94.21.75.63 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hungary

运营商(isp): DIGI Tavkozlesi es Szolgaltato Kft.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH-bruteforce attempts	2019-12-11 02:02:59

相同子网IP讨论:

IP	类型	评论内容	时间
94.21.75.55	attackbotsspam	Jun 27 02:16:37 mail sshd[1883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-75-55.pool.digikabel.hu Jun 27 02:16:39 mail sshd[1883]: Failed password for invalid user cisco from 94.21.75.55 port 42397 ssh2 Jun 27 02:16:39 mail sshd[1883]: Received disconnect from 94.21.75.55: 11: Bye Bye [preauth] Jun 27 02:19:54 mail sshd[2337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-75-55.pool.digikabel.hu ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.21.75.55	2019-06-30 15:49:17
94.21.75.55	attackbots	Jun 28 22:11:47 Tower sshd[4877]: Connection from 94.21.75.55 port 39900 on 192.168.10.220 port 22 Jun 28 22:11:48 Tower sshd[4877]: Invalid user test from 94.21.75.55 port 39900 Jun 28 22:11:48 Tower sshd[4877]: error: Could not get shadow information for NOUSER Jun 28 22:11:48 Tower sshd[4877]: Failed password for invalid user test from 94.21.75.55 port 39900 ssh2 Jun 28 22:11:48 Tower sshd[4877]: Received disconnect from 94.21.75.55 port 39900:11: Bye Bye [preauth] Jun 28 22:11:48 Tower sshd[4877]: Disconnected from invalid user test 94.21.75.55 port 39900 [preauth]	2019-06-29 14:36:36

类型

评论内容

时间

94.21.75.55

attackbotsspam

Jun 27 02:16:37 mail sshd[1883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-75-55.pool.digikabel.hu
Jun 27 02:16:39 mail sshd[1883]: Failed password for invalid user cisco from 94.21.75.55 port 42397 ssh2
Jun 27 02:16:39 mail sshd[1883]: Received disconnect from 94.21.75.55: 11: Bye Bye [preauth]
Jun 27 02:19:54 mail sshd[2337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94-21-75-55.pool.digikabel.hu


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=94.21.75.55

2019-06-30 15:49:17

94.21.75.55

attackbots

Jun 28 22:11:47 Tower sshd[4877]: Connection from 94.21.75.55 port 39900 on 192.168.10.220 port 22
Jun 28 22:11:48 Tower sshd[4877]: Invalid user test from 94.21.75.55 port 39900
Jun 28 22:11:48 Tower sshd[4877]: error: Could not get shadow information for NOUSER
Jun 28 22:11:48 Tower sshd[4877]: Failed password for invalid user test from 94.21.75.55 port 39900 ssh2
Jun 28 22:11:48 Tower sshd[4877]: Received disconnect from 94.21.75.55 port 39900:11: Bye Bye [preauth]
Jun 28 22:11:48 Tower sshd[4877]: Disconnected from invalid user test 94.21.75.55 port 39900 [preauth]

2019-06-29 14:36:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.21.75.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53624
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.21.75.63.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121001 1800 900 604800 86400

;; Query time: 140 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 11 02:02:56 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

63.75.21.94.in-addr.arpa domain name pointer 94-21-75-63.pool.digikabel.hu.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
63.75.21.94.in-addr.arpa	name = 94-21-75-63.pool.digikabel.hu.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
183.177.101.122	attack	Unauthorized connection attempt from IP address 183.177.101.122 on Port 445(SMB)	2020-05-25 22:22:18
51.91.247.125	attackspambots	TCP (SYN) 51.91.247.125:44559 -> port 9444, len 44	2020-05-25 22:14:50
198.71.239.49	attackspambots	Wordpress_xmlrpc_attack	2020-05-25 22:12:13
50.63.196.119	attackbotsspam	Wordpress_xmlrpc_attack	2020-05-25 22:04:52
51.89.165.2	attackbots	Drupal Core Remote Code Execution Vulnerability, PTR: 2.ip-51-89-165.eu.	2020-05-25 21:45:13
50.63.196.59	attackbotsspam	Wordpress_xmlrpc_attack	2020-05-25 22:01:45
87.103.120.250	attackspam	odoo8 ...	2020-05-25 22:11:26
184.168.27.26	attackbots	Wordpress_xmlrpc_attack	2020-05-25 22:17:38
51.38.190.24	attackspambots	WordPress Login Brute Force Attempt, PTR: 24.ip-51-38-190.eu.	2020-05-25 22:01:17
184.168.46.202	attackspambots	Wordpress_xmlrpc_attack	2020-05-25 22:15:18
184.168.193.72	attack	Wordpress_xmlrpc_attack	2020-05-25 22:17:08
152.0.194.2	attackspam	May 25 14:36:42 ns381471 sshd[27688]: Failed password for root from 152.0.194.2 port 44050 ssh2	2020-05-25 21:43:58
175.143.52.101	attackbots	May 25 15:49:52 OPSO sshd\[8756\]: Invalid user news from 175.143.52.101 port 45632 May 25 15:49:52 OPSO sshd\[8756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.143.52.101 May 25 15:49:54 OPSO sshd\[8756\]: Failed password for invalid user news from 175.143.52.101 port 45632 ssh2 May 25 15:53:27 OPSO sshd\[9321\]: Invalid user tibero from 175.143.52.101 port 38430 May 25 15:53:27 OPSO sshd\[9321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.143.52.101	2020-05-25 21:55:51
203.150.228.128	attackbots	Wordpress_xmlrpc_attack	2020-05-25 22:11:42
51.75.25.12	attack	detected by Fail2Ban	2020-05-25 21:53:27

最近上报的IP列表

225.25.205.63	60.33.212.221	65.111.78.232	162.58.23.126
130.84.31.249	160.166.7.133	19.106.211.37	179.66.13.48
39.75.47.56	107.199.124.207	31.69.186.48	41.55.187.65
230.17.153.135	171.109.120.211	116.239.106.193	89.97.0.61
177.214.1.40	106.75.76.139	223.111.150.115	61.118.238.68