94.180.25.139 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: JSC ER-Telecom Holding

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Port probing on unauthorized port 23	2020-10-06 06:26:51
attackbotsspam	Port probing on unauthorized port 23	2020-10-05 22:33:51
attack	Port scan denied	2020-10-05 14:28:29

Comments on same subnet:

IP	Type	Details	Datetime
94.180.25.152	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-07 00:42:34
94.180.25.152	attack	TCP (SYN) 94.180.25.152:52445 -> port 23, len 40	2020-10-06 16:33:38
94.180.25.15	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-05 07:22:42
94.180.25.213	attackspambots	firewall-block, port(s): 23/tcp	2020-10-05 06:28:25
94.180.25.15	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-04 23:36:23
94.180.25.213	attack	firewall-block, port(s): 23/tcp	2020-10-04 22:29:50
94.180.25.15	attackbots	23/tcp [2020-10-03]1pkt	2020-10-04 15:20:14
94.180.25.213	attackbotsspam	firewall-block, port(s): 23/tcp	2020-10-04 14:15:43
94.180.25.5	attack	" "	2020-10-04 03:34:14
94.180.25.152	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-04 03:25:39
94.180.25.5	attackspam	" "	2020-10-03 19:32:03
94.180.25.152	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-03 19:20:48
94.180.250.158	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-21 06:43:31
94.180.250.158	attackspambots	[18/Feb/2020:11:13:35 -0500] - [18/Feb/2020:11:13:37 -0500] Think php probe script	2020-02-20 01:34:43
94.180.250.158	attackbotsspam	Unauthorized connection attempt detected from IP address 94.180.250.158 to port 8088 [J]	2020-01-06 05:39:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.180.25.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44382
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.180.25.139.			IN	A

;; AUTHORITY SECTION:
.			410	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100500 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 05 14:28:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

139.25.180.94.in-addr.arpa domain name pointer dynamicip-94-180-25-139.pppoe.nsk.ertelecom.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.25.180.94.in-addr.arpa	name = dynamicip-94-180-25-139.pppoe.nsk.ertelecom.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.130.149.34	attackspambots	TCP (SYN) 94.130.149.34:54855 -> port 23, len 40	2020-06-07 08:00:47
49.233.90.8	attack	Jun 7 01:16:53 eventyay sshd[31107]: Failed password for root from 49.233.90.8 port 49992 ssh2 Jun 7 01:20:40 eventyay sshd[31206]: Failed password for root from 49.233.90.8 port 33992 ssh2 ...	2020-06-07 08:12:56
51.83.72.243	attackspam	Jun 7 01:20:54 pve1 sshd[10168]: Failed password for root from 51.83.72.243 port 37652 ssh2 ...	2020-06-07 07:47:34
74.141.132.233	attackbots	2020-06-06 16:20:02 server sshd[95302]: Failed password for invalid user root from 74.141.132.233 port 41230 ssh2	2020-06-07 08:10:40
190.249.179.89	attackbotsspam	1591476165 - 06/06/2020 22:42:45 Host: 190.249.179.89/190.249.179.89 Port: 23 TCP Blocked	2020-06-07 08:02:13
106.52.132.186	attackbots	2020-06-06T23:47:07.190829rocketchat.forhosting.nl sshd[30416]: Failed password for root from 106.52.132.186 port 43440 ssh2 2020-06-06T23:49:19.190590rocketchat.forhosting.nl sshd[30434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.132.186 user=root 2020-06-06T23:49:21.734740rocketchat.forhosting.nl sshd[30434]: Failed password for root from 106.52.132.186 port 40196 ssh2 ...	2020-06-07 08:08:31
35.187.145.251	attackspam	Jun 6 05:00:05 v11 sshd[7755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.187.145.251 user=r.r Jun 6 05:00:07 v11 sshd[7755]: Failed password for r.r from 35.187.145.251 port 41686 ssh2 Jun 6 05:00:07 v11 sshd[7755]: Received disconnect from 35.187.145.251 port 41686:11: Bye Bye [preauth] Jun 6 05:00:07 v11 sshd[7755]: Disconnected from 35.187.145.251 port 41686 [preauth] Jun 6 05:22:05 v11 sshd[9445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.187.145.251 user=r.r Jun 6 05:22:06 v11 sshd[9445]: Failed password for r.r from 35.187.145.251 port 34760 ssh2 Jun 6 05:22:07 v11 sshd[9445]: Received disconnect from 35.187.145.251 port 34760:11: Bye Bye [preauth] Jun 6 05:22:07 v11 sshd[9445]: Disconnected from 35.187.145.251 port 34760 [preauth] Jun 6 05:24:17 v11 sshd[9532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.187.1........ -------------------------------	2020-06-07 07:58:45
111.231.63.14	attack	odoo8 ...	2020-06-07 08:05:53
172.68.11.107	attackbots	SQL injection:/newsites/free/pierre/search/search-1-prj.php?idPrj=-6940%27%29%20OR%204972%3DCAST%28%28CHR%28113%29%7C%7CCHR%28107%29%7C%7CCHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28113%29%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%284972%3D4972%29%20THEN%201%20ELSE%200%20END%29%29%3A%3Atext%7C%7C%28CHR%28113%29%7C%7CCHR%28120%29%7C%7CCHR%28112%29%7C%7CCHR%28120%29%7C%7CCHR%28113%29%29%20AS%20NUMERIC%29%20AND%20%28%27ysxZ%27%3D%27ysxZ	2020-06-07 08:07:09
106.13.26.67	attack	Jun 6 23:04:41 santamaria sshd\[27005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.26.67 user=root Jun 6 23:04:43 santamaria sshd\[27005\]: Failed password for root from 106.13.26.67 port 54594 ssh2 Jun 6 23:08:13 santamaria sshd\[27091\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.26.67 user=root ...	2020-06-07 08:13:25
69.94.235.219	attack	fail2ban -- 69.94.235.219 ...	2020-06-07 07:57:30
185.200.118.47	attack	UDP 185.200.118.47:37949 -> port 1194, len 42	2020-06-07 07:55:56
104.248.122.143	attackbots	(sshd) Failed SSH login from 104.248.122.143 (US/United States/-): 5 in the last 3600 secs	2020-06-07 08:20:59
210.105.82.53	attackbotsspam	Jun 6 22:34:57 ourumov-web sshd\[24879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.105.82.53 user=root Jun 6 22:35:00 ourumov-web sshd\[24879\]: Failed password for root from 210.105.82.53 port 55994 ssh2 Jun 6 22:42:18 ourumov-web sshd\[25407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.105.82.53 user=root ...	2020-06-07 08:18:28
187.162.247.136	attackspambots	port	2020-06-07 07:51:54

Recently Reported IPs

20.83.167.38	182.112.50.135	139.59.102.170	129.213.25.213
201.159.114.203	177.155.139.16	220.86.37.149	78.36.191.108
82.64.118.56	178.164.190.69	140.5.14.169	112.35.149.86
37.145.106.184	194.5.176.47	172.93.45.222	154.126.36.108
35.142.163.228	111.240.120.49	43.226.150.51	138.99.188.144