94.102.51.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	scans 8 times in preceeding hours on the ports (in chronological order) 33892 8889 4489 3000 50001 3399 3397 10000 resulting in total of 25 scans from 94.102.48.0/20 block.	2020-09-30 04:26:03
attackspam	TCP (SYN) 94.102.51.29:53548 -> port 50002, len 44	2020-09-29 20:33:50
attack	firewall-block, port(s): 5589/tcp, 8889/tcp, 10000/tcp, 33892/tcp, 33894/tcp, 60000/tcp	2020-09-29 12:42:11
attack	Unauthorized connection attempt from IP address 94.102.51.29 on Port 110(POP3)	2020-09-18 21:10:59
attackbotsspam	Unauthorized connection attempt from IP address 94.102.51.29 on Port 139(NETBIOS)	2020-09-18 13:29:36
attack	[H1.VM2] Blocked by UFW	2020-09-18 03:44:32
attack	firewall-block, port(s): 14/tcp, 15/tcp, 19/tcp, 32/tcp, 63/tcp, 92/tcp, 101/tcp, 111/tcp, 157/tcp, 173/tcp, 214/tcp, 244/tcp, 265/tcp, 271/tcp, 305/tcp, 325/tcp, 354/tcp, 355/tcp, 395/tcp, 413/tcp, 441/tcp, 446/tcp, 590/tcp, 615/tcp, 641/tcp, 750/tcp, 774/tcp, 806/tcp, 831/tcp, 859/tcp, 866/tcp, 894/tcp, 901/tcp, 902/tcp, 927/tcp, 943/tcp, 945/tcp, 992/tcp, 995/tcp	2020-09-17 21:20:51
attackbotsspam	Sep 17 06:49:46 [host] kernel: [650237.167348] [UF Sep 17 06:52:24 [host] kernel: [650395.510659] [UF Sep 17 06:54:54 [host] kernel: [650545.632879] [UF Sep 17 07:02:52 [host] kernel: [651023.513741] [UF Sep 17 07:03:15 [host] kernel: [651046.924002] [UF Sep 17 07:09:59 [host] kernel: [651450.920256] [UF	2020-09-17 13:31:26
attackbots	firewall-block, port(s): 47/tcp, 67/tcp, 72/tcp, 188/tcp, 198/tcp, 204/tcp, 205/tcp, 210/tcp, 224/tcp, 229/tcp, 284/tcp, 301/tcp, 309/tcp, 387/tcp, 438/tcp, 468/tcp, 473/tcp, 475/tcp, 478/tcp, 483/tcp, 487/tcp, 507/tcp, 509/tcp, 514/tcp, 519/tcp, 559/tcp, 568/tcp, 588/tcp, 718/tcp, 735/tcp, 741/tcp, 745/tcp, 771/tcp, 788/tcp, 792/tcp, 821/tcp, 822/tcp, 849/tcp, 898/tcp, 934/tcp, 947/tcp, 966/tcp, 971/tcp	2020-09-17 04:37:45
attackbotsspam	TCP (SYN) 94.102.51.29:57788 -> port 3396, len 44	2020-09-14 02:44:11
attack	TCP (SYN) 94.102.51.29:57788 -> port 33389, len 44	2020-09-13 18:43:03
attackbotsspam	TCP (SYN) 94.102.51.29:51751 -> port 3396, len 44	2020-09-11 01:48:50
attackspam	TCP (SYN) 94.102.51.29:51751 -> port 3390, len 44	2020-09-10 17:08:59
attackspam	Multiport scan : 5 ports scanned 3395 4489 8000 8889 9000	2020-09-10 07:43:12
attack	TCP (SYN) 94.102.51.29:55731 -> port 3392, len 44	2020-09-09 01:12:25
attackbots	TCP (SYN) 94.102.51.29:55731 -> port 33893, len 44	2020-09-08 16:39:03
attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 82 - port: 5188 proto: tcp cat: Misc Attackbytes: 60	2020-09-07 01:29:37
attack	[H1.VM4] Blocked by UFW	2020-09-06 16:50:53
attack	Multiport scan : 9 ports scanned 3388 3390 3396 3399 4001 7789 9000 9001 10000	2020-09-06 08:50:27
attack	TCP (SYN) 94.102.51.29:46226 -> port 5589, len 44	2020-09-05 21:57:47
attackspambots	firewall-block, port(s): 3404/tcp, 4002/tcp, 8000/tcp, 10002/tcp	2020-09-05 13:34:13
attackspam	SmallBizIT.US 9 packets to tcp(3399,3404,5000,5001,5188,5589,6689,20001,50002)	2020-09-05 06:20:18
attackbots	Port scan detected on ports: 491[TCP], 402[TCP], 502[TCP]	2020-08-31 01:30:20
attack	TCP (SYN) 94.102.51.29:58115 -> port 8000, len 44	2020-08-27 00:35:15
attack	SmallBizIT.US 8 packets to tcp(3405,3410,4001,5188,33891,33894,33896,50001)	2020-08-26 06:29:30
attack	TCP (SYN) 94.102.51.29:45083 -> port 3286, len 44	2020-08-16 17:28:24
attack	ET DROP Dshield Block Listed Source group 1 - port: 58077 proto: tcp cat: Misc Attackbytes: 60	2020-08-12 16:33:55
attackspambots	Port Scan ...	2020-08-11 08:03:40
attackbotsspam	Aug 9 13:53:30 venus kernel: [161514.858958] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:66:8f:ed:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.29 DST=78.47.70.226 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=25435 PROTO=TCP SPT=40011 DPT=19099 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-09 19:31:15
attackspam	08/07/2020-18:56:59.805303 94.102.51.29 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-08 07:27:38

