2.94.20.137 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: PJSC Vimpelcom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized access detected from black listed ip!	2020-02-25 07:55:59

Comments on same subnet:

IP	Type	Details	Datetime
2.94.202.75	attack	445/tcp [2020-05-10]1pkt	2020-05-11 05:11:56
2.94.20.62	attack	445/tcp [2020-04-08]1pkt	2020-04-09 04:25:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.94.20.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38561
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.94.20.137.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022401 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 25 07:55:56 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 137.20.94.2.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.20.94.2.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
205.185.127.219	attackspambots	Aug 10 17:33:56 herz-der-gamer sshd[17126]: Invalid user hunter from 205.185.127.219 port 57524 Aug 10 17:33:56 herz-der-gamer sshd[17126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.185.127.219 Aug 10 17:33:56 herz-der-gamer sshd[17126]: Invalid user hunter from 205.185.127.219 port 57524 Aug 10 17:33:59 herz-der-gamer sshd[17126]: Failed password for invalid user hunter from 205.185.127.219 port 57524 ssh2 ...	2019-08-11 00:39:03
201.244.0.35	attackspam	Aug 10 19:35:45 itv-usvr-01 sshd[10929]: Invalid user user from 201.244.0.35 Aug 10 19:35:45 itv-usvr-01 sshd[10929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.244.0.35 Aug 10 19:35:45 itv-usvr-01 sshd[10929]: Invalid user user from 201.244.0.35 Aug 10 19:35:47 itv-usvr-01 sshd[10929]: Failed password for invalid user user from 201.244.0.35 port 60470 ssh2 Aug 10 19:40:48 itv-usvr-01 sshd[11228]: Invalid user gary from 201.244.0.35	2019-08-11 01:22:01
139.59.59.90	attackbots	Mar 7 22:57:08 motanud sshd\[6281\]: Invalid user nagios from 139.59.59.90 port 10997 Mar 7 22:57:08 motanud sshd\[6281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.59.90 Mar 7 22:57:10 motanud sshd\[6281\]: Failed password for invalid user nagios from 139.59.59.90 port 10997 ssh2	2019-08-11 01:20:02
143.208.248.222	attack	Aug 10 14:13:41 xeon postfix/smtpd[40335]: warning: unknown[143.208.248.222]: SASL PLAIN authentication failed: authentication failure	2019-08-11 01:36:49
203.110.166.51	attackbotsspam	Aug 10 17:25:20 v22019058497090703 sshd[31784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.166.51 Aug 10 17:25:22 v22019058497090703 sshd[31784]: Failed password for invalid user team from 203.110.166.51 port 52360 ssh2 Aug 10 17:27:30 v22019058497090703 sshd[31930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.166.51 ...	2019-08-11 01:11:12
187.115.241.66	attack	Automatic report - Port Scan Attack	2019-08-11 01:00:34
112.85.42.232	attackbotsspam	10.08.2019 15:01:26 SSH access blocked by firewall	2019-08-11 01:29:49
73.26.245.243	attack	Aug 10 14:16:32 [munged] sshd[32170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.26.245.243 user=root Aug 10 14:16:34 [munged] sshd[32170]: Failed password for root from 73.26.245.243 port 36200 ssh2	2019-08-11 01:27:20
119.81.246.250	attackbotsspam	fail2ban honeypot	2019-08-11 00:36:51
173.239.37.139	attackbots	Aug 10 15:24:54 debian sshd\[4086\]: Invalid user ts from 173.239.37.139 port 41362 Aug 10 15:24:54 debian sshd\[4086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.239.37.139 ...	2019-08-11 00:31:50
185.53.88.35	attack	08/10/2019-11:24:54.103124 185.53.88.35 Protocol: 17 ET SCAN Sipvicious User-Agent Detected (friendly-scanner)	2019-08-11 01:34:21
49.236.212.202	attackspam	Aug 10 15:16:37 srv-4 sshd\[31947\]: Invalid user admin from 49.236.212.202 Aug 10 15:16:37 srv-4 sshd\[31947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.236.212.202 Aug 10 15:16:39 srv-4 sshd\[31947\]: Failed password for invalid user admin from 49.236.212.202 port 52541 ssh2 ...	2019-08-11 01:20:31
51.68.90.167	attackbots	Aug 10 22:14:02 vibhu-HP-Z238-Microtower-Workstation sshd\[29576\]: Invalid user myftp from 51.68.90.167 Aug 10 22:14:02 vibhu-HP-Z238-Microtower-Workstation sshd\[29576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.90.167 Aug 10 22:14:04 vibhu-HP-Z238-Microtower-Workstation sshd\[29576\]: Failed password for invalid user myftp from 51.68.90.167 port 50062 ssh2 Aug 10 22:18:07 vibhu-HP-Z238-Microtower-Workstation sshd\[29702\]: Invalid user ronjones from 51.68.90.167 Aug 10 22:18:07 vibhu-HP-Z238-Microtower-Workstation sshd\[29702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.90.167 ...	2019-08-11 00:50:29
165.227.41.202	attack	Aug 10 17:08:29 MK-Soft-VM4 sshd\[22549\]: Invalid user vnc from 165.227.41.202 port 37144 Aug 10 17:08:29 MK-Soft-VM4 sshd\[22549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.41.202 Aug 10 17:08:32 MK-Soft-VM4 sshd\[22549\]: Failed password for invalid user vnc from 165.227.41.202 port 37144 ssh2 ...	2019-08-11 01:23:44
47.28.217.40	attack	Aug 10 18:29:08 OPSO sshd\[10608\]: Invalid user ncim from 47.28.217.40 port 58254 Aug 10 18:29:09 OPSO sshd\[10608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.28.217.40 Aug 10 18:29:10 OPSO sshd\[10608\]: Failed password for invalid user ncim from 47.28.217.40 port 58254 ssh2 Aug 10 18:35:53 OPSO sshd\[11462\]: Invalid user mozilla from 47.28.217.40 port 49402 Aug 10 18:35:53 OPSO sshd\[11462\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.28.217.40	2019-08-11 00:48:56

Recently Reported IPs

67.207.94.22	139.59.18.197	195.80.50.10	218.161.60.131
171.97.116.210	62.98.180.121	59.44.12.54	95.130.181.11
52.177.197.181	134.209.154.207	2.194.4.188	190.60.210.178
118.173.233.149	49.223.87.116	89.145.165.29	218.104.146.29
201.145.97.127	77.36.141.221	72.27.212.246	59.127.236.228