94.102.51.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	scans 8 times in preceeding hours on the ports (in chronological order) 33892 8889 4489 3000 50001 3399 3397 10000 resulting in total of 25 scans from 94.102.48.0/20 block.	2020-09-30 04:26:03
attackspam	TCP (SYN) 94.102.51.29:53548 -> port 50002, len 44	2020-09-29 20:33:50
attack	firewall-block, port(s): 5589/tcp, 8889/tcp, 10000/tcp, 33892/tcp, 33894/tcp, 60000/tcp	2020-09-29 12:42:11
attack	Unauthorized connection attempt from IP address 94.102.51.29 on Port 110(POP3)	2020-09-18 21:10:59
attackbotsspam	Unauthorized connection attempt from IP address 94.102.51.29 on Port 139(NETBIOS)	2020-09-18 13:29:36
attack	[H1.VM2] Blocked by UFW	2020-09-18 03:44:32
attack	firewall-block, port(s): 14/tcp, 15/tcp, 19/tcp, 32/tcp, 63/tcp, 92/tcp, 101/tcp, 111/tcp, 157/tcp, 173/tcp, 214/tcp, 244/tcp, 265/tcp, 271/tcp, 305/tcp, 325/tcp, 354/tcp, 355/tcp, 395/tcp, 413/tcp, 441/tcp, 446/tcp, 590/tcp, 615/tcp, 641/tcp, 750/tcp, 774/tcp, 806/tcp, 831/tcp, 859/tcp, 866/tcp, 894/tcp, 901/tcp, 902/tcp, 927/tcp, 943/tcp, 945/tcp, 992/tcp, 995/tcp	2020-09-17 21:20:51
attackbotsspam	Sep 17 06:49:46 [host] kernel: [650237.167348] [UF Sep 17 06:52:24 [host] kernel: [650395.510659] [UF Sep 17 06:54:54 [host] kernel: [650545.632879] [UF Sep 17 07:02:52 [host] kernel: [651023.513741] [UF Sep 17 07:03:15 [host] kernel: [651046.924002] [UF Sep 17 07:09:59 [host] kernel: [651450.920256] [UF	2020-09-17 13:31:26
attackbots	firewall-block, port(s): 47/tcp, 67/tcp, 72/tcp, 188/tcp, 198/tcp, 204/tcp, 205/tcp, 210/tcp, 224/tcp, 229/tcp, 284/tcp, 301/tcp, 309/tcp, 387/tcp, 438/tcp, 468/tcp, 473/tcp, 475/tcp, 478/tcp, 483/tcp, 487/tcp, 507/tcp, 509/tcp, 514/tcp, 519/tcp, 559/tcp, 568/tcp, 588/tcp, 718/tcp, 735/tcp, 741/tcp, 745/tcp, 771/tcp, 788/tcp, 792/tcp, 821/tcp, 822/tcp, 849/tcp, 898/tcp, 934/tcp, 947/tcp, 966/tcp, 971/tcp	2020-09-17 04:37:45
attackbotsspam	TCP (SYN) 94.102.51.29:57788 -> port 3396, len 44	2020-09-14 02:44:11
attack	TCP (SYN) 94.102.51.29:57788 -> port 33389, len 44	2020-09-13 18:43:03
attackbotsspam	TCP (SYN) 94.102.51.29:51751 -> port 3396, len 44	2020-09-11 01:48:50
attackspam	TCP (SYN) 94.102.51.29:51751 -> port 3390, len 44	2020-09-10 17:08:59
attackspam	Multiport scan : 5 ports scanned 3395 4489 8000 8889 9000	2020-09-10 07:43:12
attack	TCP (SYN) 94.102.51.29:55731 -> port 3392, len 44	2020-09-09 01:12:25
attackbots	TCP (SYN) 94.102.51.29:55731 -> port 33893, len 44	2020-09-08 16:39:03
attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 82 - port: 5188 proto: tcp cat: Misc Attackbytes: 60	2020-09-07 01:29:37
attack	[H1.VM4] Blocked by UFW	2020-09-06 16:50:53
attack	Multiport scan : 9 ports scanned 3388 3390 3396 3399 4001 7789 9000 9001 10000	2020-09-06 08:50:27
attack	TCP (SYN) 94.102.51.29:46226 -> port 5589, len 44	2020-09-05 21:57:47
attackspambots	firewall-block, port(s): 3404/tcp, 4002/tcp, 8000/tcp, 10002/tcp	2020-09-05 13:34:13
attackspam	SmallBizIT.US 9 packets to tcp(3399,3404,5000,5001,5188,5589,6689,20001,50002)	2020-09-05 06:20:18
attackbots	Port scan detected on ports: 491[TCP], 402[TCP], 502[TCP]	2020-08-31 01:30:20
attack	TCP (SYN) 94.102.51.29:58115 -> port 8000, len 44	2020-08-27 00:35:15
attack	SmallBizIT.US 8 packets to tcp(3405,3410,4001,5188,33891,33894,33896,50001)	2020-08-26 06:29:30
attack	TCP (SYN) 94.102.51.29:45083 -> port 3286, len 44	2020-08-16 17:28:24
attack	ET DROP Dshield Block Listed Source group 1 - port: 58077 proto: tcp cat: Misc Attackbytes: 60	2020-08-12 16:33:55
attackspambots	Port Scan ...	2020-08-11 08:03:40
attackbotsspam	Aug 9 13:53:30 venus kernel: [161514.858958] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:66:8f:ed:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.29 DST=78.47.70.226 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=25435 PROTO=TCP SPT=40011 DPT=19099 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-09 19:31:15
attackspam	08/07/2020-18:56:59.805303 94.102.51.29 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-08 07:27:38

