194.106.180.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Serbia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.106.180.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17235
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;194.106.180.42.			IN	A

;; AUTHORITY SECTION:
.			441	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 22:09:18 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

42.180.106.194.in-addr.arpa domain name pointer mssql.rclsyst.rs.
42.180.106.194.in-addr.arpa domain name pointer parks.rs.
42.180.106.194.in-addr.arpa domain name pointer plesk03.beotel.net.
42.180.106.194.in-addr.arpa domain name pointer miroslavantic.edu.rs.
42.180.106.194.in-addr.arpa domain name pointer ftp.parks.rs.
42.180.106.194.in-addr.arpa domain name pointer www.parks.rs.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.180.106.194.in-addr.arpa	name = parks.rs.
42.180.106.194.in-addr.arpa	name = plesk03.beotel.net.
42.180.106.194.in-addr.arpa	name = miroslavantic.edu.rs.
42.180.106.194.in-addr.arpa	name = ftp.parks.rs.
42.180.106.194.in-addr.arpa	name = www.parks.rs.
42.180.106.194.in-addr.arpa	name = mssql.rclsyst.rs.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
195.24.138.218	attackbots	Caught in portsentry honeypot	2019-07-10 05:39:50
197.148.44.38	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-10 05:30:31
106.12.12.86	attack	Jul 9 20:47:41 lnxweb61 sshd[6717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.86 Jul 9 20:47:43 lnxweb61 sshd[6717]: Failed password for invalid user lefty from 106.12.12.86 port 44010 ssh2 Jul 9 20:49:21 lnxweb61 sshd[7919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.86	2019-07-10 05:18:28
94.176.77.67	attack	(Jul 9) LEN=40 TTL=244 ID=15772 DF TCP DPT=23 WINDOW=14600 SYN (Jul 9) LEN=40 TTL=244 ID=17736 DF TCP DPT=23 WINDOW=14600 SYN (Jul 9) LEN=40 TTL=244 ID=37894 DF TCP DPT=23 WINDOW=14600 SYN (Jul 9) LEN=40 TTL=244 ID=57450 DF TCP DPT=23 WINDOW=14600 SYN (Jul 9) LEN=40 TTL=244 ID=3887 DF TCP DPT=23 WINDOW=14600 SYN (Jul 9) LEN=40 TTL=244 ID=2725 DF TCP DPT=23 WINDOW=14600 SYN (Jul 9) LEN=40 TTL=244 ID=28080 DF TCP DPT=23 WINDOW=14600 SYN (Jul 9) LEN=40 TTL=244 ID=19877 DF TCP DPT=23 WINDOW=14600 SYN (Jul 8) LEN=40 TTL=244 ID=26281 DF TCP DPT=23 WINDOW=14600 SYN (Jul 8) LEN=40 TTL=244 ID=6692 DF TCP DPT=23 WINDOW=14600 SYN (Jul 8) LEN=40 TTL=244 ID=42915 DF TCP DPT=23 WINDOW=14600 SYN (Jul 8) LEN=40 TTL=244 ID=23898 DF TCP DPT=23 WINDOW=14600 SYN (Jul 8) LEN=40 TTL=244 ID=29663 DF TCP DPT=23 WINDOW=14600 SYN (Jul 8) LEN=40 TTL=246 ID=40636 DF TCP DPT=23 WINDOW=14600 SYN (Jul 8) LEN=40 TTL=246 ID=63632 DF TCP DPT=23 WINDOW=14600 SYN	2019-07-10 05:33:14
103.26.212.26	attack	Jul 8 07:05:04 our-server-hostname postfix/smtpd[29339]: connect from unknown[103.26.212.26] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 8 07:05:08 our-server-hostname postfix/smtpd[29339]: lost connection after RCPT from unknown[103.26.212.26] Jul 8 07:05:08 our-server-hostname postfix/smtpd[29339]: disconnect from unknown[103.26.212.26] Jul 8 11:39:25 our-server-hostname postfix/smtpd[29867]: connect from unknown[103.26.212.26] Jul x@x Jul x@x Jul 8 11:39:36 our-server-hostname postfix/smtpd[29867]: lost connection after RCPT from unknown[103.26.212.26] Jul 8 11:39:36 our-server-hostname postfix/smtpd[29867]: disconnect from unknown[103.26.212.26] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.26.212.26	2019-07-10 05:47:10
