94.50.161.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russia

Internet Service Provider: OJSC Rostelecom

Hostname: unknown

Organization: Rostelecom

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 94.50.161.1 on Port 445(SMB)	2020-05-20 19:09:02
attack	Unauthorized connection attempt from IP address 94.50.161.1 on Port 445(SMB)	2019-12-16 16:59:15
attackspambots	445/tcp 445/tcp 445/tcp [2019-06-14/08-12]3pkt	2019-08-13 04:03:48

Comments on same subnet:

IP	Type	Details	Datetime
94.50.161.3	attack	Unauthorized connection attempt from IP address 94.50.161.3 on Port 445(SMB)	2020-03-23 00:12:49
94.50.161.3	attack	Unauthorized connection attempt from IP address 94.50.161.3 on Port 445(SMB)	2019-11-24 07:09:30
94.50.161.24	attack	SSH Brute Force, server-1 sshd[30265]: Failed password for root from 94.50.161.24 port 53936 ssh2	2019-09-27 02:30:10
94.50.161.24	attackbots	Sep 22 02:52:06 h2177944 sshd\[24295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.50.161.24 Sep 22 02:52:09 h2177944 sshd\[24295\]: Failed password for invalid user oracle from 94.50.161.24 port 54876 ssh2 Sep 22 03:53:08 h2177944 sshd\[26759\]: Invalid user ubnt from 94.50.161.24 port 48026 Sep 22 03:53:08 h2177944 sshd\[26759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.50.161.24 ...	2019-09-22 09:55:12
94.50.161.24	attack	Triggered by Fail2Ban at Vostok web server	2019-09-21 07:52:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.50.161.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24367
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.50.161.1.			IN	A

;; AUTHORITY SECTION:
.			17	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081201 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 13 04:03:43 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 1.161.50.94.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 1.161.50.94.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.28.191.33	attackbotsspam	Aug 21 10:39:27 plex sshd[14859]: Invalid user burn from 129.28.191.33 port 60806	2019-08-21 19:24:37
129.211.52.70	attack	Aug 21 13:11:49 mout sshd[12006]: Invalid user argo from 129.211.52.70 port 58610	2019-08-21 19:20:11
92.118.37.74	attackbots	Aug 21 12:36:57 h2177944 kernel: \[4707441.802281\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=38850 PROTO=TCP SPT=46525 DPT=40299 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 21 12:38:41 h2177944 kernel: \[4707546.389894\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=56284 PROTO=TCP SPT=46525 DPT=11905 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 21 12:39:31 h2177944 kernel: \[4707595.551066\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=20182 PROTO=TCP SPT=46525 DPT=62677 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 21 12:41:30 h2177944 kernel: \[4707714.991925\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=13599 PROTO=TCP SPT=46525 DPT=35552 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 21 12:41:57 h2177944 kernel: \[4707741.759452\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9	2019-08-21 19:25:03
18.85.192.253	attackspam	LGS,WP GET /wp-login.php	2019-08-21 19:02:09
220.134.209.126	attackspam	Aug 21 12:10:33 h2177944 sshd\[22156\]: Invalid user klind from 220.134.209.126 port 17644 Aug 21 12:10:33 h2177944 sshd\[22156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.209.126 Aug 21 12:10:34 h2177944 sshd\[22156\]: Failed password for invalid user klind from 220.134.209.126 port 17644 ssh2 Aug 21 12:15:09 h2177944 sshd\[22239\]: Invalid user usuario from 220.134.209.126 port 62796 Aug 21 12:15:09 h2177944 sshd\[22239\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.209.126 ...	2019-08-21 19:01:12
51.68.190.223	attackspambots	Aug 21 10:24:58 MK-Soft-Root1 sshd\[7319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.190.223 user=root Aug 21 10:25:00 MK-Soft-Root1 sshd\[7319\]: Failed password for root from 51.68.190.223 port 49022 ssh2 Aug 21 10:29:24 MK-Soft-Root1 sshd\[7979\]: Invalid user liorder from 51.68.190.223 port 38872 ...	2019-08-21 18:52:20
207.154.239.128	attackspam	Jul 30 16:51:55 server sshd\[54737\]: Invalid user aric from 207.154.239.128 Jul 30 16:51:55 server sshd\[54737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.239.128 Jul 30 16:51:58 server sshd\[54737\]: Failed password for invalid user aric from 207.154.239.128 port 36492 ssh2 ...	2019-08-21 19:05:10
94.61.10.176	attackspambots	Invalid user ftpuser from 94.61.10.176 port 7532	2019-08-21 19:16:26
209.97.142.250	attackbots	SSH Brute-Force reported by Fail2Ban	2019-08-21 19:15:10
210.120.112.18	attack	May 18 09:25:47 server sshd\[172722\]: Invalid user rebecca from 210.120.112.18 May 18 09:25:47 server sshd\[172722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.120.112.18 May 18 09:25:49 server sshd\[172722\]: Failed password for invalid user rebecca from 210.120.112.18 port 38768 ssh2 ...	2019-08-21 19:32:30
213.239.206.90	attackspam	Automatic report - Banned IP Access	2019-08-21 19:03:01
206.167.33.17	attackbotsspam	Aug 20 22:09:45 web1 sshd\[11940\]: Invalid user 1qaz2wsx3edc from 206.167.33.17 Aug 20 22:09:45 web1 sshd\[11940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.167.33.17 Aug 20 22:09:48 web1 sshd\[11940\]: Failed password for invalid user 1qaz2wsx3edc from 206.167.33.17 port 37562 ssh2 Aug 20 22:16:21 web1 sshd\[12540\]: Invalid user P@ssw0rd from 206.167.33.17 Aug 20 22:16:21 web1 sshd\[12540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.167.33.17	2019-08-21 19:08:29
177.131.60.93	attack	Automatic report - Port Scan Attack	2019-08-21 18:55:46
178.33.185.70	attack	Invalid user ashley from 178.33.185.70 port 44186	2019-08-21 19:34:12
27.192.9.58	attackspambots	Automatic report - Port Scan Attack	2019-08-21 19:30:04

Recently Reported IPs

212.3.150.254	83.14.40.241	88.81.238.245	57.238.136.183
145.48.20.216	4.83.249.156	212.3.150.14	134.209.223.226
75.224.121.241	154.68.5.87	179.192.13.65	77.34.55.118
202.74.245.140	150.223.33.108	36.251.85.113	216.16.198.14
148.213.252.222	3.218.69.224	106.51.66.24	49.111.29.204