94.28.54.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: JSC ER-Telecom Holding

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 20:49:01,202 INFO [shellcode_manager] (94.28.54.6) no match, writing hexdump (5af1e181fef810fc4f0ebd581e889a86 :1851490) - SMB (Unknown)	2019-08-09 10:23:42
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 15:58:42,345 INFO [shellcode_manager] (94.28.54.6) no match, writing hexdump (7faf823865f45ace3d3afd3760dfe9c6 :2206944) - MS17010 (EternalBlue)	2019-07-06 10:55:35

Type

Details

Datetime

attackbotsspam

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 20:49:01,202 INFO [shellcode_manager] (94.28.54.6) no match, writing hexdump (5af1e181fef810fc4f0ebd581e889a86 :1851490) - SMB (Unknown)

2019-08-09 10:23:42

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 15:58:42,345 INFO [shellcode_manager] (94.28.54.6) no match, writing hexdump (7faf823865f45ace3d3afd3760dfe9c6 :2206944) - MS17010 (EternalBlue)

2019-07-06 10:55:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.28.54.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43303
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.28.54.6.			IN	A

;; AUTHORITY SECTION:
.			3134	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 06 10:55:27 CST 2019
;; MSG SIZE  rcvd: 114

Host info

6.54.28.94.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 6.54.28.94.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.102.67.183	attack	May 21 16:24:23 debian-2gb-nbg1-2 kernel: \[12329884.597456\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=202.102.67.183 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=239 ID=40953 PROTO=TCP SPT=3232 DPT=113 WINDOW=8192 RES=0x00 SYN URGP=0	2020-05-21 23:38:38
92.222.74.255	attackspam	SSH brute-force: detected 31 distinct usernames within a 24-hour window.	2020-05-21 23:28:04
111.67.195.53	attackspam	May 18 09:59:28 lamijardin sshd[21638]: Invalid user mml from 111.67.195.53 May 18 09:59:28 lamijardin sshd[21638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.195.53 May 18 09:59:29 lamijardin sshd[21638]: Failed password for invalid user mml from 111.67.195.53 port 34542 ssh2 May 18 09:59:30 lamijardin sshd[21638]: Received disconnect from 111.67.195.53 port 34542:11: Bye Bye [preauth] May 18 09:59:30 lamijardin sshd[21638]: Disconnected from 111.67.195.53 port 34542 [preauth] May 18 10:20:53 lamijardin sshd[21975]: Bad protocol version identification '-HSS2.0-libssh-0.6.3' from 111.67.195.53 port 42808 May 18 10:26:19 lamijardin sshd[22010]: Bad protocol version identification '-HSS2.0-libssh-0.6.3' from 111.67.195.53 port 40876 May 18 10:31:43 lamijardin sshd[22038]: Bad protocol version identification '-HSS2.0-libssh-0.6.3' from 111.67.195.53 port 38946 May 18 10:36:31 lamijardin sshd[22045]: Invalid user ilc from ........ -------------------------------	2020-05-22 00:04:31
194.31.236.136	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 32414 10001	2020-05-21 23:41:22
91.84.95.122	attack	probes 6 times on the port 8080	2020-05-22 00:07:13
72.52.178.244	attack	I need help .,with my no privacy error on the internet. Thank you you can call or message me. 7329770223	2020-05-21 23:24:41
113.160.198.78	attack	Unauthorized connection attempt from IP address 113.160.198.78 on Port 445(SMB)	2020-05-21 23:52:05
49.51.155.205	attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 32800 4070	2020-05-22 00:10:33
222.186.175.215	attack	May 21 16:31:07 combo sshd[9851]: Failed password for root from 222.186.175.215 port 12168 ssh2 May 21 16:31:10 combo sshd[9851]: Failed password for root from 222.186.175.215 port 12168 ssh2 May 21 16:31:13 combo sshd[9851]: Failed password for root from 222.186.175.215 port 12168 ssh2 ...	2020-05-21 23:31:22
87.251.75.44	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 8040 8040	2020-05-22 00:08:42
173.205.13.236	attackbotsspam	k+ssh-bruteforce	2020-05-21 23:29:43
117.2.167.233	attackspam	Unauthorized connection attempt from IP address 117.2.167.233 on Port 445(SMB)	2020-05-21 23:29:02
14.18.103.163	attack	May 21 14:01:04 sshd\[11455\]: Invalid user diaosx from 14.18.103.163May 21 14:01:05 sshd\[11455\]: Failed password for invalid user diaosx from 14.18.103.163 port 58190 ssh2 ...	2020-05-21 23:53:35
176.113.70.60	attack	Automatic report - Port Scan	2020-05-21 23:47:52
183.136.225.45	attackbotsspam	Unauthorized connection attempt detected from IP address 183.136.225.45 to port 1027	2020-05-21 23:43:38

Recently Reported IPs

206.180.5.255	125.252.85.112	88.130.133.130	216.126.82.18
38.235.231.210	113.190.44.154	167.72.74.53	144.107.23.12
64.139.67.87	181.106.194.117	239.84.202.86	222.209.8.116
94.50.116.212	225.2.120.237	4.69.198.120	121.46.95.90
12.42.165.124	192.56.53.22	254.43.90.134	104.130.175.8