城市(city): unknown
省份(region): unknown
国家(country): None
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 94.102.53.112 | attackbots | Sep 22 19:49:41 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=64967 PROTO=TCP SPT=47405 DPT=56184 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 19:50:13 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=55059 PROTO=TCP SPT=47405 DPT=57738 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 19:59:46 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=25295 PROTO=TCP SPT=47405 DPT=55384 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 20:00:15 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=48025 PROTO=TCP SPT=47405 DPT=55603 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 20:01:40 ... |
2020-09-23 02:26:17 |
| 94.102.53.112 | attackbots | Sep 22 11:24:28 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=17068 PROTO=TCP SPT=47405 DPT=54077 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 11:27:13 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46683 PROTO=TCP SPT=47405 DPT=54299 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 11:27:34 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=53915 PROTO=TCP SPT=47405 DPT=55299 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 11:28:14 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=2437 PROTO=TCP SPT=47405 DPT=54029 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 11:28:20 * ... |
2020-09-22 18:30:21 |
| 94.102.53.112 | attackspambots | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-09-22 00:22:59 |
| 94.102.53.112 | attackspam | Sep 21 09:01:03 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=17971 PROTO=TCP SPT=47405 DPT=57452 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 09:01:14 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=8030 PROTO=TCP SPT=47405 DPT=56362 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 09:02:13 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=35275 PROTO=TCP SPT=47405 DPT=55720 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 09:02:56 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=57017 PROTO=TCP SPT=47405 DPT=56338 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 09:04:33 * ... |
2020-09-21 16:04:01 |
| 94.102.53.112 | attack | Sep 21 01:48:45 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=31180 PROTO=TCP SPT=47405 DPT=56733 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:50:15 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=30201 PROTO=TCP SPT=47405 DPT=54320 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:50:54 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=63633 PROTO=TCP SPT=47405 DPT=55532 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:53:48 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43016 PROTO=TCP SPT=47405 DPT=54571 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:57:34 ... |
2020-09-21 07:58:37 |
| 94.102.53.112 | attack | Fail2Ban Ban Triggered |
2020-09-12 01:03:54 |
| 94.102.53.112 | attackspambots | Sep 11 10:46:08 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=14603 PROTO=TCP SPT=54264 DPT=47578 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 10:47:41 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=48855 PROTO=TCP SPT=54264 DPT=48632 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 10:50:31 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=35108 PROTO=TCP SPT=54264 DPT=49545 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 10:50:57 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=33718 PROTO=TCP SPT=54264 DPT=46805 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 10:54:30 ... |
2020-09-11 17:00:15 |
| 94.102.53.112 | attack | [H1.VM2] Blocked by UFW |
2020-09-11 09:12:55 |
| 94.102.53.112 | attack | [MK-VM6] Blocked by UFW |
