31.134.42.73 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): IRONNET Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Port Scan ...	2020-08-07 04:30:35

相同子网IP讨论:

IP	类型	评论内容	时间
31.134.42.134	attackspam	Aug 23 05:49:58 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=31.134.42.134 DST=173.212.244.83 LEN=52 TOS=0x00 PREC=0x00 TTL=54 ID=8612 DF PROTO=TCP SPT=4538 DPT=18073 WINDOW=64240 RES=0x00 SYN URGP=0 Aug 23 05:49:58 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=31.134.42.134 DST=173.212.244.83 LEN=48 TOS=0x00 PREC=0x00 TTL=54 ID=8611 PROTO=UDP SPT=18073 DPT=18073 LEN=28 Aug 23 05:50:01 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=31.134.42.134 DST=173.212.244.83 LEN=52 TOS=0x00 PREC=0x00 TTL=54 ID=8613 DF PROTO=TCP SPT=4538 DPT=18073 WINDOW=64240 RES=0x00 SYN URGP=0 Aug 23 05:50:01 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=31.134.42.134 DST=173.212.244.83 LEN=48 TOS=0x00 PREC=0x00 TTL=55 ID=8614 PROTO=UDP SPT=18073 DPT=18073 LEN=28 Aug 23 05:50:07 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50: ...	2020-08-23 16:42:01

类型

评论内容

时间

31.134.42.134

attackspam

Aug 23 05:49:58 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=31.134.42.134 DST=173.212.244.83 LEN=52 TOS=0x00 PREC=0x00 TTL=54 ID=8612 DF PROTO=TCP SPT=4538 DPT=18073 WINDOW=64240 RES=0x00 SYN URGP=0 Aug 23 05:49:58 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=31.134.42.134 DST=173.212.244.83 LEN=48 TOS=0x00 PREC=0x00 TTL=54 ID=8611 PROTO=UDP SPT=18073 DPT=18073 LEN=28 Aug 23 05:50:01 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=31.134.42.134 DST=173.212.244.83 LEN=52 TOS=0x00 PREC=0x00 TTL=54 ID=8613 DF PROTO=TCP SPT=4538 DPT=18073 WINDOW=64240 RES=0x00 SYN URGP=0 Aug 23 05:50:01 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=31.134.42.134 DST=173.212.244.83 LEN=48 TOS=0x00 PREC=0x00 TTL=55 ID=8614 PROTO=UDP SPT=18073 DPT=18073 LEN=28 Aug 23 05:50:07 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:
...

2020-08-23 16:42:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.134.42.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36690
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.134.42.73.			IN	A

;; AUTHORITY SECTION:
.			502	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080603 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 07 04:30:31 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

73.42.134.31.in-addr.arpa domain name pointer host73-31-134-42.ironnet.info.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
73.42.134.31.in-addr.arpa	name = host73-31-134-42.ironnet.info.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
218.92.0.168	attack	detected by Fail2Ban	2020-04-12 14:30:49
111.229.125.124	attackbots	detected by Fail2Ban	2020-04-12 14:31:02
80.211.30.166	attackbots	SSH Login Bruteforce	2020-04-12 14:51:09
113.87.193.39	attackspam	04/11/2020-23:55:33.846379 113.87.193.39 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-04-12 14:35:33
190.64.131.155	attackbotsspam	Apr 12 09:52:28 ift sshd\[61060\]: Invalid user alexandria from 190.64.131.155Apr 12 09:52:30 ift sshd\[61060\]: Failed password for invalid user alexandria from 190.64.131.155 port 40628 ssh2Apr 12 09:57:18 ift sshd\[62120\]: Failed password for root from 190.64.131.155 port 48012 ssh2Apr 12 10:01:56 ift sshd\[63017\]: Invalid user ecqadmin from 190.64.131.155Apr 12 10:01:58 ift sshd\[63017\]: Failed password for invalid user ecqadmin from 190.64.131.155 port 55384 ssh2 ...	2020-04-12 15:04:43
138.197.141.233	attackspam	Unauthorized connection attempt detected from IP address 138.197.141.233 to port 23	2020-04-12 14:53:12
109.195.160.133	attack	RU_RAID-MNT_<177>1586663714 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 109.195.160.133:50779	2020-04-12 14:45:02
116.237.76.200	attackbotsspam	Apr 12 04:27:56 124388 sshd[20292]: Failed password for invalid user wangbo from 116.237.76.200 port 33384 ssh2 Apr 12 04:31:51 124388 sshd[20309]: Invalid user test from 116.237.76.200 port 59202 Apr 12 04:31:51 124388 sshd[20309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.237.76.200 Apr 12 04:31:51 124388 sshd[20309]: Invalid user test from 116.237.76.200 port 59202 Apr 12 04:31:53 124388 sshd[20309]: Failed password for invalid user test from 116.237.76.200 port 59202 ssh2	2020-04-12 14:40:52
125.71.133.252	attackbots	Apr 12 09:14:18 lukav-desktop sshd\[6725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.71.133.252 user=root Apr 12 09:14:20 lukav-desktop sshd\[6725\]: Failed password for root from 125.71.133.252 port 45094 ssh2 Apr 12 09:18:00 lukav-desktop sshd\[6902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.71.133.252 user=root Apr 12 09:18:02 lukav-desktop sshd\[6902\]: Failed password for root from 125.71.133.252 port 55310 ssh2 Apr 12 09:21:24 lukav-desktop sshd\[7052\]: Invalid user name from 125.71.133.252	2020-04-12 14:40:03
14.228.107.237	attackspam	1586663692 - 04/12/2020 05:54:52 Host: 14.228.107.237/14.228.107.237 Port: 445 TCP Blocked	2020-04-12 15:03:31
51.38.187.135	attackbotsspam	Apr 12 05:54:43 ArkNodeAT sshd\[7102\]: Invalid user roberto from 51.38.187.135 Apr 12 05:54:43 ArkNodeAT sshd\[7102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.187.135 Apr 12 05:54:45 ArkNodeAT sshd\[7102\]: Failed password for invalid user roberto from 51.38.187.135 port 40334 ssh2	2020-04-12 15:08:36
37.43.60.43	attackspambots	Brute force attack against VPN service	2020-04-12 14:41:27
51.38.186.47	attackspambots	$f2bV_matches	2020-04-12 14:48:38
222.186.175.217	attack	2020-04-12T06:19:27.506681shield sshd\[6203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root 2020-04-12T06:19:29.611356shield sshd\[6203\]: Failed password for root from 222.186.175.217 port 33610 ssh2 2020-04-12T06:19:32.382509shield sshd\[6203\]: Failed password for root from 222.186.175.217 port 33610 ssh2 2020-04-12T06:19:35.565811shield sshd\[6203\]: Failed password for root from 222.186.175.217 port 33610 ssh2 2020-04-12T06:19:39.132363shield sshd\[6203\]: Failed password for root from 222.186.175.217 port 33610 ssh2	2020-04-12 14:32:27
103.78.81.227	attack	fail2ban -- 103.78.81.227 ...	2020-04-12 15:06:23

最近上报的IP列表

181.44.6.160	142.93.251.209	177.75.2.164	31.168.179.83
103.215.3.40	113.170.128.48	23.108.233.201	179.124.178.162
154.202.57.143	51.132.254.66	5.190.168.227	143.255.242.178
213.180.203.69	188.162.167.16	59.93.88.232	174.219.16.176
14.172.92.146	80.51.181.112	52.206.252.155	89.144.2.12