216.218.206.97	attackspam	" "	2019-07-10 05:15:48
40.77.167.48	attackspam	Automatic report - Web App Attack	2019-07-10 05:46:05
23.129.64.213	attackbotsspam	Jul 8 13:39:37 vps34202 sshd[20652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 user=r.r Jul 8 13:39:39 vps34202 sshd[20652]: Failed password for r.r from 23.129.64.213 port 42083 ssh2 Jul 8 13:39:54 vps34202 sshd[20652]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 user=r.r Jul 8 13:58:22 vps34202 sshd[21468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 user=r.r Jul 8 13:58:24 vps34202 sshd[21468]: Failed password for r.r from 23.129.64.213 port 24663 ssh2 Jul 8 13:58:40 vps34202 sshd[21468]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 user=r.r Jul 8 15:11:59 vps34202 sshd[24581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 user=r.r Jul 8 15:12:01 vps34202 sshd[24581]: Failed password for ........ -------------------------------	2019-07-10 05:06:10
200.25.135.108	attack	DATE:2019-07-09_15:26:20, IP:200.25.135.108, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-10 05:25:37
220.194.237.43	attack	" "	2019-07-10 05:34:04
51.255.174.215	attack	Jul 9 22:46:51 srv206 sshd[25949]: Invalid user mcedit from 51.255.174.215 Jul 9 22:46:51 srv206 sshd[25949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.ip-51-255-174.eu Jul 9 22:46:51 srv206 sshd[25949]: Invalid user mcedit from 51.255.174.215 Jul 9 22:46:53 srv206 sshd[25949]: Failed password for invalid user mcedit from 51.255.174.215 port 35683 ssh2 ...	2019-07-10 05:07:41
181.225.3.157	attackspam	Jul 9 10:42:40 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 181.225.3.157 port 53156 ssh2 (target: 158.69.100.132:22, password: Zte521) Jul 9 10:42:40 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 181.225.3.157 port 53156 ssh2 (target: 158.69.100.132:22, password: r.r) Jul 9 10:42:41 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 181.225.3.157 port 53156 ssh2 (target: 158.69.100.132:22, password: xmhdipc) Jul 9 10:42:41 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 181.225.3.157 port 53156 ssh2 (target: 158.69.100.132:22, password: waldo) Jul 9 10:42:42 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 181.225.3.157 port 53156 ssh2 (target: 158.69.100.132:22, password: seiko2005) Jul 9 10:42:42 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 181.225.3.157 port 53156 ssh2 (target: 158.69.100.132:22, password: ubnt) Jul 9 10:42:43 wildwolf ssh-honeypotd[26164]: Failed password for r.r from........ ------------------------------	2019-07-10 05:36:47
213.232.124.244	attack	WordPress login Brute force / Web App Attack on client site.	2019-07-10 05:03:05
178.32.136.127	attack	WordPress wp-login brute force :: 178.32.136.127 0.048 BYPASS [09/Jul/2019:23:25:11 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-10 05:43:18
94.23.145.156	attack	[munged]::443 94.23.145.156 - - [09/Jul/2019:15:26:22 +0200] "POST /[munged]: HTTP/1.1" 200 2436 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-10 05:24:35

最近上报的IP列表

194.106.192.2	194.106.151.85	194.106.192.3	194.106.216.70
194.107.107.172	194.106.195.52	194.107.127.29	194.106.198.130
194.106.180.50	194.107.124.250	194.107.236.209	194.107.62.39
194.107.236.142	194.109.117.219	194.107.236.155	194.109.193.142
194.109.6.93	194.109.117.218	194.11.154.44	194.109.129.58