94.102.51.108 - IPInfo

基本信息:

城市(city): Amsterdam

省份(region): North Holland

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): IP Volume inc

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 3389 proto: TCP cat: Misc Attack	2019-10-28 07:27:03
attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 3389 proto: TCP cat: Misc Attack	2019-10-27 07:15:29
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 94 - port: 3389 proto: TCP cat: Misc Attack	2019-10-26 07:27:40
attack	Port Scan detected from 94.102.51.108 (NL/Netherlands/-). 4 hits in the last 211 seconds	2019-10-13 21:33:29
attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-10 10:01:21
attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-07 16:58:14

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.51.28	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 14265 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:18:39
94.102.51.28	attackbots	[portscan] Port scan	2020-10-13 20:55:07
94.102.51.17	attackspambots	Fail2Ban Ban Triggered	2020-10-13 12:24:11
94.102.51.28	attack	Oct 13 05:48:00 [host] kernel: [2892792.420159] [U Oct 13 05:52:10 [host] kernel: [2893042.585542] [U Oct 13 05:59:27 [host] kernel: [2893479.003593] [U Oct 13 06:00:45 [host] kernel: [2893556.972194] [U Oct 13 06:02:58 [host] kernel: [2893690.599550] [U Oct 13 06:03:57 [host] kernel: [2893748.886505] [U	2020-10-13 12:23:49
94.102.51.17	attack	[MK-Root1] Blocked by UFW	2020-10-13 05:13:55
94.102.51.28	attackbotsspam	Oct 12 22:53:57 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=50790 PROTO=TCP SPT=46594 DPT=45355 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 22:58:36 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=4168 PROTO=TCP SPT=46594 DPT=47667 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:01:47 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40976 PROTO=TCP SPT=46594 DPT=13886 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:08:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=34845 PROTO=TCP SPT=46594 DPT=29762 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:09:15 *hidd ...	2020-10-13 05:13:37
94.102.51.17	attackbotsspam	firewall-block, port(s): 5275/tcp	2020-10-11 01:43:06
94.102.51.78	attackspambots	Oct 9 12:46:02 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 Oct 9 12:46:06 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 ...	2020-10-10 02:03:42
94.102.51.78	attackbots	[MK-VM3] SSH login failed	2020-10-09 17:48:16
94.102.51.28	attackspambots	TCP (SYN) 94.102.51.28:45039 -> port 42954, len 44	2020-10-09 05:42:43
94.102.51.28	attack	49164/tcp 52334/tcp 60882/tcp... [2020-08-07/10-08]47445pkt,38785pt.(tcp)	2020-10-08 21:57:39
94.102.51.28	attack	[H1.VM2] Blocked by UFW	2020-10-08 13:52:57
94.102.51.28	attackbots	TCP (SYN) 94.102.51.28:45039 -> port 19163, len 44	2020-10-08 02:53:29
94.102.51.28	attackbots	Oct 7 12:48:08 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46543 PROTO=TCP SPT=45039 DPT=31360 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 12:49:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=21421 PROTO=TCP SPT=45039 DPT=53281 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:01:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43131 PROTO=TCP SPT=45039 DPT=23703 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:03:35 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43904 PROTO=TCP SPT=45039 DPT=44237 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:05:31 hidden ...	2020-10-07 19:07:31
94.102.51.28	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-10-01 07:40:34

