204.94.91.44 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: RagingWire Data Centers Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 204.94.91.44 on Port 445(SMB)	2020-06-23 04:08:09
attack	Scanning random ports - tries to find possible vulnerable services	2020-03-02 06:58:59
attackbots	Unauthorized connection attempt from IP address 204.94.91.44 on Port 445(SMB)	2019-09-17 19:10:39
attack	445/tcp 445/tcp 445/tcp... [2019-05-16/07-15]14pkt,1pt.(tcp)	2019-07-16 08:08:05
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 13:11:29,445 INFO [amun_request_handler] PortScan Detected on Port: 445 (204.94.91.44)	2019-07-04 03:34:05

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 204.94.91.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20675
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;204.94.91.44.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019053000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu May 30 16:15:50 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 44.91.94.204.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 44.91.94.204.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
88.212.190.211	attackbots	May 7 22:09:23 haigwepa sshd[27849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.212.190.211 May 7 22:09:25 haigwepa sshd[27849]: Failed password for invalid user melanie from 88.212.190.211 port 58684 ssh2 ...	2020-05-08 05:21:01
35.224.121.138	attackspambots	detected by Fail2Ban	2020-05-08 05:22:52
152.136.76.230	attackspambots	sshd	2020-05-08 05:02:34
112.64.147.98	attackbotsspam	port scan and connect, tcp 80 (http)	2020-05-08 05:17:38
5.89.35.84	attackbotsspam	May 7 21:57:16 h1745522 sshd[32100]: Invalid user tomcat1 from 5.89.35.84 port 58916 May 7 21:57:16 h1745522 sshd[32100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.89.35.84 May 7 21:57:16 h1745522 sshd[32100]: Invalid user tomcat1 from 5.89.35.84 port 58916 May 7 21:57:19 h1745522 sshd[32100]: Failed password for invalid user tomcat1 from 5.89.35.84 port 58916 ssh2 May 7 22:00:24 h1745522 sshd[32268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.89.35.84 user=root May 7 22:00:25 h1745522 sshd[32268]: Failed password for root from 5.89.35.84 port 57140 ssh2 May 7 22:03:43 h1745522 sshd[32418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.89.35.84 user=root May 7 22:03:45 h1745522 sshd[32418]: Failed password for root from 5.89.35.84 port 55370 ssh2 May 7 22:06:56 h1745522 sshd[32621]: pam_unix(sshd:auth): authentication failure; logname= ui ...	2020-05-08 05:01:43
159.89.169.68	attackbots	May 7 23:28:02 hosting sshd[14858]: Invalid user plp from 159.89.169.68 port 60464 ...	2020-05-08 05:26:03
203.205.37.224	attackbotsspam	May 7 23:01:47 server sshd[11447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.205.37.224 May 7 23:01:49 server sshd[11447]: Failed password for invalid user sales from 203.205.37.224 port 38876 ssh2 May 7 23:04:42 server sshd[11583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.205.37.224 ...	2020-05-08 05:19:30
222.186.180.223	attackspam	May 7 23:24:20 melroy-server sshd[27523]: Failed password for root from 222.186.180.223 port 40280 ssh2 May 7 23:24:24 melroy-server sshd[27523]: Failed password for root from 222.186.180.223 port 40280 ssh2 ...	2020-05-08 05:25:28
89.210.6.0	attackbotsspam	SMB Server BruteForce Attack	2020-05-08 05:06:57
188.166.42.120	attackspambots	2020-05-07T19:09:35.998945 sshd[1421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.42.120 user=root 2020-05-07T19:09:38.270858 sshd[1421]: Failed password for root from 188.166.42.120 port 41006 ssh2 2020-05-07T19:18:42.985721 sshd[1707]: Invalid user aa from 188.166.42.120 port 54406 ...	2020-05-08 05:16:52
49.156.53.17	attackspam	(sshd) Failed SSH login from 49.156.53.17 (VN/Vietnam/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 7 19:18:27 ubnt-55d23 sshd[9133]: Invalid user hadoop from 49.156.53.17 port 1891 May 7 19:18:29 ubnt-55d23 sshd[9133]: Failed password for invalid user hadoop from 49.156.53.17 port 1891 ssh2	2020-05-08 05:24:45
51.254.129.128	attackbotsspam	May 7 22:42:41 haigwepa sshd[29829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.129.128 May 7 22:42:42 haigwepa sshd[29829]: Failed password for invalid user xie from 51.254.129.128 port 48669 ssh2 ...	2020-05-08 04:59:13
35.174.190.149	attackspam	to=dknclu.mail.not.exist.6fjl6m@solgatos.com from=bounces.05072020.dknclu.mail.not.exist.6fjl6m-solgatos.com@smtp10.250smtp.com relay=[35.174.190.149]	2020-05-08 04:55:24
177.87.154.2	attackbotsspam	May 7 19:18:45 melroy-server sshd[11688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.87.154.2 May 7 19:18:48 melroy-server sshd[11688]: Failed password for invalid user cssserver from 177.87.154.2 port 39726 ssh2 ...	2020-05-08 05:13:51
49.232.132.10	attack	May 7 18:10:39 vps58358 sshd\[15072\]: Invalid user josip from 49.232.132.10May 7 18:10:41 vps58358 sshd\[15072\]: Failed password for invalid user josip from 49.232.132.10 port 33750 ssh2May 7 18:14:38 vps58358 sshd\[15111\]: Invalid user maintenance from 49.232.132.10May 7 18:14:40 vps58358 sshd\[15111\]: Failed password for invalid user maintenance from 49.232.132.10 port 51380 ssh2May 7 18:19:01 vps58358 sshd\[15168\]: Invalid user images from 49.232.132.10May 7 18:19:02 vps58358 sshd\[15168\]: Failed password for invalid user images from 49.232.132.10 port 40794 ssh2 ...	2020-05-08 04:57:45

Recently Reported IPs

18.182.240.77	151.56.237.144	16.179.39.250	121.127.226.197
202.25.141.107	63.16.39.191	42.118.49.200	141.225.64.44
152.120.134.173	41.46.20.89	72.5.242.53	81.177.186.47
147.188.13.219	113.163.202.129	211.221.155.6	140.213.67.23
142.106.227.155	128.199.90.245	111.50.185.164	125.227.232.21