94.50.246.6 - IPInfo

基本信息:

城市(city): Yekaterinburg

省份(region): Sverdlovskaya Oblast'

国家(country): Russia

运营商(isp): OJSC Rostelecom

主机名(hostname): unknown

机构(organization): Rostelecom

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Aug 9 13:37:16 plusreed sshd[10391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.50.246.6 user=root Aug 9 13:37:19 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2 Aug 9 13:37:20 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2 Aug 9 13:37:16 plusreed sshd[10391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.50.246.6 user=root Aug 9 13:37:19 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2 Aug 9 13:37:20 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2 Aug 9 13:37:16 plusreed sshd[10391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.50.246.6 user=root Aug 9 13:37:19 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2 Aug 9 13:37:20 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2 A	2019-08-10 02:00:41

类型

评论内容

时间

attackbotsspam

Aug  9 13:37:16 plusreed sshd[10391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.50.246.6  user=root
Aug  9 13:37:19 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2
Aug  9 13:37:20 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2
Aug  9 13:37:16 plusreed sshd[10391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.50.246.6  user=root
Aug  9 13:37:19 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2
Aug  9 13:37:20 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2
Aug  9 13:37:16 plusreed sshd[10391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.50.246.6  user=root
Aug  9 13:37:19 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2
Aug  9 13:37:20 plusreed sshd[10391]: Failed password for root from 94.50.246.6 port 34589 ssh2
A

2019-08-10 02:00:41

相同子网IP讨论:

IP	类型	评论内容	时间
94.50.246.220	attackspam	Chat Spam	2019-10-26 13:27:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.50.246.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16211
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.50.246.6.			IN	A

;; AUTHORITY SECTION:
.			3251	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080902 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 10 02:00:29 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

6.246.50.94.in-addr.arpa domain name pointer ws6.246.50.zone94.zaural.ru.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
6.246.50.94.in-addr.arpa	name = ws6.246.50.zone94.zaural.ru.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
112.85.42.172	attackbotsspam	Aug 30 19:24:16 web9 sshd\[24225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root Aug 30 19:24:18 web9 sshd\[24225\]: Failed password for root from 112.85.42.172 port 28700 ssh2 Aug 30 19:24:28 web9 sshd\[24225\]: Failed password for root from 112.85.42.172 port 28700 ssh2 Aug 30 19:24:32 web9 sshd\[24225\]: Failed password for root from 112.85.42.172 port 28700 ssh2 Aug 30 19:24:38 web9 sshd\[24260\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root	2020-08-31 19:23:43
36.68.14.43	attack	1598845665 - 08/31/2020 05:47:45 Host: 36.68.14.43/36.68.14.43 Port: 445 TCP Blocked	2020-08-31 19:29:18
122.3.105.11	attacknormal	check	2020-08-31 19:33:40
45.95.168.96	attack	2020-08-31 13:03:18 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=newsletter@nophost.com\) 2020-08-31 13:03:18 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=newsletter@opso.it\) 2020-08-31 13:07:04 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=newsletter@nopcommerce.it\) 2020-08-31 13:08:45 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=newsletter@nophost.com\) 2020-08-31 13:08:45 dovecot_login authenticator failed for pr.predictams.live \(USER\) \[45.95.168.96\]: 535 Incorrect authentication data \(set_id=newsletter@opso.it\)	2020-08-31 19:15:30
185.66.233.61	attackbotsspam	185.66.233.61 - - [31/Aug/2020:12:46:03 +0200] "GET /wp-login.php HTTP/1.1" 200 8691 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.66.233.61 - - [31/Aug/2020:12:46:04 +0200] "POST /wp-login.php HTTP/1.1" 200 8921 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.66.233.61 - - [31/Aug/2020:12:46:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-31 19:03:36
5.188.62.25	attack	Hit on CMS login honeypot	2020-08-31 19:14:22
54.37.69.252	attack	Aug 31 07:10:51 rush sshd[19251]: Failed password for root from 54.37.69.252 port 43468 ssh2 Aug 31 07:13:55 rush sshd[19307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.69.252 Aug 31 07:13:57 rush sshd[19307]: Failed password for invalid user joker from 54.37.69.252 port 41012 ssh2 ...	2020-08-31 19:13:32
61.182.250.157	attack	Icarus honeypot on github	2020-08-31 19:35:42
200.111.150.116	attackbots	Icarus honeypot on github	2020-08-31 19:17:07
45.231.12.37	attackspambots	Aug 31 06:28:22 lnxded63 sshd[659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.231.12.37	2020-08-31 19:16:47
203.183.68.135	attack	Invalid user guest3 from 203.183.68.135 port 56346	2020-08-31 19:04:16
93.38.58.39	attackbotsspam	Scanning	2020-08-31 19:05:22
195.154.236.210	attackspam	195.154.236.210 - - \[31/Aug/2020:13:04:32 +0200\] "POST /wp-login.php HTTP/1.0" 200 5615 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 195.154.236.210 - - \[31/Aug/2020:13:04:35 +0200\] "POST /wp-login.php HTTP/1.0" 200 5435 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 195.154.236.210 - - \[31/Aug/2020:13:04:36 +0200\] "POST /wp-login.php HTTP/1.0" 200 5428 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-31 19:36:52
141.98.9.166	attackbots	2020-08-30 UTC: (4x) - admin(2x),ubnt(2x)	2020-08-31 19:02:44
186.12.194.36	attackspam	2020-08-30 22:34:18.100158-0500 localhost smtpd[33856]: NOQUEUE: reject: RCPT from unknown[186.12.194.36]: 554 5.7.1 Service unavailable; Client host [186.12.194.36] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/186.12.194.36; from= to= proto=ESMTP helo=	2020-08-31 19:20:08

最近上报的IP列表

200.156.115.232	110.179.214.35	143.250.44.187	117.107.127.92
4.106.19.135	59.138.58.156	156.35.23.190	104.87.218.33
206.33.56.122	217.105.242.219	76.251.193.139	139.196.153.220
133.175.82.88	56.141.125.134	139.190.212.205	129.226.70.13
175.243.130.132	179.149.34.72	168.167.79.121	74.145.225.157