94.97.21.243 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Saudi Arabia

Internet Service Provider: Saudi Telecom Company JSC

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2019-09-16 19:11:47 1i9uXS-0007Is-Uh SMTP connection from \(\[37.216.249.114\]\) \[94.97.21.243\]:20156 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-09-16 19:12:31 1i9uYB-0007Jt-1e SMTP connection from \(\[37.216.249.114\]\) \[94.97.21.243\]:38182 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-09-16 19:13:13 1i9uYq-0007Kf-Dh SMTP connection from \(\[37.216.249.114\]\) \[94.97.21.243\]:32664 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2019-10-24 20:12:43

Type

Details

Datetime

attackbotsspam

2019-09-16 19:11:47 1i9uXS-0007Is-Uh SMTP connection from \(\[37.216.249.114\]\) \[94.97.21.243\]:20156 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-09-16 19:12:31 1i9uYB-0007Jt-1e SMTP connection from \(\[37.216.249.114\]\) \[94.97.21.243\]:38182 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-09-16 19:13:13 1i9uYq-0007Kf-Dh SMTP connection from \(\[37.216.249.114\]\) \[94.97.21.243\]:32664 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2019-10-24 20:12:43

Comments on same subnet:

IP	Type	Details	Datetime
94.97.21.217	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-14 02:55:49
94.97.21.217	attackbots	1578401819 - 01/07/2020 13:56:59 Host: 94.97.21.217/94.97.21.217 Port: 445 TCP Blocked	2020-01-08 03:13:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.97.21.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7794
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.97.21.243.			IN	A

;; AUTHORITY SECTION:
.			408	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102400 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 20:12:36 CST 2019
;; MSG SIZE  rcvd: 116

Host info

243.21.97.94.in-addr.arpa domain name pointer mail.pme.gov.sa.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
243.21.97.94.in-addr.arpa	name = mail.pme.gov.sa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.236.160.254	attackspambots	DATE:2019-11-15 05:58:09, IP:192.236.160.254, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-15 14:16:38
185.153.198.211	attack	Unauthorized connection attempt from IP address 185.153.198.211 on Port 3389(RDP)	2019-11-15 14:08:27
177.126.146.3	attackspambots	Automatic report - Port Scan Attack	2019-11-15 14:22:55
136.243.64.237	attack	searching backdoor	2019-11-15 14:03:09
118.126.105.120	attackspambots	Nov 15 11:22:26 vibhu-HP-Z238-Microtower-Workstation sshd\[25078\]: Invalid user server from 118.126.105.120 Nov 15 11:22:26 vibhu-HP-Z238-Microtower-Workstation sshd\[25078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.105.120 Nov 15 11:22:28 vibhu-HP-Z238-Microtower-Workstation sshd\[25078\]: Failed password for invalid user server from 118.126.105.120 port 55896 ssh2 Nov 15 11:27:29 vibhu-HP-Z238-Microtower-Workstation sshd\[25390\]: Invalid user hessman from 118.126.105.120 Nov 15 11:27:29 vibhu-HP-Z238-Microtower-Workstation sshd\[25390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.105.120 ...	2019-11-15 14:09:56
178.128.247.219	attackspambots	sshd jail - ssh hack attempt	2019-11-15 13:56:01
114.67.80.41	attackbots	Nov 15 06:32:12 legacy sshd[19932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.41 Nov 15 06:32:14 legacy sshd[19932]: Failed password for invalid user pyam from 114.67.80.41 port 55384 ssh2 Nov 15 06:37:49 legacy sshd[20057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.41 ...	2019-11-15 14:01:56
185.216.140.252	attackspam	11/15/2019-00:54:26.126502 185.216.140.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-15 14:26:10
187.210.226.214	attackspam	Nov 15 06:13:29 microserver sshd[47698]: Invalid user aleiyah from 187.210.226.214 port 36086 Nov 15 06:13:29 microserver sshd[47698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.210.226.214 Nov 15 06:13:31 microserver sshd[47698]: Failed password for invalid user aleiyah from 187.210.226.214 port 36086 ssh2 Nov 15 06:18:01 microserver sshd[48365]: Invalid user riccardo from 187.210.226.214 port 48302 Nov 15 06:18:01 microserver sshd[48365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.210.226.214 Nov 15 06:31:06 microserver sshd[50302]: Invalid user feber from 187.210.226.214 port 56714 Nov 15 06:31:06 microserver sshd[50302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.210.226.214 Nov 15 06:31:08 microserver sshd[50302]: Failed password for invalid user feber from 187.210.226.214 port 56714 ssh2 Nov 15 06:35:32 microserver sshd[50927]: Invalid user kulsrud from 187.2	2019-11-15 13:55:48
170.84.57.255	attack	Telnet Server BruteForce Attack	2019-11-15 14:08:47
222.186.169.194	attackspambots	Nov 15 04:57:17 ip-172-31-62-245 sshd\[409\]: Failed password for root from 222.186.169.194 port 18444 ssh2\ Nov 15 04:57:36 ip-172-31-62-245 sshd\[411\]: Failed password for root from 222.186.169.194 port 50474 ssh2\ Nov 15 04:57:39 ip-172-31-62-245 sshd\[411\]: Failed password for root from 222.186.169.194 port 50474 ssh2\ Nov 15 04:57:42 ip-172-31-62-245 sshd\[411\]: Failed password for root from 222.186.169.194 port 50474 ssh2\ Nov 15 04:57:45 ip-172-31-62-245 sshd\[411\]: Failed password for root from 222.186.169.194 port 50474 ssh2\	2019-11-15 14:28:54
45.125.65.34	attackspam	2019-11-15 dovecot_login authenticator failed for \(User\) \[45.125.65.34\]: 535 Incorrect authentication data \(set_id=matt\) 2019-11-15 dovecot_login authenticator failed for \(User\) \[45.125.65.34\]: 535 Incorrect authentication data \(set_id=yellow\) 2019-11-15 dovecot_login authenticator failed for \(User\) \[45.125.65.34\]: 535 Incorrect authentication data \(set_id=maverick\)	2019-11-15 13:50:59
112.64.170.178	attackspambots	Nov 15 06:44:00 vps691689 sshd[14116]: Failed password for root from 112.64.170.178 port 25503 ssh2 Nov 15 06:50:30 vps691689 sshd[14208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.170.178 ...	2019-11-15 13:51:30
58.56.32.238	attackspambots	Invalid user lm from 58.56.32.238 port 6248	2019-11-15 14:26:23
71.6.233.27	attackspam	" "	2019-11-15 14:06:06

Recently Reported IPs

94.66.59.86	94.66.59.215	94.66.59.120	192.236.179.32
220.156.167.132	94.66.57.96	94.66.223.192	94.66.56.87
94.66.220.54	175.182.135.196	94.66.220.153	94.66.220.36
77.222.134.186	94.66.118.121	94.63.93.168	94.63.82.123
94.63.64.94	94.63.46.137	94.63.35.110	14.63.212.215