172.94.53.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): France

运营商(isp): Secure Internet LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2020-05-02 18:38:12
attackbots	Sep 25 10:59:50 www4 sshd\[63352\]: Invalid user ny from 172.94.53.139 Sep 25 10:59:50 www4 sshd\[63352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.139 Sep 25 10:59:52 www4 sshd\[63352\]: Failed password for invalid user ny from 172.94.53.139 port 35632 ssh2 ...	2019-09-25 17:58:47

类型

评论内容

时间

attack

$f2bV_matches

2020-05-02 18:38:12

attackbots

Sep 25 10:59:50 www4 sshd\[63352\]: Invalid user ny from 172.94.53.139
Sep 25 10:59:50 www4 sshd\[63352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.139
Sep 25 10:59:52 www4 sshd\[63352\]: Failed password for invalid user ny from 172.94.53.139 port 35632 ssh2
...

2019-09-25 17:58:47

相同子网IP讨论:

IP	类型	评论内容	时间
172.94.53.203	attackbots	Tor exit node	2020-05-28 07:15:54
172.94.53.140	attackbots	SSH bruteforce	2020-05-05 05:50:15
172.94.53.133	attackbots	Apr 19 05:30:54 ns382633 sshd\[13938\]: Invalid user git from 172.94.53.133 port 49630 Apr 19 05:30:54 ns382633 sshd\[13938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.133 Apr 19 05:30:56 ns382633 sshd\[13938\]: Failed password for invalid user git from 172.94.53.133 port 49630 ssh2 Apr 19 05:50:54 ns382633 sshd\[18085\]: Invalid user ftpuser from 172.94.53.133 port 58265 Apr 19 05:50:54 ns382633 sshd\[18085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.133	2020-04-19 17:07:31
172.94.53.131	attackbotsspam	Apr 10 12:55:22 taivassalofi sshd[115317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.131 Apr 10 12:55:24 taivassalofi sshd[115317]: Failed password for invalid user miusuario from 172.94.53.131 port 58857 ssh2 ...	2020-04-10 19:16:56
172.94.53.144	attackbots	DATE:2020-02-21 22:31:43,IP:172.94.53.144,MATCHES:10,PORT:ssh	2020-02-22 06:02:54
172.94.53.141	attack	Automatic report - SSH Brute-Force Attack	2020-02-18 21:50:15
172.94.53.154	attackbots	frenzy	2020-02-17 09:45:11
172.94.53.136	attack	Feb 15 06:18:05 firewall sshd[23982]: Invalid user robertson from 172.94.53.136 Feb 15 06:18:06 firewall sshd[23982]: Failed password for invalid user robertson from 172.94.53.136 port 55096 ssh2 Feb 15 06:24:11 firewall sshd[24265]: Invalid user okuda from 172.94.53.136 ...	2020-02-15 18:10:15
172.94.53.146	attackspambots	Automatic report - SSH Brute-Force Attack	2020-02-12 00:58:55
172.94.53.149	attackbotsspam	Jan 20 07:13:48 vtv3 sshd[2773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.149 Jan 20 07:13:50 vtv3 sshd[2773]: Failed password for invalid user amax from 172.94.53.149 port 59924 ssh2 Jan 20 07:20:07 vtv3 sshd[5682]: Failed password for root from 172.94.53.149 port 46116 ssh2 Jan 20 07:31:59 vtv3 sshd[11716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.149 Jan 20 07:32:01 vtv3 sshd[11716]: Failed password for invalid user IEUser from 172.94.53.149 port 46748 ssh2 Jan 20 07:38:00 vtv3 sshd[14445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.149 Jan 20 07:49:47 vtv3 sshd[20007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.149 Jan 20 07:49:48 vtv3 sshd[20007]: Failed password for invalid user upload from 172.94.53.149 port 33585 ssh2 Jan 20 07:55:46 vtv3 sshd[23161]: pam_unix(sshd:auth): authe	2020-01-20 15:31:24
172.94.53.130	attackspambots	Unauthorized connection attempt detected from IP address 172.94.53.130 to port 2220 [J]	2020-01-07 17:25:28
172.94.53.141	attackbots	SSH bruteforce	2019-12-25 14:15:18
172.94.53.145	attack	Nov 27 12:49:21 sachi sshd\[4523\]: Invalid user robert from 172.94.53.145 Nov 27 12:49:21 sachi sshd\[4523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.145 Nov 27 12:49:23 sachi sshd\[4523\]: Failed password for invalid user robert from 172.94.53.145 port 57519 ssh2 Nov 27 12:58:45 sachi sshd\[5266\]: Invalid user admin from 172.94.53.145 Nov 27 12:58:45 sachi sshd\[5266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.145	2019-11-28 07:52:02
172.94.53.132	attackbots	Nov 23 20:08:39 hpm sshd\[7677\]: Invalid user server from 172.94.53.132 Nov 23 20:08:39 hpm sshd\[7677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.132 Nov 23 20:08:42 hpm sshd\[7677\]: Failed password for invalid user server from 172.94.53.132 port 37753 ssh2 Nov 23 20:16:42 hpm sshd\[8409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.132 user=root Nov 23 20:16:44 hpm sshd\[8409\]: Failed password for root from 172.94.53.132 port 56199 ssh2	2019-11-24 22:27:45
172.94.53.137	attack	Nov 22 06:41:52 tdfoods sshd\[8513\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.137 user=root Nov 22 06:41:54 tdfoods sshd\[8513\]: Failed password for root from 172.94.53.137 port 48860 ssh2 Nov 22 06:49:14 tdfoods sshd\[9118\]: Invalid user endy from 172.94.53.137 Nov 22 06:49:14 tdfoods sshd\[9118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.137 Nov 22 06:49:16 tdfoods sshd\[9118\]: Failed password for invalid user endy from 172.94.53.137 port 38463 ssh2	2019-11-23 06:32:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.94.53.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21607
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;172.94.53.139.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092500 1800 900 604800 86400

