94.21.174.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hungary

Internet Service Provider: DIGI Tavkozlesi es Szolgaltato Kft.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 31 22:15:10 server sshd\[18033\]: Invalid user pi from 94.21.174.58 port 50290 Oct 31 22:15:10 server sshd\[18033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.21.174.58 Oct 31 22:15:10 server sshd\[18068\]: Invalid user pi from 94.21.174.58 port 50294 Oct 31 22:15:10 server sshd\[18068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.21.174.58 Oct 31 22:15:12 server sshd\[18033\]: Failed password for invalid user pi from 94.21.174.58 port 50290 ssh2	2019-11-01 04:55:26
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/94.21.174.58/ HU - 1H : (23) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : HU NAME ASN : ASN20845 IP : 94.21.174.58 CIDR : 94.21.0.0/16 PREFIX COUNT : 108 UNIQUE IP COUNT : 586496 ATTACKS DETECTED ASN20845 : 1H - 1 3H - 1 6H - 2 12H - 4 24H - 5 DateTime : 2019-10-30 15:22:38 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-31 00:35:59

Type

Details

Datetime

attack

Oct 31 22:15:10 server sshd\[18033\]: Invalid user pi from 94.21.174.58 port 50290
Oct 31 22:15:10 server sshd\[18033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.21.174.58
Oct 31 22:15:10 server sshd\[18068\]: Invalid user pi from 94.21.174.58 port 50294
Oct 31 22:15:10 server sshd\[18068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.21.174.58
Oct 31 22:15:12 server sshd\[18033\]: Failed password for invalid user pi from 94.21.174.58 port 50290 ssh2

2019-11-01 04:55:26

attack

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/94.21.174.58/ 
 
 HU - 1H : (23)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : HU 
 NAME ASN : ASN20845 
 
 IP : 94.21.174.58 
 
 CIDR : 94.21.0.0/16 
 
 PREFIX COUNT : 108 
 
 UNIQUE IP COUNT : 586496 
 
 
 ATTACKS DETECTED ASN20845 :  
  1H - 1 
  3H - 1 
  6H - 2 
 12H - 4 
 24H - 5 
 
 DateTime : 2019-10-30 15:22:38 
 
 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN  - data recovery

2019-10-31 00:35:59

Comments on same subnet:

IP	Type	Details	Datetime
94.21.174.218	attack	Automatic report - Port Scan Attack	2020-05-06 22:49:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.21.174.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62318
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.21.174.58.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103000 1800 900 604800 86400

;; Query time: 489 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 31 00:35:54 CST 2019
;; MSG SIZE  rcvd: 116

