94.249.167.244

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: NeuPrime

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	From: "Amazon.com" Amazon account phishing/fraud - MALICIOUS REDIRECT UBE aimanbauk ([40.87.105.33]) Microsoft Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT: - sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304 - amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google	2020-07-30 01:13:02

Type

Details

Datetime

attackbotsspam

From: "Amazon.com" 
Amazon account phishing/fraud - MALICIOUS REDIRECT

UBE aimanbauk ([40.87.105.33]) Microsoft

Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT:
-	sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304
-	amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop

SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google

2020-07-30 01:13:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.249.167.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64390
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.249.167.244.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072900 1800 900 604800 86400

;; Query time: 332 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 30 01:12:59 CST 2020
;; MSG SIZE  rcvd: 118

Host info

244.167.249.94.in-addr.arpa domain name pointer apiptr79.api-roundcubeseguridad.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
244.167.249.94.in-addr.arpa	name = apiptr79.api-roundcubeseguridad.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.211.55.22	attackspam	$f2bV_matches	2020-06-04 02:13:43
37.230.189.22	attackbots	firewall-block, port(s): 445/tcp	2020-06-04 01:56:16
143.255.150.81	attack	(sshd) Failed SSH login from 143.255.150.81 (BR/Brazil/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 3 17:33:33 ubnt-55d23 sshd[7052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.255.150.81 user=root Jun 3 17:33:35 ubnt-55d23 sshd[7052]: Failed password for root from 143.255.150.81 port 53174 ssh2	2020-06-04 02:15:40
182.61.2.67	attack	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-04 02:12:15
51.178.78.154	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 37 - port: 636 proto: TCP cat: Misc Attack	2020-06-04 02:02:08
164.52.24.162	attackbotsspam	TCP (SYN) 164.52.24.162:50542 -> port 443, len 44	2020-06-04 01:57:36
185.153.199.102	attackbots	DATE:2020-06-03 13:49:27, IP:185.153.199.102, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-06-04 02:13:07
138.97.239.9	attack	2020-06-03T15:30:55.079307struts4.enskede.local sshd\[10571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.239.9 user=root 2020-06-03T15:30:57.984504struts4.enskede.local sshd\[10571\]: Failed password for root from 138.97.239.9 port 57648 ssh2 2020-06-03T15:35:20.566661struts4.enskede.local sshd\[10606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.239.9 user=root 2020-06-03T15:35:23.537446struts4.enskede.local sshd\[10606\]: Failed password for root from 138.97.239.9 port 60017 ssh2 2020-06-03T15:39:47.811111struts4.enskede.local sshd\[10617\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.239.9 user=root ...	2020-06-04 02:00:06
43.225.151.252	attack	Jun 3 19:28:47 srv sshd[21104]: Failed password for root from 43.225.151.252 port 44098 ssh2	2020-06-04 02:02:40
140.143.236.227	attackspam	Jun 3 17:42:35 gw1 sshd[19375]: Failed password for root from 140.143.236.227 port 57652 ssh2 ...	2020-06-04 02:26:08
181.49.246.20	attack	Jun 3 13:49:44 mellenthin sshd[9169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.246.20 user=root Jun 3 13:49:46 mellenthin sshd[9169]: Failed password for invalid user root from 181.49.246.20 port 56010 ssh2	2020-06-04 02:04:36
128.14.180.102	attackbots	1591207020 - 06/03/2020 19:57:00 Host: 128.14.180.102/128.14.180.102 Port: 161 UDP Blocked ...	2020-06-04 02:14:32
116.240.127.128	attackbots	AbusiveCrawling	2020-06-04 02:10:38
116.110.10.167	attack	[PY] (sshd) Failed SSH login from 116.110.10.167 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 3 10:50:40 svr sshd[3063684]: refused connect from 116.110.10.167 (116.110.10.167) Jun 3 10:50:44 svr sshd[3063713]: refused connect from 116.110.10.167 (116.110.10.167) Jun 3 10:50:44 svr sshd[3063714]: refused connect from 116.110.10.167 (116.110.10.167) Jun 3 10:50:44 svr sshd[3063721]: refused connect from 116.110.10.167 (116.110.10.167) Jun 3 10:50:45 svr sshd[3063726]: refused connect from 116.110.10.167 (116.110.10.167)	2020-06-04 01:54:04
95.217.218.140	attack	Automatic report - XMLRPC Attack	2020-06-04 02:14:11

Recently Reported IPs

37.74.44.112	48.243.215.6	87.218.138.220	148.8.207.137
187.95.10.162	118.116.121.228	175.145.200.60	78.85.28.14
24.157.25.203	48.93.158.200	121.238.76.89	172.67.73.189
111.39.88.92	201.40.244.234	200.194.32.135	72.136.24.3
167.71.138.104	116.48.67.243	51.77.200.4	180.120.210.152