94.102.51.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	scans 8 times in preceeding hours on the ports (in chronological order) 33892 8889 4489 3000 50001 3399 3397 10000 resulting in total of 25 scans from 94.102.48.0/20 block.	2020-09-30 04:26:03
attackspam	TCP (SYN) 94.102.51.29:53548 -> port 50002, len 44	2020-09-29 20:33:50
attack	firewall-block, port(s): 5589/tcp, 8889/tcp, 10000/tcp, 33892/tcp, 33894/tcp, 60000/tcp	2020-09-29 12:42:11
attack	Unauthorized connection attempt from IP address 94.102.51.29 on Port 110(POP3)	2020-09-18 21:10:59
attackbotsspam	Unauthorized connection attempt from IP address 94.102.51.29 on Port 139(NETBIOS)	2020-09-18 13:29:36
attack	[H1.VM2] Blocked by UFW	2020-09-18 03:44:32
attack	firewall-block, port(s): 14/tcp, 15/tcp, 19/tcp, 32/tcp, 63/tcp, 92/tcp, 101/tcp, 111/tcp, 157/tcp, 173/tcp, 214/tcp, 244/tcp, 265/tcp, 271/tcp, 305/tcp, 325/tcp, 354/tcp, 355/tcp, 395/tcp, 413/tcp, 441/tcp, 446/tcp, 590/tcp, 615/tcp, 641/tcp, 750/tcp, 774/tcp, 806/tcp, 831/tcp, 859/tcp, 866/tcp, 894/tcp, 901/tcp, 902/tcp, 927/tcp, 943/tcp, 945/tcp, 992/tcp, 995/tcp	2020-09-17 21:20:51
attackbotsspam	Sep 17 06:49:46 [host] kernel: [650237.167348] [UF Sep 17 06:52:24 [host] kernel: [650395.510659] [UF Sep 17 06:54:54 [host] kernel: [650545.632879] [UF Sep 17 07:02:52 [host] kernel: [651023.513741] [UF Sep 17 07:03:15 [host] kernel: [651046.924002] [UF Sep 17 07:09:59 [host] kernel: [651450.920256] [UF	2020-09-17 13:31:26
attackbots	firewall-block, port(s): 47/tcp, 67/tcp, 72/tcp, 188/tcp, 198/tcp, 204/tcp, 205/tcp, 210/tcp, 224/tcp, 229/tcp, 284/tcp, 301/tcp, 309/tcp, 387/tcp, 438/tcp, 468/tcp, 473/tcp, 475/tcp, 478/tcp, 483/tcp, 487/tcp, 507/tcp, 509/tcp, 514/tcp, 519/tcp, 559/tcp, 568/tcp, 588/tcp, 718/tcp, 735/tcp, 741/tcp, 745/tcp, 771/tcp, 788/tcp, 792/tcp, 821/tcp, 822/tcp, 849/tcp, 898/tcp, 934/tcp, 947/tcp, 966/tcp, 971/tcp	2020-09-17 04:37:45
attackbotsspam	TCP (SYN) 94.102.51.29:57788 -> port 3396, len 44	2020-09-14 02:44:11
attack	TCP (SYN) 94.102.51.29:57788 -> port 33389, len 44	2020-09-13 18:43:03
attackbotsspam	TCP (SYN) 94.102.51.29:51751 -> port 3396, len 44	2020-09-11 01:48:50
attackspam	TCP (SYN) 94.102.51.29:51751 -> port 3390, len 44	2020-09-10 17:08:59
attackspam	Multiport scan : 5 ports scanned 3395 4489 8000 8889 9000	2020-09-10 07:43:12
attack	TCP (SYN) 94.102.51.29:55731 -> port 3392, len 44	2020-09-09 01:12:25
attackbots	TCP (SYN) 94.102.51.29:55731 -> port 33893, len 44	2020-09-08 16:39:03
attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 82 - port: 5188 proto: tcp cat: Misc Attackbytes: 60	2020-09-07 01:29:37
attack	[H1.VM4] Blocked by UFW	2020-09-06 16:50:53
attack	Multiport scan : 9 ports scanned 3388 3390 3396 3399 4001 7789 9000 9001 10000	2020-09-06 08:50:27
attack	TCP (SYN) 94.102.51.29:46226 -> port 5589, len 44	2020-09-05 21:57:47
attackspambots	firewall-block, port(s): 3404/tcp, 4002/tcp, 8000/tcp, 10002/tcp	2020-09-05 13:34:13
attackspam	SmallBizIT.US 9 packets to tcp(3399,3404,5000,5001,5188,5589,6689,20001,50002)	2020-09-05 06:20:18
attackbots	Port scan detected on ports: 491[TCP], 402[TCP], 502[TCP]	2020-08-31 01:30:20
attack	TCP (SYN) 94.102.51.29:58115 -> port 8000, len 44	2020-08-27 00:35:15
attack	SmallBizIT.US 8 packets to tcp(3405,3410,4001,5188,33891,33894,33896,50001)	2020-08-26 06:29:30
attack	TCP (SYN) 94.102.51.29:45083 -> port 3286, len 44	2020-08-16 17:28:24
attack	ET DROP Dshield Block Listed Source group 1 - port: 58077 proto: tcp cat: Misc Attackbytes: 60	2020-08-12 16:33:55
attackspambots	Port Scan ...	2020-08-11 08:03:40
attackbotsspam	Aug 9 13:53:30 venus kernel: [161514.858958] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:66:8f:ed:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.29 DST=78.47.70.226 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=25435 PROTO=TCP SPT=40011 DPT=19099 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-09 19:31:15
attackspam	08/07/2020-18:56:59.805303 94.102.51.29 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-08 07:27:38

