94.102.51.16 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	ET DROP Dshield Block Listed Source group 1 - port: 1120 proto: tcp cat: Misc Attackbytes: 60	2020-07-13 07:04:59
attack	TCP (SYN) 94.102.51.16:50031 -> port 1137, len 44	2020-07-12 20:53:27
attack	Triggered: repeated knocking on closed ports.	2020-07-12 07:33:16
attackspam	[H1.VM8] Blocked by UFW	2020-07-11 04:42:45
attack	TCP (SYN) 94.102.51.16:49170 -> port 1040, len 44	2020-07-10 06:40:43
attackbots	Jul 9 12:01:00 debian-2gb-nbg1-2 kernel: \[16547454.326937\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.16 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=65425 PROTO=TCP SPT=49170 DPT=1032 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-09 18:09:01
attackbots	Port scan on 3 port(s): 44414 44458 44513	2020-07-07 21:10:27
attack	TCP (SYN) 94.102.51.16:41772 -> port 44438, len 44	2020-07-07 18:54:03
attackspam	TCP (SYN) 94.102.51.16:41772 -> port 44572, len 44	2020-07-06 23:57:50
attackspambots	Jul 5 16:15:44 debian-2gb-nbg1-2 kernel: \[16217157.887682\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.16 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=44224 PROTO=TCP SPT=41772 DPT=44417 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-05 22:38:15
attackspambots	TCP (SYN) 94.102.51.16:41772 -> port 44532, len 44	2020-07-05 15:05:36
attack	Port scan on 6 port(s): 44449 44452 44476 44548 44551 44589	2020-07-04 19:37:59
attackbotsspam	06/30/2020-09:04:55.625806 94.102.51.16 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-30 21:06:38
attackspambots	TCP (SYN) 94.102.51.16:40327 -> port 29039, len 44	2020-06-29 23:54:56
attackspambots	[MK-VM2] Blocked by UFW	2020-06-28 21:45:06
attack	firewall-block, port(s): 1839/tcp, 2739/tcp, 4739/tcp, 8439/tcp, 13339/tcp, 16839/tcp, 18139/tcp	2020-06-24 15:07:46
attackbotsspam	Port-scan: detected 787 distinct ports within a 24-hour window.	2020-06-10 19:51:00
attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 3937 proto: TCP cat: Misc Attack	2020-05-21 04:15:52
attack	May 17 01:20:39 debian-2gb-nbg1-2 kernel: \[11930081.442784\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.16 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=52748 PROTO=TCP SPT=45854 DPT=3975 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-17 08:44:45
attackbots	Fail2Ban Ban Triggered	2020-05-13 20:38:24
attackspam	May 13 02:08:56 debian-2gb-nbg1-2 kernel: \[11587397.147765\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.16 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=60436 PROTO=TCP SPT=44053 DPT=62044 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-13 08:31:17
attack	May 12 08:59:12 debian-2gb-nbg1-2 kernel: \[11525616.504676\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.16 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=45748 PROTO=TCP SPT=44053 DPT=62166 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-12 15:09:37
attackspambots	May 12 00:06:37 debian-2gb-nbg1-2 kernel: \[11493662.432027\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.16 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=62452 PROTO=TCP SPT=44053 DPT=62134 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-12 08:31:26
attackbotsspam	firewall-block, port(s): 62036/tcp, 62042/tcp, 62046/tcp, 62118/tcp	2020-05-11 07:57:50
attack	[MK-VM6] Blocked by UFW	2020-05-11 04:32:58
attackbotsspam	Port scan on 3 port(s): 62028 62177 62200	2020-05-10 15:01:43
attack	Fail2Ban Ban Triggered	2020-05-09 21:37:41
attack	scans 12 times in preceeding hours on the ports (in chronological order) 62130 62118 62124 62101 62057 62004 62021 62015 62061 62116 62096 62044 resulting in total of 52 scans from 94.102.48.0/20 block.	2020-05-08 19:38:54
attackbotsspam	trying to access non-authorized port	2020-05-07 23:12:46

