194.31.244.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): Syntegra Telecom LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-23 03:13:44
attackspam	05/21/2020-12:15:22.042785 194.31.244.42 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-22 00:16:30
attackspam	firewall-block, port(s): 5250/tcp	2020-05-21 00:47:27
attack	Multiport scan : 27 ports scanned 3590 3592 3593 3595 3596 3671 3673 3675 3676 3678 3681 3683 3684 3686 3689 3690 3691 3693 3694 3701 3704 3708 3709 3712 3714 3715 3717	2020-05-15 08:32:48
attackbots	firewall-block, port(s): 5169/tcp, 5185/tcp	2020-05-10 17:33:46
attackbotsspam	Port scan on 3 port(s): 8471 8473 8953	2020-05-07 02:01:32
attackspambots	trying to access non-authorized port	2020-05-03 22:04:32
attackbots	firewall-block, port(s): 8592/tcp	2020-04-29 01:22:50
attackspam	scans 13 times in preceeding hours on the ports (in chronological order) 8501 8536 8514 8504 8525 8508 8519 8509 8530 8513 8521 8506 8523 resulting in total of 49 scans from 194.31.244.0/24 block.	2020-04-25 22:20:25
attack	Port scan on 6 port(s): 8310 8322 8325 8327 8337 8340	2020-04-20 00:55:11

相同子网IP讨论:

