94.102.49.191 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 132 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:37:55
attackspambots	Port-scan: detected 174 distinct ports within a 24-hour window.	2020-10-07 17:07:10
attackbots	firewall-block, port(s): 211/tcp, 971/tcp	2020-10-01 07:41:08
attackbots	slow and persistent scanner	2020-10-01 00:09:58
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 2481 proto: tcp cat: Misc Attackbytes: 60	2020-09-21 00:55:45
attackspambots	TCP (SYN) 94.102.49.191:53628 -> port 2147, len 44	2020-09-20 16:51:02
attack	Port scan: Attack repeated for 24 hours	2020-09-17 23:49:56
attackspambots	firewall-block, port(s): 2422/tcp	2020-09-17 15:55:19
attack	ET DROP Dshield Block Listed Source group 1 - port: 2389 proto: tcp cat: Misc Attackbytes: 60	2020-09-17 07:01:32
attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-13 02:32:53
attack	TCP ports : 2729 / 2872	2020-09-12 18:36:11
attackbots	Port-scan: detected 167 distinct ports within a 24-hour window.	2020-09-08 01:39:50
attackbotsspam	TCP (SYN) 94.102.49.191:53220 -> port 2915, len 44	2020-09-07 17:05:03
attack	Port scan on 8 port(s): 3209 3250 3263 3300 3693 3883 3960 3963	2020-08-26 23:21:00
attack	Port scan on 4 port(s): 3607 3681 3897 3917	2020-08-13 21:10:31
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 3803 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 08:04:30
attackbotsspam	Sent packet to closed port: 3417	2020-08-09 05:46:21
attackbotsspam	firewall-block, port(s): 3782/tcp	2020-08-06 23:15:13
attack	Fail2Ban Ban Triggered	2020-08-03 04:46:20
attackspambots	Fail2Ban Ban Triggered	2020-07-30 16:46:02
attackspambots	SmallBizIT.US 7 packets to tcp(3039,3126,3204,3501,3704,3816,3884)	2020-07-30 06:19:46
attack	Jul 29 17:43:59 debian-2gb-nbg1-2 kernel: \[18295934.282797\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=2703 PROTO=TCP SPT=58859 DPT=3977 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-30 00:31:58
attack	Triggered: repeated knocking on closed ports.	2020-07-29 16:00:33
attackspambots	Jul 28 08:20:34 debian-2gb-nbg1-2 kernel: \[18175735.921101\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=59761 PROTO=TCP SPT=58859 DPT=3426 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-28 14:26:08
attack	TCP (SYN) 94.102.49.191:58859 -> port 3255, len 44	2020-07-28 04:01:38
attack	Jul 27 08:17:41 debian-2gb-nbg1-2 kernel: \[18089168.055589\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15809 PROTO=TCP SPT=58859 DPT=3443 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-27 14:25:40
attackbotsspam	Jul 25 18:07:11 debian-2gb-nbg1-2 kernel: \[17951745.597131\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52809 PROTO=TCP SPT=58859 DPT=3879 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-26 00:12:45

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.49.193	botsattackproxy	Bot	2024-04-11 12:03:13
94.102.49.190	proxy	VPN fraud	2023-05-29 12:52:27
94.102.49.117	attack	massive Port Scan	2020-10-07 04:15:40
94.102.49.59	attack	port scan	2020-10-07 00:57:42
94.102.49.117	attackspambots	massive Port Scan	2020-10-06 20:19:06
94.102.49.59	attack	Hacker	2020-10-06 16:51:13
94.102.49.193	attackbots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-05 03:01:09
94.102.49.193	attackspambots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-04 18:45:20
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-04 06:25:39
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-03 22:30:11
94.102.49.93	attackspam	[Sun Sep 27 22:47:43 2020] - Syn Flood From IP: 94.102.49.93 Port: 59653	2020-10-03 14:13:26
94.102.49.137	attackspam	Fri, 2020-10-02 08:33:48 - TCP Packet - Source:94.102.49.137 Destination:xxx.xxx.xxx.xxx - [PORT SCAN]	2020-10-03 04:32:19
94.102.49.137	attack	Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42330 PROTO=TCP SPT=45720 DPT=11117 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28079 PROTO=TCP SPT=45720 DPT=11218 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3153 PROTO=TCP SPT=45720 DPT=11222 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16947 PROTO=TCP SPT=45720 DPT=11215 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15: ...	2020-10-02 23:52:54
94.102.49.137	attackbotsspam	no-reverse-dns-configured.com	2020-10-02 20:24:29
94.102.49.137	attackspambots	port scan	2020-10-02 16:56:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.49.191
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32148
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.49.191.			IN	A

