必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbots
Aug 10 13:29:36 aat-srv002 sshd[15986]: Failed password for root from 94.102.49.64 port 56278 ssh2
Aug 10 13:33:50 aat-srv002 sshd[16065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.49.64
Aug 10 13:33:51 aat-srv002 sshd[16065]: Failed password for invalid user db2inst1 from 94.102.49.64 port 51922 ssh2
...
2019-08-11 02:50:35
attackspambots
Aug  8 12:59:13 vtv3 sshd\[7824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.49.64  user=root
Aug  8 12:59:15 vtv3 sshd\[7824\]: Failed password for root from 94.102.49.64 port 41650 ssh2
Aug  8 13:03:14 vtv3 sshd\[9817\]: Invalid user developer from 94.102.49.64 port 36634
Aug  8 13:03:14 vtv3 sshd\[9817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.49.64
Aug  8 13:03:15 vtv3 sshd\[9817\]: Failed password for invalid user developer from 94.102.49.64 port 36634 ssh2
Aug  8 13:15:03 vtv3 sshd\[15588\]: Invalid user joey from 94.102.49.64 port 48604
Aug  8 13:15:03 vtv3 sshd\[15588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.49.64
Aug  8 13:15:05 vtv3 sshd\[15588\]: Failed password for invalid user joey from 94.102.49.64 port 48604 ssh2
Aug  8 13:19:05 vtv3 sshd\[17805\]: Invalid user student from 94.102.49.64 port 43256
Aug  8 13:19:05 vtv3 sshd
2019-08-08 20:17:20
相同子网IP讨论:
IP 类型 评论内容 时间
94.102.49.193 botsattackproxy
Bot
2024-04-11 12:03:13
94.102.49.190 proxy
VPN fraud
2023-05-29 12:52:27
94.102.49.191 attackspam
ET DROP Dshield Block Listed Source group 1 - port: 132 proto: tcp cat: Misc Attackbytes: 60
2020-10-14 05:37:55
94.102.49.191 attackspambots
Port-scan: detected 174 distinct ports within a 24-hour window.
2020-10-07 17:07:10
94.102.49.117 attack
massive Port Scan
2020-10-07 04:15:40
94.102.49.59 attack
port scan
2020-10-07 00:57:42
94.102.49.117 attackspambots
massive Port Scan
2020-10-06 20:19:06
94.102.49.59 attack
Hacker
2020-10-06 16:51:13
94.102.49.193 attackbots
 TCP (SYN) 94.102.49.193:6707 -> port 502, len 44
2020-10-05 03:01:09
94.102.49.193 attackspambots
 TCP (SYN) 94.102.49.193:6707 -> port 502, len 44
2020-10-04 18:45:20
94.102.49.93 attackbotsspam
Port-scan: detected 200 distinct ports within a 24-hour window.
2020-10-04 06:25:39
94.102.49.93 attackbotsspam
Port-scan: detected 200 distinct ports within a 24-hour window.
2020-10-03 22:30:11
94.102.49.93 attackspam
[Sun Sep 27 22:47:43 2020] - Syn Flood From IP: 94.102.49.93 Port: 59653
2020-10-03 14:13:26
94.102.49.137 attackspam
Fri, 2020-10-02 08:33:48 - TCP Packet - Source:94.102.49.137 Destination:xxx.xxx.xxx.xxx - [PORT SCAN]
2020-10-03 04:32:19
94.102.49.137 attack
Oct 2 15:35:22 *hidden* kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42330 PROTO=TCP SPT=45720 DPT=11117 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:22 *hidden* kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28079 PROTO=TCP SPT=45720 DPT=11218 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 *hidden* kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3153 PROTO=TCP SPT=45720 DPT=11222 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 *hidden* kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16947 PROTO=TCP SPT=45720 DPT=11215 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:
...
2020-10-02 23:52:54
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.49.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47965
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.49.64.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 06:29:12 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:
64.49.102.94.in-addr.arpa domain name pointer fitamazing.com.