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.51.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17403
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.51.108.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 18:30:36 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 108.51.102.94.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 108.51.102.94.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
221.226.63.54	attackbots	Oct 22 02:15:32 mail sshd\[43416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.63.54 user=root ...	2019-10-22 15:44:13
111.74.1.195	attack	2019-10-22T09:14:36.464815scmdmz1 sshd\[5450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.74.1.195 user=root 2019-10-22T09:14:38.609278scmdmz1 sshd\[5450\]: Failed password for root from 111.74.1.195 port 62284 ssh2 2019-10-22T09:14:41.727651scmdmz1 sshd\[5454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.74.1.195 user=root ...	2019-10-22 16:08:21
121.204.164.111	attack	3x Failed Password	2019-10-22 15:46:55
35.174.110.140	attackbotsspam	Oct 22 08:34:41 rotator sshd\[28897\]: Invalid user letmein from 35.174.110.140Oct 22 08:34:44 rotator sshd\[28897\]: Failed password for invalid user letmein from 35.174.110.140 port 51714 ssh2Oct 22 08:38:26 rotator sshd\[29717\]: Invalid user uy from 35.174.110.140Oct 22 08:38:28 rotator sshd\[29717\]: Failed password for invalid user uy from 35.174.110.140 port 34928 ssh2Oct 22 08:42:13 rotator sshd\[30549\]: Invalid user donkey from 35.174.110.140Oct 22 08:42:15 rotator sshd\[30549\]: Failed password for invalid user donkey from 35.174.110.140 port 46376 ssh2 ...	2019-10-22 16:18:04
218.150.220.202	attack	2019-10-22T04:29:05.707664abusebot-5.cloudsearch.cf sshd\[14397\]: Invalid user bjorn from 218.150.220.202 port 34570	2019-10-22 16:12:33
139.227.161.138	attackspambots	Automatic report - Port Scan Attack	2019-10-22 16:09:09
205.205.150.12	attackbots	UTC: 2019-10-21 pkts: 3(2, 1) ports(tcp): 102, 502 port (udp): 161	2019-10-22 16:00:56
197.44.28.107	attackbotsspam	Automatic report - Port Scan Attack	2019-10-22 16:15:08
36.26.85.60	attackspam	Oct 22 05:52:56 MK-Soft-VM6 sshd[23153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.26.85.60 Oct 22 05:52:58 MK-Soft-VM6 sshd[23153]: Failed password for invalid user admin from 36.26.85.60 port 56710 ssh2 ...	2019-10-22 16:16:19
218.2.105.133	attackbotsspam	Oct 22 07:01:56 *** sshd[16834]: Invalid user jboss from 218.2.105.133	2019-10-22 15:41:19
46.245.179.222	attack	Oct 21 21:19:23 hanapaa sshd\[2681\]: Invalid user igor from 46.245.179.222 Oct 21 21:19:23 hanapaa sshd\[2681\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46-245-179-222.static.mivitec.net Oct 21 21:19:25 hanapaa sshd\[2681\]: Failed password for invalid user igor from 46.245.179.222 port 47758 ssh2 Oct 21 21:22:53 hanapaa sshd\[2947\]: Invalid user deluge from 46.245.179.222 Oct 21 21:22:53 hanapaa sshd\[2947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46-245-179-222.static.mivitec.net	2019-10-22 15:52:50
134.209.36.79	attack	Oct 21 16:06:25 nbi-634 sshd[18346]: User r.r from 134.209.36.79 not allowed because not listed in AllowUsers Oct 21 16:06:25 nbi-634 sshd[18346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.36.79 user=r.r Oct 21 16:06:28 nbi-634 sshd[18346]: Failed password for invalid user r.r from 134.209.36.79 port 44208 ssh2 Oct 21 16:06:28 nbi-634 sshd[18346]: Received disconnect from 134.209.36.79 port 44208:11: Bye Bye [preauth] Oct 21 16:06:28 nbi-634 sshd[18346]: Disconnected from 134.209.36.79 port 44208 [preauth] Oct 21 16:25:45 nbi-634 sshd[19182]: User r.r from 134.209.36.79 not allowed because not listed in AllowUsers Oct 21 16:25:45 nbi-634 sshd[19182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.36.79 user=r.r Oct 21 16:25:47 nbi-634 sshd[19182]: Failed password for invalid user r.r from 134.209.36.79 port 48990 ssh2 Oct 21 16:25:47 nbi-634 sshd[19182]: Received dis........ -------------------------------	2019-10-22 15:57:02
193.32.163.9	attack	CloudCIX Reconnaissance Scan Detected, PTR: hosting-by.cloud-home.me.	2019-10-22 15:50:34
116.211.118.249	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-10-22 16:09:56
80.211.249.177	attack	Oct 22 06:46:03 intra sshd\[24331\]: Invalid user abc123 from 80.211.249.177Oct 22 06:46:04 intra sshd\[24331\]: Failed password for invalid user abc123 from 80.211.249.177 port 46696 ssh2Oct 22 06:50:02 intra sshd\[24361\]: Invalid user rahynng from 80.211.249.177Oct 22 06:50:05 intra sshd\[24361\]: Failed password for invalid user rahynng from 80.211.249.177 port 56226 ssh2Oct 22 06:53:48 intra sshd\[24416\]: Invalid user volker from 80.211.249.177Oct 22 06:53:50 intra sshd\[24416\]: Failed password for invalid user volker from 80.211.249.177 port 37518 ssh2 ...	2019-10-22 15:40:26

最近上报的IP列表

125.209.89.82	167.250.72.255	122.179.128.211	213.92.237.36
166.70.89.3	105.184.168.227	24.201.228.125	45.224.98.29
101.50.102.68	213.75.38.85	175.99.82.161	175.188.25.247
212.191.108.91	138.197.215.198	38.201.74.99	220.164.2.112
18.184.106.107	195.19.194.50	219.13.19.231	218.202.0.144