92.50.134.30 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russia

Internet Service Provider: OJSC Ufanet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 92.50.134.30 on Port 445(SMB)	2019-09-17 20:51:14
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 17:23:19,438 INFO [amun_request_handler] PortScan Detected on Port: 445 (92.50.134.30)	2019-06-30 10:16:42

Type

Details

Datetime

attackspambots

Unauthorized connection attempt from IP address 92.50.134.30 on Port 445(SMB)

2019-09-17 20:51:14

attackbotsspam

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 17:23:19,438 INFO [amun_request_handler] PortScan Detected on Port: 445 (92.50.134.30)

2019-06-30 10:16:42

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.50.134.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44739
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.50.134.30.			IN	A

;; AUTHORITY SECTION:
.			3333	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 10:16:35 CST 2019
;; MSG SIZE  rcvd: 116

Host info

30.134.50.92.in-addr.arpa domain name pointer ufahleb.ru.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
30.134.50.92.in-addr.arpa	name = ufahleb.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.45.116.121	attackspam	Bruteforce detected by fail2ban	2020-09-17 01:55:23
177.104.124.235	attack	Sep 16 13:24:17 ns382633 sshd\[5760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.104.124.235 user=root Sep 16 13:24:19 ns382633 sshd\[5760\]: Failed password for root from 177.104.124.235 port 46426 ssh2 Sep 16 13:37:37 ns382633 sshd\[8214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.104.124.235 user=root Sep 16 13:37:38 ns382633 sshd\[8214\]: Failed password for root from 177.104.124.235 port 64245 ssh2 Sep 16 13:42:11 ns382633 sshd\[9268\]: Invalid user nap from 177.104.124.235 port 47730 Sep 16 13:42:11 ns382633 sshd\[9268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.104.124.235	2020-09-17 01:57:41
41.251.254.98	attack	SSH bruteforce	2020-09-17 01:33:40
128.199.107.111	attack	2020-09-16T14:48:17.869413vps-d63064a2 sshd[41604]: User root from 128.199.107.111 not allowed because not listed in AllowUsers 2020-09-16T14:48:20.350727vps-d63064a2 sshd[41604]: Failed password for invalid user root from 128.199.107.111 port 58032 ssh2 2020-09-16T14:49:46.570684vps-d63064a2 sshd[41630]: User root from 128.199.107.111 not allowed because not listed in AllowUsers 2020-09-16T14:49:46.587253vps-d63064a2 sshd[41630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.111 user=root 2020-09-16T14:49:46.570684vps-d63064a2 sshd[41630]: User root from 128.199.107.111 not allowed because not listed in AllowUsers 2020-09-16T14:49:48.266183vps-d63064a2 sshd[41630]: Failed password for invalid user root from 128.199.107.111 port 49368 ssh2 ...	2020-09-17 01:47:33
5.102.10.58	attackbotsspam	Port Scan: TCP/443	2020-09-17 01:39:11
5.133.128.213	attackbotsspam	Port Scan: TCP/443	2020-09-17 01:50:48
161.97.111.90	attack	Sep 16 14:51:01 ourumov-web sshd\[13380\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.97.111.90 user=root Sep 16 14:51:03 ourumov-web sshd\[13380\]: Failed password for root from 161.97.111.90 port 52206 ssh2 Sep 16 14:57:15 ourumov-web sshd\[13822\]: Invalid user shiva from 161.97.111.90 port 36388 ...	2020-09-17 01:37:26
134.122.56.44	attackbotsspam	Time: Wed Sep 16 09:53:15 2020 -0400 IP: 134.122.56.44 (NL/Netherlands/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 16 09:36:43 ams-11 sshd[12960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.56.44 user=root Sep 16 09:36:45 ams-11 sshd[12960]: Failed password for root from 134.122.56.44 port 60950 ssh2 Sep 16 09:46:31 ams-11 sshd[13305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.56.44 user=root Sep 16 09:46:33 ams-11 sshd[13305]: Failed password for root from 134.122.56.44 port 59228 ssh2 Sep 16 09:53:15 ams-11 sshd[13592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.56.44 user=root	2020-09-17 01:42:57
81.70.20.28	attackbotsspam	Sep 16 17:00:42 neko-world sshd[15663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.20.28 user=root Sep 16 17:00:44 neko-world sshd[15663]: Failed password for invalid user root from 81.70.20.28 port 37250 ssh2	2020-09-17 01:31:36
37.49.230.252	attackspam	[2020-09-15 17:43:18] NOTICE[1239][C-000042f5] chan_sip.c: Call from '' (37.49.230.252:57495) to extension '000441904911000' rejected because extension not found in context 'public'. [2020-09-15 17:43:18] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-15T17:43:18.925-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="000441904911000",SessionID="0x7f4d482e4338",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.252/57495",ACLName="no_extension_match" [2020-09-15 17:43:27] NOTICE[1239][C-000042f6] chan_sip.c: Call from '' (37.49.230.252:49999) to extension '00441904911000' rejected because extension not found in context 'public'. [2020-09-15 17:43:27] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-15T17:43:27.428-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00441904911000",SessionID="0x7f4d481972d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37 ...	2020-09-17 01:45:54
213.59.135.87	attackbotsspam	Sep 16 17:02:22 prod4 sshd\[17195\]: Failed password for root from 213.59.135.87 port 40740 ssh2 Sep 16 17:06:32 prod4 sshd\[18690\]: Failed password for root from 213.59.135.87 port 45956 ssh2 Sep 16 17:10:47 prod4 sshd\[20691\]: Failed password for root from 213.59.135.87 port 51176 ssh2 ...	2020-09-17 01:27:05
50.246.53.29	attackspam	SSH login attempts brute force.	2020-09-17 01:54:16
119.4.225.31	attack	Sep 16 19:06:25 melroy-server sshd[27899]: Failed password for root from 119.4.225.31 port 35700 ssh2 ...	2020-09-17 01:24:26
104.244.75.157	attack	$f2bV_matches	2020-09-17 01:32:42
171.25.209.203	attackspam	Sep 16 15:22:16 [host] sshd[24187]: pam_unix(sshd: Sep 16 15:22:18 [host] sshd[24187]: Failed passwor Sep 16 15:26:11 [host] sshd[24266]: pam_unix(sshd:	2020-09-17 01:40:18

Recently Reported IPs

118.70.180.42	165.227.79.142	114.232.141.131	95.172.96.56
191.53.222.83	116.71.135.209	122.238.45.110	61.157.78.139
125.27.86.60	37.6.237.241	193.106.26.133	188.75.122.213
201.90.59.19	22.9.81.69	41.39.43.32	33.36.74.90
168.187.47.1	43.75.25.208	180.121.190.6	126.217.160.78