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.51.28	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 14265 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:18:39
94.102.51.28	attackbots	[portscan] Port scan	2020-10-13 20:55:07
94.102.51.17	attackspambots	Fail2Ban Ban Triggered	2020-10-13 12:24:11
94.102.51.28	attack	Oct 13 05:48:00 [host] kernel: [2892792.420159] [U Oct 13 05:52:10 [host] kernel: [2893042.585542] [U Oct 13 05:59:27 [host] kernel: [2893479.003593] [U Oct 13 06:00:45 [host] kernel: [2893556.972194] [U Oct 13 06:02:58 [host] kernel: [2893690.599550] [U Oct 13 06:03:57 [host] kernel: [2893748.886505] [U	2020-10-13 12:23:49
94.102.51.17	attack	[MK-Root1] Blocked by UFW	2020-10-13 05:13:55
94.102.51.28	attackbotsspam	Oct 12 22:53:57 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=50790 PROTO=TCP SPT=46594 DPT=45355 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 22:58:36 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=4168 PROTO=TCP SPT=46594 DPT=47667 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:01:47 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40976 PROTO=TCP SPT=46594 DPT=13886 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:08:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=34845 PROTO=TCP SPT=46594 DPT=29762 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:09:15 *hidd ...	2020-10-13 05:13:37
94.102.51.17	attackbotsspam	firewall-block, port(s): 5275/tcp	2020-10-11 01:43:06
94.102.51.78	attackspambots	Oct 9 12:46:02 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 Oct 9 12:46:06 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 ...	2020-10-10 02:03:42
94.102.51.78	attackbots	[MK-VM3] SSH login failed	2020-10-09 17:48:16
94.102.51.28	attackspambots	TCP (SYN) 94.102.51.28:45039 -> port 42954, len 44	2020-10-09 05:42:43
94.102.51.28	attack	49164/tcp 52334/tcp 60882/tcp... [2020-08-07/10-08]47445pkt,38785pt.(tcp)	2020-10-08 21:57:39
94.102.51.28	attack	[H1.VM2] Blocked by UFW	2020-10-08 13:52:57
94.102.51.28	attackbots	TCP (SYN) 94.102.51.28:45039 -> port 19163, len 44	2020-10-08 02:53:29
94.102.51.28	attackbots	Oct 7 12:48:08 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46543 PROTO=TCP SPT=45039 DPT=31360 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 12:49:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=21421 PROTO=TCP SPT=45039 DPT=53281 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:01:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43131 PROTO=TCP SPT=45039 DPT=23703 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:03:35 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43904 PROTO=TCP SPT=45039 DPT=44237 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:05:31 hidden ...	2020-10-07 19:07:31
94.102.51.28	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-10-01 07:40:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.51.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38974
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.51.29.			IN	A

;; AUTHORITY SECTION:
.			255	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050900 1800 900 604800 86400

;; Query time: 135 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 09 21:30:00 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

