94.102.49.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Sep 25 08:20:28 [host] kernel: [1346836.019694] [U Sep 25 08:23:32 [host] kernel: [1347020.273481] [U Sep 25 08:27:10 [host] kernel: [1347237.701721] [U Sep 25 08:27:18 [host] kernel: [1347245.495049] [U Sep 25 08:33:03 [host] kernel: [1347590.708539] [U Sep 25 08:34:15 [host] kernel: [1347662.631313] [U	2020-09-25 19:55:18
attackspambots	TCP (SYN) 94.102.49.106:54163 -> port 3500, len 44	2020-09-14 21:59:09
attackbotsspam	TCP (SYN) 94.102.49.106:54163 -> port 3480, len 44	2020-09-14 13:53:03
attackspambots	TCP (SYN) 94.102.49.106:54163 -> port 3473, len 44	2020-09-14 05:50:34
attackspambots	TCP (SYN) 94.102.49.106:45863 -> port 3080, len 44	2020-09-12 23:50:28
attackspambots	TCP (SYN) 94.102.49.106:45863 -> port 3012, len 44	2020-09-12 15:52:54
attack	Fail2Ban Ban Triggered	2020-09-12 07:39:28

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.49.193	botsattackproxy	Bot	2024-04-11 12:03:13
94.102.49.190	proxy	VPN fraud	2023-05-29 12:52:27
94.102.49.191	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 132 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:37:55
94.102.49.191	attackspambots	Port-scan: detected 174 distinct ports within a 24-hour window.	2020-10-07 17:07:10
94.102.49.117	attack	massive Port Scan	2020-10-07 04:15:40
94.102.49.59	attack	port scan	2020-10-07 00:57:42
94.102.49.117	attackspambots	massive Port Scan	2020-10-06 20:19:06
94.102.49.59	attack	Hacker	2020-10-06 16:51:13
94.102.49.193	attackbots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-05 03:01:09
94.102.49.193	attackspambots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-04 18:45:20
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-04 06:25:39
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-03 22:30:11
94.102.49.93	attackspam	[Sun Sep 27 22:47:43 2020] - Syn Flood From IP: 94.102.49.93 Port: 59653	2020-10-03 14:13:26
94.102.49.137	attackspam	Fri, 2020-10-02 08:33:48 - TCP Packet - Source:94.102.49.137 Destination:xxx.xxx.xxx.xxx - [PORT SCAN]	2020-10-03 04:32:19
94.102.49.137	attack	Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42330 PROTO=TCP SPT=45720 DPT=11117 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28079 PROTO=TCP SPT=45720 DPT=11218 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3153 PROTO=TCP SPT=45720 DPT=11222 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16947 PROTO=TCP SPT=45720 DPT=11215 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15: ...	2020-10-02 23:52:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.49.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2952
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.49.106.			IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091101 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 12 07:39:24 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

106.49.102.94.in-addr.arpa domain name pointer no-reverse-dns-configured.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.49.102.94.in-addr.arpa	name = no-reverse-dns-configured.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
1.194.238.226	attackbotsspam	Invalid user ftpuser from 1.194.238.226 port 54029	2020-09-27 05:28:15
1.119.44.250	attackspam	2020-03-07T17:33:47.461003suse-nuc sshd[8491]: Invalid user 22 from 1.119.44.250 port 32796 ...	2020-09-27 05:49:24
50.196.36.169	attackspam	Hits on port :	2020-09-27 05:51:20
1.196.238.52	attack	Sep 26 23:40:17 vps768472 sshd\[24390\]: Invalid user user002 from 1.196.238.52 port 60064 Sep 26 23:40:17 vps768472 sshd\[24390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.196.238.52 Sep 26 23:40:19 vps768472 sshd\[24390\]: Failed password for invalid user user002 from 1.196.238.52 port 60064 ssh2 ...	2020-09-27 05:23:20
117.222.235.164	attackbotsspam	Listed on abuseat.org plus barracudaCentral and zen-spamhaus / proto=6 . srcport=59927 . dstport=23 . (3556)	2020-09-27 05:32:55
1.194.53.51	attack	2020-06-29T21:04:56.792742suse-nuc sshd[18705]: Invalid user pv from 1.194.53.51 port 38982 ...	2020-09-27 05:27:20
161.35.148.75	attack	Invalid user edu from 161.35.148.75 port 54304	2020-09-27 05:41:58
222.186.42.213	attack	Sep 26 18:14:26 shivevps sshd[14749]: Failed password for root from 222.186.42.213 port 60824 ssh2 Sep 26 18:14:32 shivevps sshd[14752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.213 user=root Sep 26 18:14:34 shivevps sshd[14752]: Failed password for root from 222.186.42.213 port 51226 ssh2 ...	2020-09-27 05:18:50
1.119.196.29	attackbots	2020-03-26T04:50:49.057579suse-nuc sshd[14590]: Invalid user zt from 1.119.196.29 port 53758 ...	2020-09-27 05:51:57
34.73.237.110	attack	34.73.237.110 - - [26/Sep/2020:21:44:29 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.73.237.110 - - [26/Sep/2020:21:44:29 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.73.237.110 - - [26/Sep/2020:21:44:30 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.73.237.110 - - [26/Sep/2020:21:44:30 +0200] "POST /wp-login.php HTTP/1.1" 200 2697 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.73.237.110 - - [26/Sep/2020:21:44:30 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.73.237.110 - - [26/Sep/2020:21:44:31 +0200] "POST /wp-login.php HTTP/1.1" 200 2696 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-09-27 05:27:08
129.28.163.90	attackbots	SSH Bruteforce Attempt on Honeypot	2020-09-27 05:26:23
1.194.238.187	attack	2020-03-22T00:28:58.297867suse-nuc sshd[23911]: Invalid user wc from 1.194.238.187 port 46340 ...	2020-09-27 05:28:50
168.61.34.21	attackbots	LGS,WP GET //wp-includes/wlwmanifest.xml	2020-09-27 05:20:32
1.193.39.196	attack	2020-01-18T06:23:51.410356suse-nuc sshd[27897]: Invalid user facturacion from 1.193.39.196 port 58998 ...	2020-09-27 05:31:46
1.172.134.218	attackspam	2020-09-24T13:07:41.768220suse-nuc sshd[10002]: Invalid user admin from 1.172.134.218 port 40320 ...	2020-09-27 05:42:20

最近上报的IP列表

20.135.5.161	74.118.88.203	134.68.141.67	182.183.243.13
1.67.101.245	46.131.36.155	27.7.23.183	151.178.150.75
150.75.222.107	183.95.9.126	174.47.18.61	81.230.71.205
194.17.86.148	122.101.128.20	43.235.237.69	247.216.51.35
41.142.151.224	66.158.155.203	87.184.112.131	2.48.186.100