94.102.53.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Incrediserve Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP: 94.102.53.52 ASN: AS202425 IP Volume inc Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 22/12/2019 6:24:44 AM UTC	2019-12-22 20:07:48
attackspam	Oct 7 00:36:14 OPSO sshd\[19086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.53.52 user=root Oct 7 00:36:16 OPSO sshd\[19086\]: Failed password for root from 94.102.53.52 port 41466 ssh2 Oct 7 00:40:16 OPSO sshd\[19947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.53.52 user=root Oct 7 00:40:18 OPSO sshd\[19947\]: Failed password for root from 94.102.53.52 port 55864 ssh2 Oct 7 00:44:15 OPSO sshd\[20485\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.53.52 user=root	2019-10-07 06:53:06
attackbotsspam	Oct 4 16:21:01 legacy sshd[15908]: Failed password for root from 94.102.53.52 port 33516 ssh2 Oct 4 16:25:18 legacy sshd[15976]: Failed password for root from 94.102.53.52 port 48444 ssh2 ...	2019-10-04 22:46:37
attackspambots	Oct 3 00:07:11 plusreed sshd[11306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.53.52 user=postgres Oct 3 00:07:13 plusreed sshd[11306]: Failed password for postgres from 94.102.53.52 port 39090 ssh2 ...	2019-10-03 19:44:12
attackspambots	$f2bV_matches	2019-10-02 19:28:52
attack	Oct 1 14:26:20 vps647732 sshd[22824]: Failed password for root from 94.102.53.52 port 48530 ssh2 Oct 1 14:30:25 vps647732 sshd[22998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.53.52 ...	2019-10-02 01:20:59
attackbotsspam	(sshd) Failed SSH login from 94.102.53.52 (NL/Netherlands/-/-/-/[AS202425 IP Volume inc]): 1 in the last 3600 secs	2019-09-29 08:30:29
attackbotsspam	Sep 22 20:54:47 lcprod sshd\[2830\]: Invalid user kerine from 94.102.53.52 Sep 22 20:54:47 lcprod sshd\[2830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.53.52 Sep 22 20:54:50 lcprod sshd\[2830\]: Failed password for invalid user kerine from 94.102.53.52 port 60938 ssh2 Sep 22 20:59:03 lcprod sshd\[3203\]: Invalid user norma from 94.102.53.52 Sep 22 20:59:03 lcprod sshd\[3203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.102.53.52	2019-09-23 16:56:48

Comments on same subnet:

