94.21.75.63 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hungary

Internet Service Provider: DIGI Tavkozlesi es Szolgaltato Kft.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH-bruteforce attempts	2019-12-11 02:02:59

Comments on same subnet:

IP	Type	Details	Datetime
94.21.75.55	attackbotsspam	Jun 27 02:16:37 mail sshd[1883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-75-55.pool.digikabel.hu Jun 27 02:16:39 mail sshd[1883]: Failed password for invalid user cisco from 94.21.75.55 port 42397 ssh2 Jun 27 02:16:39 mail sshd[1883]: Received disconnect from 94.21.75.55: 11: Bye Bye [preauth] Jun 27 02:19:54 mail sshd[2337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-75-55.pool.digikabel.hu ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.21.75.55	2019-06-30 15:49:17
94.21.75.55	attackbots	Jun 28 22:11:47 Tower sshd[4877]: Connection from 94.21.75.55 port 39900 on 192.168.10.220 port 22 Jun 28 22:11:48 Tower sshd[4877]: Invalid user test from 94.21.75.55 port 39900 Jun 28 22:11:48 Tower sshd[4877]: error: Could not get shadow information for NOUSER Jun 28 22:11:48 Tower sshd[4877]: Failed password for invalid user test from 94.21.75.55 port 39900 ssh2 Jun 28 22:11:48 Tower sshd[4877]: Received disconnect from 94.21.75.55 port 39900:11: Bye Bye [preauth] Jun 28 22:11:48 Tower sshd[4877]: Disconnected from invalid user test 94.21.75.55 port 39900 [preauth]	2019-06-29 14:36:36

Type

Details

Datetime

94.21.75.55

attackbotsspam

Jun 27 02:16:37 mail sshd[1883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-75-55.pool.digikabel.hu
Jun 27 02:16:39 mail sshd[1883]: Failed password for invalid user cisco from 94.21.75.55 port 42397 ssh2
Jun 27 02:16:39 mail sshd[1883]: Received disconnect from 94.21.75.55: 11: Bye Bye [preauth]
Jun 27 02:19:54 mail sshd[2337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-75-55.pool.digikabel.hu


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=94.21.75.55

2019-06-30 15:49:17

94.21.75.55

attackbots

Jun 28 22:11:47 Tower sshd[4877]: Connection from 94.21.75.55 port 39900 on 192.168.10.220 port 22
Jun 28 22:11:48 Tower sshd[4877]: Invalid user test from 94.21.75.55 port 39900
Jun 28 22:11:48 Tower sshd[4877]: error: Could not get shadow information for NOUSER
Jun 28 22:11:48 Tower sshd[4877]: Failed password for invalid user test from 94.21.75.55 port 39900 ssh2
Jun 28 22:11:48 Tower sshd[4877]: Received disconnect from 94.21.75.55 port 39900:11: Bye Bye [preauth]
Jun 28 22:11:48 Tower sshd[4877]: Disconnected from invalid user test 94.21.75.55 port 39900 [preauth]

2019-06-29 14:36:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.21.75.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53624
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.21.75.63.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121001 1800 900 604800 86400

;; Query time: 140 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 11 02:02:56 CST 2019
;; MSG SIZE  rcvd: 115

