94.139.113.19 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): JSC Interkoopbank

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-04 17:13:17
attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 12:36:53,955 INFO [shellcode_manager] (94.139.113.19) no match, writing hexdump (fff9f0e2822920957a20afc451b90dde :2227066) - MS17010 (EternalBlue)	2019-07-09 19:43:35

类型

评论内容

时间

attackspam

Honeypot attack, port: 445, PTR: PTR record not found

2020-01-04 17:13:17

attackspambots

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 12:36:53,955 INFO [shellcode_manager] (94.139.113.19) no match, writing hexdump (fff9f0e2822920957a20afc451b90dde :2227066) - MS17010 (EternalBlue)

2019-07-09 19:43:35

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.139.113.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63378
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.139.113.19.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 19:43:16 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 19.113.139.94.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.113.139.94.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
140.86.12.31	attack	Feb 7 02:27:08 server sshd\[3910\]: Invalid user krc from 140.86.12.31 Feb 7 02:27:08 server sshd\[3910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=oc-140-86-12-31.compute.oraclecloud.com Feb 7 02:27:10 server sshd\[3910\]: Failed password for invalid user krc from 140.86.12.31 port 23902 ssh2 Feb 7 02:42:49 server sshd\[6516\]: Invalid user imw from 140.86.12.31 Feb 7 02:42:49 server sshd\[6516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=oc-140-86-12-31.compute.oraclecloud.com ...	2020-02-07 08:46:29
14.186.38.184	attackspam	lfd: (smtpauth) Failed SMTP AUTH login from 14.186.38.184 (VN/Vietnam/static.vnpt.vn): 5 in the last 3600 secs - Tue Dec 25 17:48:30 2018	2020-02-07 09:10:51
185.39.11.28	attackspam	Feb 7 00:38:22 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session= Feb 7 00:39:06 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session= Feb 7 00:39:47 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session= Feb 7 00:41:43 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session= Feb 7 00:41:53 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=185.39.11.28, lip=207.180.241.50, session=	2020-02-07 09:12:04
122.51.31.60	attackspambots	SASL PLAIN auth failed: ruser=...	2020-02-07 09:01:58
173.249.49.120	attackspam	$f2bV_matches	2020-02-07 09:12:31
14.231.128.45	attackspambots	2020-02-0701:19:541izrNB-0008Ci-5k\<=info@whatsup2013.chH=$localhost$[222.252.105.150]:56951P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2241id=7E7BCD9E95416FDC00054CF400D04DB4@whatsup2013.chT="maybeit'sfate"forsteverogers843@yahoo.com2020-02-0701:24:461izrRt-0008N4-E3\<=info@whatsup2013.chH=$localhost$[14.231.128.45]:44230P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2202id=7A7FC99A91456BD8040148F0048BFB52@whatsup2013.chT="girllikearainbow"formaeceohill@gmail.com2020-02-0701:21:111izrOR-0008Fn-13\<=info@whatsup2013.chH=$localhost$[5.187.46.152]:60775P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2122id=C2C7712229FDD360BCB9F048BC58A7CF@whatsup2013.chT="Iwantsomethingbeautiful"formohamediqbalpatel@gmail.com2020-02-0701:24:151izrRO-0008Ls-Sv\<=info@whatsup2013.chH=$localhost$[171.242.233.84]:51697P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_	2020-02-07 08:55:43
37.75.121.153	attackbotsspam	2020-02-0620:52:391iznCZ-0006xY-IU\<=verena@rs-solution.chH=$localhost$[37.75.121.153]:56015P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2180id=A0A513404B9FB102DEDB922ADE8CDAFB@rs-solution.chT="maybeit'sfate"forchiraq020@gmail.com2020-02-0620:54:101iznE1-00071t-Vc\<=verena@rs-solution.chH=$localhost$[156.202.158.249]:35801P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2149id=E6E355060DD9F744989DD46C98547314@rs-solution.chT="Ihopeyouareadecentperson"forlawrencebrenden194@yahoo.com2020-02-0620:53:421iznDZ-00070B-LB\<=verena@rs-solution.chH=$localhost$[14.231.128.45]:60459P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2210id=F8FD4B1813C7E95A8683CA72867DE42E@rs-solution.chT="Ihopeyouareadecentperson"forrochelldenika@yahoo.com2020-02-0620:53:131iznD6-0006yl-8R\<=verena@rs-solution.chH=$localhost$[120.6.85.147]:64898P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA3	2020-02-07 08:59:59
218.93.21.194	attack	lfd: (smtpauth) Failed SMTP AUTH login from 218.93.21.194 (CN/China/-): 5 in the last 3600 secs - Tue Dec 25 17:52:46 2018	2020-02-07 09:07:52
41.35.230.81	attack	lfd: (smtpauth) Failed SMTP AUTH login from 41.35.230.81 (EG/Egypt/host-41.35.230.81.tedata.net): 5 in the last 3600 secs - Tue Dec 25 17:49:06 2018	2020-02-07 09:10:30
175.211.241.123	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 175.211.241.123 (KR/Republic of Korea/-): 5 in the last 3600 secs - Tue Dec 25 12:27:25 2018	2020-02-07 09:11:13
180.121.133.64	attackspam	lfd: (smtpauth) Failed SMTP AUTH login from 180.121.133.64 (-): 5 in the last 3600 secs - Wed Dec 26 09:54:38 2018	2020-02-07 08:59:04
14.177.29.243	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 14.177.29.243 (VN/Vietnam/static.vnpt.vn): 5 in the last 3600 secs - Tue Dec 25 18:00:03 2018	2020-02-07 09:04:42
113.167.175.8	attack	lfd: (smtpauth) Failed SMTP AUTH login from 113.167.175.8 (VN/Vietnam/static.vnpt.vn): 5 in the last 3600 secs - Thu Dec 27 14:35:54 2018	2020-02-07 08:42:54
129.28.193.154	attack	2019-12-12T12:24:10.853855suse-nuc sshd[2035]: Invalid user sanat from 129.28.193.154 port 33926 ...	2020-02-07 08:42:22
51.89.28.247	attack	Feb 6 20:54:21 srv206 sshd[13356]: Invalid user rym from 51.89.28.247 Feb 6 20:54:21 srv206 sshd[13356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip247.ip-51-89-28.eu Feb 6 20:54:21 srv206 sshd[13356]: Invalid user rym from 51.89.28.247 Feb 6 20:54:24 srv206 sshd[13356]: Failed password for invalid user rym from 51.89.28.247 port 49558 ssh2 ...	2020-02-07 08:50:23

最近上报的IP列表

231.116.188.242	173.50.5.148	187.107.64.63	144.102.45.100
255.25.221.148	170.0.125.177	89.238.139.209	85.236.5.254
143.211.193.25	198.71.231.35	91.121.67.31	23.1.1.130
191.27.94.181	191.53.236.100	86.137.113.84	140.180.197.32
65.52.162.185	35.40.154.252	190.104.46.111	77.40.61.206