172.94.53.139 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): France

运营商(isp): Secure Internet LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2020-05-02 18:38:12
attackbots	Sep 25 10:59:50 www4 sshd\[63352\]: Invalid user ny from 172.94.53.139 Sep 25 10:59:50 www4 sshd\[63352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.139 Sep 25 10:59:52 www4 sshd\[63352\]: Failed password for invalid user ny from 172.94.53.139 port 35632 ssh2 ...	2019-09-25 17:58:47

类型

评论内容

时间

attack

$f2bV_matches

2020-05-02 18:38:12

attackbots

Sep 25 10:59:50 www4 sshd\[63352\]: Invalid user ny from 172.94.53.139
Sep 25 10:59:50 www4 sshd\[63352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.139
Sep 25 10:59:52 www4 sshd\[63352\]: Failed password for invalid user ny from 172.94.53.139 port 35632 ssh2
...

2019-09-25 17:58:47

相同子网IP讨论:

IP	类型	评论内容	时间
172.94.53.203	attackbots	Tor exit node	2020-05-28 07:15:54
172.94.53.140	attackbots	SSH bruteforce	2020-05-05 05:50:15
172.94.53.133	attackbots	Apr 19 05:30:54 ns382633 sshd\[13938\]: Invalid user git from 172.94.53.133 port 49630 Apr 19 05:30:54 ns382633 sshd\[13938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.133 Apr 19 05:30:56 ns382633 sshd\[13938\]: Failed password for invalid user git from 172.94.53.133 port 49630 ssh2 Apr 19 05:50:54 ns382633 sshd\[18085\]: Invalid user ftpuser from 172.94.53.133 port 58265 Apr 19 05:50:54 ns382633 sshd\[18085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.133	2020-04-19 17:07:31
172.94.53.131	attackbotsspam	Apr 10 12:55:22 taivassalofi sshd[115317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.131 Apr 10 12:55:24 taivassalofi sshd[115317]: Failed password for invalid user miusuario from 172.94.53.131 port 58857 ssh2 ...	2020-04-10 19:16:56
172.94.53.144	attackbots	DATE:2020-02-21 22:31:43,IP:172.94.53.144,MATCHES:10,PORT:ssh	2020-02-22 06:02:54
172.94.53.141	attack	Automatic report - SSH Brute-Force Attack	2020-02-18 21:50:15
172.94.53.154	attackbots	frenzy	2020-02-17 09:45:11
172.94.53.136	attack	Feb 15 06:18:05 firewall sshd[23982]: Invalid user robertson from 172.94.53.136 Feb 15 06:18:06 firewall sshd[23982]: Failed password for invalid user robertson from 172.94.53.136 port 55096 ssh2 Feb 15 06:24:11 firewall sshd[24265]: Invalid user okuda from 172.94.53.136 ...	2020-02-15 18:10:15
172.94.53.146	attackspambots	Automatic report - SSH Brute-Force Attack	2020-02-12 00:58:55
172.94.53.149	attackbotsspam	Jan 20 07:13:48 vtv3 sshd[2773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.149 Jan 20 07:13:50 vtv3 sshd[2773]: Failed password for invalid user amax from 172.94.53.149 port 59924 ssh2 Jan 20 07:20:07 vtv3 sshd[5682]: Failed password for root from 172.94.53.149 port 46116 ssh2 Jan 20 07:31:59 vtv3 sshd[11716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.149 Jan 20 07:32:01 vtv3 sshd[11716]: Failed password for invalid user IEUser from 172.94.53.149 port 46748 ssh2 Jan 20 07:38:00 vtv3 sshd[14445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.149 Jan 20 07:49:47 vtv3 sshd[20007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.149 Jan 20 07:49:48 vtv3 sshd[20007]: Failed password for invalid user upload from 172.94.53.149 port 33585 ssh2 Jan 20 07:55:46 vtv3 sshd[23161]: pam_unix(sshd:auth): authe	2020-01-20 15:31:24
172.94.53.130	attackspambots	Unauthorized connection attempt detected from IP address 172.94.53.130 to port 2220 [J]	2020-01-07 17:25:28
172.94.53.141	attackbots	SSH bruteforce	2019-12-25 14:15:18
172.94.53.145	attack	Nov 27 12:49:21 sachi sshd\[4523\]: Invalid user robert from 172.94.53.145 Nov 27 12:49:21 sachi sshd\[4523\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.145 Nov 27 12:49:23 sachi sshd\[4523\]: Failed password for invalid user robert from 172.94.53.145 port 57519 ssh2 Nov 27 12:58:45 sachi sshd\[5266\]: Invalid user admin from 172.94.53.145 Nov 27 12:58:45 sachi sshd\[5266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.145	2019-11-28 07:52:02
172.94.53.132	attackbots	Nov 23 20:08:39 hpm sshd\[7677\]: Invalid user server from 172.94.53.132 Nov 23 20:08:39 hpm sshd\[7677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.132 Nov 23 20:08:42 hpm sshd\[7677\]: Failed password for invalid user server from 172.94.53.132 port 37753 ssh2 Nov 23 20:16:42 hpm sshd\[8409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.132 user=root Nov 23 20:16:44 hpm sshd\[8409\]: Failed password for root from 172.94.53.132 port 56199 ssh2	2019-11-24 22:27:45
172.94.53.137	attack	Nov 22 06:41:52 tdfoods sshd\[8513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.137 user=root Nov 22 06:41:54 tdfoods sshd\[8513\]: Failed password for root from 172.94.53.137 port 48860 ssh2 Nov 22 06:49:14 tdfoods sshd\[9118\]: Invalid user endy from 172.94.53.137 Nov 22 06:49:14 tdfoods sshd\[9118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.94.53.137 Nov 22 06:49:16 tdfoods sshd\[9118\]: Failed password for invalid user endy from 172.94.53.137 port 38463 ssh2	2019-11-23 06:32:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.94.53.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21607
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;172.94.53.139.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092500 1800 900 604800 86400

