31.173.80.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): PJSC MegaFon

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	1597235979 - 08/12/2020 14:39:39 Host: 31.173.80.106/31.173.80.106 Port: 445 TCP Blocked	2020-08-13 00:55:38

相同子网IP讨论:

IP	类型	评论内容	时间
31.173.80.182	attack	Unauthorized connection attempt from IP address 31.173.80.182 on Port 445(SMB)	2020-04-01 02:04:42
31.173.80.48	attack	Mar 29 14:36:39 mxgate1 postfix/postscreen[1093]: CONNECT from [31.173.80.48]:15545 to [176.31.12.44]:25 Mar 29 14:36:40 mxgate1 postfix/dnsblog[1105]: addr 31.173.80.48 listed by domain b.barracudacentral.org as 127.0.0.2 Mar 29 14:36:40 mxgate1 postfix/dnsblog[1103]: addr 31.173.80.48 listed by domain zen.spamhaus.org as 127.0.0.3 Mar 29 14:36:40 mxgate1 postfix/dnsblog[1103]: addr 31.173.80.48 listed by domain zen.spamhaus.org as 127.0.0.4 Mar 29 14:36:40 mxgate1 postfix/dnsblog[1103]: addr 31.173.80.48 listed by domain zen.spamhaus.org as 127.0.0.11 Mar 29 14:36:40 mxgate1 postfix/dnsblog[1106]: addr 31.173.80.48 listed by domain cbl.abuseat.org as 127.0.0.2 Mar 29 14:36:45 mxgate1 postfix/postscreen[1093]: DNSBL rank 4 for [31.173.80.48]:15545 Mar 29 14:36:46 mxgate1 postfix/tlsproxy[1124]: CONNECT from [31.173.80.48]:15545 Mar x@x Mar 29 14:36:47 mxgate1 postfix/tlsproxy[1124]: DISCONNECT [31.173.80.48]:15545 Mar 29 14:36:47 mxgate1 postfix/postscreen[1093]: HANGU........ -------------------------------	2020-03-30 05:00:50

类型

评论内容

时间

31.173.80.182

attack

Unauthorized connection attempt from IP address 31.173.80.182 on Port 445(SMB)

2020-04-01 02:04:42

31.173.80.48

attack

Mar 29 14:36:39 mxgate1 postfix/postscreen[1093]: CONNECT from [31.173.80.48]:15545 to [176.31.12.44]:25
Mar 29 14:36:40 mxgate1 postfix/dnsblog[1105]: addr 31.173.80.48 listed by domain b.barracudacentral.org as 127.0.0.2
Mar 29 14:36:40 mxgate1 postfix/dnsblog[1103]: addr 31.173.80.48 listed by domain zen.spamhaus.org as 127.0.0.3
Mar 29 14:36:40 mxgate1 postfix/dnsblog[1103]: addr 31.173.80.48 listed by domain zen.spamhaus.org as 127.0.0.4
Mar 29 14:36:40 mxgate1 postfix/dnsblog[1103]: addr 31.173.80.48 listed by domain zen.spamhaus.org as 127.0.0.11
Mar 29 14:36:40 mxgate1 postfix/dnsblog[1106]: addr 31.173.80.48 listed by domain cbl.abuseat.org as 127.0.0.2
Mar 29 14:36:45 mxgate1 postfix/postscreen[1093]: DNSBL rank 4 for [31.173.80.48]:15545
Mar 29 14:36:46 mxgate1 postfix/tlsproxy[1124]: CONNECT from [31.173.80.48]:15545
Mar x@x
Mar 29 14:36:47 mxgate1 postfix/tlsproxy[1124]: DISCONNECT [31.173.80.48]:15545
Mar 29 14:36:47 mxgate1 postfix/postscreen[1093]: HANGU........
-------------------------------

2020-03-30 05:00:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.173.80.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1061
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.173.80.106.			IN	A

;; AUTHORITY SECTION:
.			580	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081201 1800 900 604800 86400

