94.52.29.41 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Romania

运营商(isp): SC Nextgen Communications SRL

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Automatic report - Port Scan Attack	2020-03-04 20:08:18
attackbots	Unauthorized connection attempt detected from IP address 94.52.29.41 to port 23 [J]	2020-02-25 12:46:05
attack	Automatic report - Port Scan Attack	2020-02-17 23:50:36

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.52.29.41
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7276
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.52.29.41.			IN	A

;; AUTHORITY SECTION:
.			495	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021700 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 23:50:29 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

41.29.52.94.in-addr.arpa domain name pointer 94-52-29-41.next-gen.ro.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
41.29.52.94.in-addr.arpa	name = 94-52-29-41.next-gen.ro.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
164.90.181.196	attack	164.90.181.196 - - [01/Oct/2020:22:07:17 +0100] "POST /wp-login.php HTTP/1.1" 200 2596 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.90.181.196 - - [01/Oct/2020:22:07:23 +0100] "POST /wp-login.php HTTP/1.1" 200 2597 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.90.181.196 - - [01/Oct/2020:22:07:23 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 06:18:11
150.136.254.88	attackbotsspam	(mod_security) mod_security (id:210492) triggered by 150.136.254.88 (US/United States/-): 5 in the last 3600 secs	2020-10-02 06:03:45
119.50.245.115	attack	Unauthorised access (Sep 30) SRC=119.50.245.115 LEN=40 TTL=46 ID=10925 TCP DPT=23 WINDOW=23446 SYN	2020-10-02 06:26:02
45.179.165.207	attack	Sep 30 22:39:30 mellenthin postfix/smtpd[20705]: NOQUEUE: reject: RCPT from 207.165.179.45.in-addr.arpa[45.179.165.207]: 554 5.7.1 Service unavailable; Client host [45.179.165.207] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/45.179.165.207; from= to= proto=ESMTP helo=<245.165.179.45.in-addr.arpa>	2020-10-02 06:17:39
185.58.195.232	attackspambots	2020-10-01T20:27:34.730837mail.broermann.family sshd[28589]: Failed password for invalid user private from 185.58.195.232 port 34815 ssh2 2020-10-01T20:31:05.423076mail.broermann.family sshd[28977]: Invalid user luis from 185.58.195.232 port 43202 2020-10-01T20:31:05.428327mail.broermann.family sshd[28977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.58.195.232 2020-10-01T20:31:05.423076mail.broermann.family sshd[28977]: Invalid user luis from 185.58.195.232 port 43202 2020-10-01T20:31:06.980544mail.broermann.family sshd[28977]: Failed password for invalid user luis from 185.58.195.232 port 43202 ssh2 ...	2020-10-02 06:17:58
203.151.146.216	attackbotsspam	SSH Invalid Login	2020-10-02 06:03:29
68.183.53.170	attackspam	2020-10-01T15:48:36.771617xentho-1 sshd[1124035]: Invalid user elemental from 68.183.53.170 port 42524 2020-10-01T15:48:38.833114xentho-1 sshd[1124035]: Failed password for invalid user elemental from 68.183.53.170 port 42524 ssh2 2020-10-01T15:50:19.623457xentho-1 sshd[1124080]: Invalid user lia from 68.183.53.170 port 42828 2020-10-01T15:50:19.629818xentho-1 sshd[1124080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.53.170 2020-10-01T15:50:19.623457xentho-1 sshd[1124080]: Invalid user lia from 68.183.53.170 port 42828 2020-10-01T15:50:21.825256xentho-1 sshd[1124080]: Failed password for invalid user lia from 68.183.53.170 port 42828 ssh2 2020-10-01T15:51:56.409034xentho-1 sshd[1124104]: Invalid user dennis from 68.183.53.170 port 43130 2020-10-01T15:51:56.417538xentho-1 sshd[1124104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.53.170 2020-10-01T15:51:56.409034xentho-1 sshd[1124104]: ...	2020-10-02 06:18:56
91.21.19.114	attackbots	Automatic report - Port Scan Attack	2020-10-02 06:22:30
89.22.254.176	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-02 06:36:32
5.196.72.11	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-01T21:37:23Z and 2020-10-01T21:49:44Z	2020-10-02 06:24:40
67.207.89.15	attack	Oct 1 23:19:55 con01 sshd[3220481]: Invalid user sysbackup from 67.207.89.15 port 53192 Oct 1 23:19:55 con01 sshd[3220481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.89.15 Oct 1 23:19:55 con01 sshd[3220481]: Invalid user sysbackup from 67.207.89.15 port 53192 Oct 1 23:19:57 con01 sshd[3220481]: Failed password for invalid user sysbackup from 67.207.89.15 port 53192 ssh2 Oct 1 23:22:15 con01 sshd[3225465]: Invalid user designer from 67.207.89.15 port 41616 ...	2020-10-02 06:15:59
4.17.231.194	attackspambots	2020-10-01T23:35:51+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-02 06:16:14
167.71.140.30	attackspambots	167.71.140.30 - - [01/Oct/2020:13:17:52 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.140.30 - - [01/Oct/2020:13:17:52 +0200] "POST /wp-login.php HTTP/1.1" 200 8875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.140.30 - - [01/Oct/2020:13:17:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-02 06:28:19
106.53.125.253	attackbots	Oct 1 22:51:14 s2 sshd[28980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.125.253 Oct 1 22:51:15 s2 sshd[28980]: Failed password for invalid user brainy from 106.53.125.253 port 42052 ssh2 Oct 1 23:03:28 s2 sshd[29639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.125.253	2020-10-02 06:14:22
1.171.65.95	attack	Automatic report - Port Scan Attack	2020-10-02 06:27:28

最近上报的IP列表

122.15.137.106	36.238.156.250	199.244.88.131	177.87.161.51
113.173.235.68	191.6.87.183	42.113.108.190	122.100.110.121
85.251.136.40	213.57.243.77	171.235.123.82	85.121.162.134
123.98.203.43	115.134.128.90	213.57.217.154	77.42.121.241
183.109.53.210	59.126.95.45	14.127.251.79	176.43.107.245