;; Query time: 129 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 25 17:58:44 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 139.53.94.172.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.53.94.172.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.121.231.130	attack	TCP (SYN) 190.121.231.130:64311 -> port 445, len 52	2020-09-03 19:44:10
178.19.166.228	attackspam	TCP (SYN) 178.19.166.228:20602 -> port 23, len 44	2020-09-03 19:51:51
132.145.242.238	attackbotsspam	Sep 2 22:17:19 php1 sshd\[4618\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.242.238 user=root Sep 2 22:17:22 php1 sshd\[4618\]: Failed password for root from 132.145.242.238 port 33583 ssh2 Sep 2 22:21:02 php1 sshd\[4877\]: Invalid user min from 132.145.242.238 Sep 2 22:21:02 php1 sshd\[4877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.242.238 Sep 2 22:21:04 php1 sshd\[4877\]: Failed password for invalid user min from 132.145.242.238 port 36132 ssh2	2020-09-03 19:41:05
101.89.219.59	attack	Unauthorized connection attempt detected from IP address 101.89.219.59 to port 233 [T]	2020-09-03 19:20:52
155.4.61.15	attackbotsspam	TCP (SYN) 155.4.61.15:51120 -> port 23, len 40	2020-09-03 19:57:48
5.14.243.84	attack	firewall-block, port(s): 80/tcp	2020-09-03 19:48:19
104.248.145.254	attackspam	TCP ports : 11182 / 15830	2020-09-03 19:19:07
209.126.3.185	attack	TCP (SYN) 209.126.3.185:49532 -> port 8080, len 44	2020-09-03 19:49:15
96.127.158.236	attack	TCP ports : 8649 / 8889	2020-09-03 19:23:28
77.247.181.165	attackspambots	Sep 3 12:32:15 [Censored Hostname] sshd[4263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.247.181.165 Sep 3 12:32:17 [Censored Hostname] sshd[4263]: Failed password for invalid user admin from 77.247.181.165 port 8858 ssh2[...]	2020-09-03 19:19:34
89.248.172.85	attackbotsspam	firewall-block, port(s): 43041/tcp, 43200/tcp	2020-09-03 19:25:21
122.51.37.133	attackbotsspam	Sep 3 06:15:14 gospond sshd[13031]: Invalid user admin1 from 122.51.37.133 port 41152 ...	2020-09-03 19:23:46
118.76.188.43	attackspam	Unauthorised access (Sep 3) SRC=118.76.188.43 LEN=40 TTL=46 ID=55373 TCP DPT=8080 WINDOW=54094 SYN Unauthorised access (Sep 2) SRC=118.76.188.43 LEN=40 TTL=46 ID=57650 TCP DPT=8080 WINDOW=54094 SYN Unauthorised access (Sep 2) SRC=118.76.188.43 LEN=40 TTL=46 ID=15088 TCP DPT=8080 WINDOW=59479 SYN Unauthorised access (Sep 2) SRC=118.76.188.43 LEN=40 TTL=46 ID=25431 TCP DPT=8080 WINDOW=59479 SYN Unauthorised access (Sep 2) SRC=118.76.188.43 LEN=40 TTL=46 ID=2325 TCP DPT=8080 WINDOW=59479 SYN Unauthorised access (Sep 1) SRC=118.76.188.43 LEN=40 TTL=46 ID=61807 TCP DPT=8080 WINDOW=54094 SYN Unauthorised access (Aug 31) SRC=118.76.188.43 LEN=40 TTL=46 ID=30372 TCP DPT=8080 WINDOW=54094 SYN Unauthorised access (Aug 30) SRC=118.76.188.43 LEN=40 TTL=46 ID=60720 TCP DPT=8080 WINDOW=59479 SYN Unauthorised access (Aug 30) SRC=118.76.188.43 LEN=40 TTL=46 ID=54456 TCP DPT=8080 WINDOW=54094 SYN	2020-09-03 19:41:26
63.135.57.98	attackbotsspam	TCP (SYN) 63.135.57.98:42064 -> port 22, len 60	2020-09-03 19:36:08
103.255.123.249	attackspambots	Icarus honeypot on github	2020-09-03 19:29:46

最近上报的IP列表

157.160.190.233	183.181.90.101	50.93.120.19	157.245.227.235
194.226.171.105	198.214.255.112	45.148.10.70	170.18.248.219
180.3.178.167	106.12.109.88	49.149.4.178	85.17.127.150
123.16.252.238	113.109.52.91	27.13.7.34	18.189.185.197
106.12.90.45	36.103.228.252	96.9.67.30	163.172.16.25