;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 13 00:55:32 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 106.80.173.31.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.80.173.31.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.143.208.102	attackbotsspam	spam (f2b h1)	2020-06-10 18:15:47
106.12.204.75	attackspambots	Jun 10 05:43:46 vps sshd[139427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.204.75 Jun 10 05:43:48 vps sshd[139427]: Failed password for invalid user ts1 from 106.12.204.75 port 56870 ssh2 Jun 10 05:47:11 vps sshd[155357]: Invalid user armenta from 106.12.204.75 port 49022 Jun 10 05:47:11 vps sshd[155357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.204.75 Jun 10 05:47:12 vps sshd[155357]: Failed password for invalid user armenta from 106.12.204.75 port 49022 ssh2 ...	2020-06-10 18:43:11
180.182.47.132	attackbots	Jun 10 01:01:43 server1 sshd\[337\]: Failed password for root from 180.182.47.132 port 49532 ssh2 Jun 10 01:06:05 server1 sshd\[29564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.182.47.132 user=root Jun 10 01:06:08 server1 sshd\[29564\]: Failed password for root from 180.182.47.132 port 49506 ssh2 Jun 10 01:10:31 server1 sshd\[31032\]: Invalid user zll from 180.182.47.132 Jun 10 01:10:31 server1 sshd\[31032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.182.47.132 ...	2020-06-10 18:31:54
45.148.10.90	attackspam	Unauthorized connection attempt from IP address 45.148.10.90 on port 587	2020-06-10 18:49:38
157.230.251.115	attackbots	Jun 10 05:38:55 roki-contabo sshd\[25265\]: Invalid user vvt from 157.230.251.115 Jun 10 05:38:55 roki-contabo sshd\[25265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.251.115 Jun 10 05:38:57 roki-contabo sshd\[25265\]: Failed password for invalid user vvt from 157.230.251.115 port 36630 ssh2 Jun 10 05:47:30 roki-contabo sshd\[25338\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.251.115 user=root Jun 10 05:47:32 roki-contabo sshd\[25338\]: Failed password for root from 157.230.251.115 port 32776 ssh2 ...	2020-06-10 18:30:57
66.249.66.209	attackbots	Automatic report - Banned IP Access	2020-06-10 18:53:28
212.64.66.135	attackbots	Jun 10 07:51:59 piServer sshd[498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.66.135 Jun 10 07:52:00 piServer sshd[498]: Failed password for invalid user redhat from 212.64.66.135 port 56828 ssh2 Jun 10 07:55:48 piServer sshd[883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.66.135 ...	2020-06-10 18:53:46
46.8.213.19	attack	He hack my steam account	2020-06-10 18:20:24
27.157.129.92	attackspambots	$f2bV_matches	2020-06-10 18:50:06
77.42.83.145	attackspam	Automatic report - Port Scan Attack	2020-06-10 18:20:47
220.255.23.248	attack	20/6/9@23:47:23: FAIL: Alarm-Network address from=220.255.23.248 ...	2020-06-10 18:35:49
121.42.49.168	attack	121.42.49.168 - - [10/Jun/2020:10:50:54 +0100] "POST /wp-login.php HTTP/1.1" 200 4431 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 121.42.49.168 - - [10/Jun/2020:10:50:57 +0100] "POST /wp-login.php HTTP/1.1" 200 4431 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 121.42.49.168 - - [10/Jun/2020:10:50:58 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-10 18:51:41
120.31.143.209	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-06-10 18:31:24
185.173.35.41	attackbotsspam	TCP (SYN) 185.173.35.41:60661 -> port 80, len 44	2020-06-10 18:48:07
152.136.189.81	attackbots	Jun 10 04:47:39 ms-srv sshd[36177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.189.81 user=root Jun 10 04:47:41 ms-srv sshd[36177]: Failed password for invalid user root from 152.136.189.81 port 50652 ssh2	2020-06-10 18:27:22

最近上报的IP列表

178.19.182.43	178.19.175.245	178.19.158.165	149.129.227.5
140.148.249.67	138.75.47.224	124.202.208.122	119.115.205.233
116.96.238.228	114.29.105.13	111.248.16.153	105.96.57.44
103.142.218.2	95.54.39.74	91.240.118.4	91.144.21.200
91.124.36.20	86.34.243.21	80.13.210.119	78.188.235.212