94.140.123.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Latvia

运营商(isp): Makonix SIA

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	3389BruteforceFW21	2019-08-02 06:44:58

相同子网IP讨论:

IP	类型	评论内容	时间
94.140.123.75	attackspam	3389BruteforceFW23	2019-08-02 06:47:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.140.123.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33480
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.140.123.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 06:44:53 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.123.140.94.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 52.123.140.94.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
137.59.162.169	attack	Jul 12 01:07:42 vtv3 sshd\[17486\]: Invalid user felix from 137.59.162.169 port 52312 Jul 12 01:07:42 vtv3 sshd\[17486\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.59.162.169 Jul 12 01:07:43 vtv3 sshd\[17486\]: Failed password for invalid user felix from 137.59.162.169 port 52312 ssh2 Jul 12 01:17:35 vtv3 sshd\[22427\]: Invalid user central from 137.59.162.169 port 53404 Jul 12 01:17:35 vtv3 sshd\[22427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.59.162.169 Jul 12 01:57:19 vtv3 sshd\[9605\]: Invalid user steph from 137.59.162.169 port 57782 Jul 12 01:57:19 vtv3 sshd\[9605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.59.162.169 Jul 12 01:57:21 vtv3 sshd\[9605\]: Failed password for invalid user steph from 137.59.162.169 port 57782 ssh2 Jul 12 02:07:10 vtv3 sshd\[14508\]: Invalid user aaa from 137.59.162.169 port 58875 Jul 12 02:07:10 vtv3 sshd\[14508\]:	2019-07-13 06:17:04
174.138.6.123	attack	Jul 12 20:26:35 MK-Soft-VM6 sshd\[21829\]: Invalid user www from 174.138.6.123 port 35034 Jul 12 20:26:35 MK-Soft-VM6 sshd\[21829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.6.123 Jul 12 20:26:36 MK-Soft-VM6 sshd\[21829\]: Failed password for invalid user www from 174.138.6.123 port 35034 ssh2 ...	2019-07-13 06:03:32
94.176.76.230	attackbotsspam	(Jul 12) LEN=40 TTL=244 ID=39679 DF TCP DPT=23 WINDOW=14600 SYN (Jul 12) LEN=40 TTL=244 ID=32568 DF TCP DPT=23 WINDOW=14600 SYN (Jul 12) LEN=40 TTL=244 ID=27142 DF TCP DPT=23 WINDOW=14600 SYN (Jul 12) LEN=40 TTL=244 ID=12171 DF TCP DPT=23 WINDOW=14600 SYN (Jul 12) LEN=40 TTL=244 ID=52972 DF TCP DPT=23 WINDOW=14600 SYN (Jul 12) LEN=40 TTL=244 ID=59112 DF TCP DPT=23 WINDOW=14600 SYN (Jul 12) LEN=40 TTL=244 ID=33219 DF TCP DPT=23 WINDOW=14600 SYN (Jul 12) LEN=40 TTL=244 ID=23701 DF TCP DPT=23 WINDOW=14600 SYN (Jul 12) LEN=40 TTL=244 ID=8284 DF TCP DPT=23 WINDOW=14600 SYN (Jul 11) LEN=40 TTL=244 ID=735 DF TCP DPT=23 WINDOW=14600 SYN (Jul 11) LEN=40 TTL=244 ID=36329 DF TCP DPT=23 WINDOW=14600 SYN (Jul 11) LEN=40 TTL=244 ID=176 DF TCP DPT=23 WINDOW=14600 SYN (Jul 11) LEN=40 TTL=244 ID=1251 DF TCP DPT=23 WINDOW=14600 SYN (Jul 11) LEN=40 TTL=244 ID=17879 DF TCP DPT=23 WINDOW=14600 SYN (Jul 11) LEN=40 TTL=244 ID=40380 DF TCP DPT=23 WINDOW=14600 SYN ...	2019-07-13 06:25:52
94.60.177.85	attackbotsspam	Jul 12 21:51:42 tux postfix/smtpd[31571]: connect from 85.177.60.94.rev.vodafone.pt[94.60.177.85] Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.60.177.85	2019-07-13 06:10:33
