94.25.229.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: PJSC MegaFon

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 07-10-2019 20:50:44.	2019-10-08 06:08:53

Comments on same subnet:

IP	Type	Details	Datetime
94.25.229.21	attackspam	Unauthorized connection attempt from IP address 94.25.229.21 on Port 445(SMB)	2020-09-15 21:16:46
94.25.229.21	attackbots	Unauthorized connection attempt from IP address 94.25.229.21 on Port 445(SMB)	2020-09-15 13:14:53
94.25.229.103	attack	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	2020-07-13 02:19:36
94.25.229.241	attack	20/6/21@23:54:18: FAIL: Alarm-Network address from=94.25.229.241 20/6/21@23:54:19: FAIL: Alarm-Network address from=94.25.229.241 ...	2020-06-22 13:36:47
94.25.229.118	attackbots	Unauthorized connection attempt detected from IP address 94.25.229.118 to port 445	2020-05-30 04:30:08
94.25.229.96	attackspambots	Fail2Ban Ban Triggered	2020-05-27 15:00:59
94.25.229.42	attackspam	1589373229 - 05/13/2020 14:33:49 Host: 94.25.229.42/94.25.229.42 Port: 445 TCP Blocked	2020-05-14 02:20:05
94.25.229.163	attackspambots	Unauthorized connection attempt from IP address 94.25.229.163 on Port 445(SMB)	2020-04-01 01:06:49
94.25.229.203	attackspam	Honeypot attack, port: 445, PTR: client.yota.ru.	2020-03-31 03:12:57
94.25.229.18	attackbots	Unauthorized connection attempt from IP address 94.25.229.18 on Port 445(SMB)	2020-02-19 07:09:09
94.25.229.158	attackspam	Unauthorized connection attempt from IP address 94.25.229.158 on Port 445(SMB)	2020-02-19 06:10:09
94.25.229.100	attack	Unauthorized connection attempt from IP address 94.25.229.100 on Port 445(SMB)	2020-02-08 03:55:04
94.25.229.79	attackbotsspam	1578575361 - 01/09/2020 14:09:21 Host: 94.25.229.79/94.25.229.79 Port: 445 TCP Blocked	2020-01-09 23:04:59
94.25.229.212	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 13:05:23.	2020-01-03 23:29:10
94.25.229.122	attackspam	Unauthorized connection attempt detected from IP address 94.25.229.122 to port 445	2019-12-14 00:34:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.25.229.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14726
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.25.229.50.			IN	A

;; AUTHORITY SECTION:
.			523	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100702 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 08 06:08:50 CST 2019
;; MSG SIZE  rcvd: 116