IP	类型	评论内容	时间
194.31.244.38	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-23 03:15:00
194.31.244.46	attack	scans once in preceeding hours on the ports (in chronological order) 9976 resulting in total of 1 scans from 194.31.244.0/24 block.	2020-05-23 03:11:56
194.31.244.38	attackspambots	firewall-block, port(s): 2070/tcp, 2077/tcp, 2093/tcp, 2096/tcp	2020-05-22 00:16:55
194.31.244.46	attackbots	May 21 16:43:01 debian-2gb-nbg1-2 kernel: \[12331002.479052\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.31.244.46 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=61275 PROTO=TCP SPT=46662 DPT=24020 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-22 00:16:13
194.31.244.50	attackbots	Port scan on 6 port(s): 3487 3504 3595 3622 3802 3921	2020-05-16 16:37:20
194.31.244.22	attackbots	May 16 01:47:36 debian-2gb-nbg1-2 kernel: \[11845303.179619\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.31.244.22 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=40741 PROTO=TCP SPT=51965 DPT=3386 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-16 08:23:04
194.31.244.30	attackbotsspam	May 7 10:51:32 debian-2gb-nbg1-2 kernel: \[11100378.108672\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.31.244.30 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=23970 PROTO=TCP SPT=44774 DPT=8192 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 19:41:42
194.31.244.26	attackspam	May 7 05:57:46 debian-2gb-nbg1-2 kernel: \[11082753.975321\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.31.244.26 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=5440 PROTO=TCP SPT=44751 DPT=6016 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 12:04:18
194.31.244.22	attackbots	May 6 23:43:22 debian-2gb-nbg1-2 kernel: \[11060290.234276\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.31.244.22 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=55218 PROTO=TCP SPT=44727 DPT=1018 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 05:58:12
194.31.244.38	attackspam	Fail2Ban Ban Triggered	2020-05-07 02:01:56
194.31.244.46	attack	firewall-block, port(s): 7916/tcp, 7926/tcp	2020-05-07 02:01:19
194.31.244.50	attackspambots	May 6 19:52:04 debian-2gb-nbg1-2 kernel: \[11046413.738261\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.31.244.50 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=48024 PROTO=TCP SPT=50046 DPT=3399 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 02:01:01
194.31.244.10	attackbotsspam	Port Scan detected from 194.31.244.10 (UA/Ukraine/-). 11 hits in the last 281 seconds	2020-05-05 17:17:06
194.31.244.50	attackbots	firewall-block, port(s): 3480/tcp, 3499/tcp	2020-05-05 12:43:31
194.31.244.46	attackspambots	Fail2Ban Ban Triggered	2020-05-04 03:50:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.31.244.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11825
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;194.31.244.42.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041900 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 00:55:07 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 42.244.31.194.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.244.31.194.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
161.35.140.204	attackbots	Sep 1 12:26:43 server sshd[27980]: User root from 161.35.140.204 not allowed because listed in DenyUsers ...	2020-09-01 17:48:43
185.220.102.254	attackbots	Sep 1 12:06:56 debian64 sshd[7978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.102.254 Sep 1 12:06:59 debian64 sshd[7978]: Failed password for invalid user admin from 185.220.102.254 port 25672 ssh2 ...	2020-09-01 18:11:38
110.49.70.243	attackbotsspam	Sep 1 11:14:35 sip sshd[1484065]: Invalid user ali from 110.49.70.243 port 2606 Sep 1 11:14:37 sip sshd[1484065]: Failed password for invalid user ali from 110.49.70.243 port 2606 ssh2 Sep 1 11:18:42 sip sshd[1484128]: Invalid user opo from 110.49.70.243 port 11466 ...	2020-09-01 17:46:47
165.227.35.46	attack	Sep 1 12:27:50 server sshd[16506]: Invalid user admin from 165.227.35.46 port 34930 ...	2020-09-01 18:02:13
118.25.53.252	attack	(sshd) Failed SSH login from 118.25.53.252 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 1 04:47:58 server4 sshd[29682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.53.252 user=root Sep 1 04:48:00 server4 sshd[29682]: Failed password for root from 118.25.53.252 port 35670 ssh2 Sep 1 04:54:53 server4 sshd[834]: Invalid user atul from 118.25.53.252 Sep 1 04:54:53 server4 sshd[834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.53.252 Sep 1 04:54:55 server4 sshd[834]: Failed password for invalid user atul from 118.25.53.252 port 40358 ssh2	2020-09-01 18:20:07
120.151.240.77	attackspam	Automatic report - Port Scan Attack	2020-09-01 17:54:20
51.77.220.127	attackbots	51.77.220.127 - - [01/Sep/2020:12:34:05 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-09-01 17:40:32
27.68.102.57	attack	20/8/31@23:48:22: FAIL: Alarm-Network address from=27.68.102.57 20/8/31@23:48:22: FAIL: Alarm-Network address from=27.68.102.57 ...	2020-09-01 17:51:56
112.199.104.37	attack	2020-08-31 22:36:28.374970-0500 localhost smtpd[42821]: NOQUEUE: reject: RCPT from unknown[112.199.104.37]: 554 5.7.1 Service unavailable; Client host [112.199.104.37] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/112.199.104.37; from= to= proto=ESMTP helo=<37.104.199.112.clbrz.inet.static.eastern-tele.com>	2020-09-01 18:00:19
118.25.144.133	attackspam	Invalid user testsftp from 118.25.144.133 port 41814	2020-09-01 18:18:38
200.119.112.204	attack	Sep 1 06:46:59 meumeu sshd[747715]: Invalid user wp-user from 200.119.112.204 port 38310 Sep 1 06:46:59 meumeu sshd[747715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.119.112.204 Sep 1 06:46:59 meumeu sshd[747715]: Invalid user wp-user from 200.119.112.204 port 38310 Sep 1 06:47:01 meumeu sshd[747715]: Failed password for invalid user wp-user from 200.119.112.204 port 38310 ssh2 Sep 1 06:49:35 meumeu sshd[747849]: Invalid user jd from 200.119.112.204 port 46642 Sep 1 06:49:35 meumeu sshd[747849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.119.112.204 Sep 1 06:49:35 meumeu sshd[747849]: Invalid user jd from 200.119.112.204 port 46642 Sep 1 06:49:37 meumeu sshd[747849]: Failed password for invalid user jd from 200.119.112.204 port 46642 ssh2 Sep 1 06:52:15 meumeu sshd[747909]: Invalid user ftptest from 200.119.112.204 port 54978 ...	2020-09-01 17:47:47
202.131.69.18	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-01 18:21:07
54.37.68.191	attackspambots	Sep 1 12:26:26 server sshd[22051]: Invalid user rails from 54.37.68.191 port 54928 Sep 1 12:26:28 server sshd[22051]: Failed password for invalid user rails from 54.37.68.191 port 54928 ssh2 Sep 1 12:26:26 server sshd[22051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.68.191 Sep 1 12:26:26 server sshd[22051]: Invalid user rails from 54.37.68.191 port 54928 Sep 1 12:26:28 server sshd[22051]: Failed password for invalid user rails from 54.37.68.191 port 54928 ssh2 ...	2020-09-01 18:08:24
81.198.117.110	attackbotsspam	Sep 1 10:39:42 gospond sshd[23299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.198.117.110 user=root Sep 1 10:39:44 gospond sshd[23299]: Failed password for root from 81.198.117.110 port 51294 ssh2 ...	2020-09-01 17:44:14
119.162.68.166	attackspambots	2020-08-31 22:33:43.327984-0500 localhost smtpd[42821]: NOQUEUE: reject: RCPT from unknown[119.162.68.166]: 554 5.7.1 Service unavailable; Client host [119.162.68.166] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/119.162.68.166; from= to= proto=ESMTP helo=<[119.162.68.166]>	2020-09-01 18:01:59

最近上报的IP列表

70.37.77.57	182.149.130.4	84.17.60.117	14.160.93.98
118.96.19.103	219.69.40.40	185.183.243.55	187.178.6.70
93.211.211.184	167.71.248.174	210.1.228.35	120.53.10.102
93.81.212.182	69.162.98.123	1.55.92.89	139.59.59.55
121.143.182.124	125.164.184.51	94.245.94.104	200.53.21.199