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.51.28	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 14265 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:18:39
94.102.51.28	attackbots	[portscan] Port scan	2020-10-13 20:55:07
94.102.51.17	attackspambots	Fail2Ban Ban Triggered	2020-10-13 12:24:11
94.102.51.28	attack	Oct 13 05:48:00 [host] kernel: [2892792.420159] [U Oct 13 05:52:10 [host] kernel: [2893042.585542] [U Oct 13 05:59:27 [host] kernel: [2893479.003593] [U Oct 13 06:00:45 [host] kernel: [2893556.972194] [U Oct 13 06:02:58 [host] kernel: [2893690.599550] [U Oct 13 06:03:57 [host] kernel: [2893748.886505] [U	2020-10-13 12:23:49
94.102.51.17	attack	[MK-Root1] Blocked by UFW	2020-10-13 05:13:55
94.102.51.28	attackbotsspam	Oct 12 22:53:57 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=50790 PROTO=TCP SPT=46594 DPT=45355 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 22:58:36 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=4168 PROTO=TCP SPT=46594 DPT=47667 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:01:47 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40976 PROTO=TCP SPT=46594 DPT=13886 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:08:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=34845 PROTO=TCP SPT=46594 DPT=29762 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 12 23:09:15 *hidd ...	2020-10-13 05:13:37
94.102.51.17	attackbotsspam	firewall-block, port(s): 5275/tcp	2020-10-11 01:43:06
94.102.51.78	attackspambots	Oct 9 12:46:02 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 Oct 9 12:46:06 haigwepa sshd[8112]: Failed password for root from 94.102.51.78 port 45205 ssh2 ...	2020-10-10 02:03:42
94.102.51.78	attackbots	[MK-VM3] SSH login failed	2020-10-09 17:48:16
94.102.51.28	attackspambots	TCP (SYN) 94.102.51.28:45039 -> port 42954, len 44	2020-10-09 05:42:43
94.102.51.28	attack	49164/tcp 52334/tcp 60882/tcp... [2020-08-07/10-08]47445pkt,38785pt.(tcp)	2020-10-08 21:57:39
94.102.51.28	attack	[H1.VM2] Blocked by UFW	2020-10-08 13:52:57
94.102.51.28	attackbots	TCP (SYN) 94.102.51.28:45039 -> port 19163, len 44	2020-10-08 02:53:29
94.102.51.28	attackbots	Oct 7 12:48:08 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46543 PROTO=TCP SPT=45039 DPT=31360 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 12:49:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=21421 PROTO=TCP SPT=45039 DPT=53281 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:01:05 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43131 PROTO=TCP SPT=45039 DPT=23703 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:03:35 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.51.28 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43904 PROTO=TCP SPT=45039 DPT=44237 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 7 13:05:31 hidden ...	2020-10-07 19:07:31
94.102.51.28	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-10-01 07:40:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.51.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38974
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.51.29.			IN	A

;; AUTHORITY SECTION:
.			255	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050900 1800 900 604800 86400

;; Query time: 135 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 09 21:30:00 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

