124.94.44.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Liaoning Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Scanning random ports - tries to find possible vulnerable services	2019-09-06 08:30:21

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.94.44.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6582
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.94.44.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 06 08:30:16 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 52.44.94.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 52.44.94.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
50.209.71.165	attack	Aug 4 12:41:08 tuotantolaitos sshd[2495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.209.71.165 Aug 4 12:41:10 tuotantolaitos sshd[2495]: Failed password for invalid user developer from 50.209.71.165 port 24366 ssh2 ...	2019-08-04 17:49:14
109.158.155.129	attackspam	Automatic report - Port Scan Attack	2019-08-04 18:03:45
13.94.118.122	attack	Aug 4 07:01:30 microserver sshd[3819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.118.122 user=ftp Aug 4 07:01:32 microserver sshd[3819]: Failed password for ftp from 13.94.118.122 port 59898 ssh2 Aug 4 07:06:11 microserver sshd[4688]: Invalid user gast. from 13.94.118.122 port 56262 Aug 4 07:06:11 microserver sshd[4688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.118.122 Aug 4 07:06:13 microserver sshd[4688]: Failed password for invalid user gast. from 13.94.118.122 port 56262 ssh2 Aug 4 07:20:48 microserver sshd[6805]: Invalid user brynn from 13.94.118.122 port 45962 Aug 4 07:20:48 microserver sshd[6805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.118.122 Aug 4 07:20:51 microserver sshd[6805]: Failed password for invalid user brynn from 13.94.118.122 port 45962 ssh2 Aug 4 07:25:29 microserver sshd[7539]: Invalid user helloworld from 13.94.118.122	2019-08-04 18:11:02
192.160.102.166	attack	SSH Brute-Forcing (ownc)	2019-08-04 17:54:34
74.94.246.82	attackbotsspam	Aug 4 12:30:08 dedicated sshd[9675]: Invalid user zx from 74.94.246.82 port 40550	2019-08-04 18:37:54
42.112.17.30	attack	RDP_Brute_Force	2019-08-04 18:21:43
87.236.210.10	attack	xmlrpc attack	2019-08-04 17:33:21
5.196.9.220	attackbotsspam	Aug 4 06:47:32 mail sshd\[24858\]: Failed password for invalid user !QAZ2wsx\#EDC from 5.196.9.220 port 57228 ssh2 Aug 4 07:04:51 mail sshd\[25053\]: Invalid user teszt from 5.196.9.220 port 42318 Aug 4 07:04:51 mail sshd\[25053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.9.220 ...	2019-08-04 18:23:17
37.59.58.142	attackspam	Aug 4 09:44:34 SilenceServices sshd[15657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.58.142 Aug 4 09:44:36 SilenceServices sshd[15657]: Failed password for invalid user manager from 37.59.58.142 port 55634 ssh2 Aug 4 09:50:00 SilenceServices sshd[19835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.58.142	2019-08-04 18:41:02
148.66.135.178	attackspambots	[Aegis] @ 2019-08-04 08:45:25 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-08-04 18:36:53
103.9.14.120	attackbots	2019-08-03 UTC: 2x - administrator(2x)	2019-08-04 18:42:56
209.59.210.139	attackbots	Aug 4 13:18:04 site2 sshd\[59210\]: Address 209.59.210.139 maps to nbbllc.verio.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 4 13:18:07 site2 sshd\[59210\]: Failed password for postfix from 209.59.210.139 port 36882 ssh2Aug 4 13:22:21 site2 sshd\[59441\]: Address 209.59.210.139 maps to nbbllc.verio.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 4 13:22:21 site2 sshd\[59441\]: Invalid user taller from 209.59.210.139Aug 4 13:22:23 site2 sshd\[59441\]: Failed password for invalid user taller from 209.59.210.139 port 32946 ssh2 ...	2019-08-04 18:37:32
103.44.27.58	attackspam	Aug 4 10:31:44 localhost sshd\[45392\]: Invalid user teamspeak from 103.44.27.58 port 40976 Aug 4 10:31:44 localhost sshd\[45392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.44.27.58 Aug 4 10:31:46 localhost sshd\[45392\]: Failed password for invalid user teamspeak from 103.44.27.58 port 40976 ssh2 Aug 4 10:36:45 localhost sshd\[45546\]: Invalid user nagios from 103.44.27.58 port 38018 Aug 4 10:36:45 localhost sshd\[45546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.44.27.58 ...	2019-08-04 18:40:38
134.73.76.168	attackspam	Aug 4 02:39:39 server postfix/smtpd[28274]: NOQUEUE: reject: RCPT from cherry.superacrepair.com[134.73.76.168]: 554 5.7.1 Service unavailable; Client host [134.73.76.168] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2019-08-04 18:35:45
187.216.127.147	attack	Aug 4 05:22:27 mail sshd\[23560\]: Failed password for root from 187.216.127.147 port 37392 ssh2 Aug 4 05:37:53 mail sshd\[23729\]: Invalid user wialon from 187.216.127.147 port 46828 Aug 4 05:37:53 mail sshd\[23729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.216.127.147 ...	2019-08-04 17:35:16

Recently Reported IPs

174.193.254.64	2.0.42.144	210.90.53.195	88.249.106.18
106.51.0.199	123.198.197.183	123.21.0.180	37.113.128.52
186.24.50.164	187.144.206.187	88.15.226.122	198.14.229.132
58.163.248.217	167.71.129.229	193.107.112.237	176.239.101.138
160.236.108.186	109.252.16.72	58.236.88.26	200.124.91.137