94.245.132.120

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
94.245.132.136	attackbotsspam	Unauthorized connection attempt detected from IP address 94.245.132.136 to port 81 [T]	2020-08-16 02:08:22
94.245.132.131	attackspambots	Feb 21 05:53:22 grey postfix/smtpd\[16111\]: NOQUEUE: reject: RCPT from unknown\[94.245.132.131\]: 554 5.7.1 Service unavailable\; Client host \[94.245.132.131\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[94.245.132.131\]\; from=\ to=\ proto=SMTP helo=\ ...	2020-02-21 17:06:32
94.245.132.239	attack	unauthorized connection attempt	2020-01-28 17:40:08

类型

评论内容

时间

94.245.132.136

attackbotsspam

Unauthorized connection attempt detected from IP address 94.245.132.136 to port 81 [T]

2020-08-16 02:08:22

94.245.132.131

attackspambots

Feb 21 05:53:22 grey postfix/smtpd\[16111\]: NOQUEUE: reject: RCPT from unknown\[94.245.132.131\]: 554 5.7.1 Service unavailable\; Client host \[94.245.132.131\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[94.245.132.131\]\; from=\ to=\ proto=SMTP helo=\
...

2020-02-21 17:06:32

94.245.132.239

attack

unauthorized connection attempt

2020-01-28 17:40:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.245.132.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40129
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;94.245.132.120.			IN	A

;; AUTHORITY SECTION:
.			581	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 200 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 12:04:44 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 120.132.245.94.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 120.132.245.94.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
91.198.175.4	attackbots	[portscan] Port scan	2019-08-15 14:16:54
51.68.143.26	attackspam	Automatic report - Banned IP Access	2019-08-15 13:51:07
183.2.196.100	attackbots	Aug 15 06:29:57 game-panel sshd[22638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.2.196.100 Aug 15 06:29:58 game-panel sshd[22638]: Failed password for invalid user bl@mm0 from 183.2.196.100 port 46340 ssh2 Aug 15 06:33:19 game-panel sshd[22776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.2.196.100	2019-08-15 14:41:25
115.88.201.58	attack	Aug 15 02:51:31 lnxweb61 sshd[3472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.88.201.58	2019-08-15 14:00:07
185.2.5.24	attack	185.2.5.24 - - [15/Aug/2019:06:15:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "POST /wp-login.php HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:58 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:58 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-15 14:30:21
201.178.65.68	attackbotsspam	Honeypot attack, port: 23, PTR: 201-178-65-68.speedy.com.ar.	2019-08-15 14:36:33
46.166.170.2	attack	#32745 - [46.166.170.2] Error: 550 5.7.1 Forged HELO hostname detected #32745 - [46.166.170.2] Error: 550 5.7.1 Forged HELO hostname detected #32745 - [46.166.170.2] Error: 550 5.7.1 Forged HELO hostname detected #32745 - [46.166.170.2] Error: 550 5.7.1 Forged HELO hostname detected ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=46.166.170.2	2019-08-15 14:12:38
196.250.32.37	attack	Aug 15 05:22:11 debian sshd\[9223\]: Invalid user elena from 196.250.32.37 port 33732 Aug 15 05:22:11 debian sshd\[9223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.250.32.37 ...	2019-08-15 13:53:14
223.247.8.232	attackspam	Aug 15 01:18:05 h2421860 postfix/postscreen[2157]: CONNECT from [223.247.8.232]:63860 to [85.214.119.52]:25 Aug 15 01:18:05 h2421860 postfix/dnsblog[2165]: addr 223.247.8.232 listed by domain zen.spamhaus.org as 127.0.0.11 Aug 15 01:18:05 h2421860 postfix/dnsblog[2165]: addr 223.247.8.232 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 15 01:18:05 h2421860 postfix/dnsblog[2166]: addr 223.247.8.232 listed by domain Unknown.trblspam.com as 185.53.179.7 Aug 15 01:18:05 h2421860 postfix/dnsblog[2165]: addr 223.247.8.232 listed by domain dnsbl.sorbs.net as 127.0.0.10 Aug 15 01:18:05 h2421860 postfix/dnsblog[2162]: addr 223.247.8.232 listed by domain b.barracudacentral.org as 127.0.0.2 Aug 15 01:18:11 h2421860 postfix/postscreen[2157]: DNSBL rank 7 for [223.247.8.232]:63860 Aug x@x Aug 15 01:18:12 h2421860 postfix/postscreen[2157]: HANGUP after 0.96 from [223.247.8.232]:63860 in tests after SMTP handshake Aug 15 01:18:12 h2421860 postfix/postscreen[2157]: DISCONNECT [223.2........ -------------------------------	2019-08-15 14:31:17
79.190.119.50	attack	Aug 15 08:10:51 server sshd\[29172\]: Invalid user bong from 79.190.119.50 port 58562 Aug 15 08:10:51 server sshd\[29172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.190.119.50 Aug 15 08:10:53 server sshd\[29172\]: Failed password for invalid user bong from 79.190.119.50 port 58562 ssh2 Aug 15 08:15:42 server sshd\[25559\]: Invalid user brock from 79.190.119.50 port 50152 Aug 15 08:15:42 server sshd\[25559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.190.119.50	2019-08-15 14:14:25
162.197.47.156	attack	2019-08-15T07:58:53.943560 sshd[19636]: Invalid user adonix from 162.197.47.156 port 47878 2019-08-15T07:58:53.956740 sshd[19636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.197.47.156 2019-08-15T07:58:53.943560 sshd[19636]: Invalid user adonix from 162.197.47.156 port 47878 2019-08-15T07:58:55.791862 sshd[19636]: Failed password for invalid user adonix from 162.197.47.156 port 47878 ssh2 2019-08-15T08:06:31.102477 sshd[19751]: Invalid user manas from 162.197.47.156 port 58582 ...	2019-08-15 14:08:54
198.108.67.81	attack	firewall-block, port(s): 5555/tcp	2019-08-15 13:53:39
197.155.115.57	attack	Aug 15 07:28:56 tuxlinux sshd[57849]: Invalid user pi from 197.155.115.57 port 39696 Aug 15 07:28:56 tuxlinux sshd[57851]: Invalid user pi from 197.155.115.57 port 39698 Aug 15 07:28:56 tuxlinux sshd[57851]: Invalid user pi from 197.155.115.57 port 39698 Aug 15 07:28:56 tuxlinux sshd[57851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.155.115.57 Aug 15 07:28:56 tuxlinux sshd[57849]: Invalid user pi from 197.155.115.57 port 39696 Aug 15 07:28:56 tuxlinux sshd[57849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.155.115.57 ...	2019-08-15 13:59:15
162.243.145.134	attack	" "	2019-08-15 14:44:12
14.186.212.97	attackbotsspam	Lines containing failures of 14.186.212.97 Aug 15 01:15:00 srv02 sshd[15111]: Invalid user admin from 14.186.212.97 port 46201 Aug 15 01:15:00 srv02 sshd[15111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.186.212.97 Aug 15 01:15:02 srv02 sshd[15111]: Failed password for invalid user admin from 14.186.212.97 port 46201 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.186.212.97	2019-08-15 14:11:07

最近上报的IP列表

94.249.34.240	94.25.173.177	94.249.79.224	94.25.177.167
94.251.34.159	94.25.188.239	94.254.223.16	94.251.19.114
94.254.238.54	94.255.236.108	94.26.78.131	94.25.180.173
94.28.132.25	94.26.43.208	94.28.233.127	94.31.82.242
94.41.100.52	94.38.145.8	94.41.9.4	94.32.206.225