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.51.28	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 14265 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:18:39
94.102.51.28	attackbots	[portscan] Port scan	2020-10-13 20:55:07
94.102.51.17	attackspambots	Fail2Ban Ban Triggered	2020-10-13 12:24:11
94.102.51.28	attack	Oct 13 05:48:00 [host] kernel: [2892792.420159] [U Oct 13 05:52:10 [host] kernel: [2893042.585542] [U Oct 13 05:59:27 [host] kernel: [2893479.003593] [U Oct 13 06:00:45 [host] kernel: [2893556.972194] [U Oct 13 06:02:58 [host] kernel: [2893690.599550] [U Oct 13 06:03:57 [host] kernel: [2893748.886505] [U	2020-10-13 12:23:49
94.102.51.17	attack	[MK-Root1] Blocked by UFW	2020-10-13 05:13:55
94.102.51.28	attackbotsspam	Oct 12 22:53:57 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=50790 PROTO=TCP SPT=46594 DPT=45355 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 22:58:36 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=4168 PROTO=TCP SPT=46594 DPT=47667 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:01:47 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40976 PROTO=TCP SPT=46594 DPT=13886 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:08:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=34845 PROTO=TCP SPT=46594 DPT=29762 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:09:15 *hidd ...	2020-10-13 05:13:37
94.102.51.17	attackbotsspam	firewall-block, port(s): 5275/tcp	2020-10-11 01:43:06
94.102.51.78	attackspambots	Oct 9 12:46:02 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 Oct 9 12:46:06 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 ...	2020-10-10 02:03:42
94.102.51.78	attackbots	[MK-VM3] SSH login failed	2020-10-09 17:48:16
94.102.51.28	attackspambots	TCP (SYN) 94.102.51.28:45039 -> port 42954, len 44	2020-10-09 05:42:43
94.102.51.28	attack	49164/tcp 52334/tcp 60882/tcp... [2020-08-07/10-08]47445pkt,38785pt.(tcp)	2020-10-08 21:57:39
94.102.51.28	attack	[H1.VM2] Blocked by UFW	2020-10-08 13:52:57
94.102.51.28	attackbots	TCP (SYN) 94.102.51.28:45039 -> port 19163, len 44	2020-10-08 02:53:29
94.102.51.28	attackbots	Oct 7 12:48:08 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46543 PROTO=TCP SPT=45039 DPT=31360 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 12:49:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=21421 PROTO=TCP SPT=45039 DPT=53281 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:01:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43131 PROTO=TCP SPT=45039 DPT=23703 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:03:35 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43904 PROTO=TCP SPT=45039 DPT=44237 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:05:31 hidden ...	2020-10-07 19:07:31
94.102.51.28	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-10-01 07:40:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.51.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38974
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.51.29.			IN	A

;; AUTHORITY SECTION:
.			255	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050900 1800 900 604800 86400

;; Query time: 135 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 09 21:30:00 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

29.51.102.94.in-addr.arpa domain name pointer customer.fibre7.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.51.102.94.in-addr.arpa	name = customer.fibre7.net.

Authoritative answers can be found from:

IP	类型	评论内容	时间
118.232.129.133	attackspambots	unauthorized connection attempt	2020-02-19 13:30:14
101.99.3.106	attackspam	unauthorized connection attempt	2020-02-19 13:13:50
172.104.92.209	attackbotsspam	unauthorized connection attempt	2020-02-19 13:28:11
223.17.93.6	attackspambots	Honeypot attack, port: 5555, PTR: 6-93-17-223-on-nets.com.	2020-02-19 13:07:33
221.124.36.57	attackbotsspam	unauthorized connection attempt	2020-02-19 13:25:44
51.254.49.107	attackbotsspam	unauthorized connection attempt	2020-02-19 13:35:46
1.173.83.190	attackbots	unauthorized connection attempt	2020-02-19 13:38:12
176.117.192.41	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-19 13:27:41
104.238.46.211	attackspam	unauthorized connection attempt	2020-02-19 13:32:50
78.45.143.85	attackspam	unauthorized connection attempt	2020-02-19 13:23:29
186.52.63.71	attack	unauthorized connection attempt	2020-02-19 13:08:47
95.173.225.142	attack	unauthorized connection attempt	2020-02-19 13:20:22
92.43.3.215	attackspambots	unauthorized connection attempt	2020-02-19 13:21:58
115.49.245.76	attackspam	unauthorized connection attempt	2020-02-19 13:02:44
218.63.72.113	attack	unauthorized connection attempt	2020-02-19 13:16:27

最近上报的IP列表

215.190.136.84	54.87.204.51	158.146.163.16	173.245.209.248
230.233.60.19	70.80.102.146	244.14.113.34	86.53.49.202
172.142.231.10	218.59.43.150	51.170.235.253	131.177.163.157
135.33.187.210	119.13.72.129	180.183.47.114	36.90.93.6
180.183.29.214	27.109.255.161	180.183.131.135	3.224.83.244