94.231.180.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): Galichina Telekommunication Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 94.231.180.42 to port 23	2019-12-29 03:02:49

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 94.231.180.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34609
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;94.231.180.42.			IN	A

;; AUTHORITY SECTION:
.			496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122800 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 29 03:02:43 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

42.180.231.94.in-addr.arpa has no PTR record

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 42.180.231.94.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
190.198.20.175	attack	20/10/7@16:41:13: FAIL: Alarm-Network address from=190.198.20.175 20/10/7@16:41:13: FAIL: Alarm-Network address from=190.198.20.175 ...	2020-10-08 18:55:13
103.107.189.84	attack	1433/tcp 1433/tcp 1433/tcp... [2020-09-18/10-07]5pkt,1pt.(tcp)	2020-10-08 18:34:33
104.206.128.6	attackbots	bruteforce, ssh, scan port	2020-10-08 18:31:18
47.94.159.168	attack	Oct 7 22:40:02 pornomens sshd\[26837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.94.159.168 user=root Oct 7 22:40:04 pornomens sshd\[26837\]: Failed password for root from 47.94.159.168 port 33246 ssh2 Oct 7 22:41:21 pornomens sshd\[26862\]: Invalid user jenkins from 47.94.159.168 port 38250 Oct 7 22:41:21 pornomens sshd\[26862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.94.159.168 ...	2020-10-08 18:46:49
159.203.70.169	attackspambots	159.203.70.169 - - [08/Oct/2020:10:26:07 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.70.169 - - [08/Oct/2020:10:26:08 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.70.169 - - [08/Oct/2020:10:26:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-08 18:52:50
98.144.215.149	attackspam	Oct 5 20:17:45 host sshd[22613]: reveeclipse mapping checking getaddrinfo for mta-98-144-215-149.wi.rr.com [98.144.215.149] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 5 20:17:45 host sshd[22613]: Invalid user pi from 98.144.215.149 Oct 5 20:17:45 host sshd[22613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.144.215.149 Oct 5 20:17:45 host sshd[22712]: reveeclipse mapping checking getaddrinfo for mta-98-144-215-149.wi.rr.com [98.144.215.149] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 5 20:17:45 host sshd[22712]: Invalid user pi from 98.144.215.149 Oct 5 20:17:46 host sshd[22712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.144.215.149 Oct 5 20:17:48 host sshd[22613]: Failed password for invalid user pi from 98.144.215.149 port 49994 ssh2 Oct 5 20:17:48 host sshd[22712]: Failed password for invalid user pi from 98.144.215.149 port 49996 ssh2 Oct 5 20:17:48 host sshd[22613]: ........ -------------------------------	2020-10-08 18:27:47
218.92.0.165	attackspambots	Oct 8 12:33:02 pve1 sshd[18831]: Failed password for root from 218.92.0.165 port 33810 ssh2 Oct 8 12:33:06 pve1 sshd[18831]: Failed password for root from 218.92.0.165 port 33810 ssh2 ...	2020-10-08 18:40:10
120.224.55.8	attack	1433/tcp 1433/tcp 1433/tcp... [2020-08-11/10-07]5pkt,1pt.(tcp)	2020-10-08 18:58:07
182.254.129.29	attackspambots	445/tcp 445/tcp 445/tcp [2020-09-18/10-07]3pkt	2020-10-08 18:32:43
201.210.151.137	attackspam	20/10/7@16:41:29: FAIL: Alarm-Network address from=201.210.151.137 ...	2020-10-08 18:33:32
35.187.132.249	attackbotsspam	Wordpress attack	2020-10-08 18:54:39
218.89.222.16	attackbots	Oct 8 11:38:52 nopemail auth.info sshd[16927]: Disconnected from authenticating user root 218.89.222.16 port 55826 [preauth] ...	2020-10-08 18:36:29
171.246.52.48	attackspambots	TCP (SYN) 171.246.52.48:8124 -> port 23, len 44	2020-10-08 18:23:58
171.224.177.45	attack	Oct 8 02:28:51 cdc sshd[4002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.224.177.45 Oct 8 02:28:53 cdc sshd[4002]: Failed password for invalid user Administrator from 171.224.177.45 port 29728 ssh2	2020-10-08 18:33:16
77.21.184.35	attack	Oct 8 02:25:53 ns381471 sshd[29595]: Failed password for root from 77.21.184.35 port 58229 ssh2	2020-10-08 18:49:08

最近上报的IP列表

102.120.54.79	46.100.80.243	111.47.10.80	92.232.132.19
73.107.4.163	93.12.127.76	155.144.80.130	220.255.173.73
211.225.230.85	181.73.194.46	202.152.13.178	44.79.135.63
250.129.249.236	188.109.22.58	20.126.244.24	79.167.36.70
255.195.0.187	193.188.23.27	223.68.163.15	176.147.194.165