94.102.52.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	94.102.52.29 - - \[13/Mar/2020:20:47:47 +0800\] "GET /wp-content/plugins/rolo-slider/assets/css/admin.css HTTP/1.1" 404 38374 "-" "Mozilla/4.0 $compatible\; MSIE 6.0\; Windows NT 5.1\; SV1$"	2020-03-13 22:55:22

相同子网IP讨论:

IP	类型	评论内容	时间
94.102.52.36	attackspam	Sent packet to closed port: 22	2020-08-09 23:44:48
94.102.52.57	attackbots	[Thu May 21 12:06:10 2020] - DDoS Attack From IP: 94.102.52.57 Port: 56548	2020-07-09 03:53:58
94.102.52.44	attackspambots	May 27 00:05:26 pop3-login: Info: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\<9W41QJSmrABeZjQs\>\ May 27 00:47:06 pop3-login: Info: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:50:24 pop3-login: Info: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:59:20 pop3-login: Info: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:59:24 pop3-login: Info: Aborted login $auth failed, 1 attempts in 6 secs$: user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 01	2020-05-27 07:46:46
94.102.52.44	attackspam	May 26 18:59:50 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:00:07 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session=<0DPwBpCmxk5eZjQs> May 26 19:00:19 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:01:43 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:02:11 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=	2020-05-27 01:15:11
94.102.52.44	attack	May 26 04:04:28 ns3042688 courier-pop3d: LOGIN FAILED, user=postmaster@sikla-shop.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-26 10:11:53
94.102.52.44	attackbotsspam	May 25 19:44:30 ns3042688 courier-pop3d: LOGIN FAILED, user=office@sikla-systems.es, ip=\[::ffff:94.102.52.44\] ...	2020-05-26 02:06:54
94.102.52.44	attackbotsspam	May 25 07:48:22 ns3042688 courier-pop3d: LOGIN FAILED, user=test@makita-dolmar.info, ip=\[::ffff:94.102.52.44\] ...	2020-05-25 13:49:29
94.102.52.57	attackbotsspam	05/24/2020-18:33:20.532373 94.102.52.57 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-25 06:51:24
94.102.52.44	attackbotsspam	May 24 13:56:10 ns3042688 courier-pop3d: LOGIN FAILED, user=webmaster@tienda-sikla.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-24 20:15:14
94.102.52.57	attack	Port scanning [23 denied]	2020-05-23 17:57:54
94.102.52.44	attack	May 22 21:47:50 ns3042688 courier-pop3d: LOGIN FAILED, user=reception@tienda-cmt.org, ip=\[::ffff:94.102.52.44\] ...	2020-05-23 03:49:51
94.102.52.44	attackbots	May 22 13:47:30 ns3042688 courier-pop3d: LOGIN FAILED, user=support@sikla-shop.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-22 19:54:43
94.102.52.57	attack	TCP ports : 11 / 338 / 448 / 564 / 911	2020-05-22 01:22:15
94.102.52.57	attackspambots	05/20/2020-13:13:08.646937 94.102.52.57 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-21 01:31:46
94.102.52.44	attackbotsspam	May 20 18:50:14 ns3042688 courier-pop3d: LOGIN FAILED, user=info@tienda-cmt.com, ip=\[::ffff:94.102.52.44\] ...	2020-05-21 00:57:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.52.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33111
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.52.29.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031300 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 13 22:55:15 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

