94.130.14.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Hetzner Online AG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - XMLRPC Attack	2019-11-11 16:13:47

Comments on same subnet:

IP	Type	Details	Datetime
94.130.149.34	attack	TCP (SYN) 94.130.149.34:54855 -> port 23, len 40	2020-06-07 17:38:39
94.130.149.34	attackspambots	TCP (SYN) 94.130.149.34:54855 -> port 23, len 40	2020-06-07 08:00:47
94.130.148.21	attackbotsspam	Dec 27 15:45:56 nexus sshd[26214]: Invalid user gandalf from 94.130.148.21 port 53248 Dec 27 15:45:56 nexus sshd[26214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.130.148.21 Dec 27 15:45:59 nexus sshd[26214]: Failed password for invalid user gandalf from 94.130.148.21 port 53248 ssh2 Dec 27 15:45:59 nexus sshd[26214]: Received disconnect from 94.130.148.21 port 53248:11: Bye Bye [preauth] Dec 27 15:45:59 nexus sshd[26214]: Disconnected from 94.130.148.21 port 53248 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.130.148.21	2019-12-29 04:56:00
94.130.146.115	attackbotsspam	Dec 7 15:42:07 our-server-hostname postfix/smtpd[19470]: connect from unknown[94.130.146.115] Dec 7 15:42:08 our-server-hostname postfix/smtpd[19470]: SSL_accept error from unknown[94.130.146.115]: -1 Dec 7 15:42:08 our-server-hostname postfix/smtpd[19470]: lost connection after STARTTLS from unknown[94.130.146.115] Dec 7 15:42:08 our-server-hostname postfix/smtpd[19470]: disconnect from unknown[94.130.146.115] Dec 7 15:42:08 our-server-hostname postfix/smtpd[19470]: connect from unknown[94.130.146.115] Dec 7 15:42:11 our-server-hostname postfix/smtpd[26432]: connect from unknown[94.130.146.115] Dec x@x Dec 7 15:42:11 our-server-hostname postfix/smtpd[19470]: disconnect from unknown[94.130.146.115] Dec 7 15:42:12 our-server-hostname postfix/smtpd[26432]: SSL_accept error from unknown[94.130.146.115]: -1 Dec 7 15:42:12 our-server-hostname postfix/smtpd[26432]: lost connection after STARTTLS from unknown[94.130.146.115] Dec 7 15:42:12 our-server-hostname postfix........ -------------------------------	2019-12-07 17:02:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.130.14.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39646
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.130.14.92.			IN	A

;; AUTHORITY SECTION:
.			556	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111100 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 11 16:13:42 CST 2019
;; MSG SIZE  rcvd: 116