IP	Type	Details	Datetime
94.102.53.112	attackbots	Sep 22 19:49:41 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=64967 PROTO=TCP SPT=47405 DPT=56184 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 19:50:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=55059 PROTO=TCP SPT=47405 DPT=57738 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 19:59:46 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=25295 PROTO=TCP SPT=47405 DPT=55384 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 20:00:15 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=48025 PROTO=TCP SPT=47405 DPT=55603 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 20:01:40 ...	2020-09-23 02:26:17
94.102.53.112	attackbots	Sep 22 11:24:28 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=17068 PROTO=TCP SPT=47405 DPT=54077 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 11:27:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=46683 PROTO=TCP SPT=47405 DPT=54299 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 11:27:34 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=53915 PROTO=TCP SPT=47405 DPT=55299 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 11:28:14 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=2437 PROTO=TCP SPT=47405 DPT=54029 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 22 11:28:20 * ...	2020-09-22 18:30:21
94.102.53.112	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-22 00:22:59
94.102.53.112	attackspam	Sep 21 09:01:03 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=17971 PROTO=TCP SPT=47405 DPT=57452 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 09:01:14 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=8030 PROTO=TCP SPT=47405 DPT=56362 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 09:02:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=35275 PROTO=TCP SPT=47405 DPT=55720 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 09:02:56 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=57017 PROTO=TCP SPT=47405 DPT=56338 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 09:04:33 * ...	2020-09-21 16:04:01
94.102.53.112	attack	Sep 21 01:48:45 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=31180 PROTO=TCP SPT=47405 DPT=56733 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:50:15 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=30201 PROTO=TCP SPT=47405 DPT=54320 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:50:54 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=63633 PROTO=TCP SPT=47405 DPT=55532 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:53:48 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43016 PROTO=TCP SPT=47405 DPT=54571 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:57:34 ...	2020-09-21 07:58:37
94.102.53.112	attack	Fail2Ban Ban Triggered	2020-09-12 01:03:54
94.102.53.112	attackspambots	Sep 11 10:46:08 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=14603 PROTO=TCP SPT=54264 DPT=47578 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 10:47:41 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=48855 PROTO=TCP SPT=54264 DPT=48632 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 10:50:31 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=35108 PROTO=TCP SPT=54264 DPT=49545 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 10:50:57 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=33718 PROTO=TCP SPT=54264 DPT=46805 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 10:54:30 ...	2020-09-11 17:00:15
94.102.53.112	attack	[H1.VM2] Blocked by UFW	2020-09-11 09:12:55
94.102.53.112	attack	[MK-VM6] Blocked by UFW	2020-09-09 03:55:14
94.102.53.112	attack	Sep 8 11:15:02 [host] kernel: [5223053.217784] [U Sep 8 11:17:05 [host] kernel: [5223176.069358] [U Sep 8 11:18:28 [host] kernel: [5223258.852837] [U Sep 8 11:18:50 [host] kernel: [5223281.334385] [U Sep 8 11:20:52 [host] kernel: [5223402.951904] [U Sep 8 11:27:39 [host] kernel: [5223810.195981] [U	2020-09-08 19:34:39
94.102.53.112	attackspambots	[MK-Root1] Blocked by UFW	2020-09-06 21:04:43
94.102.53.112	attackspam	Sep605:39:07server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=94.102.53.112DST=136.243.224.57LEN=40TOS=0x00PREC=0x00TTL=249ID=57372PROTO=TCPSPT=54264DPT=48514WINDOW=1024RES=0x00SYNURGP=0Sep605:39:21server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=94.102.53.112DST=136.243.224.51LEN=40TOS=0x00PREC=0x00TTL=249ID=56208PROTO=TCPSPT=54264DPT=47431WINDOW=1024RES=0x00SYNURGP=0Sep605:39:24server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=94.102.53.112DST=136.243.224.57LEN=40TOS=0x00PREC=0x00TTL=249ID=24382PROTO=TCPSPT=54264DPT=48906WINDOW=1024RES=0x00SYNURGP=0Sep605:39:31server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=94.102.53.112DST=136.243.224.53LEN=40TOS=0x00PREC=0x00TTL=249ID=41730PROTO=TCPSPT=54264DPT=47417WINDOW=1024RES=0x00SYNURGP=0Sep605:39:37server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7	2020-09-06 12:42:20
94.102.53.112	attack	Sep 5 20:19:38 [host] kernel: [4996571.194594] [U Sep 5 20:19:48 [host] kernel: [4996581.278273] [U Sep 5 20:26:44 [host] kernel: [4996997.816185] [U Sep 5 20:39:01 [host] kernel: [4997734.271342] [U Sep 5 20:45:21 [host] kernel: [4998113.673015] [U Sep 5 20:45:47 [host] kernel: [4998140.247833] [U	2020-09-06 05:02:52
94.102.53.112	attackspam	[H1.VM7] Blocked by UFW	2020-08-27 14:40:29
94.102.53.112	attack	[H1.VM8] Blocked by UFW	2020-08-21 21:06:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.102.53.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59019
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.102.53.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 16 17:33:26 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 52.53.102.94.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 52.53.102.94.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
84.42.47.124	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-10-18 23:28:27
139.178.76.99	attack	Automatic report - Banned IP Access	2019-10-18 23:17:11
106.201.238.226	attackbots	firewall-block, port(s): 1433/tcp	2019-10-18 23:07:40
51.79.129.237	attackbots	2019-10-18T14:34:18.297264abusebot-5.cloudsearch.cf sshd\[21234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip237.ip-51-79-129.net user=root	2019-10-18 22:59:04
190.211.141.217	attackspambots	2019-10-18T14:50:41.585409abusebot-3.cloudsearch.cf sshd\[8616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.141.217 user=root	2019-10-18 23:21:10
104.244.72.115	attackbotsspam	2019-10-18T15:00:29.324505abusebot.cloudsearch.cf sshd\[19026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tor-exit-hermes.greektor.net user=root	2019-10-18 23:14:43
121.233.206.136	attackspam	SASL broute force	2019-10-18 23:19:50
164.52.152.248	attackbotsspam	" "	2019-10-18 22:50:52
218.28.50.51	attackbotsspam	12:40:14.704 1 IMAP-001309([218.28.50.51]) failed to open 'atchthismail@womble.org'. Connection from [218.28.50.51]:57982. Error Code=unknown user account ...	2019-10-18 22:59:53
106.13.44.83	attack	Oct 18 16:56:57 * sshd[22041]: Failed password for root from 106.13.44.83 port 48452 ssh2	2019-10-18 23:03:27
5.3.6.82	attackbotsspam	2019-10-18T13:13:51.876638abusebot-5.cloudsearch.cf sshd\[20440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.3.6.82 user=root	2019-10-18 23:24:29
185.153.208.26	attack	Automatic report - Banned IP Access	2019-10-18 23:20:38
104.248.16.13	attack	104.248.16.13 - - [18/Oct/2019:13:39:47 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.16.13 - - [18/Oct/2019:13:39:49 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.16.13 - - [18/Oct/2019:13:39:49 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.16.13 - - [18/Oct/2019:13:39:50 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.16.13 - - [18/Oct/2019:13:39:50 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.16.13 - - [18/Oct/2019:13:39:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-18 23:17:32
146.115.75.225	attack	Oct 18 10:49:12 ws19vmsma01 sshd[65733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.115.75.225 ...	2019-10-18 22:48:45
60.172.53.138	attackbotsspam	Unauthorised access (Oct 18) SRC=60.172.53.138 LEN=52 TOS=0x10 PREC=0x40 TTL=48 ID=13781 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-18 23:11:06

Recently Reported IPs

86.241.233.93	119.84.50.135	107.173.167.26	202.118.223.163
193.27.108.182	64.224.103.249	140.80.254.223	233.39.141.116
127.29.180.106	28.6.176.237	83.198.164.103	120.152.14.124
56.77.25.254	138.124.194.153	93.23.107.207	111.4.149.4
136.53.115.167	65.137.188.99	36.113.9.62	109.111.181.90