Host info

63.75.21.94.in-addr.arpa domain name pointer 94-21-75-63.pool.digikabel.hu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
63.75.21.94.in-addr.arpa	name = 94-21-75-63.pool.digikabel.hu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
131.161.69.2	attack	"SMTPD" 5860 16561 "2019-07-20 x@x "SMTPD" 5860 16561 "2019-07-20 03:19:15.902" "131.161.69.2" "SENT: 550 Delivery is not allowed to this address." IP Address: 131.161.69.2 Email x@x No MX record resolves to this server for domain: opvakantievanafmaastricht.nl ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=131.161.69.2	2019-07-20 17:16:20
177.92.16.186	attack	Jul 20 08:39:48 MK-Soft-VM3 sshd\[21042\]: Invalid user alex from 177.92.16.186 port 61526 Jul 20 08:39:48 MK-Soft-VM3 sshd\[21042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.92.16.186 Jul 20 08:39:50 MK-Soft-VM3 sshd\[21042\]: Failed password for invalid user alex from 177.92.16.186 port 61526 ssh2 ...	2019-07-20 17:18:27
106.13.65.210	attackspam	Jul 20 06:48:09 lnxmail61 sshd[29160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.65.210	2019-07-20 16:55:34
191.53.253.166	attackbotsspam	Brute force attempt	2019-07-20 17:05:29
139.99.103.80	attack	WordPress login Brute force / Web App Attack on client site.	2019-07-20 17:22:36
223.221.206.177	attackspam	Jul 20 03:22:19 localhost postfix/smtpd\[31599\]: warning: unknown\[223.221.206.177\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 20 03:23:05 localhost postfix/smtpd\[31587\]: warning: unknown\[223.221.206.177\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 20 03:23:30 localhost postfix/smtpd\[31599\]: warning: unknown\[223.221.206.177\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 20 03:24:01 localhost postfix/smtpd\[31587\]: warning: unknown\[223.221.206.177\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 20 03:24:18 localhost postfix/smtpd\[31599\]: warning: unknown\[223.221.206.177\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-07-20 17:07:43
118.67.219.101	attackspam	2019-07-20T15:51:28.485006enmeeting.mahidol.ac.th sshd\[24458\]: Invalid user eddy from 118.67.219.101 port 38276 2019-07-20T15:51:28.504865enmeeting.mahidol.ac.th sshd\[24458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.67.219.101 2019-07-20T15:51:30.309423enmeeting.mahidol.ac.th sshd\[24458\]: Failed password for invalid user eddy from 118.67.219.101 port 38276 ssh2 ...	2019-07-20 17:15:15
185.66.115.98	attackspambots	2019-07-20T09:07:50.231698abusebot-4.cloudsearch.cf sshd\[18446\]: Invalid user miguel from 185.66.115.98 port 46970	2019-07-20 17:17:06
186.251.208.111	attackspambots	SMTP-SASL bruteforce attempt	2019-07-20 16:34:04
158.69.222.121	attack	2019-07-20T08:05:20.883690abusebot.cloudsearch.cf sshd\[32159\]: Invalid user device from 158.69.222.121 port 58656	2019-07-20 16:32:47
218.92.1.156	attackspambots	Jul 20 07:01:52 master sshd[12723]: Failed password for root from 218.92.1.156 port 28626 ssh2 Jul 20 07:01:54 master sshd[12723]: Failed password for root from 218.92.1.156 port 28626 ssh2 Jul 20 07:01:57 master sshd[12723]: Failed password for root from 218.92.1.156 port 28626 ssh2 Jul 20 07:02:47 master sshd[12725]: Failed password for root from 218.92.1.156 port 33560 ssh2 Jul 20 07:02:49 master sshd[12725]: Failed password for root from 218.92.1.156 port 33560 ssh2 Jul 20 07:02:51 master sshd[12725]: Failed password for root from 218.92.1.156 port 33560 ssh2 Jul 20 07:03:34 master sshd[12727]: Failed password for root from 218.92.1.156 port 13691 ssh2 Jul 20 07:03:37 master sshd[12727]: Failed password for root from 218.92.1.156 port 13691 ssh2 Jul 20 07:03:40 master sshd[12727]: Failed password for root from 218.92.1.156 port 13691 ssh2 Jul 20 07:09:26 master sshd[12739]: Failed password for root from 218.92.1.156 port 19061 ssh2 Jul 20 07:09:28 master sshd[12739]: Failed password for root from 218.92.1	2019-07-20 17:08:20
49.88.112.56	attack	Jul 20 10:45:58 MK-Soft-Root2 sshd\[28271\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.56 user=root Jul 20 10:46:00 MK-Soft-Root2 sshd\[28271\]: Failed password for root from 49.88.112.56 port 32200 ssh2 Jul 20 10:46:03 MK-Soft-Root2 sshd\[28271\]: Failed password for root from 49.88.112.56 port 32200 ssh2 ...	2019-07-20 17:21:25
189.89.215.117	attack	$f2bV_matches	2019-07-20 17:18:00
185.143.221.57	attackspam	Jul 20 11:07:56 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.221.57 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=65097 PROTO=TCP SPT=59253 DPT=6613 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-07-20 17:12:12
5.16.70.207	attackspambots	Jul 20 03:19:17 mxgate1 postfix/postscreen[22477]: CONNECT from [5.16.70.207]:55103 to [176.31.12.44]:25 Jul 20 03:19:17 mxgate1 postfix/dnsblog[22496]: addr 5.16.70.207 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: PREGREET 18 after 0.6 from [5.16.70.207]:55103: HELO xiixaku.com Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.3 Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: DNSBL rank 3 for [5.16.70.207]:55103 Jul x@x Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: HANGUP after 1.6 from [5.16.70.207]:55103 in tests after SMTP handshake Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: DISCONNECT [5.16.70.207]:55103 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=5.16.70.207	2019-07-20 17:19:16

Recently Reported IPs

225.25.205.63	60.33.212.221	65.111.78.232	162.58.23.126
130.84.31.249	160.166.7.133	19.106.211.37	179.66.13.48
39.75.47.56	107.199.124.207	31.69.186.48	41.55.187.65
230.17.153.135	171.109.120.211	116.239.106.193	89.97.0.61
177.214.1.40	106.75.76.139	223.111.150.115	61.118.238.68