pinturabh from 109.196.55.45 port 58806 ssh2 ...	2020-07-27 04:21:07
113.160.189.112	attackbots	Unauthorized connection attempt from IP address 113.160.189.112 on Port 445(SMB)	2020-07-27 04:12:09
49.234.199.73	attackspambots	2020-07-26T22:15:30.358064+02:00 sshd[11349]: Failed password for invalid user judy from 49.234.199.73 port 33462 ssh2	2020-07-27 04:21:47
46.101.31.59	attackspambots	46.101.31.59 - - [26/Jul/2020:20:38:12 +0200] "GET /wp-login.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 46.101.31.59 - - [26/Jul/2020:20:38:13 +0200] "POST /wp-login.php HTTP/1.1" 200 6649 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 46.101.31.59 - - [26/Jul/2020:20:38:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-27 04:12:41
194.26.29.81	attackbotsspam	Jul 26 22:23:49 debian-2gb-nbg1-2 kernel: \[18053537.970511\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.81 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=39260 PROTO=TCP SPT=46948 DPT=3391 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-27 04:23:55
216.45.23.6	attackspambots	Jul 26 14:10:49 server1 sshd\[32298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.45.23.6 Jul 26 14:10:51 server1 sshd\[32298\]: Failed password for invalid user testing from 216.45.23.6 port 38661 ssh2 Jul 26 14:15:52 server1 sshd\[1130\]: Invalid user demo from 216.45.23.6 Jul 26 14:15:52 server1 sshd\[1130\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.45.23.6 Jul 26 14:15:54 server1 sshd\[1130\]: Failed password for invalid user demo from 216.45.23.6 port 45769 ssh2 ...	2020-07-27 04:27:36
111.229.235.119	attack	Jul 26 20:35:11 ns382633 sshd\[8148\]: Invalid user xxq from 111.229.235.119 port 43724 Jul 26 20:35:11 ns382633 sshd\[8148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.235.119 Jul 26 20:35:14 ns382633 sshd\[8148\]: Failed password for invalid user xxq from 111.229.235.119 port 43724 ssh2 Jul 26 20:42:19 ns382633 sshd\[9676\]: Invalid user scan from 111.229.235.119 port 38242 Jul 26 20:42:19 ns382633 sshd\[9676\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.235.119	2020-07-27 04:05:48
107.174.66.229	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-27 03:58:02
113.161.32.34	attackspam	Unauthorized connection attempt from IP address 113.161.32.34 on Port 445(SMB)	2020-07-27 03:59:34
106.52.36.19	attack	[ssh] SSH attack	2020-07-27 04:06:38

Recently Reported IPs

62.234.122.207	183.89.212.29	79.30.254.207	3.9.124.128
189.71.156.218	58.241.150.125	45.40.199.82	107.180.121.33
194.146.36.92	122.51.167.17	68.13.80.99	61.167.166.185
243.35.89.172	235.201.216.99	60.140.167.221	159.146.218.53
148.235.225.30	250.127.55.38	162.28.39.212	80.211.240.161