202.31.104.152

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (the Republic of)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.31.104.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15634
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;202.31.104.152.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021900 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 18:27:03 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 152.104.31.202.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 152.104.31.202.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
122.163.37.192	attackbots	Automatic report - Port Scan Attack	2020-09-29 02:50:35
201.203.117.33	attackbotsspam	Sep 27 11:31:48 serwer sshd\[1444\]: Invalid user odoo from 201.203.117.33 port 50953 Sep 27 11:31:48 serwer sshd\[1444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.203.117.33 Sep 27 11:31:50 serwer sshd\[1444\]: Failed password for invalid user odoo from 201.203.117.33 port 50953 ssh2 Sep 27 11:54:55 serwer sshd\[3936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.203.117.33 user=root Sep 27 11:54:58 serwer sshd\[3936\]: Failed password for root from 201.203.117.33 port 51116 ssh2 Sep 27 12:01:08 serwer sshd\[4733\]: Invalid user angel from 201.203.117.33 port 34921 Sep 27 12:01:08 serwer sshd\[4733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.203.117.33 Sep 27 12:01:11 serwer sshd\[4733\]: Failed password for invalid user angel from 201.203.117.33 port 34921 ssh2 Sep 27 12:07:17 serwer sshd\[5366\]: pam_unix$sshd:auth$: authen ...	2020-09-29 02:49:58
115.79.138.163	attack	(sshd) Failed SSH login from 115.79.138.163 (VN/Vietnam/adsl.viettel.vn): 5 in the last 3600 secs	2020-09-29 02:48:00
82.196.9.161	attackbots	Invalid user train5 from 82.196.9.161 port 37106	2020-09-29 02:39:00
128.199.99.204	attackbots	Sep 28 20:32:58 vpn01 sshd[12459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.99.204 Sep 28 20:33:00 vpn01 sshd[12459]: Failed password for invalid user oracle from 128.199.99.204 port 51353 ssh2 ...	2020-09-29 02:35:35
139.59.11.66	attackbotsspam	Time: Mon Sep 28 18:48:41 2020 +0000 IP: 139.59.11.66 (IN/India/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 28 18:47:48 29-1 sshd[18366]: Did not receive identification string from 139.59.11.66 port 37284 Sep 28 18:48:12 29-1 sshd[18444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.66 user=root Sep 28 18:48:14 29-1 sshd[18444]: Failed password for root from 139.59.11.66 port 58320 ssh2 Sep 28 18:48:36 29-1 sshd[18481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.11.66 user=root Sep 28 18:48:37 29-1 sshd[18481]: Failed password for root from 139.59.11.66 port 51980 ssh2	2020-09-29 02:53:19
45.185.164.132	attackbots	DATE:2020-09-28 03:26:31, IP:45.185.164.132, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-29 02:50:58
119.28.4.87	attack	2020-09-27T14:34:24.681357hostname sshd[16213]: Failed password for invalid user ftptest from 119.28.4.87 port 57276 ssh2 ...	2020-09-29 02:43:03
218.92.0.248	attack	$f2bV_matches	2020-09-29 03:03:25
193.228.91.11	attackspam	Sep 28 19:58:12 pub sshd[24574]: Invalid user jira from 193.228.91.11 port 42332 Sep 28 20:00:05 pub sshd[24595]: Invalid user stack from 193.228.91.11 port 58862 Sep 28 20:02:11 pub sshd[24605]: Invalid user weblogic from 193.228.91.11 port 47156 ...	2020-09-29 02:40:01
45.133.88.25	attackspam	hzb4 45.133.88.25 [28/Sep/2020:20:18:59 "http://beritainformasi.com/nasional/pelawak-nurul-qomar-resmi-ditahan-kejari-brebes/#comment-1462" "POST /wp-comments-post.php 302 866 45.133.88.25 [28/Sep/2020:20:19:31 "http://beritainformasi.com/nasional/pelawak-nurul-qomar-resmi-ditahan-kejari-brebes/#comment-1463" "POST /wp-comments-post.php 302 866 45.133.88.25 [28/Sep/2020:20:20:00 "http://beritainformasi.com/nasional/pelawak-nurul-qomar-resmi-ditahan-kejari-brebes/#comment-1464" "POST /wp-comments-post.php 409 3832	2020-09-29 02:40:54
197.38.63.198	attack	(cxs) cxs mod_security triggered by 197.38.63.198 (EG/Egypt/host-197.38.63.198.tedata.net): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_CXS; Logs: [Sun Sep 27 22:34:42.507711 2020] [:error] [pid 3136447:tid 47466709919488] [client 197.38.63.198:63163] [client 197.38.63.198] ModSecurity: Access denied with code 403 (phase 2). File "/tmp/20200927-223440-X3D3YNeKpoihDXXrruVHggAAAAs-file-gGNR9R" rejected by the approver script "/etc/cxs/cxscgi.sh": 0 [file "/etc/apache2/conf.d/modsec_vendor_configs/configserver/00_configserver.conf"] [line "7"] [id "1010101"] [msg "ConfigServer Exploit Scanner (cxs) triggered"] [severity "CRITICAL"] [hostname "gratitudemania.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "X3D3YNeKpoihDXXrruVHggAAAAs"], referer: http://gratitudemania.com/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php	2020-09-29 02:58:38
82.223.104.73	attackbotsspam	82.223.104.73 - - [28/Sep/2020:17:37:55 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2441 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 82.223.104.73 - - [28/Sep/2020:17:37:56 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2429 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 82.223.104.73 - - [28/Sep/2020:17:37:57 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 02:46:20
83.48.96.245	attackspambots	Time: Mon Sep 28 17:23:23 2020 +0000 IP: 83.48.96.245 (ES/Spain/245.red-83-48-96.staticip.rima-tde.net) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 28 17:01:48 1-1 sshd[45276]: Failed password for root from 83.48.96.245 port 40537 ssh2 Sep 28 17:15:35 1-1 sshd[45797]: Invalid user kang from 83.48.96.245 port 21914 Sep 28 17:15:37 1-1 sshd[45797]: Failed password for invalid user kang from 83.48.96.245 port 21914 ssh2 Sep 28 17:19:33 1-1 sshd[45957]: Failed password for root from 83.48.96.245 port 38389 ssh2 Sep 28 17:23:18 1-1 sshd[46116]: Invalid user vnc from 83.48.96.245 port 43405	2020-09-29 02:58:16
49.234.126.35	attack	Sep 28 18:37:29 django-0 sshd[3994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.126.35 user=root Sep 28 18:37:31 django-0 sshd[3994]: Failed password for root from 49.234.126.35 port 47048 ssh2 ...	2020-09-29 03:07:04

最近上报的IP列表

42.3.14.59	153.213.129.177	113.31.217.133	84.208.85.201
208.239.57.132	168.101.249.154	207.213.240.2	27.196.42.170
212.234.11.2	30.220.47.254	6.120.208.75	38.111.50.42
94.118.215.164	249.139.144.168	250.161.128.124	154.60.145.241
153.49.181.43	250.27.213.9	33.17.146.223	136.65.98.61