94.102.52.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	94.102.52.29 - - \[13/Mar/2020:20:47:47 +0800\] "GET /wp-content/plugins/rolo-slider/assets/css/admin.css HTTP/1.1" 404 38374 "-" "Mozilla/4.0 $compatible\; MSIE 6.0\; Windows NT 5.1\; SV1$"	2020-03-13 22:55:22

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.52.36	attackspam	Sent packet to closed port: 22	2020-08-09 23:44:48
94.102.52.57	attackbots	[Thu May 21 12:06:10 2020] - DDoS Attack From IP: 94.102.52.57 Port: 56548	2020-07-09 03:53:58
94.102.52.44	attackspambots	May 27 00:05:26 pop3-login: Info: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\<9W41QJSmrABeZjQs\>\ May 27 00:47:06 pop3-login: Info: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:50:24 pop3-login: Info: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:59:20 pop3-login: Info: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:59:24 pop3-login: Info: Aborted login $auth failed, 1 attempts in 6 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 01	2020-05-27 07:46:46
94.102.52.44	attackspam	May 26 18:59:50 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:00:07 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session=<0DPwBpCmxk5eZjQs> May 26 19:00:19 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:01:43 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:02:11 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=	2020-05-27 01:15:11
94.102.52.44	attack	May 26 04:04:28 ns3042688 courier-pop3d: LOGIN FAILED, user=postmaster@sikla-shop.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-26 10:11:53
94.102.52.44	attackbotsspam	May 25 19:44:30 ns3042688 courier-pop3d: LOGIN FAILED, user=office@sikla-systems.es, ip=\[::ffff:94.102.52.44\] ...	2020-05-26 02:06:54
94.102.52.44	attackbotsspam	May 25 07:48:22 ns3042688 courier-pop3d: LOGIN FAILED, user=test@makita-dolmar.info, ip=\[::ffff:94.102.52.44\] ...	2020-05-25 13:49:29
94.102.52.57	attackbotsspam	05/24/2020-18:33:20.532373 94.102.52.57 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-25 06:51:24
94.102.52.44	attackbotsspam	May 24 13:56:10 ns3042688 courier-pop3d: LOGIN FAILED, user=webmaster@tienda-sikla.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-24 20:15:14
94.102.52.57	attack	Port scanning [23 denied]	2020-05-23 17:57:54
94.102.52.44	attack	May 22 21:47:50 ns3042688 courier-pop3d: LOGIN FAILED, user=reception@tienda-cmt.org, ip=\[::ffff:94.102.52.44\] ...	2020-05-23 03:49:51
94.102.52.44	attackbots	May 22 13:47:30 ns3042688 courier-pop3d: LOGIN FAILED, user=support@sikla-shop.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-22 19:54:43
94.102.52.57	attack	TCP ports : 11 / 338 / 448 / 564 / 911	2020-05-22 01:22:15
94.102.52.57	attackspambots	05/20/2020-13:13:08.646937 94.102.52.57 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-21 01:31:46
94.102.52.44	attackbotsspam	May 20 18:50:14 ns3042688 courier-pop3d: LOGIN FAILED, user=info@tienda-cmt.com, ip=\[::ffff:94.102.52.44\] ...	2020-05-21 00:57:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.52.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33111
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.52.29.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031300 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 13 22:55:15 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