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.51.28	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 14265 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:18:39
94.102.51.28	attackbots	[portscan] Port scan	2020-10-13 20:55:07
94.102.51.17	attackspambots	Fail2Ban Ban Triggered	2020-10-13 12:24:11
94.102.51.28	attack	Oct 13 05:48:00 [host] kernel: [2892792.420159] [U Oct 13 05:52:10 [host] kernel: [2893042.585542] [U Oct 13 05:59:27 [host] kernel: [2893479.003593] [U Oct 13 06:00:45 [host] kernel: [2893556.972194] [U Oct 13 06:02:58 [host] kernel: [2893690.599550] [U Oct 13 06:03:57 [host] kernel: [2893748.886505] [U	2020-10-13 12:23:49
94.102.51.17	attack	[MK-Root1] Blocked by UFW	2020-10-13 05:13:55
94.102.51.28	attackbotsspam	Oct 12 22:53:57 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=50790 PROTO=TCP SPT=46594 DPT=45355 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 22:58:36 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=4168 PROTO=TCP SPT=46594 DPT=47667 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:01:47 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40976 PROTO=TCP SPT=46594 DPT=13886 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:08:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=34845 PROTO=TCP SPT=46594 DPT=29762 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:09:15 *hidd ...	2020-10-13 05:13:37
94.102.51.17	attackbotsspam	firewall-block, port(s): 5275/tcp	2020-10-11 01:43:06
94.102.51.78	attackspambots	Oct 9 12:46:02 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 Oct 9 12:46:06 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 ...	2020-10-10 02:03:42
94.102.51.78	attackbots	[MK-VM3] SSH login failed	2020-10-09 17:48:16
94.102.51.28	attackspambots	TCP (SYN) 94.102.51.28:45039 -> port 42954, len 44	2020-10-09 05:42:43
94.102.51.28	attack	49164/tcp 52334/tcp 60882/tcp... [2020-08-07/10-08]47445pkt,38785pt.(tcp)	2020-10-08 21:57:39
94.102.51.28	attack	[H1.VM2] Blocked by UFW	2020-10-08 13:52:57
94.102.51.28	attackbots	TCP (SYN) 94.102.51.28:45039 -> port 19163, len 44	2020-10-08 02:53:29
94.102.51.28	attackbots	Oct 7 12:48:08 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46543 PROTO=TCP SPT=45039 DPT=31360 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 12:49:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=21421 PROTO=TCP SPT=45039 DPT=53281 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:01:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43131 PROTO=TCP SPT=45039 DPT=23703 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:03:35 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43904 PROTO=TCP SPT=45039 DPT=44237 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:05:31 hidden ...	2020-10-07 19:07:31
94.102.51.28	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-10-01 07:40:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.51.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65063
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.51.16.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050700 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 23:12:40 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

16.51.102.94.in-addr.arpa domain name pointer no-reverse-dns-configured.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
16.51.102.94.in-addr.arpa	name = no-reverse-dns-configured.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
202.62.72.98	attackbots	20/1/9@18:23:32: FAIL: Alarm-Network address from=202.62.72.98 ...	2020-01-10 07:45:48
164.52.24.162	attackbots	Unauthorized connection attempt detected from IP address 164.52.24.162 to port 443 [T]	2020-01-10 08:17:35
115.144.235.182	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-10 07:55:59
185.153.198.162	attack	Brute force attack to crack SMTP password (port 25 / 587)	2020-01-10 07:50:03
112.133.198.8	attackspambots	Honeypot attack, port: 445, PTR: ws8-198-133-112.rcil.gov.in.	2020-01-10 07:57:51
124.225.45.169	attack	Unauthorized connection attempt detected from IP address 124.225.45.169 to port 801 [T]	2020-01-10 08:20:16
93.170.199.254	attackspam	Lines containing failures of 93.170.199.254 Jan 6 11:22:36 mx-in-02 sshd[24295]: Invalid user efv from 93.170.199.254 port 49430 Jan 6 11:22:36 mx-in-02 sshd[24295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.170.199.254 Jan 6 11:22:37 mx-in-02 sshd[24295]: Failed password for invalid user efv from 93.170.199.254 port 49430 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.170.199.254	2020-01-10 08:01:03
125.64.94.220	attack	Multiport scan : 8 ports scanned 53 771 1935 2604 3522 3531 18264 50090	2020-01-10 08:18:23
198.108.67.51	attackspam	firewall-block, port(s): 12312/tcp	2020-01-10 07:43:57
178.128.52.163	attackspam	Jan 8 21:59:15 nexus sshd[12689]: Invalid user wlink from 178.128.52.163 port 48905 Jan 8 21:59:15 nexus sshd[12689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.52.163 Jan 8 21:59:18 nexus sshd[12689]: Failed password for invalid user wlink from 178.128.52.163 port 48905 ssh2 Jan 8 21:59:18 nexus sshd[12689]: Connection closed by 178.128.52.163 port 48905 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.128.52.163	2020-01-10 07:59:44
211.94.157.178	attackbotsspam	Unauthorized connection attempt detected from IP address 211.94.157.178 to port 3389 [T]	2020-01-10 08:13:39
119.236.243.78	attackspambots	Honeypot attack, port: 5555, PTR: n119236243078.netvigator.com.	2020-01-10 07:46:13
188.215.189.169	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-10 08:02:17
196.37.221.131	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-10 07:44:59
221.165.245.17	attackbots	Honeypot attack, port: 81, PTR: PTR record not found	2020-01-10 07:57:25

最近上报的IP列表

76.189.84.230	43.236.180.149	51.159.66.149	122.51.154.105
59.74.142.209	195.189.248.220	94.29.205.238	54.202.5.33
168.138.14.139	157.47.122.235	195.231.11.201	162.243.136.98
68.183.80.139	187.49.39.4	179.124.192.155	116.111.85.7
87.251.74.169	144.70.213.43	197.165.161.89	125.118.77.152