94.102.49.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Incrediserve Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Sep 24 16:09:13 [host] kernel: [1288565.103610] [U Sep 24 16:15:41 [host] kernel: [1288952.633622] [U Sep 24 16:19:34 [host] kernel: [1289186.067227] [U Sep 24 16:22:48 [host] kernel: [1289379.507850] [U Sep 24 16:37:16 [host] kernel: [1290247.179542] [U Sep 24 16:42:54 [host] kernel: [1290585.125226] [U	2020-09-24 22:45:14
attackbotsspam	Port scan on 41 port(s): 28005 28029 28036 28040 28080 28129 28136 28177 28183 28188 28192 28284 28289 28371 28375 28377 28381 28395 28399 28414 28430 28456 28500 28551 28564 28587 28673 28679 28731 28758 28761 28762 28781 28821 28874 28884 28928 28959 28968 28981 28995	2020-09-24 14:36:02
attack	Port scan on 15 port(s): 28085 28205 28232 28321 28364 28387 28509 28554 28626 28629 28630 28802 28866 28892 28948	2020-09-24 06:03:36

Type

Details

Datetime

attackspambots

Sep 24 16:09:13 [host] kernel: [1288565.103610] [U
Sep 24 16:15:41 [host] kernel: [1288952.633622] [U
Sep 24 16:19:34 [host] kernel: [1289186.067227] [U
Sep 24 16:22:48 [host] kernel: [1289379.507850] [U
Sep 24 16:37:16 [host] kernel: [1290247.179542] [U
Sep 24 16:42:54 [host] kernel: [1290585.125226] [U

2020-09-24 22:45:14

attackbotsspam

Port scan on 41 port(s): 28005 28029 28036 28040 28080 28129 28136 28177 28183 28188 28192 28284 28289 28371 28375 28377 28381 28395 28399 28414 28430 28456 28500 28551 28564 28587 28673 28679 28731 28758 28761 28762 28781 28821 28874 28884 28928 28959 28968 28981 28995

2020-09-24 14:36:02

attack

Port scan on 15 port(s): 28085 28205 28232 28321 28364 28387 28509 28554 28626 28629 28630 28802 28866 28892 28948

2020-09-24 06:03:36

Comments on same subnet:

IP	Type	Details	Datetime
94.102.49.193	botsattackproxy	Bot	2024-04-11 12:03:13
94.102.49.190	proxy	VPN fraud	2023-05-29 12:52:27
94.102.49.191	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 132 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:37:55
94.102.49.191	attackspambots	Port-scan: detected 174 distinct ports within a 24-hour window.	2020-10-07 17:07:10
94.102.49.117	attack	massive Port Scan	2020-10-07 04:15:40
94.102.49.59	attack	port scan	2020-10-07 00:57:42
94.102.49.117	attackspambots	massive Port Scan	2020-10-06 20:19:06
94.102.49.59	attack	Hacker	2020-10-06 16:51:13
94.102.49.193	attackbots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-05 03:01:09
94.102.49.193	attackspambots	TCP (SYN) 94.102.49.193:6707 -> port 502, len 44	2020-10-04 18:45:20
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-04 06:25:39
94.102.49.93	attackbotsspam	Port-scan: detected 200 distinct ports within a 24-hour window.	2020-10-03 22:30:11
94.102.49.93	attackspam	[Sun Sep 27 22:47:43 2020] - Syn Flood From IP: 94.102.49.93 Port: 59653	2020-10-03 14:13:26
94.102.49.137	attackspam	Fri, 2020-10-02 08:33:48 - TCP Packet - Source:94.102.49.137 Destination:xxx.xxx.xxx.xxx - [PORT SCAN]	2020-10-03 04:32:19
94.102.49.137	attack	Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42330 PROTO=TCP SPT=45720 DPT=11117 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:22 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=28079 PROTO=TCP SPT=45720 DPT=11218 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3153 PROTO=TCP SPT=45720 DPT=11222 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15:35:25 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=94.102.49.137 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16947 PROTO=TCP SPT=45720 DPT=11215 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 2 15: ...	2020-10-02 23:52:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.49.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21746
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.49.3.			IN	A

;; AUTHORITY SECTION:
.			427	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092301 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 24 06:03:32 CST 2020
;; MSG SIZE  rcvd: 115