29.52.102.94.in-addr.arpa domain name pointer group-ib.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.52.102.94.in-addr.arpa	name = group-ib.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
182.148.178.236	attackbots	May 22 16:27:50 xeon sshd[20698]: Failed password for invalid user ulg from 182.148.178.236 port 54714 ssh2	2020-05-23 00:34:44
211.159.147.188	attackspam	Invalid user osc from 211.159.147.188 port 50248	2020-05-23 00:41:48
78.22.162.248	attack	Lines containing failures of 78.22.162.248 May 22 07:49:58 penfold sshd[13050]: Invalid user twr from 78.22.162.248 port 40830 May 22 07:49:58 penfold sshd[13050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.22.162.248 May 22 07:50:01 penfold sshd[13050]: Failed password for invalid user twr from 78.22.162.248 port 40830 ssh2 May 22 07:50:03 penfold sshd[13050]: Received disconnect from 78.22.162.248 port 40830:11: Bye Bye [preauth] May 22 07:50:03 penfold sshd[13050]: Disconnected from invalid user twr 78.22.162.248 port 40830 [preauth] May 22 08:00:37 penfold sshd[13789]: Did not receive identification string from 78.22.162.248 port 52088 May 22 08:08:41 penfold sshd[14339]: Did not receive identification string from 78.22.162.248 port 45824 May 22 08:16:40 penfold sshd[15037]: Did not receive identification string from 78.22.162.248 port 39560 May 22 08:24:40 penfold sshd[15558]: Did not receive identification string fro........ ------------------------------	2020-05-23 00:43:55
106.52.131.86	attackbotsspam	2020-05-22T14:51:12.841278ollin.zadara.org sshd[7946]: Invalid user nix from 106.52.131.86 port 50602 2020-05-22T14:51:14.858744ollin.zadara.org sshd[7946]: Failed password for invalid user nix from 106.52.131.86 port 50602 ssh2 ...	2020-05-23 00:51:48
62.102.148.69	attackspam	SSH invalid-user multiple login try	2020-05-23 00:26:23
200.60.60.84	attackbotsspam	$f2bV_matches	2020-05-23 01:03:50
210.56.23.100	attack	May 22 13:29:51 ws24vmsma01 sshd[48300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.56.23.100 May 22 13:29:54 ws24vmsma01 sshd[48300]: Failed password for invalid user ity from 210.56.23.100 port 34676 ssh2 ...	2020-05-23 00:34:14
46.36.27.114	attackspam	May 22 16:10:36 ip-172-31-61-156 sshd[17905]: Invalid user tim from 46.36.27.114 May 22 16:10:39 ip-172-31-61-156 sshd[17905]: Failed password for invalid user tim from 46.36.27.114 port 44547 ssh2 May 22 16:10:36 ip-172-31-61-156 sshd[17905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.36.27.114 May 22 16:10:36 ip-172-31-61-156 sshd[17905]: Invalid user tim from 46.36.27.114 May 22 16:10:39 ip-172-31-61-156 sshd[17905]: Failed password for invalid user tim from 46.36.27.114 port 44547 ssh2 ...	2020-05-23 00:46:02
222.186.173.215	attackspambots	May 22 17:26:41 combo sshd[20049]: Failed password for root from 222.186.173.215 port 52358 ssh2 May 22 17:26:45 combo sshd[20049]: Failed password for root from 222.186.173.215 port 52358 ssh2 May 22 17:26:49 combo sshd[20049]: Failed password for root from 222.186.173.215 port 52358 ssh2 ...	2020-05-23 00:41:11
157.230.163.6	attackspambots	May 22 16:52:25 ajax sshd[31706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.163.6 May 22 16:52:28 ajax sshd[31706]: Failed password for invalid user kcw from 157.230.163.6 port 45102 ssh2	2020-05-23 00:18:44
162.243.138.213	attackspambots	Unauthorized connection attempt detected from IP address 162.243.138.213 to port 873	2020-05-23 00:49:10
36.133.121.2	attack	SSH Bruteforce Attempt (failed auth)	2020-05-23 00:47:37
195.9.250.138	attackspam	Helo	2020-05-23 00:37:36
107.170.18.163	attackspam	May 22 15:08:27 IngegnereFirenze sshd[18677]: Failed password for invalid user uzu from 107.170.18.163 port 55268 ssh2 ...	2020-05-23 00:53:17
159.65.136.141	attack	May 22 18:31:03 pornomens sshd\[20129\]: Invalid user ide from 159.65.136.141 port 59796 May 22 18:31:03 pornomens sshd\[20129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.136.141 May 22 18:31:06 pornomens sshd\[20129\]: Failed password for invalid user ide from 159.65.136.141 port 59796 ssh2 ...	2020-05-23 00:35:07

最近上报的IP列表

187.15.89.211	85.75.228.83	45.177.94.83	35.202.157.96
223.185.130.92	104.244.77.95	202.83.28.186	144.217.254.159
190.204.183.27	216.221.44.228	125.91.17.195	172.217.173.3
217.182.33.33	144.217.206.177	85.26.211.83	149.129.54.112
149.126.16.238	191.246.86.100	83.226.108.68	50.31.134.63