;; Query time: 129 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 25 17:58:44 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 139.53.94.172.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.53.94.172.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
202.119.81.229	attackbotsspam	Mar 23 04:57:34 pornomens sshd\[15746\]: Invalid user babyboy from 202.119.81.229 port 47438 Mar 23 04:57:34 pornomens sshd\[15746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.81.229 Mar 23 04:57:37 pornomens sshd\[15746\]: Failed password for invalid user babyboy from 202.119.81.229 port 47438 ssh2 ...	2020-03-23 13:33:59
103.112.44.67	attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-03-23 13:18:33
111.229.202.53	attackspam	$f2bV_matches	2020-03-23 13:25:04
111.229.116.227	attack	20 attempts against mh-ssh on cloud	2020-03-23 13:25:24
91.193.150.69	attackbots	5555/tcp [2020-03-22]1pkt	2020-03-23 13:38:42
125.142.103.178	attack	23/tcp 23/tcp 23/tcp [2020-02-20/03-23]3pkt	2020-03-23 14:03:28
111.230.19.43	attackspam	Mar 22 23:57:37 plusreed sshd[26149]: Invalid user marvella from 111.230.19.43 ...	2020-03-23 13:35:05
110.137.83.135	attackspam	20/3/22@23:57:42: FAIL: Alarm-Network address from=110.137.83.135 20/3/22@23:57:42: FAIL: Alarm-Network address from=110.137.83.135 ...	2020-03-23 13:27:19
185.15.1.180	attack	unauthorized connection attempt	2020-03-23 13:45:37
49.233.192.233	attackspambots	$f2bV_matches	2020-03-23 13:28:05
223.71.167.163	attackspambots	Unauthorized connection attempt detected from IP address 223.71.167.163 to port 1080 [T]	2020-03-23 13:26:20
123.206.18.49	attackbotsspam	Mar 23 04:50:17 meumeu sshd[24847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.18.49 Mar 23 04:50:19 meumeu sshd[24847]: Failed password for invalid user py from 123.206.18.49 port 49052 ssh2 Mar 23 04:56:07 meumeu sshd[25515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.18.49 ...	2020-03-23 13:26:48
115.112.61.218	attackbotsspam	2020-03-23T02:04:18.324129xentho-1 sshd[30923]: Invalid user server from 115.112.61.218 port 47119 2020-03-23T02:04:20.343871xentho-1 sshd[30923]: Failed password for invalid user server from 115.112.61.218 port 47119 ssh2 2020-03-23T02:04:38.091834xentho-1 sshd[30928]: Invalid user sll from 115.112.61.218 port 39126 2020-03-23T02:04:38.097206xentho-1 sshd[30928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.112.61.218 2020-03-23T02:04:38.091834xentho-1 sshd[30928]: Invalid user sll from 115.112.61.218 port 39126 2020-03-23T02:04:40.189305xentho-1 sshd[30928]: Failed password for invalid user sll from 115.112.61.218 port 39126 ssh2 2020-03-23T02:04:45.848911xentho-1 sshd[30933]: Invalid user april from 115.112.61.218 port 39250 2020-03-23T02:04:45.854832xentho-1 sshd[30933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.112.61.218 2020-03-23T02:04:45.848911xentho-1 sshd[30933]: Invalid user apr ...	2020-03-23 14:06:38
141.8.183.63	attackbots	[Mon Mar 23 12:37:29.103889 2020] [:error] [pid 11438:tid 140082381903616] [client 141.8.183.63:43135] [client 141.8.183.63] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnhLGaN5UnZzmNRGTSXzBQAAAhw"] ...	2020-03-23 13:47:12
46.209.31.146	attack	-	2020-03-23 13:28:54

最近上报的IP列表

157.160.190.233	183.181.90.101	50.93.120.19	157.245.227.235
194.226.171.105	198.214.255.112	45.148.10.70	170.18.248.219
180.3.178.167	106.12.109.88	49.149.4.178	85.17.127.150
123.16.252.238	113.109.52.91	27.13.7.34	18.189.185.197
106.12.90.45	36.103.228.252	96.9.67.30	163.172.16.25