94.180.121.10 - IPInfo

Basic Info

City: Novosibirsk

Region: Novosibirsk Oblast

Country: Russia

Internet Service Provider: JSC ER-Telecom Holding

Hostname: unknown

Organization: JSC ER-Telecom Holding

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Port Scan Attack	2019-07-14 00:06:57

Comments on same subnet:

IP	Type	Details	Datetime
94.180.121.34	attack	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(04301449)	2020-05-01 00:50:01
94.180.121.218	attack	Unauthorized connection attempt detected from IP address 94.180.121.218 to port 80 [J]	2020-01-22 21:35:48
94.180.121.34	attackbotsspam	11/13/2019-05:58:57.044484 94.180.121.34 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-13 13:23:28

Type

Details

Datetime

94.180.121.34

attack

[portscan] tcp/1433 [MsSQL]
*(RWIN=1024)(04301449)

2020-05-01 00:50:01

94.180.121.218

attack

Unauthorized connection attempt detected from IP address 94.180.121.218 to port 80 [J]

2020-01-22 21:35:48

94.180.121.34

attackbotsspam

11/13/2019-05:58:57.044484 94.180.121.34 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433

2019-11-13 13:23:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.180.121.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7495
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.180.121.10.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 00:06:32 CST 2019
;; MSG SIZE  rcvd: 117

