94.102.49.191 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 132 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:37:55
attackspambots	Port-scan: detected 174 distinct ports within a 24-hour window.	2020-10-07 17:07:10
attackbots	firewall-block, port(s): 211/tcp, 971/tcp	2020-10-01 07:41:08
attackbots	slow and persistent scanner	2020-10-01 00:09:58
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 2481 proto: tcp cat: Misc Attackbytes: 60	2020-09-21 00:55:45
attackspambots	TCP (SYN) 94.102.49.191:53628 -> port 2147, len 44	2020-09-20 16:51:02
attack	Port scan: Attack repeated for 24 hours	2020-09-17 23:49:56
attackspambots	firewall-block, port(s): 2422/tcp	2020-09-17 15:55:19
attack	ET DROP Dshield Block Listed Source group 1 - port: 2389 proto: tcp cat: Misc Attackbytes: 60	2020-09-17 07:01:32
attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-13 02:32:53
attack	TCP ports : 2729 / 2872	2020-09-12 18:36:11
attackbots	Port-scan: detected 167 distinct ports within a 24-hour window.	2020-09-08 01:39:50
attackbotsspam	TCP (SYN) 94.102.49.191:53220 -> port 2915, len 44	2020-09-07 17:05:03
attack	Port scan on 8 port(s): 3209 3250 3263 3300 3693 3883 3960 3963	2020-08-26 23:21:00
attack	Port scan on 4 port(s): 3607 3681 3897 3917	2020-08-13 21:10:31
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 3803 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 08:04:30
attackbotsspam	Sent packet to closed port: 3417	2020-08-09 05:46:21
attackbotsspam	firewall-block, port(s): 3782/tcp	2020-08-06 23:15:13
attack	Fail2Ban Ban Triggered	2020-08-03 04:46:20
attackspambots	Fail2Ban Ban Triggered	2020-07-30 16:46:02
attackspambots	SmallBizIT.US 7 packets to tcp(3039,3126,3204,3501,3704,3816,3884)	2020-07-30 06:19:46
attack	Jul 29 17:43:59 debian-2gb-nbg1-2 kernel: \[18295934.282797\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=2703 PROTO=TCP SPT=58859 DPT=3977 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-30 00:31:58
attack	Triggered: repeated knocking on closed ports.	2020-07-29 16:00:33
attackspambots	Jul 28 08:20:34 debian-2gb-nbg1-2 kernel: \[18175735.921101\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=59761 PROTO=TCP SPT=58859 DPT=3426 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-28 14:26:08
attack	TCP (SYN) 94.102.49.191:58859 -> port 3255, len 44	2020-07-28 04:01:38
attack	Jul 27 08:17:41 debian-2gb-nbg1-2 kernel: \[18089168.055589\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15809 PROTO=TCP SPT=58859 DPT=3443 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-27 14:25:40
attackbotsspam	Jul 25 18:07:11 debian-2gb-nbg1-2 kernel: \[17951745.597131\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.191 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52809 PROTO=TCP SPT=58859 DPT=3879 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-26 00:12:45

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.49.193	botsattackproxy	Bot	2024-04-11 12:03:13
94.102.49.190	proxy	VPN fraud	2023-05-29 12:52:27
94.102.49.117	attack	massive Port Scan	2020-10-07 04:15:40
94.102.49.59	attack	port scan	2020-10-07 00:57:42
94.102.49.117	attackspambots	massive Port Scan	2020-10-06 20:19:06
94.102.49.59	attack	Hacker	2020-10-06 16:51:13
94.102.49.193	attackbots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-05 03:01:09
94.102.49.193	attackspambots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-04 18:45:20
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-04 06:25:39
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-03 22:30:11
94.102.49.93	attackspam	[Sun Sep 27 22:47:43 2020] - Syn Flood From IP: 94.102.49.93 Port: 59653	2020-10-03 14:13:26
94.102.49.137	attackspam	Fri, 2020-10-02 08:33:48 - TCP Packet - Source:94.102.49.137 Destination:xxx.xxx.xxx.xxx - [PORT SCAN]	2020-10-03 04:32:19
94.102.49.137	attack	Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42330 PROTO=TCP SPT=45720 DPT=11117 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28079 PROTO=TCP SPT=45720 DPT=11218 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3153 PROTO=TCP SPT=45720 DPT=11222 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16947 PROTO=TCP SPT=45720 DPT=11215 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15: ...	2020-10-02 23:52:54
94.102.49.137	attackbotsspam	no-reverse-dns-configured.com	2020-10-02 20:24:29
94.102.49.137	attackspambots	port scan	2020-10-02 16:56:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.49.191
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32148
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.49.191.			IN	A

