94.102.49.191 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 132 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:37:55
attackspambots	Port-scan: detected 174 distinct ports within a 24-hour window.	2020-10-07 17:07:10
attackbots	firewall-block, port(s): 211/tcp, 971/tcp	2020-10-01 07:41:08
attackbots	slow and persistent scanner	2020-10-01 00:09:58
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 2481 proto: tcp cat: Misc Attackbytes: 60	2020-09-21 00:55:45
attackspambots	TCP (SYN) 94.102.49.191:53628 -> port 2147, len 44	2020-09-20 16:51:02
attack	Port scan: Attack repeated for 24 hours	2020-09-17 23:49:56
attackspambots	firewall-block, port(s): 2422/tcp	2020-09-17 15:55:19
attack	ET DROP Dshield Block Listed Source group 1 - port: 2389 proto: tcp cat: Misc Attackbytes: 60	2020-09-17 07:01:32
attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-13 02:32:53
attack	TCP ports : 2729 / 2872	2020-09-12 18:36:11
attackbots	Port-scan: detected 167 distinct ports within a 24-hour window.	2020-09-08 01:39:50
attackbotsspam	TCP (SYN) 94.102.49.191:53220 -> port 2915, len 44	2020-09-07 17:05:03
attack	Port scan on 8 port(s): 3209 3250 3263 3300 3693 3883 3960 3963	2020-08-26 23:21:00
attack	Port scan on 4 port(s): 3607 3681 3897 3917	2020-08-13 21:10:31
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 3803 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 08:04:30
attackbotsspam	Sent packet to closed port: 3417	2020-08-09 05:46:21
attackbotsspam	firewall-block, port(s): 3782/tcp	2020-08-06 23:15:13
attack	Fail2Ban Ban Triggered	2020-08-03 04:46:20
attackspambots	Fail2Ban Ban Triggered	2020-07-30 16:46:02
attackspambots	SmallBizIT.US 7 packets to tcp(3039,3126,3204,3501,3704,3816,3884)	2020-07-30 06:19:46
attack	Jul 29 17:43:59 debian-2gb-nbg1-2 kernel: \[18295934.282797\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=2703 PROTO=TCP SPT=58859 DPT=3977 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-30 00:31:58
attack	Triggered: repeated knocking on closed ports.	2020-07-29 16:00:33
attackspambots	Jul 28 08:20:34 debian-2gb-nbg1-2 kernel: \[18175735.921101\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=59761 PROTO=TCP SPT=58859 DPT=3426 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-28 14:26:08
attack	TCP (SYN) 94.102.49.191:58859 -> port 3255, len 44	2020-07-28 04:01:38
attack	Jul 27 08:17:41 debian-2gb-nbg1-2 kernel: \[18089168.055589\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15809 PROTO=TCP SPT=58859 DPT=3443 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-27 14:25:40
attackbotsspam	Jul 25 18:07:11 debian-2gb-nbg1-2 kernel: \[17951745.597131\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52809 PROTO=TCP SPT=58859 DPT=3879 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-26 00:12:45

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.49.193	botsattackproxy	Bot	2024-04-11 12:03:13
94.102.49.190	proxy	VPN fraud	2023-05-29 12:52:27
94.102.49.117	attack	massive Port Scan	2020-10-07 04:15:40
94.102.49.59	attack	port scan	2020-10-07 00:57:42
94.102.49.117	attackspambots	massive Port Scan	2020-10-06 20:19:06
94.102.49.59	attack	Hacker	2020-10-06 16:51:13
94.102.49.193	attackbots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-05 03:01:09
94.102.49.193	attackspambots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-04 18:45:20
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-04 06:25:39
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-03 22:30:11
94.102.49.93	attackspam	[Sun Sep 27 22:47:43 2020] - Syn Flood From IP: 94.102.49.93 Port: 59653	2020-10-03 14:13:26
94.102.49.137	attackspam	Fri, 2020-10-02 08:33:48 - TCP Packet - Source:94.102.49.137 Destination:xxx.xxx.xxx.xxx - [PORT SCAN]	2020-10-03 04:32:19
94.102.49.137	attack	Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42330 PROTO=TCP SPT=45720 DPT=11117 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28079 PROTO=TCP SPT=45720 DPT=11218 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3153 PROTO=TCP SPT=45720 DPT=11222 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16947 PROTO=TCP SPT=45720 DPT=11215 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15: ...	2020-10-02 23:52:54
94.102.49.137	attackbotsspam	no-reverse-dns-configured.com	2020-10-02 20:24:29
94.102.49.137	attackspambots	port scan	2020-10-02 16:56:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.49.191
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32148
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.49.191.			IN	A

