94.102.52.238 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
94.102.52.36	attackspam	Sent packet to closed port: 22	2020-08-09 23:44:48
94.102.52.57	attackbots	[Thu May 21 12:06:10 2020] - DDoS Attack From IP: 94.102.52.57 Port: 56548	2020-07-09 03:53:58
94.102.52.44	attackspambots	May 27 00:05:26 pop3-login: Info: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\<9W41QJSmrABeZjQs\>\ May 27 00:47:06 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:50:24 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:59:20 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 00:59:24 pop3-login: Info: Aborted login \(auth failed, 1 attempts in 6 secs\): user=\, method=PLAIN, rip=94.102.52.44, lip=192.168.100.101, session=\\ May 27 01	2020-05-27 07:46:46
94.102.52.44	attackspam	May 26 18:59:50 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:00:07 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session=<0DPwBpCmxk5eZjQs> May 26 19:00:19 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:01:43 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=94.102.52.44, lip=185.118.198.210, session= May 26 19:02:11 web01.agentur-b-2.de dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=	2020-05-27 01:15:11
94.102.52.44	attack	May 26 04:04:28 ns3042688 courier-pop3d: LOGIN FAILED, user=postmaster@sikla-shop.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-26 10:11:53
94.102.52.44	attackbotsspam	May 25 19:44:30 ns3042688 courier-pop3d: LOGIN FAILED, user=office@sikla-systems.es, ip=\[::ffff:94.102.52.44\] ...	2020-05-26 02:06:54
94.102.52.44	attackbotsspam	May 25 07:48:22 ns3042688 courier-pop3d: LOGIN FAILED, user=test@makita-dolmar.info, ip=\[::ffff:94.102.52.44\] ...	2020-05-25 13:49:29
94.102.52.57	attackbotsspam	05/24/2020-18:33:20.532373 94.102.52.57 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-25 06:51:24
94.102.52.44	attackbotsspam	May 24 13:56:10 ns3042688 courier-pop3d: LOGIN FAILED, user=webmaster@tienda-sikla.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-24 20:15:14
94.102.52.57	attack	Port scanning [23 denied]	2020-05-23 17:57:54
94.102.52.44	attack	May 22 21:47:50 ns3042688 courier-pop3d: LOGIN FAILED, user=reception@tienda-cmt.org, ip=\[::ffff:94.102.52.44\] ...	2020-05-23 03:49:51
94.102.52.44	attackbots	May 22 13:47:30 ns3042688 courier-pop3d: LOGIN FAILED, user=support@sikla-shop.eu, ip=\[::ffff:94.102.52.44\] ...	2020-05-22 19:54:43
94.102.52.57	attack	TCP ports : 11 / 338 / 448 / 564 / 911	2020-05-22 01:22:15
94.102.52.57	attackspambots	05/20/2020-13:13:08.646937 94.102.52.57 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-21 01:31:46
94.102.52.44	attackbotsspam	May 20 18:50:14 ns3042688 courier-pop3d: LOGIN FAILED, user=info@tienda-cmt.com, ip=\[::ffff:94.102.52.44\] ...	2020-05-21 00:57:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.52.238
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48397
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;94.102.52.238.			IN	A

;; AUTHORITY SECTION:
.			143	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022063001 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 01 02:46:36 CST 2022
;; MSG SIZE  rcvd: 106