92.222.92.114	attack	Jul 12 22:01:44 mail sshd\[24560\]: Invalid user rabbitmq from 92.222.92.114 port 39116 Jul 12 22:01:44 mail sshd\[24560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.92.114 Jul 12 22:01:46 mail sshd\[24560\]: Failed password for invalid user rabbitmq from 92.222.92.114 port 39116 ssh2 Jul 12 22:06:32 mail sshd\[25269\]: Invalid user user8 from 92.222.92.114 port 40950 Jul 12 22:06:32 mail sshd\[25269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.92.114	2019-07-13 06:36:09
51.254.123.127	attackspam	2019-07-12T22:03:09.203188 sshd[3178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.127 user=root 2019-07-12T22:03:10.575775 sshd[3178]: Failed password for root from 51.254.123.127 port 39357 ssh2 2019-07-12T22:07:55.685055 sshd[3219]: Invalid user anthony from 51.254.123.127 port 40046 2019-07-12T22:07:55.701057 sshd[3219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.127 2019-07-12T22:07:55.685055 sshd[3219]: Invalid user anthony from 51.254.123.127 port 40046 2019-07-12T22:07:58.002201 sshd[3219]: Failed password for invalid user anthony from 51.254.123.127 port 40046 ssh2 ...	2019-07-13 05:53:01
162.247.74.217	attackbotsspam	Jul 12 20:08:05 thevastnessof sshd[2644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.247.74.217 ...	2019-07-13 05:51:21
14.207.98.19	attackspambots	Jul 12 21:53:46 xxxxxxx sshd[2109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mx-ll-14.207.98-19.dynamic.3bb.co.th Jul 12 21:53:48 xxxxxxx sshd[2109]: Failed password for invalid user admin from 14.207.98.19 port 58144 ssh2 Jul 12 21:53:49 xxxxxxx sshd[2109]: Connection closed by 14.207.98.19 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.207.98.19	2019-07-13 06:20:58
137.59.56.155	attackspam	Jul 12 21:51:36 rigel postfix/smtpd[6019]: connect from unknown[137.59.56.155] Jul 12 21:51:38 rigel postfix/smtpd[6019]: warning: unknown[137.59.56.155]: SASL CRAM-MD5 authentication failed: authentication failure Jul 12 21:51:39 rigel postfix/smtpd[6019]: warning: unknown[137.59.56.155]: SASL PLAIN authentication failed: authentication failure Jul 12 21:51:40 rigel postfix/smtpd[6019]: warning: unknown[137.59.56.155]: SASL LOGIN authentication failed: authentication failure Jul 12 21:51:40 rigel postfix/smtpd[6019]: disconnect from unknown[137.59.56.155] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=137.59.56.155	2019-07-13 06:08:39
216.244.66.246	attackspam	login attempts	2019-07-13 06:09:18
45.13.39.18	attackbotsspam	2019-07-11 19:16:29 -> 2019-07-12 23:03:22 : 2653 login attempts (45.13.39.18)	2019-07-13 05:53:19
137.226.113.35	attackspambots	EventTime:Sat Jul 13 06:07:07 AEST 2019,Protocol:UDP,VendorEventCode:RT_FLOW_SESSION_DENY,TargetPort:53,SourceIP:137.226.113.35,SourcePort:1443	2019-07-13 06:11:57
51.38.234.54	attackspambots	Invalid user robin from 51.38.234.54 port 47870 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.234.54 Failed password for invalid user robin from 51.38.234.54 port 47870 ssh2 Invalid user hmsftp from 51.38.234.54 port 49224 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.234.54	2019-07-13 06:14:11
185.218.70.160	attackspambots	" "	2019-07-13 06:28:51
58.220.51.158	attackbotsspam	20 attempts against mh-ssh on milky.magehost.pro	2019-07-13 06:19:36

最近上报的IP列表

107.255.5.198	14.115.104.89	217.131.111.86	194.44.180.71
221.187.168.88	77.42.114.185	201.250.80.49	175.142.13.117
180.126.20.42	14.235.236.129	79.235.178.178	111.246.7.39
58.58.188.47	60.177.89.242	147.135.116.69	80.211.183.209
172.217.69.67	189.203.43.10	111.250.181.218	124.112.178.8