94.41.44.16 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Ufanet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 94.41.44.16 to port 445 [T]	2020-01-30 14:54:47

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.41.44.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58553
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.41.44.16.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013001 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 14:54:42 CST 2020
;; MSG SIZE  rcvd: 115

Host info

16.44.41.94.in-addr.arpa domain name pointer 94.41.44.16.dynamic.ufanet.ru.

Nslookup info:

Server:		100.100.2.136
Address:	100.100.2.136#53

Non-authoritative answer:
16.44.41.94.in-addr.arpa	name = 94.41.44.16.dynamic.ufanet.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.75.162	attackspambots	Automatic report - XMLRPC Attack	2020-06-29 06:36:47
185.154.254.41	attackbots	Automatic report - Port Scan Attack	2020-06-29 06:56:32
65.52.233.250	attack	1627. On Jun 28 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 65.52.233.250.	2020-06-29 06:53:19
222.186.42.7	attack	2020-06-29T00:29:42.780389centos sshd[8000]: Failed password for root from 222.186.42.7 port 46424 ssh2 2020-06-29T00:29:45.479036centos sshd[8000]: Failed password for root from 222.186.42.7 port 46424 ssh2 2020-06-29T00:29:49.683749centos sshd[8000]: Failed password for root from 222.186.42.7 port 46424 ssh2 ...	2020-06-29 06:47:46
181.30.28.201	attack	$f2bV_matches	2020-06-29 06:31:49
64.225.119.100	attackspambots	Jun 28 22:29:01 nas sshd[31863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.119.100 Jun 28 22:29:03 nas sshd[31863]: Failed password for invalid user archive from 64.225.119.100 port 43284 ssh2 Jun 28 22:36:41 nas sshd[32235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.119.100 ...	2020-06-29 06:56:45
1.245.61.144	attack	4. On Jun 28 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 1.245.61.144.	2020-06-29 06:42:42
222.186.175.23	attackbots	Jun 29 00:41:15 eventyay sshd[11313]: Failed password for root from 222.186.175.23 port 42651 ssh2 Jun 29 00:41:18 eventyay sshd[11313]: Failed password for root from 222.186.175.23 port 42651 ssh2 Jun 29 00:41:20 eventyay sshd[11313]: Failed password for root from 222.186.175.23 port 42651 ssh2 ...	2020-06-29 06:43:14
162.62.26.121	attackspam	Port Scan detected! ...	2020-06-29 06:44:49
78.128.113.109	attack	2020-06-29 01:17:57 dovecot_plain authenticator failed for $ip-113-109.4vendeta.com.$ \[78.128.113.109\]: 535 Incorrect authentication data $set_id=im@ift.org.ua$2020-06-29 01:18:08 dovecot_plain authenticator failed for $ip-113-109.4vendeta.com.$ \[78.128.113.109\]: 535 Incorrect authentication data2020-06-29 01:18:24 dovecot_plain authenticator failed for $ip-113-109.4vendeta.com.$ \[78.128.113.109\]: 535 Incorrect authentication data ...	2020-06-29 06:32:08
103.138.109.89	attackspambots	Attempted Brute Force (dovecot)	2020-06-29 06:31:12
77.220.193.180	attackbots	[SunJun2822:32:30.2232902020][:error][pid6291:tid47657443686144][client77.220.193.180:19913][client77.220.193.180]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected$DisableifyouwanttoallowMSIE6$"][severity"WARNING"][hostname"support-ticino.ch"][uri"/"][unique_id"Xvj@XnyxCx26ifguVUfkaQAAAU8"]\,referer:https://support-ticino.ch/\?author=1[SunJun2822:32:34.1216732020][:error][pid6129:tid47657435281152][client77.220.193.180:64301][client77.220.193.180]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.co	2020-06-29 06:46:40
184.105.247.246	attackbotsspam	4899/tcp 50075/tcp 5900/tcp... [2020-04-30/06-26]31pkt,16pt.(tcp),1pt.(udp)	2020-06-29 07:01:10
201.149.20.162	attackspam	Jun 29 00:20:58 vps sshd[896097]: Failed password for root from 201.149.20.162 port 29630 ssh2 Jun 29 00:24:31 vps sshd[911759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.20.162 user=root Jun 29 00:24:32 vps sshd[911759]: Failed password for root from 201.149.20.162 port 29772 ssh2 Jun 29 00:27:59 vps sshd[931545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.20.162 user=root Jun 29 00:28:02 vps sshd[931545]: Failed password for root from 201.149.20.162 port 29906 ssh2 ...	2020-06-29 06:40:55
218.17.185.31	attack	Unauthorized connection attempt detected from IP address 218.17.185.31 to port 7845	2020-06-29 06:40:26

Recently Reported IPs

182.110.117.2	182.110.116.252	182.107.206.72	182.105.10.78
182.99.185.0	182.34.193.26	182.34.34.212	180.123.113.59
171.4.67.35	153.101.200.238	123.179.129.136	123.179.43.216
123.156.178.187	123.55.2.5	14.196.168.19	121.57.167.73
121.57.165.207	121.57.165.45	119.115.31.3	119.5.188.107