29.51.102.94.in-addr.arpa domain name pointer customer.fibre7.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.51.102.94.in-addr.arpa	name = customer.fibre7.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
75.142.248.224	attackspam	SSH brute force	2020-07-30 06:29:22
119.251.220.134	attackbots	Unauthorised access (Jul 29) SRC=119.251.220.134 LEN=40 TTL=46 ID=34470 TCP DPT=23 WINDOW=53115 SYN Unauthorised access (Jul 29) SRC=119.251.220.134 LEN=40 TTL=45 ID=23161 TCP DPT=8080 WINDOW=4268 SYN Unauthorised access (Jul 28) SRC=119.251.220.134 LEN=40 TTL=46 ID=30493 TCP DPT=8080 WINDOW=2467 SYN Unauthorised access (Jul 28) SRC=119.251.220.134 LEN=40 TTL=46 ID=20089 TCP DPT=8080 WINDOW=2467 SYN Unauthorised access (Jul 27) SRC=119.251.220.134 LEN=40 TTL=46 ID=16353 TCP DPT=23 WINDOW=6308 SYN	2020-07-30 06:28:00
152.200.131.38	attack	1596054435 - 07/29/2020 22:27:15 Host: 152.200.131.38/152.200.131.38 Port: 445 TCP Blocked	2020-07-30 06:04:55
54.39.151.64	attackspam	Jul 29 22:23:36 OPSO sshd\[16883\]: Invalid user taeyoung from 54.39.151.64 port 56087 Jul 29 22:23:36 OPSO sshd\[16883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.151.64 Jul 29 22:23:38 OPSO sshd\[16883\]: Failed password for invalid user taeyoung from 54.39.151.64 port 56087 ssh2 Jul 29 22:27:08 OPSO sshd\[18247\]: Invalid user xyp from 54.39.151.64 port 60250 Jul 29 22:27:08 OPSO sshd\[18247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.151.64	2020-07-30 06:08:27
80.82.77.212	attackspambots	SmallBizIT.US 3 packets to udp(17185,32769,49152)	2020-07-30 06:05:13
180.124.125.241	attackspam	Port Scan ...	2020-07-30 06:08:55
89.248.168.2	attackspam	(pop3d) Failed POP3 login from 89.248.168.2 (NL/Netherlands/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jul 30 01:30:40 ir1 dovecot[3110802]: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=89.248.168.2, lip=5.63.12.44, session=	2020-07-30 06:15:39
178.62.59.59	attack	WordPress wp-login brute force :: 178.62.59.59 0.060 BYPASS [29/Jul/2020:22:01:49 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2003 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-30 06:31:50
94.102.49.191	attackspambots	SmallBizIT.US 7 packets to tcp(3039,3126,3204,3501,3704,3816,3884)	2020-07-30 06:19:46
94.191.23.15	attackbots	Jul 29 15:30:10 dignus sshd[21958]: Failed password for invalid user zhangzihao from 94.191.23.15 port 56238 ssh2 Jul 29 15:33:40 dignus sshd[22339]: Invalid user zwxtusr from 94.191.23.15 port 52382 Jul 29 15:33:40 dignus sshd[22339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.23.15 Jul 29 15:33:42 dignus sshd[22339]: Failed password for invalid user zwxtusr from 94.191.23.15 port 52382 ssh2 Jul 29 15:37:06 dignus sshd[22740]: Invalid user wow from 94.191.23.15 port 48522 ...	2020-07-30 06:40:27
167.99.99.10	attackbots	Jul 29 21:59:47 game-panel sshd[31553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.99.10 Jul 29 21:59:49 game-panel sshd[31553]: Failed password for invalid user frxu from 167.99.99.10 port 36610 ssh2 Jul 29 22:03:55 game-panel sshd[31758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.99.10	2020-07-30 06:07:00
195.54.160.21	attackbotsspam	SmallBizIT.US 3 packets to tcp(6379,6800,8088)	2020-07-30 06:11:26
154.17.5.77	attackspam	Jul 29 22:26:53 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=154.17.5.77 DST=79.143.186.54 LEN=59 TOS=0x00 PREC=0x00 TTL=54 ID=30143 DF PROTO=UDP SPT=49859 DPT=53 LEN=39 Jul 29 22:26:53 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=154.17.5.77 DST=79.143.186.54 LEN=72 TOS=0x00 PREC=0x00 TTL=54 ID=30145 DF PROTO=UDP SPT=50386 DPT=53 LEN=52 Jul 29 22:26:53 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=154.17.5.77 DST=79.143.186.54 LEN=61 TOS=0x00 PREC=0x00 TTL=54 ID=30144 DF PROTO=UDP SPT=50425 DPT=53 LEN=41	2020-07-30 06:25:18
185.191.204.75	attack	Honeypot hit.	2020-07-30 06:39:49
185.132.53.42	attackbots	Jul 29 23:04:37 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=185.132.53.42 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=60 ID=54870 PROTO=TCP SPT=44528 DPT=23 WINDOW=45335 RES=0x00 SYN URGP=0 Jul 29 23:08:35 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=185.132.53.42 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=60 ID=54870 PROTO=TCP SPT=44528 DPT=23 WINDOW=45335 RES=0x00 SYN URGP=0 Jul 29 23:08:47 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=185.132.53.42 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=60 ID=54870 PROTO=TCP SPT=44528 DPT=23 WINDOW=45335 RES=0x00 SYN URGP=0 Jul 29 23:09:28 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=185.132.53.42 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=60 ID=54870 PROTO=TCP SPT=44528 DPT=23 WINDOW=45335 RES=0x00 SYN URGP=0 Jul 29 23:19:06 hidden ker ...	2020-07-30 06:38:44

最近上报的IP列表

215.190.136.84	54.87.204.51	158.146.163.16	173.245.209.248
230.233.60.19	70.80.102.146	244.14.113.34	86.53.49.202
172.142.231.10	218.59.43.150	51.170.235.253	131.177.163.157
135.33.187.210	119.13.72.129	180.183.47.114	36.90.93.6
180.183.29.214	27.109.255.161	180.183.131.135	3.224.83.244