31.14.40.200 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Romania

运营商(isp): Data Room SRL

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	CloudCIX Reconnaissance Scan Detected, PTR: academicabelch.net.	2020-01-12 07:15:36

相同子网IP讨论:

IP	类型	评论内容	时间
31.14.40.111	attackspambots	123/udp [2020-05-30]1pkt	2020-05-30 14:56:34
31.14.40.194	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 14 - port: 389 proto: UDP cat: Misc Attack	2020-03-28 18:59:32
31.14.40.172	attack	unauthorized connection attempt	2020-02-16 15:47:28
31.14.40.172	attackspambots	Unauthorized connection attempt from IP address 31.14.40.172 on Port 445(SMB)	2020-02-15 05:01:38
31.14.40.216	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-25 08:39:03
31.14.40.216	attackbotsspam	Dec 24 08:17:48 debian-2gb-nbg1-2 kernel: \[824609.841104\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=31.14.40.216 DST=195.201.40.59 LEN=45 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=UDP SPT=41043 DPT=53413 LEN=25	2019-12-24 18:13:37
31.14.40.226	attack	3478/udp 389/udp... [2019-12-19/23]6pkt,2pt.(udp)	2019-12-24 06:33:14
31.14.40.131	attack	Host Scan	2019-12-11 19:39:38
31.14.40.232	attackspambots	Excessive Port-Scanning	2019-12-01 07:40:26
31.14.40.232	attack	Malicious brute force vulnerability hacking attacks	2019-10-13 04:16:51
31.14.40.157	attackspambots	Unauthorized connection attempt from IP address 31.14.40.157 on Port 445(SMB)	2019-10-12 06:30:26

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.14.40.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62921
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.14.40.200.			IN	A

;; AUTHORITY SECTION:
.			487	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011100 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 07:15:33 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

200.40.14.31.in-addr.arpa domain name pointer academicabelch.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
200.40.14.31.in-addr.arpa	name = academicabelch.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
62.112.11.81	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-26T20:23:54Z and 2020-08-26T20:52:18Z	2020-08-27 06:55:56
45.129.33.153	attackspam	TCP (SYN) 45.129.33.153:52464 -> port 30323, len 44	2020-08-27 06:44:07
162.142.125.16	attackspam	TCP (SYN) 162.142.125.16:23452 -> port 5432, len 44	2020-08-27 07:01:13
128.199.85.141	attackspambots	Aug 27 00:30:09 ns381471 sshd[1041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.85.141 Aug 27 00:30:10 ns381471 sshd[1041]: Failed password for invalid user dp from 128.199.85.141 port 39444 ssh2	2020-08-27 06:44:19
35.195.98.218	attack	Aug 26 21:52:57 l02a sshd[691]: Invalid user tempftp from 35.195.98.218 Aug 26 21:52:57 l02a sshd[691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.195.35.bc.googleusercontent.com Aug 26 21:52:57 l02a sshd[691]: Invalid user tempftp from 35.195.98.218 Aug 26 21:52:59 l02a sshd[691]: Failed password for invalid user tempftp from 35.195.98.218 port 34516 ssh2	2020-08-27 06:33:42
222.186.30.76	attack	Aug 26 22:58:00 ip-172-31-61-156 sshd[4331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Aug 26 22:58:02 ip-172-31-61-156 sshd[4331]: Failed password for root from 222.186.30.76 port 13179 ssh2 ...	2020-08-27 07:00:00
104.248.113.214	attack	Aug 26 16:29:45 xxxxxxx5185820 sshd[31298]: Invalid user admin from 104.248.113.214 port 57674 Aug 26 16:29:45 xxxxxxx5185820 sshd[31298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.113.214 Aug 26 16:29:47 xxxxxxx5185820 sshd[31298]: Failed password for invalid user admin from 104.248.113.214 port 57674 ssh2 Aug 26 16:29:47 xxxxxxx5185820 sshd[31298]: Received disconnect from 104.248.113.214 port 57674:11: Bye Bye [preauth] Aug 26 16:29:47 xxxxxxx5185820 sshd[31298]: Disconnected from 104.248.113.214 port 57674 [preauth] Aug 26 16:36:10 xxxxxxx5185820 sshd[32151]: Invalid user explohostname from 104.248.113.214 port 52052 Aug 26 16:36:10 xxxxxxx5185820 sshd[32151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.113.214 Aug 26 16:36:12 xxxxxxx5185820 sshd[32151]: Failed password for invalid user explohostname from 104.248.113.214 port 52052 ssh2 Aug 26 16:36:12 xxxxxxx51........ -------------------------------	2020-08-27 06:58:11
31.152.186.114	attackspambots	Aug 26 22:52:40 server postfix/smtpd[26864]: NOQUEUE: reject: RCPT from 31-152-186-114.pat.amp.cosmote.net[31.152.186.114]: 554 5.7.1 Service unavailable; Client host [31.152.186.114] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/31.152.186.114; from= to= proto=ESMTP helo=<31-152-186-114.pat.amp.cosmote.net>	2020-08-27 06:43:16
122.51.208.201	attack	Invalid user ark from 122.51.208.201 port 35950	2020-08-27 06:27:10
88.218.16.60	attack	SP-Scan 34891:4567 detected 2020.08.26 17:56:58 blocked until 2020.10.15 10:59:45	2020-08-27 06:41:44
104.244.73.43	attackspam	Automatic report - Banned IP Access	2020-08-27 07:03:47
51.91.109.220	attackspam	SSH Invalid Login	2020-08-27 06:49:15
147.135.210.244	attackbots	Aug 27 00:30:01 vpn01 sshd[19649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.210.244 Aug 27 00:30:03 vpn01 sshd[19649]: Failed password for invalid user 0 from 147.135.210.244 port 45920 ssh2 ...	2020-08-27 06:32:22
222.186.175.217	attack	Aug 27 00:50:59 sso sshd[12539]: Failed password for root from 222.186.175.217 port 36462 ssh2 Aug 27 00:51:02 sso sshd[12539]: Failed password for root from 222.186.175.217 port 36462 ssh2 ...	2020-08-27 06:53:32
192.241.228.63	attack	trying to access non-authorized port	2020-08-27 06:29:06

最近上报的IP列表

189.120.0.100	13.74.27.123	218.89.107.200	45.179.164.163
103.4.116.66	50.192.122.65	2.236.11.15	179.52.48.240
196.192.110.65	112.78.178.213	86.195.34.51	207.252.72.11
123.180.68.242	159.65.79.148	116.75.168.218	190.36.18.34
189.202.204.230	183.100.104.218	45.232.137.131	119.149.149.36