94.242.171.220

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Rostelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Port probing on unauthorized port 23	2020-05-01 00:19:09

Comments on same subnet:

IP	Type	Details	Datetime
94.242.171.166	attack	1602016923 - 10/06/2020 22:42:03 Host: 94.242.171.166/94.242.171.166 Port: 445 TCP Blocked ...	2020-10-08 07:06:11
94.242.171.166	attackspam	1602016923 - 10/06/2020 22:42:03 Host: 94.242.171.166/94.242.171.166 Port: 445 TCP Blocked ...	2020-10-07 23:31:01
94.242.171.166	attackbots	1602016923 - 10/06/2020 22:42:03 Host: 94.242.171.166/94.242.171.166 Port: 445 TCP Blocked ...	2020-10-07 15:35:52
94.242.171.201	attack	2019-01-25 16:40:58 H=$201.net-94.242.171.kaluga.ru$ \[94.242.171.201\]:14041 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-01-25 16:41:43 H=$201.net-94.242.171.kaluga.ru$ \[94.242.171.201\]:14294 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-01-25 16:42:07 H=$201.net-94.242.171.kaluga.ru$ \[94.242.171.201\]:14395 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2019-10-25 01:27:19
94.242.171.130	attack	Unauthorized connection attempt from IP address 94.242.171.130 on Port 445(SMB)	2019-09-08 00:46:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.242.171.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13113
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.242.171.220.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020043000 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 01 00:19:00 CST 2020
;; MSG SIZE  rcvd: 118

Host info

220.171.242.94.in-addr.arpa domain name pointer 220.net-94.242.171.kaluga.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
220.171.242.94.in-addr.arpa	name = 220.net-94.242.171.kaluga.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.2.196.41	attack	" "	2019-07-04 21:44:45
120.132.117.254	attackspambots	Jul 4 06:05:58 MK-Soft-VM3 sshd\[19963\]: Invalid user admin1 from 120.132.117.254 port 43043 Jul 4 06:05:58 MK-Soft-VM3 sshd\[19963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.117.254 Jul 4 06:06:00 MK-Soft-VM3 sshd\[19963\]: Failed password for invalid user admin1 from 120.132.117.254 port 43043 ssh2 ...	2019-07-04 21:15:28
77.43.209.87	attack	Unauthorised access (Jul 4) SRC=77.43.209.87 LEN=40 TTL=52 ID=46752 TCP DPT=23 WINDOW=40821 SYN	2019-07-04 21:57:54
104.248.255.118	attackbots	Jul 4 15:17:47 [host] sshd[24736]: Invalid user ndaniels from 104.248.255.118 Jul 4 15:17:47 [host] sshd[24736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.255.118 Jul 4 15:17:49 [host] sshd[24736]: Failed password for invalid user ndaniels from 104.248.255.118 port 45496 ssh2	2019-07-04 21:25:18
186.31.37.202	attack	Jul 4 15:14:32 dedicated sshd[30091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.31.37.202 user=root Jul 4 15:14:34 dedicated sshd[30091]: Failed password for root from 186.31.37.202 port 45819 ssh2 Jul 4 15:17:44 dedicated sshd[30394]: Invalid user marketing from 186.31.37.202 port 45715 Jul 4 15:17:44 dedicated sshd[30394]: Invalid user marketing from 186.31.37.202 port 45715	2019-07-04 21:27:29
128.199.205.52	attackbotsspam	www.handydirektreparatur.de 128.199.205.52 \[04/Jul/2019:15:18:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5667 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 128.199.205.52 \[04/Jul/2019:15:18:01 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4116 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-04 21:20:00
138.197.153.228	attack	Jul 4 13:17:22 marvibiene sshd[54766]: Invalid user scaner from 138.197.153.228 port 55314 Jul 4 13:17:22 marvibiene sshd[54766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.153.228 Jul 4 13:17:22 marvibiene sshd[54766]: Invalid user scaner from 138.197.153.228 port 55314 Jul 4 13:17:25 marvibiene sshd[54766]: Failed password for invalid user scaner from 138.197.153.228 port 55314 ssh2 ...	2019-07-04 21:38:55
120.52.152.17	attackbots	04.07.2019 13:16:43 Connection to port 179 blocked by firewall	2019-07-04 22:03:03
202.93.35.19	attack	Brute force attempt	2019-07-04 22:06:18
23.248.219.125	attack	MultiHost/MultiPort scaning...	2019-07-04 21:37:50
217.133.99.111	attackspambots	Jul 4 09:53:46 plusreed sshd[10332]: Invalid user law from 217.133.99.111 ...	2019-07-04 22:00:15
185.220.101.61	attackbotsspam	Automatic report - Web App Attack	2019-07-04 21:36:02
111.230.112.37	attackbots	$f2bV_matches	2019-07-04 22:05:28
171.236.74.243	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 11:59:24,108 INFO [shellcode_manager] (171.236.74.243) no match, writing hexdump (89962ecd1a273fee7ed0c5aff922de0c :2262831) - MS17010 (EternalBlue)	2019-07-04 21:57:32
185.67.177.42	attackbots	Looking for resource vulnerabilities	2019-07-04 21:46:11

Recently Reported IPs

54.91.82.218	50.3.177.107	46.85.114.252	46.19.43.41
45.141.85.110	31.0.230.95	5.189.23.195	222.66.119.13
220.135.34.145	219.77.70.18	219.73.75.229	211.140.94.24
187.201.202.193	209.141.37.175	82.70.166.38	236.80.239.187
52.93.28.154	220.26.209.183	91.241.26.63	167.89.190.241