Host info

58.174.21.94.in-addr.arpa domain name pointer 94-21-174-58.pool.digikabel.hu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.174.21.94.in-addr.arpa	name = 94-21-174-58.pool.digikabel.hu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.31.144	attackbotsspam	Oct 12 17:24:31 server2 sshd\[13937\]: User root from 222.186.31.144 not allowed because not listed in AllowUsers Oct 12 17:24:37 server2 sshd\[13941\]: User root from 222.186.31.144 not allowed because not listed in AllowUsers Oct 12 17:27:00 server2 sshd\[14186\]: User root from 222.186.31.144 not allowed because not listed in AllowUsers Oct 12 17:27:05 server2 sshd\[14211\]: User root from 222.186.31.144 not allowed because not listed in AllowUsers Oct 12 17:29:06 server2 sshd\[14304\]: User root from 222.186.31.144 not allowed because not listed in AllowUsers Oct 12 17:29:10 server2 sshd\[14306\]: User root from 222.186.31.144 not allowed because not listed in AllowUsers	2019-10-12 22:41:46
117.50.13.170	attack	2019-10-12T14:30:43.224177shield sshd\[11160\]: Invalid user 123QWERTY from 117.50.13.170 port 53172 2019-10-12T14:30:43.228328shield sshd\[11160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.170 2019-10-12T14:30:45.495473shield sshd\[11160\]: Failed password for invalid user 123QWERTY from 117.50.13.170 port 53172 ssh2 2019-10-12T14:37:29.896728shield sshd\[12964\]: Invalid user 123QWERTY from 117.50.13.170 port 41204 2019-10-12T14:37:29.904305shield sshd\[12964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.170	2019-10-12 22:50:39
156.221.0.186	attackbotsspam	Unauthorised access (Oct 12) SRC=156.221.0.186 LEN=40 TOS=0x10 PREC=0x40 TTL=48 ID=24576 TCP DPT=23 WINDOW=42434 SYN	2019-10-12 22:46:55
68.183.142.240	attackbotsspam	Oct 12 03:57:13 kapalua sshd\[5448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.142.240 user=root Oct 12 03:57:14 kapalua sshd\[5448\]: Failed password for root from 68.183.142.240 port 37878 ssh2 Oct 12 04:00:54 kapalua sshd\[5786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.142.240 user=root Oct 12 04:00:56 kapalua sshd\[5786\]: Failed password for root from 68.183.142.240 port 49506 ssh2 Oct 12 04:04:27 kapalua sshd\[6107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.142.240 user=root	2019-10-12 22:14:09
81.22.45.107	attackspambots	Oct 12 16:11:34 mc1 kernel: \[2175878.924329\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54110 PROTO=TCP SPT=46953 DPT=7414 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 16:14:42 mc1 kernel: \[2176066.315399\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=21051 PROTO=TCP SPT=46953 DPT=7262 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 16:17:44 mc1 kernel: \[2176248.733649\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=57088 PROTO=TCP SPT=46953 DPT=7154 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-12 22:20:09
114.118.91.64	attack	Oct 12 04:43:59 hpm sshd\[6951\]: Invalid user Iris2017 from 114.118.91.64 Oct 12 04:43:59 hpm sshd\[6951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.118.91.64 Oct 12 04:44:01 hpm sshd\[6951\]: Failed password for invalid user Iris2017 from 114.118.91.64 port 36848 ssh2 Oct 12 04:49:24 hpm sshd\[7399\]: Invalid user P@sswd1234 from 114.118.91.64 Oct 12 04:49:24 hpm sshd\[7399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.118.91.64	2019-10-12 22:54:10
222.186.30.165	attackbots	Oct 12 16:28:49 debian64 sshd\[12798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.165 user=root Oct 12 16:28:51 debian64 sshd\[12798\]: Failed password for root from 222.186.30.165 port 64914 ssh2 Oct 12 16:28:53 debian64 sshd\[12798\]: Failed password for root from 222.186.30.165 port 64914 ssh2 ...	2019-10-12 22:30:16
52.33.96.135	attackbots	10/12/2019-16:17:02.144326 52.33.96.135 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-12 22:55:31
150.140.189.33	attackspambots	Oct 12 16:29:47 ns381471 sshd[25241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.140.189.33 Oct 12 16:29:50 ns381471 sshd[25241]: Failed password for invalid user cde3XSW@zaq1 from 150.140.189.33 port 39944 ssh2 Oct 12 16:33:58 ns381471 sshd[25376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.140.189.33	2019-10-12 22:35:21
203.82.42.90	attack	Oct 12 04:30:39 hpm sshd\[5709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.82.42.90 user=root Oct 12 04:30:42 hpm sshd\[5709\]: Failed password for root from 203.82.42.90 port 46952 ssh2 Oct 12 04:35:08 hpm sshd\[6064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.82.42.90 user=root Oct 12 04:35:10 hpm sshd\[6064\]: Failed password for root from 203.82.42.90 port 57240 ssh2 Oct 12 04:39:41 hpm sshd\[6561\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.82.42.90 user=root	2019-10-12 22:46:33
51.158.191.109	attackbots	Oct 12 10:17:54 aragorn sshd[18380]: Invalid user ubnt from 51.158.191.109 Oct 12 10:17:55 aragorn sshd[18382]: Invalid user admin from 51.158.191.109 Oct 12 10:17:56 aragorn sshd[18387]: Invalid user 1234 from 51.158.191.109 Oct 12 10:17:57 aragorn sshd[18389]: Invalid user usuario from 51.158.191.109 ...	2019-10-12 22:24:31
114.108.175.187	attackbotsspam	wp bruteforce	2019-10-12 22:58:38
45.133.88.26	attackbots	Contact form spam	2019-10-12 22:44:50
222.186.15.101	attackspambots	Oct 12 16:17:46 MK-Soft-VM5 sshd[17091]: Failed password for root from 222.186.15.101 port 48449 ssh2 Oct 12 16:17:49 MK-Soft-VM5 sshd[17091]: Failed password for root from 222.186.15.101 port 48449 ssh2 ...	2019-10-12 22:19:07
2401:78c0::7004	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-10-12 22:55:49

Recently Reported IPs

202.57.252.192	150.99.42.91	187.43.255.12	221.127.40.8
244.244.97.46	114.225.61.177	168.29.83.181	45.234.48.158
126.228.119.160	63.30.87.105	172.199.154.83	133.97.189.178
42.139.71.105	71.184.149.111	181.2.200.125	18.218.126.251
102.207.109.123	205.180.139.85	156.10.107.207	254.14.71.109