94.158.54.201 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Uzbekistan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
94.158.54.251	attackbots	Nov 6 07:09:18 mxgate1 postfix/postscreen[20039]: CONNECT from [94.158.54.251]:65322 to [176.31.12.44]:25 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20043]: addr 94.158.54.251 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20043]: addr 94.158.54.251 listed by domain zen.spamhaus.org as 127.0.0.10 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20042]: addr 94.158.54.251 listed by domain bl.spamcop.net as 127.0.0.2 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20041]: addr 94.158.54.251 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20040]: addr 94.158.54.251 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 6 07:09:18 mxgate1 postfix/dnsblog[20050]: addr 94.158.54.251 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 6 07:09:18 mxgate1 postfix/postscreen[20039]: PREGREET 22 after 0.17 from [94.158.54.251]:65322: EHLO [94.158.54.251] Nov 6 07:09:18 mxgate1 postfix/postscreen[20039]: DNSBL rank ........ -------------------------------	2019-11-06 17:29:41

Type

Details

Datetime

94.158.54.251

attackbots

Nov  6 07:09:18 mxgate1 postfix/postscreen[20039]: CONNECT from [94.158.54.251]:65322 to [176.31.12.44]:25
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20043]: addr 94.158.54.251 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20043]: addr 94.158.54.251 listed by domain zen.spamhaus.org as 127.0.0.10
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20042]: addr 94.158.54.251 listed by domain bl.spamcop.net as 127.0.0.2
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20041]: addr 94.158.54.251 listed by domain cbl.abuseat.org as 127.0.0.2
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20040]: addr 94.158.54.251 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Nov  6 07:09:18 mxgate1 postfix/dnsblog[20050]: addr 94.158.54.251 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  6 07:09:18 mxgate1 postfix/postscreen[20039]: PREGREET 22 after 0.17 from [94.158.54.251]:65322: EHLO [94.158.54.251]

Nov  6 07:09:18 mxgate1 postfix/postscreen[20039]: DNSBL rank ........
-------------------------------

2019-11-06 17:29:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.158.54.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43646
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;94.158.54.201.			IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 18:35:36 CST 2022
;; MSG SIZE  rcvd: 106