;; AUTHORITY SECTION:
.			315	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072500 1800 900 604800 86400

;; Query time: 354 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 26 00:12:38 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

191.49.102.94.in-addr.arpa domain name pointer no-reverse-dns-configured.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
191.49.102.94.in-addr.arpa	name = no-reverse-dns-configured.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
89.251.57.38	attack	[Aegis] @ 2019-12-27 07:03:54 0000 -> Multiple authentication failures.	2019-12-27 17:13:00
41.207.184.179	attackspam	Dec 27 08:39:02 * sshd[2817]: Failed password for root from 41.207.184.179 port 36502 ssh2	2019-12-27 17:24:28
128.199.219.181	attackspambots	Invalid user ocie from 128.199.219.181 port 39142	2019-12-27 17:15:11
43.251.81.77	attack	1577428074 - 12/27/2019 07:27:54 Host: 43.251.81.77/43.251.81.77 Port: 445 TCP Blocked	2019-12-27 17:07:53
180.246.148.243	attackbotsspam	Unauthorized connection attempt detected from IP address 180.246.148.243 to port 445	2019-12-27 17:24:03
51.15.65.170	attack	Automatic report - Banned IP Access	2019-12-27 17:22:33
128.199.204.26	attackbotsspam	Dec 27 08:30:37 h2177944 sshd\[17789\]: Invalid user fillmore from 128.199.204.26 port 58712 Dec 27 08:30:37 h2177944 sshd\[17789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.204.26 Dec 27 08:30:39 h2177944 sshd\[17789\]: Failed password for invalid user fillmore from 128.199.204.26 port 58712 ssh2 Dec 27 08:33:32 h2177944 sshd\[18034\]: Invalid user sydney from 128.199.204.26 port 54930 ...	2019-12-27 17:08:05
185.217.229.130	attack	Brute force SMTP login attempts.	2019-12-27 17:10:05
119.28.176.26	attackbotsspam	Invalid user wwwrun from 119.28.176.26 port 46956	2019-12-27 17:00:46
144.217.39.131	attack	Dec 27 07:44:00 host sshd[3214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip131.ip-144-217-39.net user=root Dec 27 07:44:02 host sshd[3214]: Failed password for root from 144.217.39.131 port 39910 ssh2 ...	2019-12-27 17:35:26
222.186.175.169	attackspam	Dec 27 09:58:38 meumeu sshd[16550]: Failed password for root from 222.186.175.169 port 34522 ssh2 Dec 27 09:58:49 meumeu sshd[16550]: Failed password for root from 222.186.175.169 port 34522 ssh2 Dec 27 09:58:52 meumeu sshd[16550]: Failed password for root from 222.186.175.169 port 34522 ssh2 Dec 27 09:58:53 meumeu sshd[16550]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 34522 ssh2 [preauth] ...	2019-12-27 17:00:27
5.46.82.209	attackspambots	1577428057 - 12/27/2019 07:27:37 Host: 5.46.82.209/5.46.82.209 Port: 445 TCP Blocked	2019-12-27 17:19:19
94.23.207.160	attackbotsspam	Automatic report generated by Wazuh	2019-12-27 17:17:35
113.117.151.135	attack	CN from [113.117.151.135] port=14334 helo=faoda.org	2019-12-27 17:14:40
222.186.175.155	attackbotsspam	Dec 27 10:21:19 SilenceServices sshd[31714]: Failed password for root from 222.186.175.155 port 38968 ssh2 Dec 27 10:21:23 SilenceServices sshd[31714]: Failed password for root from 222.186.175.155 port 38968 ssh2 Dec 27 10:21:41 SilenceServices sshd[31829]: Failed password for root from 222.186.175.155 port 39770 ssh2	2019-12-27 17:30:42

最近上报的IP列表

214.229.234.147	38.239.12.37	125.137.156.154	214.150.190.243
184.113.150.67	30.74.104.68	192.46.159.221	231.175.250.92
225.176.140.200	139.130.144.31	85.132.49.30	114.80.17.55
136.121.128.23	192.162.109.96	222.34.10.148	123.140.250.27
39.119.95.124	71.212.132.220	252.181.111.93	142.208.28.200