Host info

10.121.180.94.in-addr.arpa domain name pointer 94x180x121x10.static-business.nsk.ertelecom.ru.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
10.121.180.94.in-addr.arpa	name = 94x180x121x10.static-business.nsk.ertelecom.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.216.92	attackbots	Dec 8 03:02:53 h2065291 sshd[5085]: Invalid user ubnt from 106.13.216.92 Dec 8 03:02:53 h2065291 sshd[5085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.216.92 Dec 8 03:02:55 h2065291 sshd[5085]: Failed password for invalid user ubnt from 106.13.216.92 port 60610 ssh2 Dec 8 03:02:55 h2065291 sshd[5085]: Received disconnect from 106.13.216.92: 11: Bye Bye [preauth] Dec 8 03:17:46 h2065291 sshd[5455]: Invalid user nybakk from 106.13.216.92 Dec 8 03:17:46 h2065291 sshd[5455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.216.92 Dec 8 03:17:48 h2065291 sshd[5455]: Failed password for invalid user nybakk from 106.13.216.92 port 49898 ssh2 Dec 8 03:17:48 h2065291 sshd[5455]: Received disconnect from 106.13.216.92: 11: Bye Bye [preauth] Dec 8 03:25:48 h2065291 sshd[5614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.21........ -------------------------------	2019-12-08 20:32:52
51.38.83.164	attack	$f2bV_matches	2019-12-08 20:37:39
106.12.61.64	attack	sshd jail - ssh hack attempt	2019-12-08 20:28:39
106.13.87.145	attack	Dec 8 01:00:30 server sshd\[792\]: Failed password for invalid user server from 106.13.87.145 port 48210 ssh2 Dec 8 12:19:10 server sshd\[30483\]: Invalid user nejo from 106.13.87.145 Dec 8 12:19:10 server sshd\[30483\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.87.145 Dec 8 12:19:12 server sshd\[30483\]: Failed password for invalid user nejo from 106.13.87.145 port 57896 ssh2 Dec 8 12:26:22 server sshd\[544\]: Invalid user kolter from 106.13.87.145 Dec 8 12:26:22 server sshd\[544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.87.145 ...	2019-12-08 20:36:55
171.13.200.84	attack	SASL broute force	2019-12-08 20:06:53
123.207.14.76	attackspam	2019-12-08T13:19:45.258212vps751288.ovh.net sshd\[15023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.14.76 user=root 2019-12-08T13:19:47.023429vps751288.ovh.net sshd\[15023\]: Failed password for root from 123.207.14.76 port 41903 ssh2 2019-12-08T13:26:54.865229vps751288.ovh.net sshd\[15105\]: Invalid user info from 123.207.14.76 port 41613 2019-12-08T13:26:54.875785vps751288.ovh.net sshd\[15105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.14.76 2019-12-08T13:26:56.535602vps751288.ovh.net sshd\[15105\]: Failed password for invalid user info from 123.207.14.76 port 41613 ssh2	2019-12-08 20:31:59
101.255.52.171	attackbotsspam	2019-12-08T12:06:40.134822shield sshd\[16249\]: Invalid user idc from 101.255.52.171 port 37036 2019-12-08T12:06:40.139349shield sshd\[16249\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.255.52.171 2019-12-08T12:06:42.471587shield sshd\[16249\]: Failed password for invalid user idc from 101.255.52.171 port 37036 ssh2 2019-12-08T12:13:39.138110shield sshd\[17637\]: Invalid user hermans from 101.255.52.171 port 46398 2019-12-08T12:13:39.142254shield sshd\[17637\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.255.52.171	2019-12-08 20:18:30
144.217.164.70	attackspam	2019-12-08T08:42:48.344507struts4.enskede.local sshd\[28318\]: Invalid user torkildsen from 144.217.164.70 port 36978 2019-12-08T08:42:48.351319struts4.enskede.local sshd\[28318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.ip-144-217-164.net 2019-12-08T08:42:50.783535struts4.enskede.local sshd\[28318\]: Failed password for invalid user torkildsen from 144.217.164.70 port 36978 ssh2 2019-12-08T08:51:34.115722struts4.enskede.local sshd\[28330\]: Invalid user named from 144.217.164.70 port 46794 2019-12-08T08:51:34.122309struts4.enskede.local sshd\[28330\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.ip-144-217-164.net ...	2019-12-08 20:08:25
148.235.82.68	attack	Dec 8 08:51:11 hcbbdb sshd\[22692\]: Invalid user kauther from 148.235.82.68 Dec 8 08:51:11 hcbbdb sshd\[22692\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.82.68 Dec 8 08:51:13 hcbbdb sshd\[22692\]: Failed password for invalid user kauther from 148.235.82.68 port 59088 ssh2 Dec 8 08:58:34 hcbbdb sshd\[23783\]: Invalid user wildbur from 148.235.82.68 Dec 8 08:58:34 hcbbdb sshd\[23783\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.82.68	2019-12-08 19:58:33
2.56.8.156	attackbotsspam	Host Scan	2019-12-08 20:03:19
45.71.185.130	attackbots	Automatic report - XMLRPC Attack	2019-12-08 20:07:34
80.68.99.237	attack	Brute force attempt	2019-12-08 19:56:33
211.78.85.196	attackbotsspam	1575786372 - 12/08/2019 07:26:12 Host: 211.78.85.196/211.78.85.196 Port: 6001 TCP Blocked	2019-12-08 20:24:16
122.51.74.196	attack	2019-12-08T07:26:31.739676centos sshd\[30345\]: Invalid user alwi from 122.51.74.196 port 40614 2019-12-08T07:26:31.744488centos sshd\[30345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.74.196 2019-12-08T07:26:33.612776centos sshd\[30345\]: Failed password for invalid user alwi from 122.51.74.196 port 40614 ssh2	2019-12-08 19:55:17
186.136.207.241	attack	Fail2Ban - SSH Bruteforce Attempt	2019-12-08 20:19:03

Recently Reported IPs

2.124.250.169	189.176.16.104	86.54.94.157	42.114.23.52
178.206.14.116	8.202.238.199	210.80.214.225	120.207.44.165
193.170.250.12	73.125.62.217	80.23.248.243	12.49.137.77
154.215.125.141	98.178.183.222	2003:dd:af01:9783:7811:ccf9:2557:34ef	130.133.221.43
166.159.125.121	96.30.72.68	35.192.107.248	171.242.145.135