Host info

201.54.158.94.in-addr.arpa domain name pointer mail.uzbairports.uz.54.158.94.in-addr.arpa.
201.54.158.94.in-addr.arpa domain name pointer mail.uzairports.com.
201.54.158.94.in-addr.arpa domain name pointer mail.uzport.com.
201.54.158.94.in-addr.arpa domain name pointer mail.silk-avia.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
201.54.158.94.in-addr.arpa	name = mail.uzport.com.
201.54.158.94.in-addr.arpa	name = mail.silk-avia.com.
201.54.158.94.in-addr.arpa	name = mail.uzbairports.uz.54.158.94.in-addr.arpa.
201.54.158.94.in-addr.arpa	name = mail.uzairports.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.173.180	attack	May 10 08:37:05 localhost sshd[111268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root May 10 08:37:07 localhost sshd[111268]: Failed password for root from 222.186.173.180 port 27722 ssh2 May 10 08:37:12 localhost sshd[111268]: Failed password for root from 222.186.173.180 port 27722 ssh2 May 10 08:37:05 localhost sshd[111268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root May 10 08:37:07 localhost sshd[111268]: Failed password for root from 222.186.173.180 port 27722 ssh2 May 10 08:37:12 localhost sshd[111268]: Failed password for root from 222.186.173.180 port 27722 ssh2 May 10 08:37:05 localhost sshd[111268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root May 10 08:37:07 localhost sshd[111268]: Failed password for root from 222.186.173.180 port 27722 ssh2 May 10 08:37:12 localhost ...	2020-05-10 16:39:51
51.77.150.118	attackbotsspam	May 10 08:24:48 tuxlinux sshd[45968]: Invalid user ina from 51.77.150.118 port 56402 May 10 08:24:48 tuxlinux sshd[45968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.150.118 ...	2020-05-10 16:05:32
185.232.30.130	attack	05/10/2020-03:12:06.973702 185.232.30.130 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-10 16:28:53
120.53.3.4	attackbots	...	2020-05-10 16:38:52
129.211.47.56	attackbots	May 10 06:54:51 nextcloud sshd\[10722\]: Invalid user postgres from 129.211.47.56 May 10 06:54:51 nextcloud sshd\[10722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.47.56 May 10 06:54:53 nextcloud sshd\[10722\]: Failed password for invalid user postgres from 129.211.47.56 port 52806 ssh2	2020-05-10 16:29:22
37.187.104.135	attack	(sshd) Failed SSH login from 37.187.104.135 (FR/France/ns3374745.ip-37-187-104.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 10 06:19:24 amsweb01 sshd[23445]: Invalid user tests from 37.187.104.135 port 43702 May 10 06:19:26 amsweb01 sshd[23445]: Failed password for invalid user tests from 37.187.104.135 port 43702 ssh2 May 10 06:31:38 amsweb01 sshd[24566]: Invalid user zhongfu from 37.187.104.135 port 40940 May 10 06:31:40 amsweb01 sshd[24566]: Failed password for invalid user zhongfu from 37.187.104.135 port 40940 ssh2 May 10 06:35:07 amsweb01 sshd[24915]: Invalid user test from 37.187.104.135 port 49862	2020-05-10 16:29:50
216.68.91.104	attackspam	frenzy	2020-05-10 15:58:37
49.234.28.109	attackspambots	May 10 08:50:14 ns382633 sshd\[30713\]: Invalid user abc from 49.234.28.109 port 57228 May 10 08:50:14 ns382633 sshd\[30713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.28.109 May 10 08:50:16 ns382633 sshd\[30713\]: Failed password for invalid user abc from 49.234.28.109 port 57228 ssh2 May 10 09:08:58 ns382633 sshd\[1841\]: Invalid user brio_admin from 49.234.28.109 port 52906 May 10 09:08:58 ns382633 sshd\[1841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.28.109	2020-05-10 16:27:08
163.172.121.98	attackbotsspam	Brute-force attempt banned	2020-05-10 16:24:49
167.172.145.142	attackbotsspam	May 10 09:35:52 localhost sshd\[7136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.145.142 user=root May 10 09:35:54 localhost sshd\[7136\]: Failed password for root from 167.172.145.142 port 43282 ssh2 May 10 09:39:54 localhost sshd\[7279\]: Invalid user zhang from 167.172.145.142 May 10 09:39:54 localhost sshd\[7279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.145.142 May 10 09:39:56 localhost sshd\[7279\]: Failed password for invalid user zhang from 167.172.145.142 port 54564 ssh2 ...	2020-05-10 15:59:57
111.12.90.43	attack	SSH login attempts.	2020-05-10 16:09:47
206.189.151.212	attack	May 10 10:19:50 v22018086721571380 sshd[29226]: Failed password for invalid user elastic from 206.189.151.212 port 34610 ssh2 May 10 10:26:29 v22018086721571380 sshd[5709]: Failed password for invalid user demo from 206.189.151.212 port 41738 ssh2	2020-05-10 16:36:34
198.55.103.132	attack	May 10 05:43:27 sip sshd[195259]: Invalid user hm from 198.55.103.132 port 39914 May 10 05:43:30 sip sshd[195259]: Failed password for invalid user hm from 198.55.103.132 port 39914 ssh2 May 10 05:50:52 sip sshd[195326]: Invalid user user from 198.55.103.132 port 34348 ...	2020-05-10 16:38:07
195.224.138.61	attackspambots	2020-05-10T07:20:40.616991abusebot-8.cloudsearch.cf sshd[9954]: Invalid user postgresql from 195.224.138.61 port 55888 2020-05-10T07:20:40.623861abusebot-8.cloudsearch.cf sshd[9954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.224.138.61 2020-05-10T07:20:40.616991abusebot-8.cloudsearch.cf sshd[9954]: Invalid user postgresql from 195.224.138.61 port 55888 2020-05-10T07:20:42.993670abusebot-8.cloudsearch.cf sshd[9954]: Failed password for invalid user postgresql from 195.224.138.61 port 55888 ssh2 2020-05-10T07:23:59.339265abusebot-8.cloudsearch.cf sshd[10209]: Invalid user snort from 195.224.138.61 port 37236 2020-05-10T07:23:59.349390abusebot-8.cloudsearch.cf sshd[10209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.224.138.61 2020-05-10T07:23:59.339265abusebot-8.cloudsearch.cf sshd[10209]: Invalid user snort from 195.224.138.61 port 37236 2020-05-10T07:24:00.705435abusebot-8.cloudsearch.cf s ...	2020-05-10 16:27:40
72.167.224.135	attackbots	May 10 09:08:08 cloud sshd[9231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.167.224.135 May 10 09:08:10 cloud sshd[9231]: Failed password for invalid user colin from 72.167.224.135 port 34114 ssh2	2020-05-10 16:00:25

Recently Reported IPs

94.158.23.20	94.158.63.132	94.158.87.207	94.158.95.14
94.159.14.162	94.159.143.57	94.17.32.152	94.175.100.181
94.168.9.242	94.178.203.67	94.178.73.220	94.178.3.93
94.179.202.235	94.177.123.148	94.179.228.40	94.180.203.0
94.180.253.213	94.180.105.223	94.180.74.195	94.177.12.215