;; AUTHORITY SECTION:
.			315	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072500 1800 900 604800 86400

;; Query time: 354 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 26 00:12:38 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

191.49.102.94.in-addr.arpa domain name pointer no-reverse-dns-configured.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
191.49.102.94.in-addr.arpa	name = no-reverse-dns-configured.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
104.210.55.208	attackspam	$f2bV_matches	2020-03-21 21:10:08
87.236.27.177	attackspam	20/3/21@06:34:03: FAIL: IoT-Telnet address from=87.236.27.177 ...	2020-03-21 20:55:47
189.131.55.145	attack	8000/tcp 8000/tcp 8000/tcp [2020-03-21]3pkt	2020-03-21 20:30:17
200.105.234.131	attackspam	Invalid user pi from 200.105.234.131 port 50730	2020-03-21 21:02:40
60.250.147.218	attackbotsspam	Mar 21 13:06:41 XXX sshd[30266]: Invalid user tsbot from 60.250.147.218 port 54118	2020-03-21 21:04:55
185.36.81.42	attackbotsspam	Port 8088 scan denied	2020-03-21 20:35:28
45.133.99.13	attackspam	Mar 21 13:56:33 mail.srvfarm.net postfix/smtpd[114925]: warning: unknown[45.133.99.13]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 21 13:56:33 mail.srvfarm.net postfix/smtpd[114925]: lost connection after AUTH from unknown[45.133.99.13] Mar 21 13:56:39 mail.srvfarm.net postfix/smtpd[113169]: lost connection after AUTH from unknown[45.133.99.13] Mar 21 13:56:43 mail.srvfarm.net postfix/smtps/smtpd[116462]: lost connection after AUTH from unknown[45.133.99.13] Mar 21 13:56:46 mail.srvfarm.net postfix/smtpd[114925]: lost connection after AUTH from unknown[45.133.99.13]	2020-03-21 21:15:04
178.128.75.18	attackbots	Mar 21 07:49:07 debian-2gb-nbg1-2 kernel: \[7032446.613309\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=178.128.75.18 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=49913 PROTO=TCP SPT=53144 DPT=3394 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-21 20:36:31
195.24.198.18	attackspam	Mar 21 09:59:45 ws19vmsma01 sshd[173388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.24.198.18 Mar 21 09:59:47 ws19vmsma01 sshd[173388]: Failed password for invalid user deddy from 195.24.198.18 port 50448 ssh2 ...	2020-03-21 21:21:18
85.95.153.59	attack	Unauthorized connection attempt detected from IP address 85.95.153.59 to port 1433 [T]	2020-03-21 20:57:09
80.82.64.73	attackbotsspam	scans 8 times in preceeding hours on the ports (in chronological order) 25489 27689 28289 26389 25189 26289 28189 26189 resulting in total of 67 scans from 80.82.64.0/20 block.	2020-03-21 21:00:28
192.241.238.84	attack	[portscan] tcp/20 [FTP] *(RWIN=65535)(03211123)	2020-03-21 20:28:21
176.31.250.160	attack	Mar 21 12:53:54 XXXXXX sshd[776]: Invalid user yp from 176.31.250.160 port 56546	2020-03-21 21:06:37
187.32.120.215	attackspambots	Mar 21 13:01:26 XXX sshd[30147]: Invalid user xi from 187.32.120.215 port 49442	2020-03-21 21:06:09
192.241.238.217	attackbots	102/tcp 5601/tcp 5984/tcp... [2020-03-13/21]9pkt,9pt.(tcp)	2020-03-21 20:27:58

最近上报的IP列表

214.229.234.147	38.239.12.37	125.137.156.154	214.150.190.243
184.113.150.67	30.74.104.68	192.46.159.221	231.175.250.92
225.176.140.200	139.130.144.31	85.132.49.30	114.80.17.55
136.121.128.23	192.162.109.96	222.34.10.148	123.140.250.27
39.119.95.124	71.212.132.220	252.181.111.93	142.208.28.200