94.102.210.97 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Vautron Rechenzentrum AG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2020-04-11T20:47:48.303405librenms sshd[30864]: Failed password for root from 94.102.210.97 port 41354 ssh2 2020-04-11T20:51:11.834183librenms sshd[31488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1a-7740.antagus.de user=root 2020-04-11T20:51:13.731317librenms sshd[31488]: Failed password for root from 94.102.210.97 port 50132 ssh2 ...	2020-04-12 04:51:57

Type

Details

Datetime

attackbotsspam

2020-04-11T20:47:48.303405librenms sshd[30864]: Failed password for root from 94.102.210.97 port 41354 ssh2
2020-04-11T20:51:11.834183librenms sshd[31488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1a-7740.antagus.de  user=root
2020-04-11T20:51:13.731317librenms sshd[31488]: Failed password for root from 94.102.210.97 port 50132 ssh2
...

2020-04-12 04:51:57

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.210.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56847
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.210.97.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041001 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 17:26:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

97.210.102.94.in-addr.arpa domain name pointer 1a-7740.antagus.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
97.210.102.94.in-addr.arpa	name = 1a-7740.antagus.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
34.93.45.71	attackbots	port scan and connect, tcp 23 (telnet)	2019-08-08 10:17:02
73.34.229.17	attackspam	Aug 8 03:30:36 OPSO sshd\[6557\]: Invalid user marketing from 73.34.229.17 port 59146 Aug 8 03:30:36 OPSO sshd\[6557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.34.229.17 Aug 8 03:30:39 OPSO sshd\[6557\]: Failed password for invalid user marketing from 73.34.229.17 port 59146 ssh2 Aug 8 03:35:04 OPSO sshd\[7219\]: Invalid user jasper from 73.34.229.17 port 54718 Aug 8 03:35:04 OPSO sshd\[7219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.34.229.17	2019-08-08 09:52:07
177.220.135.10	attackspam	SSH-BruteForce	2019-08-08 10:13:21
46.3.96.67	attack	Unauthorised access (Aug 8) SRC=46.3.96.67 LEN=40 TTL=247 ID=4308 TCP DPT=3306 WINDOW=1024 SYN	2019-08-08 09:37:34
91.121.110.166	attackspambots	WordPress brute force	2019-08-08 10:19:14
5.39.82.197	attackspambots	Aug 8 01:05:10 MK-Soft-VM6 sshd\[21627\]: Invalid user jasper from 5.39.82.197 port 42124 Aug 8 01:05:10 MK-Soft-VM6 sshd\[21627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.82.197 Aug 8 01:05:12 MK-Soft-VM6 sshd\[21627\]: Failed password for invalid user jasper from 5.39.82.197 port 42124 ssh2 ...	2019-08-08 09:39:32
157.230.235.233	attackbotsspam	Invalid user flavio from 157.230.235.233 port 53298 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.235.233 Failed password for invalid user flavio from 157.230.235.233 port 53298 ssh2 Invalid user ftpuser from 157.230.235.233 port 50466 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.235.233	2019-08-08 10:18:41
81.91.92.30	attackbots	WordPress brute force	2019-08-08 09:46:06
178.140.255.103	attack	Aug 8 02:31:14 andromeda sshd\[23282\]: Invalid user pi from 178.140.255.103 port 48750 Aug 8 02:31:14 andromeda sshd\[23284\]: Invalid user pi from 178.140.255.103 port 48752 Aug 8 02:31:16 andromeda sshd\[23282\]: Failed password for invalid user pi from 178.140.255.103 port 48750 ssh2	2019-08-08 10:02:45
45.237.140.120	attack	Aug 7 20:06:28 thevastnessof sshd[31335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.237.140.120 ...	2019-08-08 09:56:56
109.234.38.61	attackspambots	0,75-13/38 [bc03/m259] concatform PostRequest-Spammer scoring: Lusaka01	2019-08-08 09:45:25
172.81.243.232	attackbots	2019-08-08T02:58:39.974311centos sshd\[30968\]: Invalid user marketing from 172.81.243.232 port 46294 2019-08-08T02:58:39.978760centos sshd\[30968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.243.232 2019-08-08T02:58:41.966976centos sshd\[30968\]: Failed password for invalid user marketing from 172.81.243.232 port 46294 ssh2	2019-08-08 09:46:39
104.152.52.26	attackbots	Attack from: 104.152.52.26 Classification: WEB Masscan/Sysscan Scanner Activity -1.2	2019-08-08 10:09:48
112.85.42.94	attack	Aug 7 21:47:00 ny01 sshd[30434]: Failed password for root from 112.85.42.94 port 38936 ssh2 Aug 7 21:47:56 ny01 sshd[30501]: Failed password for root from 112.85.42.94 port 38668 ssh2	2019-08-08 10:04:23
78.11.53.58	attackbotsspam	Aug 7 17:28:27 MK-Soft-VM5 sshd\[1040\]: Invalid user wedding from 78.11.53.58 port 59310 Aug 7 17:28:27 MK-Soft-VM5 sshd\[1040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.11.53.58 Aug 7 17:28:29 MK-Soft-VM5 sshd\[1040\]: Failed password for invalid user wedding from 78.11.53.58 port 59310 ssh2 ...	2019-08-08 09:57:14

Recently Reported IPs

62.234.122.207	183.89.212.29	79.30.254.207	3.9.124.128
189.71.156.218	58.241.150.125	45.40.199.82	107.180.121.33
194.146.36.92	122.51.167.17	68.13.80.99	61.167.166.185
243.35.89.172	235.201.216.99	60.140.167.221	159.146.218.53
148.235.225.30	250.127.55.38	162.28.39.212	80.211.240.161