94.158.54.201 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Uzbekistan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
94.158.54.251	attackbots	Nov 6 07:09:18 mxgate1 postfix/postscreen[20039]: CONNECT from [94.158.54.251]:65322 to [176.31.12.44]:25 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20043]: addr 94.158.54.251 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20043]: addr 94.158.54.251 listed by domain zen.spamhaus.org as 127.0.0.10 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20042]: addr 94.158.54.251 listed by domain bl.spamcop.net as 127.0.0.2 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20041]: addr 94.158.54.251 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20040]: addr 94.158.54.251 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20050]: addr 94.158.54.251 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 6 07:09:18 mxgate1 postfix/postscreen[20039]: PREGREET 22 after 0.17 from [94.158.54.251]:65322: EHLO [94.158.54.251] Nov 6 07:09:18 mxgate1 postfix/postscreen[20039]: DNSBL rank ........ -------------------------------	2019-11-06 17:29:41

Type

Details

Datetime

94.158.54.251

attackbots

Nov  6 07:09:18 mxgate1 postfix/postscreen[20039]: CONNECT from [94.158.54.251]:65322 to [176.31.12.44]:25
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20043]: addr 94.158.54.251 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20043]: addr 94.158.54.251 listed by domain zen.spamhaus.org as 127.0.0.10
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20042]: addr 94.158.54.251 listed by domain bl.spamcop.net as 127.0.0.2
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20041]: addr 94.158.54.251 listed by domain cbl.abuseat.org as 127.0.0.2
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20040]: addr 94.158.54.251 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20050]: addr 94.158.54.251 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  6 07:09:18 mxgate1 postfix/postscreen[20039]: PREGREET 22 after 0.17 from [94.158.54.251]:65322: EHLO [94.158.54.251]

Nov  6 07:09:18 mxgate1 postfix/postscreen[20039]: DNSBL rank ........
-------------------------------

2019-11-06 17:29:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.158.54.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43646
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;94.158.54.201.			IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 18:35:36 CST 2022
;; MSG SIZE  rcvd: 106

Host info

201.54.158.94.in-addr.arpa domain name pointer mail.uzbairports.uz.54.158.94.in-addr.arpa.
201.54.158.94.in-addr.arpa domain name pointer mail.uzairports.com.
201.54.158.94.in-addr.arpa domain name pointer mail.uzport.com.
201.54.158.94.in-addr.arpa domain name pointer mail.silk-avia.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
201.54.158.94.in-addr.arpa	name = mail.uzport.com.
201.54.158.94.in-addr.arpa	name = mail.silk-avia.com.
201.54.158.94.in-addr.arpa	name = mail.uzbairports.uz.54.158.94.in-addr.arpa.
201.54.158.94.in-addr.arpa	name = mail.uzairports.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.209.0.11	attackbotsspam	Port scan on 9 port(s): 10608 13150 16026 27222 31926 32937 33227 41820 52792	2019-07-08 18:37:30
178.33.130.196	attackbots	Jul 8 10:30:06 xb3 sshd[11438]: Failed password for invalid user wb from 178.33.130.196 port 53708 ssh2 Jul 8 10:30:06 xb3 sshd[11438]: Received disconnect from 178.33.130.196: 11: Bye Bye [preauth] Jul 8 10:35:43 xb3 sshd[28678]: Failed password for invalid user web15 from 178.33.130.196 port 51406 ssh2 Jul 8 10:35:43 xb3 sshd[28678]: Received disconnect from 178.33.130.196: 11: Bye Bye [preauth] Jul 8 10:39:46 xb3 sshd[5491]: Failed password for invalid user mind from 178.33.130.196 port 41114 ssh2 Jul 8 10:39:46 xb3 sshd[5491]: Received disconnect from 178.33.130.196: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.33.130.196	2019-07-08 18:54:16
210.10.210.78	attack	Jul 8 11:15:08 SilenceServices sshd[29615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.10.210.78 Jul 8 11:15:10 SilenceServices sshd[29615]: Failed password for invalid user solr from 210.10.210.78 port 34672 ssh2 Jul 8 11:17:35 SilenceServices sshd[31207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.10.210.78	2019-07-08 18:39:20
138.36.110.179	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 18:48:37
79.137.20.253	attack	79.137.20.253 - - [08/Jul/2019:11:23:43 +0300] "POST /xmlrpc.php HTTP/1.1" 404 285 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-08 19:21:59
52.82.9.0	attackbots	Lines containing failures of 52.82.9.0 /var/log/apache/pucorp.org.log:2019-07-08T09:57:18.275852+02:00 desktop sshd[26423]: Invalid user admin from 52.82.9.0 port 54016 /var/log/apache/pucorp.org.log:2019-07-08T09:57:18.281484+02:00 desktop sshd[26423]: pam_krb5(sshd:auth): authentication failure; logname=admin uid=0 euid=0 tty=ssh ruser= rhost=52.82.9.0 /var/log/apache/pucorp.org.log:2019-07-08T09:57:18.286742+02:00 desktop sshd[26423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.82.9.0 /var/log/apache/pucorp.org.log:2019-07-08T09:57:18.297952+02:00 desktop sshd[26423]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.82.9.0 user=admin /var/log/apache/pucorp.org.log:2019-07-08T09:57:20.351385+02:00 desktop sshd[26423]: Failed password for invalid user admin from 52.82.9.0 port 54016 ssh2 /var/log/apache/pucorp.org.log:2019-07-08T09:57:22.347069+02:00 desktop sshd[26423]: Received di........ ------------------------------	2019-07-08 18:58:44
131.255.220.194	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 19:18:22
138.36.109.52	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 18:53:41
81.22.45.251	attackbots	firewall-block, port(s): 5900/tcp, 5901/tcp, 5916/tcp, 5925/tcp	2019-07-08 18:39:49
185.242.6.4	attack	Automatic report - Web App Attack	2019-07-08 19:19:16
213.6.227.38	attackbots	Unauthorized IMAP connection attempt.	2019-07-08 19:13:33
17.133.234.33	attackspambots	24 2019-07-08 16:53:33 notice Firewall Match default rule, DROP [count=12] 17.133.234.33:16387 192.168.3.108:16403 ACCESS BLOCK	2019-07-08 19:05:20
104.248.211.180	attackspambots	Jul 8 09:40:05 marvibiene sshd[28660]: Invalid user frodo from 104.248.211.180 port 41720 Jul 8 09:40:05 marvibiene sshd[28660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.211.180 Jul 8 09:40:05 marvibiene sshd[28660]: Invalid user frodo from 104.248.211.180 port 41720 Jul 8 09:40:07 marvibiene sshd[28660]: Failed password for invalid user frodo from 104.248.211.180 port 41720 ssh2 ...	2019-07-08 18:45:09
188.0.146.200	attackspambots	19/7/8@04:24:30: FAIL: Alarm-Intrusion address from=188.0.146.200 ...	2019-07-08 19:25:40
178.128.214.153	attackbots	firewall-block, port(s): 3389/tcp	2019-07-08 19:03:22

Recently Reported IPs

94.158.23.20	94.158.63.132	94.158.87.207	94.158.95.14
94.159.14.162	94.159.143.57	94.17.32.152	94.175.100.181
94.168.9.242	94.178.203.67	94.178.73.220	94.178.3.93
94.179.202.235	94.177.123.148	94.179.228.40	94.180.203.0
94.180.253.213	94.180.105.223	94.180.74.195	94.177.12.215