94.242.58.152 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Fishnet Communications LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorised access (Jul 31) SRC=94.242.58.152 LEN=40 TTL=56 ID=27032 TCP DPT=23 WINDOW=22105 SYN	2020-07-31 12:47:29

Comments on same subnet:

IP	Type	Details	Datetime
94.242.58.169	attackspam	Jul 26 13:41:04 meumeu sshd[19278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.169 Jul 26 13:41:06 meumeu sshd[19278]: Failed password for invalid user tomcat from 94.242.58.169 port 38168 ssh2 Jul 26 13:46:17 meumeu sshd[20106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.169 ...	2019-07-26 19:47:04
94.242.58.169	attackbotsspam	Jul 26 08:34:36 webhost01 sshd[14090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.169 Jul 26 08:34:38 webhost01 sshd[14090]: Failed password for invalid user ubuntu from 94.242.58.169 port 53350 ssh2 ...	2019-07-26 09:46:07
94.242.58.98	attack	Jun 24 23:08:54 shadeyouvpn sshd[29914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.98 user=bin Jun 24 23:08:56 shadeyouvpn sshd[29914]: Failed password for bin from 94.242.58.98 port 37882 ssh2 Jun 24 23:08:56 shadeyouvpn sshd[29914]: Received disconnect from 94.242.58.98: 11: Bye Bye [preauth] Jun 24 23:21:15 shadeyouvpn sshd[4850]: Invalid user wrapper from 94.242.58.98 Jun 24 23:21:15 shadeyouvpn sshd[4850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.98 Jun 24 23:21:18 shadeyouvpn sshd[4850]: Failed password for invalid user wrapper from 94.242.58.98 port 48428 ssh2 Jun 24 23:21:18 shadeyouvpn sshd[4850]: Received disconnect from 94.242.58.98: 11: Bye Bye [preauth] Jun 24 23:22:55 shadeyouvpn sshd[5883]: Invalid user cuan from 94.242.58.98 Jun 24 23:22:55 shadeyouvpn sshd[5883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh rus........ -------------------------------	2019-06-26 00:46:36

Type

Details

Datetime

94.242.58.169

attackspam

Jul 26 13:41:04 meumeu sshd[19278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.169 
Jul 26 13:41:06 meumeu sshd[19278]: Failed password for invalid user tomcat from 94.242.58.169 port 38168 ssh2
Jul 26 13:46:17 meumeu sshd[20106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.169 
...

2019-07-26 19:47:04

94.242.58.169

attackbotsspam

Jul 26 08:34:36 webhost01 sshd[14090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.169
Jul 26 08:34:38 webhost01 sshd[14090]: Failed password for invalid user ubuntu from 94.242.58.169 port 53350 ssh2
...

2019-07-26 09:46:07

94.242.58.98

attack

Jun 24 23:08:54 shadeyouvpn sshd[29914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.98  user=bin
Jun 24 23:08:56 shadeyouvpn sshd[29914]: Failed password for bin from 94.242.58.98 port 37882 ssh2
Jun 24 23:08:56 shadeyouvpn sshd[29914]: Received disconnect from 94.242.58.98: 11: Bye Bye [preauth]
Jun 24 23:21:15 shadeyouvpn sshd[4850]: Invalid user wrapper from 94.242.58.98
Jun 24 23:21:15 shadeyouvpn sshd[4850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.242.58.98 
Jun 24 23:21:18 shadeyouvpn sshd[4850]: Failed password for invalid user wrapper from 94.242.58.98 port 48428 ssh2
Jun 24 23:21:18 shadeyouvpn sshd[4850]: Received disconnect from 94.242.58.98: 11: Bye Bye [preauth]
Jun 24 23:22:55 shadeyouvpn sshd[5883]: Invalid user cuan from 94.242.58.98
Jun 24 23:22:55 shadeyouvpn sshd[5883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh rus........
-------------------------------

2019-06-26 00:46:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.242.58.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24289
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.242.58.152.			IN	A