2020-09-09 03:55:14 |
| 94.102.53.112 | attack | Sep 8 11:15:02 [host] kernel: [5223053.217784] [U Sep 8 11:17:05 [host] kernel: [5223176.069358] [U Sep 8 11:18:28 [host] kernel: [5223258.852837] [U Sep 8 11:18:50 [host] kernel: [5223281.334385] [U Sep 8 11:20:52 [host] kernel: [5223402.951904] [U Sep 8 11:27:39 [host] kernel: [5223810.195981] [U |
2020-09-08 19:34:39 |
| 94.102.53.112 | attackspambots | [MK-Root1] Blocked by UFW |
2020-09-06 21:04:43 |
| 94.102.53.112 | attackspam | Sep605:39:07server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=94.102.53.112DST=136.243.224.57LEN=40TOS=0x00PREC=0x00TTL=249ID=57372PROTO=TCPSPT=54264DPT=48514WINDOW=1024RES=0x00SYNURGP=0Sep605:39:21server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=94.102.53.112DST=136.243.224.51LEN=40TOS=0x00PREC=0x00TTL=249ID=56208PROTO=TCPSPT=54264DPT=47431WINDOW=1024RES=0x00SYNURGP=0Sep605:39:24server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=94.102.53.112DST=136.243.224.57LEN=40TOS=0x00PREC=0x00TTL=249ID=24382PROTO=TCPSPT=54264DPT=48906WINDOW=1024RES=0x00SYNURGP=0Sep605:39:31server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=94.102.53.112DST=136.243.224.53LEN=40TOS=0x00PREC=0x00TTL=249ID=41730PROTO=TCPSPT=54264DPT=47417WINDOW=1024RES=0x00SYNURGP=0Sep605:39:37server2kernel:Firewall:\*TCP_INBlocked\*IN=eth0OUT=MAC=00:16:3e:3f:7 |
2020-09-06 12:42:20 |
| 94.102.53.112 | attack | Sep 5 20:19:38 [host] kernel: [4996571.194594] [U Sep 5 20:19:48 [host] kernel: [4996581.278273] [U Sep 5 20:26:44 [host] kernel: [4996997.816185] [U Sep 5 20:39:01 [host] kernel: [4997734.271342] [U Sep 5 20:45:21 [host] kernel: [4998113.673015] [U Sep 5 20:45:47 [host] kernel: [4998140.247833] [U |
2020-09-06 05:02:52 |
| 94.102.53.112 | attackspam | [H1.VM7] Blocked by UFW |
2020-08-27 14:40:29 |
| 94.102.53.112 | attack | [H1.VM8] Blocked by UFW |
2020-08-21 21:06:26 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.53.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36161
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;94.102.53.192. IN A
;; AUTHORITY SECTION:
. 260 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022063001 1800 900 604800 86400
;; Query time: 30 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 01 04:02:27 CST 2022
;; MSG SIZE rcvd: 106Host 192.53.102.94.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 192.53.102.94.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 63.175.159.27 | attack | Sep 16 06:52:37 webhost01 sshd[24473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=63.175.159.27 Sep 16 06:52:38 webhost01 sshd[24473]: Failed password for invalid user ellie from 63.175.159.27 port 54621 ssh2 ... |
2019-09-16 12:05:26 |
| 41.58.159.184 | attackbotsspam | Sep 16 01:15:35 [munged] sshd[28629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.58.159.184 |
2019-09-16 12:08:54 |
| 80.182.12.97 | attackspam | Chat Spam |
2019-09-16 11:50:31 |
| 185.36.81.16 | attack | $f2bV_matches |
2019-09-16 12:04:35 |
| 134.209.11.199 | attackbots | Sep 15 19:22:37 TORMINT sshd\[12083\]: Invalid user admin from 134.209.11.199 Sep 15 19:22:37 TORMINT sshd\[12083\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.11.199 Sep 15 19:22:39 TORMINT sshd\[12083\]: Failed password for invalid user admin from 134.209.11.199 port 58484 ssh2 ... |
2019-09-16 12:01:57 |
| 118.24.23.47 | attack | Sep 13 19:22:52 mail sshd[31546]: Failed password for invalid user tuo from 118.24.23.47 port 36674 ssh2 Sep 13 19:22:52 mail sshd[31546]: Received disconnect from 118.24.23.47: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=118.24.23.47 |
2019-09-16 12:19:14 |