29.52.102.94.in-addr.arpa domain name pointer group-ib.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.52.102.94.in-addr.arpa	name = group-ib.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
77.247.109.72	attackbots	\[2019-10-03 14:03:08\] NOTICE\[1948\] chan_sip.c: Registration from '"2000" \' failed for '77.247.109.72:5177' - Wrong password \[2019-10-03 14:03:08\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-03T14:03:08.135-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2000",SessionID="0x7f1e1c2f44f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.72/5177",Challenge="1af856a0",ReceivedChallenge="1af856a0",ReceivedHash="d63bf40ddd66907eabbd2fd362345ee6" \[2019-10-03 14:03:08\] NOTICE\[1948\] chan_sip.c: Registration from '"2000" \' failed for '77.247.109.72:5177' - Wrong password \[2019-10-03 14:03:08\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-03T14:03:08.248-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2000",SessionID="0x7f1e1c1e96b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-10-04 02:38:39
165.165.235.50	attack	Automated reporting of SSH Vulnerability scanning	2019-10-04 02:54:28
58.56.140.62	attackspambots	(sshd) Failed SSH login from 58.56.140.62 (-): 5 in the last 3600 secs	2019-10-04 02:59:44
49.88.112.78	attack	Oct 3 20:50:24 ns41 sshd[13900]: Failed password for root from 49.88.112.78 port 26298 ssh2 Oct 3 20:50:24 ns41 sshd[13900]: Failed password for root from 49.88.112.78 port 26298 ssh2 Oct 3 20:50:26 ns41 sshd[13900]: Failed password for root from 49.88.112.78 port 26298 ssh2	2019-10-04 02:51:15
93.84.114.216	attackbotsspam	ICMP MP Probe, Scan -	2019-10-04 03:14:52
190.64.137.171	attackbots	Automatic report - Banned IP Access	2019-10-04 02:40:30
129.211.141.207	attackspambots	2019-10-03T18:40:49.939281shield sshd\[13155\]: Invalid user sprayrock11 from 129.211.141.207 port 36684 2019-10-03T18:40:49.944917shield sshd\[13155\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.141.207 2019-10-03T18:40:52.004403shield sshd\[13155\]: Failed password for invalid user sprayrock11 from 129.211.141.207 port 36684 ssh2 2019-10-03T18:41:18.287585shield sshd\[13201\]: Invalid user sprayrock11 from 129.211.141.207 port 39960 2019-10-03T18:41:18.291962shield sshd\[13201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.141.207	2019-10-04 02:50:07
185.156.1.99	attackbotsspam	Oct 3 14:59:44 xtremcommunity sshd\[149416\]: Invalid user ftpuser1 from 185.156.1.99 port 40855 Oct 3 14:59:44 xtremcommunity sshd\[149416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.156.1.99 Oct 3 14:59:47 xtremcommunity sshd\[149416\]: Failed password for invalid user ftpuser1 from 185.156.1.99 port 40855 ssh2 Oct 3 15:04:09 xtremcommunity sshd\[149537\]: Invalid user robert from 185.156.1.99 port 32991 Oct 3 15:04:09 xtremcommunity sshd\[149537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.156.1.99 ...	2019-10-04 03:05:34
51.15.180.145	attackbotsspam	Oct 3 06:10:59 web1 sshd\[12838\]: Invalid user distcache from 51.15.180.145 Oct 3 06:10:59 web1 sshd\[12838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.180.145 Oct 3 06:11:01 web1 sshd\[12838\]: Failed password for invalid user distcache from 51.15.180.145 port 42260 ssh2 Oct 3 06:15:09 web1 sshd\[13239\]: Invalid user zm from 51.15.180.145 Oct 3 06:15:09 web1 sshd\[13239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.180.145	2019-10-04 03:03:58
50.99.193.144	attackspambots	2019-10-03T12:21:13.553954abusebot.cloudsearch.cf sshd\[11342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d50-99-193-144.abhsia.telus.net user=root	2019-10-04 03:08:05
51.79.129.237	attack	$f2bV_matches	2019-10-04 03:12:52
128.199.90.245	attackspambots	Oct 3 18:53:55 SilenceServices sshd[20407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.90.245 Oct 3 18:53:58 SilenceServices sshd[20407]: Failed password for invalid user user from 128.199.90.245 port 43557 ssh2 Oct 3 18:59:24 SilenceServices sshd[21870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.90.245	2019-10-04 02:40:46
95.172.79.0	attackspambots	ICMP MP Probe, Scan -	2019-10-04 02:56:11
95.172.68.62	attackspam	ICMP MP Probe, Scan -	2019-10-04 03:02:02
54.39.18.237	attackspambots	Oct 1 21:02:59 ns341937 sshd[19829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.18.237 Oct 1 21:03:02 ns341937 sshd[19829]: Failed password for invalid user admin from 54.39.18.237 port 53256 ssh2 Oct 1 21:24:23 ns341937 sshd[25678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.18.237 ...	2019-10-04 03:04:35

最近上报的IP列表

187.15.89.211	85.75.228.83	45.177.94.83	35.202.157.96
223.185.130.92	104.244.77.95	202.83.28.186	144.217.254.159
190.204.183.27	216.221.44.228	125.91.17.195	172.217.173.3
217.182.33.33	144.217.206.177	85.26.211.83	149.129.54.112
149.126.16.238	191.246.86.100	83.226.108.68	50.31.134.63