29.51.102.94.in-addr.arpa domain name pointer customer.fibre7.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.51.102.94.in-addr.arpa	name = customer.fibre7.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
156.96.44.213	attackbots	2020-06-28T02:03:37.291913www postfix/smtpd[9452]: warning: unknown[156.96.44.213]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-28T02:03:45.391236www postfix/smtpd[9452]: warning: unknown[156.96.44.213]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-06-28T02:03:57.489565www postfix/smtpd[9452]: warning: unknown[156.96.44.213]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-28 08:16:07
167.249.134.210	attack	2020-06-28T07:07:25.921038hostname sshd[31510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.249.134.210 2020-06-28T07:07:25.898501hostname sshd[31510]: Invalid user vivek from 167.249.134.210 port 52342 2020-06-28T07:07:28.177576hostname sshd[31510]: Failed password for invalid user vivek from 167.249.134.210 port 52342 ssh2 ...	2020-06-28 08:29:54
122.114.229.193	attackbotsspam	Lines containing failures of 122.114.229.193 Jun 27 04:32:56 kopano sshd[8610]: Invalid user susi from 122.114.229.193 port 40062 Jun 27 04:32:56 kopano sshd[8610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.229.193 Jun 27 04:32:57 kopano sshd[8610]: Failed password for invalid user susi from 122.114.229.193 port 40062 ssh2 Jun 27 04:32:58 kopano sshd[8610]: Received disconnect from 122.114.229.193 port 40062:11: Bye Bye [preauth] Jun 27 04:32:58 kopano sshd[8610]: Disconnected from invalid user susi 122.114.229.193 port 40062 [preauth] Jun 27 04:48:53 kopano sshd[9373]: Connection closed by 122.114.229.193 port 48436 [preauth] Jun 27 04:50:36 kopano sshd[9425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.229.193 user=r.r Jun 27 04:50:38 kopano sshd[9425]: Failed password for r.r from 122.114.229.193 port 48604 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/vie	2020-06-28 08:04:26
5.135.165.55	attack	Jun 28 00:32:28 plex sshd[13566]: Invalid user juliet from 5.135.165.55 port 32910	2020-06-28 08:13:58
27.71.204.189	attackbotsspam	" "	2020-06-28 08:30:58
77.205.116.154	spam	This adresse IP Spy me on Facebook and mail	2020-06-28 08:34:13
51.210.44.194	attack	SSH brute force	2020-06-28 08:02:37
2.58.12.137	attackspambots	As always with web2objects	2020-06-28 08:12:02
185.143.72.16	attackbotsspam	Jun 28 01:46:09 v22019058497090703 postfix/smtpd[23685]: warning: unknown[185.143.72.16]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 28 01:47:38 v22019058497090703 postfix/smtpd[23685]: warning: unknown[185.143.72.16]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 28 01:49:06 v22019058497090703 postfix/smtpd[23685]: warning: unknown[185.143.72.16]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-28 07:59:34
218.92.0.251	attackbotsspam	Scanned 28 times in the last 24 hours on port 22	2020-06-28 08:07:28
116.255.213.168	attackbots	Jun 27 22:14:49 124388 sshd[16633]: Invalid user odoo from 116.255.213.168 port 37400 Jun 27 22:14:49 124388 sshd[16633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.213.168 Jun 27 22:14:49 124388 sshd[16633]: Invalid user odoo from 116.255.213.168 port 37400 Jun 27 22:14:51 124388 sshd[16633]: Failed password for invalid user odoo from 116.255.213.168 port 37400 ssh2 Jun 27 22:19:46 124388 sshd[16979]: Invalid user afp from 116.255.213.168 port 57022	2020-06-28 08:08:14
80.82.77.245	attack	80.82.77.245 was recorded 8 times by 6 hosts attempting to connect to the following ports: 1054,1064,1059. Incident counter (4h, 24h, all-time): 8, 39, 24607	2020-06-28 08:20:41
139.196.189.71	attack	Jun 27 22:44:03 host proftpd[25375]: 0.0.0.0 (139.196.189.71[139.196.189.71]) - USER anonymous: no such user found from 139.196.189.71 [139.196.189.71] to 163.172.107.87:21 ...	2020-06-28 08:09:40
49.234.98.155	attack	Jun 27 22:02:33 game-panel sshd[4279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.98.155 Jun 27 22:02:34 game-panel sshd[4279]: Failed password for invalid user rdt from 49.234.98.155 port 42992 ssh2 Jun 27 22:06:40 game-panel sshd[4502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.98.155	2020-06-28 08:32:58
109.226.63.124	attack	Brute forcing RDP port 3389	2020-06-28 08:19:13

最近上报的IP列表

215.190.136.84	54.87.204.51	158.146.163.16	173.245.209.248
230.233.60.19	70.80.102.146	244.14.113.34	86.53.49.202
172.142.231.10	218.59.43.150	51.170.235.253	131.177.163.157
135.33.187.210	119.13.72.129	180.183.47.114	36.90.93.6
180.183.29.214	27.109.255.161	180.183.131.135	3.224.83.244