;; AUTHORITY SECTION:
.			565	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020073002 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 31 12:47:23 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 152.58.242.94.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 152.58.242.94.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.34.243.122	attackspam	(sshd) Failed SSH login from 195.34.243.122 (RU/Russia/X122.DSL07.lipetsk.ru): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 30 08:07:39 server sshd[17192]: Failed password for root from 195.34.243.122 port 39646 ssh2 Aug 30 08:14:26 server sshd[18866]: Failed password for root from 195.34.243.122 port 39104 ssh2 Aug 30 08:19:03 server sshd[20871]: Failed password for root from 195.34.243.122 port 43798 ssh2 Aug 30 08:23:28 server sshd[22332]: Invalid user plex from 195.34.243.122 port 48500 Aug 30 08:23:30 server sshd[22332]: Failed password for invalid user plex from 195.34.243.122 port 48500 ssh2	2020-08-30 20:35:42
200.150.175.13	attackbots	20/8/29@23:40:27: FAIL: IoT-Telnet address from=200.150.175.13 20/8/29@23:40:27: FAIL: IoT-Telnet address from=200.150.175.13 ...	2020-08-30 19:59:18
111.67.201.209	attack	Aug 30 05:11:57 dignus sshd[31758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.201.209 user=root Aug 30 05:11:59 dignus sshd[31758]: Failed password for root from 111.67.201.209 port 39674 ssh2 Aug 30 05:16:23 dignus sshd[32436]: Invalid user cld from 111.67.201.209 port 43328 Aug 30 05:16:23 dignus sshd[32436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.201.209 Aug 30 05:16:24 dignus sshd[32436]: Failed password for invalid user cld from 111.67.201.209 port 43328 ssh2 ...	2020-08-30 20:30:22
113.190.44.40	attack	1598758818 - 08/30/2020 05:40:18 Host: 113.190.44.40/113.190.44.40 Port: 445 TCP Blocked	2020-08-30 20:01:47
75.44.16.251	attackspam	Aug 30 07:19:16 firewall sshd[13140]: Failed password for invalid user user_1 from 75.44.16.251 port 40130 ssh2 Aug 30 07:25:38 firewall sshd[13199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.44.16.251 user=root Aug 30 07:25:40 firewall sshd[13199]: Failed password for root from 75.44.16.251 port 43414 ssh2 ...	2020-08-30 19:57:04
45.227.255.4	attack	Aug 30 12:25:39 scw-6657dc sshd[4792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.227.255.4 Aug 30 12:25:39 scw-6657dc sshd[4792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.227.255.4 Aug 30 12:25:40 scw-6657dc sshd[4792]: Failed password for invalid user ubnt from 45.227.255.4 port 3609 ssh2 ...	2020-08-30 20:25:47
106.39.16.242	attackbots	Invalid user sdtdserver from 106.39.16.242 port 2051	2020-08-30 20:17:06
134.175.230.209	attackspam	"fail2ban match"	2020-08-30 20:20:30
85.25.2.71	attackspam	(ftpd) Failed FTP login from 85.25.2.71 (DE/Germany/mail.mccheck.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 30 16:46:14 ir1 pure-ftpd: (?@85.25.2.71) [WARNING] Authentication failed for user [anonymous]	2020-08-30 20:35:14
14.56.180.103	attackbotsspam	Fail2Ban Ban Triggered	2020-08-30 20:07:51
89.23.207.177	attackbotsspam	TCP (SYN) 89.23.207.177:42901 -> port 23, len 44	2020-08-30 20:07:38
198.89.92.162	attackspambots	Brute-force attempt banned	2020-08-30 20:31:23
103.232.120.109	attack	Aug 30 08:16:15 mail sshd\[25638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.232.120.109 user=root ...	2020-08-30 20:36:06
119.27.189.46	attackspambots	Brute-force attempt banned	2020-08-30 20:28:43
139.59.59.102	attackspam	Invalid user alberto from 139.59.59.102 port 58428	2020-08-30 20:00:18

Recently Reported IPs

218.9.243.65	69.132.114.174	54.240.9.36	161.35.29.223
112.213.89.162	193.70.91.169	88.134.145.62	5.153.178.116
123.25.30.252	103.249.238.3	116.72.226.102	14.248.94.195
202.105.238.100	162.22.229.123	122.162.144.7	39.56.137.195
234.14.95.103	45.148.121.81	62.90.80.244	40.70.220.161