Host info

50.229.25.94.in-addr.arpa domain name pointer client.yota.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
50.229.25.94.in-addr.arpa	name = client.yota.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
141.98.10.143	attackspambots	2020-10-11T07:15:58.824676linuxbox-skyline auth[29215]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=1111111 rhost=141.98.10.143 ...	2020-10-11 21:36:19
69.119.85.43	attackspam	(sshd) Failed SSH login from 69.119.85.43 (US/United States/ool-4577552b.dyn.optonline.net): 10 in the last 3600 secs	2020-10-11 21:31:40
112.85.42.91	attackspam	Oct 11 09:05:00 NPSTNNYC01T sshd[19057]: Failed password for root from 112.85.42.91 port 21806 ssh2 Oct 11 09:05:14 NPSTNNYC01T sshd[19057]: error: maximum authentication attempts exceeded for root from 112.85.42.91 port 21806 ssh2 [preauth] Oct 11 09:05:22 NPSTNNYC01T sshd[19104]: Failed password for root from 112.85.42.91 port 13278 ssh2 ...	2020-10-11 21:06:55
218.92.0.176	attackbots	Oct 11 15:08:09 melroy-server sshd[8204]: Failed password for root from 218.92.0.176 port 5674 ssh2 Oct 11 15:08:13 melroy-server sshd[8204]: Failed password for root from 218.92.0.176 port 5674 ssh2 ...	2020-10-11 21:08:52
14.165.213.62	attackspambots	Oct 11 14:31:21 xeon sshd[2083]: Failed password for invalid user prueba from 14.165.213.62 port 38834 ssh2	2020-10-11 21:17:56
159.89.9.22	attackbotsspam	Oct 11 12:15:30 ns308116 sshd[30875]: Invalid user birmingham from 159.89.9.22 port 58244 Oct 11 12:15:30 ns308116 sshd[30875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.9.22 Oct 11 12:15:32 ns308116 sshd[30875]: Failed password for invalid user birmingham from 159.89.9.22 port 58244 ssh2 Oct 11 12:24:47 ns308116 sshd[980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.9.22 user=root Oct 11 12:24:49 ns308116 sshd[980]: Failed password for root from 159.89.9.22 port 39588 ssh2 ...	2020-10-11 21:26:21
62.234.121.61	attack	Oct 11 02:09:17 vm1 sshd[13943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.121.61 Oct 11 02:09:19 vm1 sshd[13943]: Failed password for invalid user francis from 62.234.121.61 port 51734 ssh2 ...	2020-10-11 21:30:10
37.46.150.205	attackbotsspam	Scanning	2020-10-11 21:15:06
201.122.102.21	attackspam	2020-10-11T11:07:21+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-10-11 21:23:23
46.142.164.107	attackspambots	TCP (SYN) 46.142.164.107:35736 -> port 22, len 44	2020-10-11 21:40:55
111.162.205.249	attack	Oct 7 14:42:18 cumulus sshd[25179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.162.205.249 user=r.r Oct 7 14:42:20 cumulus sshd[25179]: Failed password for r.r from 111.162.205.249 port 58194 ssh2 Oct 7 14:42:20 cumulus sshd[25179]: Received disconnect from 111.162.205.249 port 58194:11: Bye Bye [preauth] Oct 7 14:42:20 cumulus sshd[25179]: Disconnected from 111.162.205.249 port 58194 [preauth] Oct 7 14:44:17 cumulus sshd[25389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.162.205.249 user=r.r Oct 7 14:44:19 cumulus sshd[25389]: Failed password for r.r from 111.162.205.249 port 50048 ssh2 Oct 7 14:44:20 cumulus sshd[25389]: Received disconnect from 111.162.205.249 port 50048:11: Bye Bye [preauth] Oct 7 14:44:20 cumulus sshd[25389]: Disconnected from 111.162.205.249 port 50048 [preauth] Oct 7 14:45:12 cumulus sshd[25498]: pam_unix(sshd:auth): authentication failure........ -------------------------------	2020-10-11 21:42:15
192.173.14.138	attackspam	Brute forcing email accounts	2020-10-11 21:33:22
64.202.189.187	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-10-11 21:04:42
49.232.133.186	attack	2020-10-11T16:27:29.896016hostname sshd[15310]: Failed password for invalid user andrea from 49.232.133.186 port 51424 ssh2 2020-10-11T16:36:57.616032hostname sshd[19025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.133.186 user=root 2020-10-11T16:36:59.359721hostname sshd[19025]: Failed password for root from 49.232.133.186 port 55184 ssh2 ...	2020-10-11 21:29:21
45.148.10.28	attack	Fail2Ban automatic report: SSH brute-force:	2020-10-11 21:05:28

Recently Reported IPs

67.202.219.155	59.48.126.122	216.19.112.117	163.208.198.48
189.218.198.219	5.22.159.145	236.253.2.170	193.183.35.128
46.159.217.11	5.215.121.156	5.143.168.194	222.252.38.224
37.224.20.33	252.116.106.3	143.0.130.204	36.71.183.30
216.13.74.194	196.218.129.203	153.120.11.189	208.138.21.148