5.140.70.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): OJSC Rostelecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 5.140.70.94 on Port 445(SMB)	2019-06-29 20:40:30

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.140.70.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10126
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.140.70.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 20:40:18 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 94.70.140.5.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 94.70.140.5.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
188.148.11.144	attackspambots	Honeypot attack, port: 5555, PTR: c188-148-11-144.bredband.comhem.se.	2020-07-06 01:07:39
111.67.199.188	attackbots	2020-07-05T17:44:08.331412vps751288.ovh.net sshd\[30348\]: Invalid user www from 111.67.199.188 port 55304 2020-07-05T17:44:08.340124vps751288.ovh.net sshd\[30348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.199.188 2020-07-05T17:44:10.459574vps751288.ovh.net sshd\[30348\]: Failed password for invalid user www from 111.67.199.188 port 55304 ssh2 2020-07-05T17:47:00.979610vps751288.ovh.net sshd\[30370\]: Invalid user mircea from 111.67.199.188 port 33360 2020-07-05T17:47:00.989062vps751288.ovh.net sshd\[30370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.199.188	2020-07-06 00:48:51
212.70.149.18	attack	Jul 5 17:32:09 blackbee postfix/smtpd[3046]: warning: unknown[212.70.149.18]: SASL LOGIN authentication failed: authentication failure Jul 5 17:32:54 blackbee postfix/smtpd[3046]: warning: unknown[212.70.149.18]: SASL LOGIN authentication failed: authentication failure Jul 5 17:33:42 blackbee postfix/smtpd[3046]: warning: unknown[212.70.149.18]: SASL LOGIN authentication failed: authentication failure Jul 5 17:34:28 blackbee postfix/smtpd[3046]: warning: unknown[212.70.149.18]: SASL LOGIN authentication failed: authentication failure Jul 5 17:35:14 blackbee postfix/smtpd[3046]: warning: unknown[212.70.149.18]: SASL LOGIN authentication failed: authentication failure ...	2020-07-06 00:39:21
156.236.118.70	attackspam	21 attempts against mh-ssh on creek	2020-07-06 00:56:57
132.148.165.216	attackbots	2020-07-05T12:36:19.284954shield sshd\[14494\]: Invalid user update from 132.148.165.216 port 33952 2020-07-05T12:36:19.289031shield sshd\[14494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-132-148-165-216.ip.secureserver.net 2020-07-05T12:36:21.041180shield sshd\[14494\]: Failed password for invalid user update from 132.148.165.216 port 33952 ssh2 2020-07-05T12:39:33.884172shield sshd\[15024\]: Invalid user cdk from 132.148.165.216 port 33062 2020-07-05T12:39:33.887809shield sshd\[15024\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-132-148-165-216.ip.secureserver.net	2020-07-06 00:46:43
115.134.221.236	attackbots	$f2bV_matches	2020-07-06 01:01:56
36.67.167.242	attackspam	Jul 5 11:26:06 r.ca sshd[21709]: Failed password for invalid user postgres from 36.67.167.242 port 44572 ssh2	2020-07-06 00:50:51
218.92.0.175	attackbotsspam	Jul 5 21:40:10 gw1 sshd[7194]: Failed password for root from 218.92.0.175 port 27641 ssh2 Jul 5 21:40:22 gw1 sshd[7194]: Failed password for root from 218.92.0.175 port 27641 ssh2 ...	2020-07-06 01:00:31
179.108.254.41	attackbotsspam	Honeypot attack, port: 445, PTR: bbc254-41.bbctech.psi.br.	2020-07-06 00:29:43
82.65.104.195	attack	Lines containing failures of 82.65.104.195 Jul 2 23:20:58 shared05 sshd[17638]: Invalid user pi from 82.65.104.195 port 52140 Jul 2 23:20:58 shared05 sshd[17638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.65.104.195 Jul 2 23:20:58 shared05 sshd[17640]: Invalid user pi from 82.65.104.195 port 52144 Jul 2 23:20:58 shared05 sshd[17640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.65.104.195 Jul 2 23:20:59 shared05 sshd[17638]: Failed password for invalid user pi from 82.65.104.195 port 52140 ssh2 Jul 2 23:20:59 shared05 sshd[17638]: Connection closed by invalid user pi 82.65.104.195 port 52140 [preauth] Jul 2 23:20:59 shared05 sshd[17640]: Failed password for invalid user pi from 82.65.104.195 port 52144 ssh2 Jul 2 23:20:59 shared05 sshd[17640]: Connection closed by invalid user pi 82.65.104.195 port 52144 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.htm	2020-07-06 01:17:39
37.49.224.39	attackspambots	Jul 5 18:26:09 vps333114 sshd[32547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.49.224.39 user=root Jul 5 18:26:11 vps333114 sshd[32547]: Failed password for root from 37.49.224.39 port 54066 ssh2 ...	2020-07-06 00:51:48
187.133.151.31	attack	Honeypot attack, port: 445, PTR: dsl-187-133-151-31-dyn.prod-infinitum.com.mx.	2020-07-06 00:39:57
167.99.183.237	attack	SSH Brute-Force Attack	2020-07-06 01:11:12
150.109.45.228	attackspambots	Jul 5 14:14:16 server sshd[64903]: Failed password for invalid user newuser from 150.109.45.228 port 50276 ssh2 Jul 5 14:18:54 server sshd[3311]: Failed password for invalid user sinusbot from 150.109.45.228 port 60154 ssh2 Jul 5 14:23:24 server sshd[7174]: Failed password for invalid user node from 150.109.45.228 port 41838 ssh2	2020-07-06 01:03:43
46.243.186.20	attack	Jul 4 05:01:49 vdcadm1 sshd[14125]: Did not receive identification string from 46.243.186.20 Jul 4 05:01:49 vdcadm1 sshd[14127]: Invalid user admin from 46.243.186.20 Jul 4 05:01:49 vdcadm1 sshd[14128]: Received disconnect from 46.243.186.20: 11: Bye Bye Jul 4 05:01:50 vdcadm1 sshd[14129]: Invalid user support from 46.243.186.20 Jul 4 05:01:50 vdcadm1 sshd[14130]: Received disconnect from 46.243.186.20: 11: Bye Bye Jul 4 05:01:50 vdcadm1 sshd[14131]: Invalid user admin from 46.243.186.20 Jul 4 05:01:50 vdcadm1 sshd[14132]: Received disconnect from 46.243.186.20: 11: Bye Bye Jul 4 05:01:50 vdcadm1 sshd[14133]: Invalid user pi from 46.243.186.20 Jul 4 05:01:50 vdcadm1 sshd[14134]: Received disconnect from 46.243.186.20: 11: Bye Bye Jul 4 05:01:51 vdcadm1 sshd[14135]: Invalid user admin from 46.243.186.20 Jul 4 05:01:51 vdcadm1 sshd[14136]: Received disconnect from 46.243.186.20: 11: Bye Bye Jul 4 05:01:51 vdcadm1 sshd[14137]: Invalid user admin from 46.243.186........ -------------------------------	2020-07-06 00:29:12

最近上报的IP列表

80.178.145.8	187.113.196.68	176.38.218.92	82.199.101.101
203.175.73.186	117.201.176.13	14.231.140.100	114.45.159.133
49.146.8.27	159.89.162.11	85.107.40.199	167.250.96.201
36.68.160.163	210.51.190.236	132.148.106.24	200.33.88.212
117.92.16.207	191.53.196.243	203.201.60.134	167.250.219.204