Host info

92.14.130.94.in-addr.arpa domain name pointer static.92.14.130.94.clients.your-server.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
92.14.130.94.in-addr.arpa	name = static.92.14.130.94.clients.your-server.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
93.168.216.153	attack	20/5/4@21:09:35: FAIL: Alarm-Network address from=93.168.216.153 ...	2020-05-05 12:39:53
139.59.10.17	attack	Automatic report - XMLRPC Attack	2020-05-05 12:23:35
123.213.118.68	attackbots	(sshd) Failed SSH login from 123.213.118.68 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 5 05:46:48 amsweb01 sshd[1163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.213.118.68 user=root May 5 05:46:50 amsweb01 sshd[1163]: Failed password for root from 123.213.118.68 port 46144 ssh2 May 5 05:50:16 amsweb01 sshd[1581]: Invalid user tanaka from 123.213.118.68 port 56338 May 5 05:50:17 amsweb01 sshd[1581]: Failed password for invalid user tanaka from 123.213.118.68 port 56338 ssh2 May 5 05:52:14 amsweb01 sshd[1782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.213.118.68 user=root	2020-05-05 12:44:17
106.12.22.208	attackspam	SSH brute-force: detected 8 distinct usernames within a 24-hour window.	2020-05-05 12:24:00
51.15.175.167	attackbotsspam	May 5 05:22:34 santamaria sshd\[19113\]: Invalid user vtl from 51.15.175.167 May 5 05:22:34 santamaria sshd\[19113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.175.167 May 5 05:22:37 santamaria sshd\[19113\]: Failed password for invalid user vtl from 51.15.175.167 port 32984 ssh2 ...	2020-05-05 12:08:40
93.73.199.52	attackbotsspam	Unauthorized access detected from black listed ip!	2020-05-05 12:40:24
109.230.81.5	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-05 12:42:04
75.130.124.90	attackbots	May 4 21:03:08 pixelmemory sshd[369030]: Invalid user na from 75.130.124.90 port 44216 May 4 21:03:08 pixelmemory sshd[369030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.130.124.90 May 4 21:03:08 pixelmemory sshd[369030]: Invalid user na from 75.130.124.90 port 44216 May 4 21:03:10 pixelmemory sshd[369030]: Failed password for invalid user na from 75.130.124.90 port 44216 ssh2 May 4 21:06:56 pixelmemory sshd[369518]: Invalid user hyk from 75.130.124.90 port 57202 ...	2020-05-05 12:21:08
66.70.130.151	attack	2020-05-05T04:21:52.176886 sshd[23610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.151 2020-05-05T04:21:52.164139 sshd[23610]: Invalid user web from 66.70.130.151 port 59160 2020-05-05T04:21:53.934687 sshd[23610]: Failed password for invalid user web from 66.70.130.151 port 59160 ssh2 2020-05-05T06:30:53.984312 sshd[25478]: Invalid user sumanta from 66.70.130.151 port 46748 ...	2020-05-05 12:31:26
186.46.200.220	attackbotsspam	Honeypot attack, port: 445, PTR: 220.200.46.186.static.anycast.cnt-grms.ec.	2020-05-05 12:19:03
202.165.224.68	attackspambots	Wordpress malicious attack:[sshd]	2020-05-05 12:29:56
113.160.112.114	attack	DATE:2020-05-05 03:09:50, IP:113.160.112.114, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-05-05 12:27:33
160.124.140.136	attack	$f2bV_matches	2020-05-05 12:15:25
142.93.242.246	attackbots	2020-05-05T01:02:54.707047abusebot-2.cloudsearch.cf sshd[6070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.242.246 user=root 2020-05-05T01:02:56.686087abusebot-2.cloudsearch.cf sshd[6070]: Failed password for root from 142.93.242.246 port 35148 ssh2 2020-05-05T01:06:27.459961abusebot-2.cloudsearch.cf sshd[6172]: Invalid user john from 142.93.242.246 port 45218 2020-05-05T01:06:27.466687abusebot-2.cloudsearch.cf sshd[6172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.242.246 2020-05-05T01:06:27.459961abusebot-2.cloudsearch.cf sshd[6172]: Invalid user john from 142.93.242.246 port 45218 2020-05-05T01:06:29.355068abusebot-2.cloudsearch.cf sshd[6172]: Failed password for invalid user john from 142.93.242.246 port 45218 ssh2 2020-05-05T01:10:00.915595abusebot-2.cloudsearch.cf sshd[6185]: Invalid user dietpi from 142.93.242.246 port 55308 ...	2020-05-05 12:15:51
49.49.243.213	attackspambots	Honeypot attack, port: 445, PTR: mx-ll-49.49.243-213.dynamic.3bb.co.th.	2020-05-05 12:05:18

Recently Reported IPs

61.149.136.46	180.183.180.6	194.108.0.86	152.250.28.63
122.121.105.217	167.71.219.231	61.184.253.154	45.136.109.243
123.124.158.23	59.95.247.150	90.224.136.147	40.65.191.94
178.239.121.197	41.39.43.40	40.73.59.46	163.172.135.197
219.105.247.136	134.209.237.55	129.211.99.69	94.23.42.196