| 118.68.105.147 | attackbotsspam | Sep 14 11:16:22 our-server-hostname postfix/smtpd[19883]: connect from unknown[118.68.105.147] Sep x@x Sep 14 11:16:24 our-server-hostname postfix/smtpd[19883]: lost connection after RCPT from unknown[118.68.105.147] Sep 14 11:16:24 our-server-hostname postfix/smtpd[19883]: disconnect from unknown[118.68.105.147] Sep 14 12:10:21 our-server-hostname postfix/smtpd[12297]: connect from unknown[118.68.105.147] Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=118.68.105.147 |
2019-09-16 12:09:22 |
| 49.83.1.182 | attackspambots | Sep 15 03:51:51 itv-usvr-01 sshd[5090]: Invalid user admin from 49.83.1.182 Sep 15 03:51:51 itv-usvr-01 sshd[5090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.83.1.182 Sep 15 03:51:51 itv-usvr-01 sshd[5090]: Invalid user admin from 49.83.1.182 Sep 15 03:51:53 itv-usvr-01 sshd[5090]: Failed password for invalid user admin from 49.83.1.182 port 25218 ssh2 Sep 15 03:51:51 itv-usvr-01 sshd[5090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.83.1.182 Sep 15 03:51:51 itv-usvr-01 sshd[5090]: Invalid user admin from 49.83.1.182 Sep 15 03:51:53 itv-usvr-01 sshd[5090]: Failed password for invalid user admin from 49.83.1.182 port 25218 ssh2 Sep 15 03:51:57 itv-usvr-01 sshd[5090]: Failed password for invalid user admin from 49.83.1.182 port 25218 ssh2 |
2019-09-16 12:24:50 |
| 109.130.226.167 | attackspambots | Sep 14 02:34:49 pi01 sshd[19030]: Connection from 109.130.226.167 port 37928 on 192.168.1.10 port 22 Sep 14 02:34:50 pi01 sshd[19030]: Invalid user km from 109.130.226.167 port 37928 Sep 14 02:34:50 pi01 sshd[19030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.130.226.167 Sep 14 02:34:52 pi01 sshd[19030]: Failed password for invalid user km from 109.130.226.167 port 37928 ssh2 Sep 14 02:34:52 pi01 sshd[19030]: Received disconnect from 109.130.226.167 port 37928:11: Bye Bye [preauth] Sep 14 02:34:52 pi01 sshd[19030]: Disconnected from 109.130.226.167 port 37928 [preauth] Sep 14 02:35:45 pi01 sshd[19051]: Connection from 109.130.226.167 port 52188 on 192.168.1.10 port 22 Sep 14 02:35:45 pi01 sshd[19051]: Invalid user eee from 109.130.226.167 port 52188 Sep 14 02:35:45 pi01 sshd[19051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.130.226.167 Sep 14 02:35:47 pi01 sshd[19051]: Fai........ ------------------------------- |
2019-09-16 12:03:52 |
| 119.146.145.104 | attack | Sep 16 05:00:47 OPSO sshd\[18305\]: Invalid user csgoserver from 119.146.145.104 port 7399 Sep 16 05:00:47 OPSO sshd\[18305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.146.145.104 Sep 16 05:00:49 OPSO sshd\[18305\]: Failed password for invalid user csgoserver from 119.146.145.104 port 7399 ssh2 Sep 16 05:03:42 OPSO sshd\[18699\]: Invalid user bm from 119.146.145.104 port 7400 Sep 16 05:03:42 OPSO sshd\[18699\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.146.145.104 |
2019-09-16 11:57:17 |
| 41.210.13.122 | attack | Chat Spam |
2019-09-16 12:16:57 |
| 206.189.130.87 | attackbots | Sep 15 23:38:40 TORMINT sshd\[29662\]: Invalid user nologin from 206.189.130.87 Sep 15 23:38:40 TORMINT sshd\[29662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.130.87 Sep 15 23:38:42 TORMINT sshd\[29662\]: Failed password for invalid user nologin from 206.189.130.87 port 40530 ssh2 ... |
2019-09-16 12:01:39 |
| 78.57.133.225 | attackspam | Port Scan: TCP/443 |
2019-09-16 12:12:11 |
| 117.50.66.233 | attackspambots | $f2bV_matches |
2019-09-16 11:45:07 |
| 139.59.80.65 | attackbots | Sep 16 01:47:09 OPSO sshd\[4809\]: Invalid user test from 139.59.80.65 port 35450 Sep 16 01:47:09 OPSO sshd\[4809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.65 Sep 16 01:47:11 OPSO sshd\[4809\]: Failed password for invalid user test from 139.59.80.65 port 35450 ssh2 Sep 16 01:51:40 OPSO sshd\[5972\]: Invalid user george from 139.59.80.65 port 49180 Sep 16 01:51:40 OPSO sshd\[5972\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.65 |
2019-09-16 11:49:32 |