31.14.40.194 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Romania

运营商(isp): Data Room SRL

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 14 - port: 389 proto: UDP cat: Misc Attack	2020-03-28 18:59:32

相同子网IP讨论:

IP	类型	评论内容	时间
31.14.40.111	attackspambots	123/udp [2020-05-30]1pkt	2020-05-30 14:56:34
31.14.40.172	attack	unauthorized connection attempt	2020-02-16 15:47:28
31.14.40.172	attackspambots	Unauthorized connection attempt from IP address 31.14.40.172 on Port 445(SMB)	2020-02-15 05:01:38
31.14.40.200	attack	CloudCIX Reconnaissance Scan Detected, PTR: academicabelch.net.	2020-01-12 07:15:36
31.14.40.216	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-25 08:39:03
31.14.40.216	attackbotsspam	Dec 24 08:17:48 debian-2gb-nbg1-2 kernel: \[824609.841104\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=31.14.40.216 DST=195.201.40.59 LEN=45 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=UDP SPT=41043 DPT=53413 LEN=25	2019-12-24 18:13:37
31.14.40.226	attack	3478/udp 389/udp... [2019-12-19/23]6pkt,2pt.(udp)	2019-12-24 06:33:14
31.14.40.131	attack	Host Scan	2019-12-11 19:39:38
31.14.40.232	attackspambots	Excessive Port-Scanning	2019-12-01 07:40:26
31.14.40.232	attack	Malicious brute force vulnerability hacking attacks	2019-10-13 04:16:51
31.14.40.157	attackspambots	Unauthorized connection attempt from IP address 31.14.40.157 on Port 445(SMB)	2019-10-12 06:30:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.14.40.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34639
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.14.40.194.			IN	A

;; AUTHORITY SECTION:
.			329	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032801 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 18:59:26 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 194.40.14.31.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 194.40.14.31.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
152.32.175.24	attack	(sshd) Failed SSH login from 152.32.175.24 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 7 02:37:19 optimus sshd[26942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.175.24 user=root Oct 7 02:37:21 optimus sshd[26942]: Failed password for root from 152.32.175.24 port 38016 ssh2 Oct 7 02:41:10 optimus sshd[28549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.175.24 user=root Oct 7 02:41:12 optimus sshd[28549]: Failed password for root from 152.32.175.24 port 45006 ssh2 Oct 7 02:44:58 optimus sshd[30027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.175.24 user=root	2020-10-07 16:41:15
181.225.57.22	attackbotsspam	Icarus honeypot on github	2020-10-07 17:08:38
181.189.144.206	attack	2020-10-07T02:18:08.249780shield sshd\[30562\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.189.144.206 user=root 2020-10-07T02:18:09.946880shield sshd\[30562\]: Failed password for root from 181.189.144.206 port 46826 ssh2 2020-10-07T02:21:53.834524shield sshd\[31156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.189.144.206 user=root 2020-10-07T02:21:55.752892shield sshd\[31156\]: Failed password for root from 181.189.144.206 port 34922 ssh2 2020-10-07T02:25:51.768441shield sshd\[31839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.189.144.206 user=root	2020-10-07 16:39:37
191.232.193.0	attackspam	Oct 7 05:34:47 vps46666688 sshd[22656]: Failed password for root from 191.232.193.0 port 54380 ssh2 ...	2020-10-07 16:52:55
187.170.242.61	attackspambots	20 attempts against mh-ssh on ice	2020-10-07 17:14:27
94.102.49.191	attackspambots	Port-scan: detected 174 distinct ports within a 24-hour window.	2020-10-07 17:07:10
119.28.140.123	attack	SSH Scan	2020-10-07 17:04:55
128.199.24.29	attack	128.199.24.29 (IN/India/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-10-07 16:34:21
81.68.118.120	attackspambots	$f2bV_matches	2020-10-07 16:47:02
178.128.210.230	attackbotsspam	ssh intrusion attempt	2020-10-07 16:49:31
42.228.245.202	attack	Lines containing failures of 42.228.245.202 Oct 6 16:36:12 neweola postfix/smtpd[4281]: connect from unknown[42.228.245.202] Oct 6 16:36:13 neweola postfix/smtpd[4281]: lost connection after AUTH from unknown[42.228.245.202] Oct 6 16:36:13 neweola postfix/smtpd[4281]: disconnect from unknown[42.228.245.202] ehlo=1 auth=0/1 commands=1/2 Oct 6 16:36:20 neweola postfix/smtpd[4281]: connect from unknown[42.228.245.202] Oct 6 16:36:21 neweola postfix/smtpd[4281]: lost connection after AUTH from unknown[42.228.245.202] Oct 6 16:36:21 neweola postfix/smtpd[4281]: disconnect from unknown[42.228.245.202] ehlo=1 auth=0/1 commands=1/2 Oct 6 16:36:30 neweola postfix/smtpd[4281]: connect from unknown[42.228.245.202] Oct 6 16:36:31 neweola postfix/smtpd[4281]: lost connection after AUTH from unknown[42.228.245.202] Oct 6 16:36:31 neweola postfix/smtpd[4281]: disconnect from unknown[42.228.245.202] ehlo=1 auth=0/1 commands=1/2 Oct 6 16:36:32 neweola postfix/smtpd[4281]: conne........ ------------------------------	2020-10-07 16:43:56
45.59.236.186	attack	1602016852 - 10/06/2020 22:40:52 Host: 45.59.236.186/45.59.236.186 Port: 445 TCP Blocked ...	2020-10-07 16:43:32
222.239.28.177	attack	Oct 7 10:22:01 icinga sshd[47034]: Failed password for root from 222.239.28.177 port 40654 ssh2 Oct 7 10:32:44 icinga sshd[63858]: Failed password for root from 222.239.28.177 port 56102 ssh2 ...	2020-10-07 16:54:29
45.142.120.38	attackbotsspam	Oct 7 10:27:45 srv01 postfix/smtpd\[30847\]: warning: unknown\[45.142.120.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 10:27:52 srv01 postfix/smtpd\[30797\]: warning: unknown\[45.142.120.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 10:27:54 srv01 postfix/smtpd\[30890\]: warning: unknown\[45.142.120.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 10:27:57 srv01 postfix/smtpd\[30847\]: warning: unknown\[45.142.120.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 10:28:02 srv01 postfix/smtpd\[30858\]: warning: unknown\[45.142.120.38\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-07 16:38:27
171.225.235.60	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-07 16:33:53

最近上报的IP列表

197.164.224.193	65.49.20.112	206.189.84.227	100.10.4.130
101.51.61.185	1.53.195.241	153.37.22.181	79.127.121.106
14.177.134.44	187.110.235.242	116.240.0.72	35.197.73.18
125.161.107.22	123.27.19.219	14.177.161.206	203.128.30.2
49.228.187.92	36.73.123.89	49.234.93.93	118.167.180.116