94.117.80.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United Kingdom

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.117.80.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55201
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.117.80.50.			IN	A

;; AUTHORITY SECTION:
.			310	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021900 1800 900 604800 86400

;; Query time: 156 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 19:59:06 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 50.80.117.94.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 50.80.117.94.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.198.40.212	attack	1588538200 - 05/03/2020 22:36:40 Host: 190.198.40.212/190.198.40.212 Port: 445 TCP Blocked	2020-05-04 07:46:46
49.235.93.12	attack	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2020-05-04 08:15:51
115.29.12.78	attack	May 3 20:43:22 vps46666688 sshd[15473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.29.12.78 May 3 20:43:24 vps46666688 sshd[15473]: Failed password for invalid user 123456 from 115.29.12.78 port 45775 ssh2 ...	2020-05-04 08:09:56
46.38.144.32	attackspam	May 4 01:01:03 blackbee postfix/smtpd\[16747\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: authentication failure May 4 01:02:28 blackbee postfix/smtpd\[16747\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: authentication failure May 4 01:03:52 blackbee postfix/smtpd\[16747\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: authentication failure May 4 01:05:17 blackbee postfix/smtpd\[16759\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: authentication failure May 4 01:06:40 blackbee postfix/smtpd\[16747\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: authentication failure ...	2020-05-04 08:16:26
198.46.135.250	attack	[2020-05-03 19:51:15] NOTICE[1170][C-0000a110] chan_sip.c: Call from '' (198.46.135.250:61515) to extension '00146520458223' rejected because extension not found in context 'public'. [2020-05-03 19:51:15] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-03T19:51:15.909-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00146520458223",SessionID="0x7f6c081fcbc8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/198.46.135.250/61515",ACLName="no_extension_match" [2020-05-03 19:52:31] NOTICE[1170][C-0000a114] chan_sip.c: Call from '' (198.46.135.250:49949) to extension '00246520458223' rejected because extension not found in context 'public'. [2020-05-03 19:52:31] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-03T19:52:31.677-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00246520458223",SessionID="0x7f6c08674948",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/1 ...	2020-05-04 08:04:16
106.13.173.161	attackbots	2020-05-03T21:41:23.939525shield sshd\[28152\]: Invalid user deploy from 106.13.173.161 port 40490 2020-05-03T21:41:23.943007shield sshd\[28152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.161 2020-05-03T21:41:25.492061shield sshd\[28152\]: Failed password for invalid user deploy from 106.13.173.161 port 40490 ssh2 2020-05-03T21:45:48.584835shield sshd\[29148\]: Invalid user eddie from 106.13.173.161 port 39438 2020-05-03T21:45:48.588482shield sshd\[29148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.173.161	2020-05-04 07:45:35
203.147.72.106	attackbotsspam	Brute force attempt	2020-05-04 07:50:58
119.147.23.134	attackbotsspam	(sshd) Failed SSH login from 119.147.23.134 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 4 01:36:14 s1 sshd[22106]: Invalid user fogo from 119.147.23.134 port 54652 May 4 01:36:16 s1 sshd[22106]: Failed password for invalid user fogo from 119.147.23.134 port 54652 ssh2 May 4 01:47:59 s1 sshd[22559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.147.23.134 user=root May 4 01:48:01 s1 sshd[22559]: Failed password for root from 119.147.23.134 port 51554 ssh2 May 4 01:50:57 s1 sshd[22714]: Invalid user solr from 119.147.23.134 port 57626	2020-05-04 07:44:16
222.214.218.71	attackspam	RDP brute forcing (d)	2020-05-04 08:14:05
185.156.73.38	attackbots	May 4 01:24:28 debian-2gb-nbg1-2 kernel: \[10807170.416283\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.156.73.38 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=6908 PROTO=TCP SPT=41586 DPT=26204 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-04 08:07:54
211.151.11.174	attack	May 3 23:49:01 vps sshd[590232]: Failed password for invalid user tomcat from 211.151.11.174 port 46910 ssh2 May 3 23:53:32 vps sshd[613050]: Invalid user arma3 from 211.151.11.174 port 46006 May 3 23:53:32 vps sshd[613050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.151.11.174 May 3 23:53:34 vps sshd[613050]: Failed password for invalid user arma3 from 211.151.11.174 port 46006 ssh2 May 3 23:58:09 vps sshd[636282]: Invalid user bjr from 211.151.11.174 port 45104 ...	2020-05-04 08:13:05
193.202.45.202	attackbots	Scanned 17 times in the last 24 hours on port 5060	2020-05-04 08:11:42
193.106.31.130	attack	[Mon May 04 06:59:48.888601 2020] [:error] [pid 5814:tid 140405012096768] [client 193.106.31.130:58933] [client 193.106.31.130] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/administrator/index.php"] [unique_id "Xq9a9G4FUIT0i81cNYS77AAAAWk"] ...	2020-05-04 08:01:54
37.49.230.13	attackspambots	Triggered: repeated knocking on closed ports.	2020-05-04 07:55:53
71.212.96.214	attack	20 attempts against mh-ssh on boat	2020-05-04 07:47:29

Recently Reported IPs

99.29.18.152	222.252.21.248	211.75.173.58	181.114.58.62
177.93.65.53	177.66.255.224	173.218.217.250	167.60.210.34
145.249.247.14	123.10.134.246	119.54.216.153	116.98.68.58
83.54.12.174	14.248.159.181	189.45.226.91	179.177.11.80
177.10.247.109	189.90.57.243	171.242.69.14	81.111.87.248