Host info

238.52.102.94.in-addr.arpa domain name pointer hosted-by.ultrasvps.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
238.52.102.94.in-addr.arpa	name = hosted-by.ultrasvps.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.202.201.210	attackbots	Sep 7 13:53:23 php1 sshd\[2269\]: Invalid user server1 from 223.202.201.210 Sep 7 13:53:23 php1 sshd\[2269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.202.201.210 Sep 7 13:53:25 php1 sshd\[2269\]: Failed password for invalid user server1 from 223.202.201.210 port 56277 ssh2 Sep 7 13:58:15 php1 sshd\[2689\]: Invalid user ts3server from 223.202.201.210 Sep 7 13:58:15 php1 sshd\[2689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.202.201.210	2019-09-08 10:11:29
178.148.23.81	attack	Malicious/Probing: /wp-login.php	2019-09-08 09:42:55
188.93.234.85	attackbotsspam	Automatic report - Banned IP Access	2019-09-08 10:26:36
218.98.26.183	attack	Sep 8 03:09:56 cvbmail sshd\[10793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.183 user=root Sep 8 03:09:58 cvbmail sshd\[10793\]: Failed password for root from 218.98.26.183 port 28887 ssh2 Sep 8 03:10:09 cvbmail sshd\[10795\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.183 user=root	2019-09-08 09:51:02
177.154.139.201	attack	/login.php	2019-09-08 09:56:37
49.88.112.78	attack	Sep 8 03:45:29 fr01 sshd[19812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.78 user=root Sep 8 03:45:30 fr01 sshd[19812]: Failed password for root from 49.88.112.78 port 30368 ssh2 Sep 8 03:45:33 fr01 sshd[19812]: Failed password for root from 49.88.112.78 port 30368 ssh2 Sep 8 03:45:35 fr01 sshd[19812]: Failed password for root from 49.88.112.78 port 30368 ssh2 ...	2019-09-08 09:47:30
129.204.95.39	attackbots	Sep 8 02:01:48 vps01 sshd[24818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.95.39 Sep 8 02:01:50 vps01 sshd[24818]: Failed password for invalid user vserver from 129.204.95.39 port 37320 ssh2	2019-09-08 09:46:10
143.192.97.178	attackbotsspam	Sep 7 16:01:30 hcbb sshd\[25494\]: Invalid user kfserver from 143.192.97.178 Sep 7 16:01:30 hcbb sshd\[25494\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.192.97.178 Sep 7 16:01:33 hcbb sshd\[25494\]: Failed password for invalid user kfserver from 143.192.97.178 port 55964 ssh2 Sep 7 16:06:16 hcbb sshd\[26188\]: Invalid user teamspeak321 from 143.192.97.178 Sep 7 16:06:16 hcbb sshd\[26188\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.192.97.178	2019-09-08 10:20:51
218.98.40.139	attackspambots	Sep 7 22:08:54 ny01 sshd[13870]: Failed password for root from 218.98.40.139 port 46829 ssh2 Sep 7 22:09:25 ny01 sshd[13967]: Failed password for root from 218.98.40.139 port 34613 ssh2	2019-09-08 10:12:04
103.17.92.254	attackspam	Sep 8 05:22:53 areeb-Workstation sshd[15818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.17.92.254 Sep 8 05:22:55 areeb-Workstation sshd[15818]: Failed password for invalid user web5 from 103.17.92.254 port 46651 ssh2 ...	2019-09-08 10:08:34
186.34.32.114	attack	Sep 8 04:04:12 OPSO sshd\[13616\]: Invalid user demo from 186.34.32.114 port 54334 Sep 8 04:04:12 OPSO sshd\[13616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.34.32.114 Sep 8 04:04:14 OPSO sshd\[13616\]: Failed password for invalid user demo from 186.34.32.114 port 54334 ssh2 Sep 8 04:10:13 OPSO sshd\[15053\]: Invalid user postgres from 186.34.32.114 port 47572 Sep 8 04:10:13 OPSO sshd\[15053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.34.32.114	2019-09-08 10:22:02
170.150.155.102	attackspambots	Sep 8 05:07:21 server sshd\[4521\]: Invalid user tomcat from 170.150.155.102 port 52174 Sep 8 05:07:21 server sshd\[4521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.150.155.102 Sep 8 05:07:23 server sshd\[4521\]: Failed password for invalid user tomcat from 170.150.155.102 port 52174 ssh2 Sep 8 05:12:16 server sshd\[5999\]: Invalid user cloud from 170.150.155.102 port 39132 Sep 8 05:12:16 server sshd\[5999\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.150.155.102	2019-09-08 10:27:47
2a0a:8880::ec4:7aff:fe6b:722	attackbots	xmlrpc attack	2019-09-08 10:05:33
106.12.74.238	attackbotsspam	Sep 8 04:01:26 plex sshd[5022]: Invalid user postgres from 106.12.74.238 port 36492	2019-09-08 10:10:34
46.101.187.76	attackbots	Sep 7 15:42:04 web1 sshd\[20153\]: Invalid user admin from 46.101.187.76 Sep 7 15:42:04 web1 sshd\[20153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.187.76 Sep 7 15:42:06 web1 sshd\[20153\]: Failed password for invalid user admin from 46.101.187.76 port 57063 ssh2 Sep 7 15:45:53 web1 sshd\[20553\]: Invalid user deploy from 46.101.187.76 Sep 7 15:45:53 web1 sshd\[20553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.187.76	2019-09-08 10:09:55

Recently Reported IPs

94.102.50.31	196.55.2.8	94.102.62.130	94.102.48.177
94.102.54.71	42.156.139.215	209.251.238.56	176.119.7.219
94.102.54.6	106.11.152.237	186.116.174.114	197.248.184.158
180.76.62.183	94.102.54.79	94.102.53.152	89.248.162.130
94.102.49.145	89.248.163.144	42.156.138.155	89.248.161.194