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
64.49.102.94.in-addr.arpa	name = fitamazing.com.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
85.133.143.35 attack
Dovecot Invalid User Login Attempt.
2020-08-05 12:34:16
167.71.209.115 attack
167.71.209.115 - - [05/Aug/2020:04:55:51 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
167.71.209.115 - - [05/Aug/2020:04:55:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1951 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
167.71.209.115 - - [05/Aug/2020:04:56:01 +0100] "POST /wp-login.php HTTP/1.1" 200 1947 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-08-05 12:34:47
80.7.98.53 attack
Attempted Brute Force (dovecot)
2020-08-05 12:15:18
106.12.196.118 attackbots
Aug  5 05:47:19 server sshd[32392]: Failed password for root from 106.12.196.118 port 44190 ssh2
Aug  5 05:52:03 server sshd[33808]: Failed password for root from 106.12.196.118 port 50794 ssh2
Aug  5 05:56:57 server sshd[35317]: Failed password for root from 106.12.196.118 port 57394 ssh2
2020-08-05 12:07:05
177.19.176.234 attackspambots
Aug  5 05:41:39 prox sshd[13042]: Failed password for root from 177.19.176.234 port 33528 ssh2
2020-08-05 12:01:40
159.20.109.189 attack
Automatic report - Port Scan Attack
2020-08-05 12:23:07
112.85.42.174 attackbotsspam
2020-08-05T06:20:54.237002 sshd[90973]: Unable to negotiate with 112.85.42.174 port 38403: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]
2020-08-05T06:20:54.265170 sshd[90975]: Unable to negotiate with 112.85.42.174 port 16327: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]
2020-08-05T06:28:16.060502 sshd[101990]: Unable to negotiate with 112.85.42.174 port 43642: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]
2020-08-05T06:28:16.097499 sshd[101992]: Unable to negotiate with 112.85.42.174 port 1205: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]
2020-08-05 12:28:31
205.185.125.123 spambotsattackproxynormal
8080
2020-08-05 10:11:03
85.209.0.251 attackspam
Aug  5 05:56:30 haigwepa sshd[561]: Failed password for root from 85.209.0.251 port 52924 ssh2
...
2020-08-05 12:25:03
51.75.30.199 attackbotsspam
Aug  5 06:49:40 lukav-desktop sshd\[29942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.30.199  user=root
Aug  5 06:49:42 lukav-desktop sshd\[29942\]: Failed password for root from 51.75.30.199 port 56432 ssh2
Aug  5 06:53:06 lukav-desktop sshd\[30042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.30.199  user=root
Aug  5 06:53:08 lukav-desktop sshd\[30042\]: Failed password for root from 51.75.30.199 port 57258 ssh2
Aug  5 06:56:32 lukav-desktop sshd\[30150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.30.199  user=root
2020-08-05 12:22:35
46.148.201.206 attackspambots
Connection to SSH Honeypot - Detected by HoneypotDB
2020-08-05 12:11:38
129.226.117.160 attackspam
$f2bV_matches
2020-08-05 12:29:30
103.91.53.30 attack
Aug  5 06:12:47 hell sshd[22271]: Failed password for root from 103.91.53.30 port 55452 ssh2
...
2020-08-05 12:25:55
112.30.47.152 attack
(sshd) Failed SSH login from 112.30.47.152 (CN/China/-): 5 in the last 3600 secs
2020-08-05 12:27:42
197.45.205.140 attackspam
Unauthorised access (Aug  5) SRC=197.45.205.140 LEN=44 TTL=241 ID=5453 TCP DPT=445 WINDOW=1024 SYN
2020-08-05 12:07:40

最近上报的IP列表

191.53.250.211 85.25.199.69 83.12.107.106 80.182.162.98
178.239.148.9 66.81.25.142 217.105.78.200 43.251.1.250
134.88.70.208 91.236.255.131 177.184.226.98 70.63.1.107
218.87.46.173 242.86.21.114 205.164.248.148 201.18.26.182
36.53.55.18 58.181.61.46 27.134.92.226 83.209.110.4