94.137.9.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Omskie Kabelnye Seti Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 94.137.9.242 on Port 445(SMB)	2020-08-22 00:55:49
attackbotsspam	Unauthorized connection attempt from IP address 94.137.9.242 on Port 445(SMB)	2020-06-10 23:06:08
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 12:43:41,772 INFO [shellcode_manager] (94.137.9.242) no match, writing hexdump (cb433886e24940dc865eac7932fd3454 :2108215) - MS17010 (EternalBlue)	2019-07-09 14:53:51

Type

Details

Datetime

attackspambots

Unauthorized connection attempt from IP address 94.137.9.242 on Port 445(SMB)

2020-08-22 00:55:49

attackbotsspam

Unauthorized connection attempt from IP address 94.137.9.242 on Port 445(SMB)

2020-06-10 23:06:08

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 12:43:41,772 INFO [shellcode_manager] (94.137.9.242) no match, writing hexdump (cb433886e24940dc865eac7932fd3454 :2108215) - MS17010 (EternalBlue)

2019-07-09 14:53:51

Comments on same subnet:

IP	Type	Details	Datetime
94.137.9.246	attack	Honeypot attack, port: 445, PTR: host246.net137-9.omkc.ru.	2020-01-30 22:36:47

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.137.9.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19764
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.137.9.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 06 09:01:38 CST 2019
;; MSG SIZE  rcvd: 116

Host info

242.9.137.94.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 242.9.137.94.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
84.119.173.125	attackbotsspam	(sshd) Failed SSH login from 84.119.173.125 (DE/Germany/ip-84-119-173-125.unity-media.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 1 08:12:05 amsweb01 sshd[31514]: Invalid user cnc from 84.119.173.125 port 57152 Mar 1 08:12:07 amsweb01 sshd[31514]: Failed password for invalid user cnc from 84.119.173.125 port 57152 ssh2 Mar 1 08:17:12 amsweb01 sshd[2053]: Invalid user harry from 84.119.173.125 port 35656 Mar 1 08:17:14 amsweb01 sshd[2053]: Failed password for invalid user harry from 84.119.173.125 port 35656 ssh2 Mar 1 08:22:09 amsweb01 sshd[4156]: Failed password for root from 84.119.173.125 port 50790 ssh2	2020-03-01 16:03:41
69.229.6.47	attackspambots	Mar 1 12:40:31 gw1 sshd[22864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.229.6.47 Mar 1 12:40:33 gw1 sshd[22864]: Failed password for invalid user wry from 69.229.6.47 port 60472 ssh2 ...	2020-03-01 15:46:06
64.225.14.108	attackbotsspam	Mar 1 03:09:51 plusreed sshd[7137]: Invalid user app from 64.225.14.108 ...	2020-03-01 16:17:24
122.51.224.155	attack	Feb 29 23:56:34 askasleikir sshd[41306]: Failed password for invalid user test from 122.51.224.155 port 41894 ssh2	2020-03-01 16:11:59
81.196.85.154	attackbotsspam	Unauthorized connection attempt detected from IP address 81.196.85.154 to port 23 [J]	2020-03-01 16:02:24
77.85.205.106	attackspambots	trying to access non-authorized port	2020-03-01 15:39:50
121.78.131.176	attackspam	Automatic report - XMLRPC Attack	2020-03-01 16:20:38
45.165.0.163	attackbotsspam	Unauthorized connection attempt detected from IP address 45.165.0.163 to port 2323 [J]	2020-03-01 16:16:37
94.191.62.172	attackspambots	Feb 29 21:27:42 wbs sshd\[9732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.62.172 user=man Feb 29 21:27:44 wbs sshd\[9732\]: Failed password for man from 94.191.62.172 port 35570 ssh2 Feb 29 21:32:42 wbs sshd\[10147\]: Invalid user web from 94.191.62.172 Feb 29 21:32:42 wbs sshd\[10147\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.62.172 Feb 29 21:32:45 wbs sshd\[10147\]: Failed password for invalid user web from 94.191.62.172 port 60634 ssh2	2020-03-01 15:45:30
201.48.114.241	attackbots	Feb 29 22:05:36 web1 sshd\[18904\]: Invalid user yangzhishuang from 201.48.114.241 Feb 29 22:05:36 web1 sshd\[18904\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.114.241 Feb 29 22:05:39 web1 sshd\[18904\]: Failed password for invalid user yangzhishuang from 201.48.114.241 port 42172 ssh2 Feb 29 22:10:36 web1 sshd\[19400\]: Invalid user odroid from 201.48.114.241 Feb 29 22:10:36 web1 sshd\[19400\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.114.241	2020-03-01 16:15:46
187.131.20.149	attack	Unauthorized connection attempt detected from IP address 187.131.20.149 to port 8080 [J]	2020-03-01 15:53:21
165.22.246.219	attackbotsspam	[munged]::443 165.22.246.219 - - [01/Mar/2020:05:53:33 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:53:49 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:54:05 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:54:21 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:54:37 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:54:53 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:55:09 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:55:25 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:55:41 +0100] "POST /[munged]: HTTP/1.1" 200 6016 "-" "-" [munged]::443 165.22.246.219 - - [01/Mar/2020:05:55:57 +0100] "POST /[	2020-03-01 16:01:39
159.89.196.75	attack	Feb 29 21:47:02 tdfoods sshd\[29568\]: Invalid user tongxin from 159.89.196.75 Feb 29 21:47:02 tdfoods sshd\[29568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.196.75 Feb 29 21:47:05 tdfoods sshd\[29568\]: Failed password for invalid user tongxin from 159.89.196.75 port 41726 ssh2 Feb 29 21:54:24 tdfoods sshd\[30224\]: Invalid user ubuntu from 159.89.196.75 Feb 29 21:54:24 tdfoods sshd\[30224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.196.75	2020-03-01 16:01:55
27.150.18.147	attack	Mar 1 08:17:28 jane sshd[2824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.150.18.147 Mar 1 08:17:30 jane sshd[2824]: Failed password for invalid user cron from 27.150.18.147 port 38267 ssh2 ...	2020-03-01 15:49:43
43.226.151.165	attackspambots	$f2bV_matches	2020-03-01 16:05:08

Recently Reported IPs

59.124.94.145	175.126.166.140	185.148.243.15	91.200.225.194
191.222.1.58	121.201.67.79	116.122.36.90	13.75.45.53
4.71.194.130	181.210.247.33	239.147.157.34	111.68.98.169
74.212.155.201	201.144.53.210	152.169.184.117	122.156.17.255
118.166.70.234	146.240.111.87	172.170.0.252	5.188.210.203