;; AUTHORITY SECTION:
.			315	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072500 1800 900 604800 86400

;; Query time: 354 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 26 00:12:38 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

191.49.102.94.in-addr.arpa domain name pointer no-reverse-dns-configured.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
191.49.102.94.in-addr.arpa	name = no-reverse-dns-configured.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
37.228.116.92	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-08 16:45:37
107.180.111.21	attackspambots	/en/wp-includes/wlwmanifest.xml	2020-07-08 16:25:05
111.229.78.120	attack	k+ssh-bruteforce	2020-07-08 16:20:17
141.98.10.208	attackbotsspam	Jul 8 10:25:12 srv01 postfix/smtpd\[7207\]: warning: unknown\[141.98.10.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 10:25:42 srv01 postfix/smtpd\[7202\]: warning: unknown\[141.98.10.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 10:25:52 srv01 postfix/smtpd\[7202\]: warning: unknown\[141.98.10.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 10:27:41 srv01 postfix/smtpd\[11017\]: warning: unknown\[141.98.10.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 10:28:57 srv01 postfix/smtpd\[27537\]: warning: unknown\[141.98.10.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-08 16:34:49
144.217.42.212	attackbots	(sshd) Failed SSH login from 144.217.42.212 (CA/Canada/ip212.ip-144-217-42.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 8 10:47:02 s1 sshd[27943]: Invalid user user from 144.217.42.212 port 50124 Jul 8 10:47:04 s1 sshd[27943]: Failed password for invalid user user from 144.217.42.212 port 50124 ssh2 Jul 8 10:52:26 s1 sshd[28104]: Invalid user lynn from 144.217.42.212 port 48141 Jul 8 10:52:29 s1 sshd[28104]: Failed password for invalid user lynn from 144.217.42.212 port 48141 ssh2 Jul 8 10:54:48 s1 sshd[28175]: Invalid user hiro from 144.217.42.212 port 38800	2020-07-08 16:36:54
77.45.85.95	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 77.45.85.95 (PL/Poland/77-45-85-95.sta.asta-net.com.pl): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-08 08:13:24 plain authenticator failed for 77-45-85-95.sta.asta-net.com.pl [77.45.85.95]: 535 Incorrect authentication data (set_id=info)	2020-07-08 16:22:07
95.232.137.137	attack	Automatic report - Banned IP Access	2020-07-08 16:43:09
139.219.12.62	attackspambots	20 attempts against mh-ssh on pluto	2020-07-08 16:26:16
222.168.18.227	attackbots	2020-07-08T10:33:07.278781centos sshd[6681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.168.18.227 2020-07-08T10:33:07.272700centos sshd[6681]: Invalid user kk from 222.168.18.227 port 55433 2020-07-08T10:33:09.114722centos sshd[6681]: Failed password for invalid user kk from 222.168.18.227 port 55433 ssh2 ...	2020-07-08 16:39:07
203.135.22.146	attackspam	1594179798 - 07/08/2020 05:43:18 Host: 203.135.22.146/203.135.22.146 Port: 445 TCP Blocked	2020-07-08 16:35:33
117.89.135.170	attack	Jul 8 06:46:13 abendstille sshd\[2043\]: Invalid user akahira from 117.89.135.170 Jul 8 06:46:13 abendstille sshd\[2043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.135.170 Jul 8 06:46:15 abendstille sshd\[2043\]: Failed password for invalid user akahira from 117.89.135.170 port 38461 ssh2 Jul 8 06:53:13 abendstille sshd\[8613\]: Invalid user admin from 117.89.135.170 Jul 8 06:53:13 abendstille sshd\[8613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.135.170 ...	2020-07-08 16:35:52
174.94.52.56	attackbots	Port probing on unauthorized port 23	2020-07-08 16:25:57
172.58.14.192	attack	This server hacked into my Snapchat and scammed people for money	2020-07-08 16:50:19
182.61.21.155	attack	20 attempts against mh-ssh on pluto	2020-07-08 16:34:19
104.218.55.91	attackbotsspam	Jul 8 06:47:07 *** sshd[2094]: Invalid user mariel from 104.218.55.91	2020-07-08 16:53:20

最近上报的IP列表

214.229.234.147	38.239.12.37	125.137.156.154	214.150.190.243
184.113.150.67	30.74.104.68	192.46.159.221	231.175.250.92
225.176.140.200	139.130.144.31	85.132.49.30	114.80.17.55
136.121.128.23	192.162.109.96	222.34.10.148	123.140.250.27
39.119.95.124	71.212.132.220	252.181.111.93	142.208.28.200