Host info

3.49.102.94.in-addr.arpa domain name pointer no-reverse-dns-configured.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.49.102.94.in-addr.arpa	name = no-reverse-dns-configured.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.9.234	attackbotsspam	Dec 13 09:23:24 thevastnessof sshd[20328]: Failed password for root from 139.59.9.234 port 33184 ssh2 ...	2019-12-13 19:25:38
189.170.4.79	attack	Unauthorized connection attempt from IP address 189.170.4.79 on Port 445(SMB)	2019-12-13 19:22:45
182.68.120.50	attack	Unauthorized connection attempt from IP address 182.68.120.50 on Port 445(SMB)	2019-12-13 19:39:37
70.180.186.63	attackbots	Scanning	2019-12-13 19:55:41
107.170.20.247	attackbotsspam	2019-12-13T10:54:16.200513scmdmz1 sshd\[1794\]: Invalid user jjjjjjj from 107.170.20.247 port 59616 2019-12-13T10:54:16.203267scmdmz1 sshd\[1794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.20.247 2019-12-13T10:54:18.372887scmdmz1 sshd\[1794\]: Failed password for invalid user jjjjjjj from 107.170.20.247 port 59616 ssh2 ...	2019-12-13 19:29:31
95.31.137.73	attack	email spam	2019-12-13 19:27:25
103.80.116.68	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 13-12-2019 07:45:09.	2019-12-13 19:47:00
222.186.180.147	attackspam	Dec 13 06:50:06 linuxvps sshd\[56406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Dec 13 06:50:08 linuxvps sshd\[56406\]: Failed password for root from 222.186.180.147 port 45378 ssh2 Dec 13 06:50:18 linuxvps sshd\[56406\]: Failed password for root from 222.186.180.147 port 45378 ssh2 Dec 13 06:50:22 linuxvps sshd\[56406\]: Failed password for root from 222.186.180.147 port 45378 ssh2 Dec 13 06:50:25 linuxvps sshd\[56581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root	2019-12-13 19:51:00
106.38.112.62	attack	Dec 13 12:35:43 mail sshd\[27628\]: Invalid user ramamurthy from 106.38.112.62 Dec 13 12:35:43 mail sshd\[27628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.38.112.62 Dec 13 12:35:45 mail sshd\[27628\]: Failed password for invalid user ramamurthy from 106.38.112.62 port 46172 ssh2 ...	2019-12-13 19:56:31
36.84.187.91	attackspambots	Unauthorized connection attempt from IP address 36.84.187.91 on Port 445(SMB)	2019-12-13 19:28:57
118.70.113.2	attack	Dec 13 06:51:51 TORMINT sshd\[30409\]: Invalid user calou from 118.70.113.2 Dec 13 06:51:51 TORMINT sshd\[30409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.113.2 Dec 13 06:51:52 TORMINT sshd\[30409\]: Failed password for invalid user calou from 118.70.113.2 port 51984 ssh2 ...	2019-12-13 19:59:28
122.51.113.137	attackbotsspam	Dec 13 11:45:01 vps691689 sshd[13058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Dec 13 11:45:03 vps691689 sshd[13058]: Failed password for invalid user bridgett from 122.51.113.137 port 50792 ssh2 ...	2019-12-13 19:24:18
106.12.3.170	attackbotsspam	Dec 13 09:53:58 sticky sshd\[29722\]: Invalid user ftp from 106.12.3.170 port 49546 Dec 13 09:53:58 sticky sshd\[29722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.170 Dec 13 09:54:00 sticky sshd\[29722\]: Failed password for invalid user ftp from 106.12.3.170 port 49546 ssh2 Dec 13 10:00:31 sticky sshd\[29800\]: Invalid user gvallejo from 106.12.3.170 port 47008 Dec 13 10:00:31 sticky sshd\[29800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.170 ...	2019-12-13 20:05:01
179.124.34.8	attack	2019-12-10 04:50:18,077 fail2ban.actions \[3073\]: NOTICE \[ssh\] Ban 179.124.34.8 2019-12-10 05:11:21,741 fail2ban.actions \[3073\]: NOTICE \[ssh\] Ban 179.124.34.8 2019-12-10 05:32:50,361 fail2ban.actions \[3073\]: NOTICE \[ssh\] Ban 179.124.34.8 2019-12-10 05:52:03,410 fail2ban.actions \[3073\]: NOTICE \[ssh\] Ban 179.124.34.8 2019-12-10 06:11:22,766 fail2ban.actions \[3073\]: NOTICE \[ssh\] Ban 179.124.34.8 ...	2019-12-13 19:31:58
106.12.78.251	attack	Dec 13 11:36:19 localhost sshd\[14539\]: Invalid user isoft from 106.12.78.251 port 56368 Dec 13 11:36:19 localhost sshd\[14539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.251 Dec 13 11:36:21 localhost sshd\[14539\]: Failed password for invalid user isoft from 106.12.78.251 port 56368 ssh2 Dec 13 11:43:17 localhost sshd\[14854\]: Invalid user frydenberg from 106.12.78.251 port 50510 Dec 13 11:43:17 localhost sshd\[14854\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.251 ...	2019-12-13 20:03:45

Recently Reported IPs

42.234.232.43	140.115.221.23	34.102.176.152	103.13.66.42
74.112.136.155	15.207.110.208	103.211.179.118	165.22.113.209
82.199.45.188	40.118.43.195	66.214.190.212	195.60.126.122
190.26.43.74	165.90.241.239	120.239.196.93	113.173.179.240
186.139.123.33	114.4.110.189	201.242.187.71	113.172.120.73