31.42.11.117 - IPInfo

基本信息:

城市(city): Radomsko

省份(region): Łódź Voivodeship

国家(country): Poland

运营商(isp): Marcin Malolepszy @Alfanet

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 31.42.11.117 to port 2323 [J]	2020-01-13 04:11:50

相同子网IP讨论:

IP	类型	评论内容	时间
31.42.11.180	attackbotsspam	Invalid user rrrr from 31.42.11.180 port 46791	2020-07-28 18:27:18
31.42.11.180	attack	708. On Jul 14 2020 experienced a Brute Force SSH login attempt -> 3 unique times by 31.42.11.180.	2020-07-15 07:46:30
31.42.11.180	attackbotsspam	Jun 25 01:58:56 eventyay sshd[16303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 Jun 25 01:58:58 eventyay sshd[16303]: Failed password for invalid user olimex from 31.42.11.180 port 60835 ssh2 Jun 25 02:02:19 eventyay sshd[16540]: Failed password for root from 31.42.11.180 port 57158 ssh2 ...	2020-06-25 08:10:19
31.42.11.180	attackspambots	May 21 13:21:05 vps46666688 sshd[15439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 May 21 13:21:08 vps46666688 sshd[15439]: Failed password for invalid user wur from 31.42.11.180 port 41684 ssh2 ...	2020-05-22 02:24:13
31.42.11.180	attackbotsspam	2020-04-24 UTC: (35x) - abdelhamid,adeline,aeneas,amavis,anonymous,brian,bullyserver,camilo,chen,cjchen,deploy1234,doug,fabio,gitolite,kmem,lia,liam,mc3,medieval,mv,mysql-test,postgrey,qody,quser,right,root(2x),sampath,site,teetotum,test5,tf2server,tomato,tomcat,vagrant	2020-04-25 17:50:13
31.42.11.180	attack	Apr 9 22:18:41 *** sshd[11699]: Invalid user plex from 31.42.11.180	2020-04-10 09:21:48
31.42.11.180	attackbots	Apr 9 00:12:02 h1745522 sshd[15163]: Invalid user luis from 31.42.11.180 port 52218 Apr 9 00:12:02 h1745522 sshd[15163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 Apr 9 00:12:02 h1745522 sshd[15163]: Invalid user luis from 31.42.11.180 port 52218 Apr 9 00:12:04 h1745522 sshd[15163]: Failed password for invalid user luis from 31.42.11.180 port 52218 ssh2 Apr 9 00:16:53 h1745522 sshd[15874]: Invalid user bot from 31.42.11.180 port 57690 Apr 9 00:16:53 h1745522 sshd[15874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 Apr 9 00:16:53 h1745522 sshd[15874]: Invalid user bot from 31.42.11.180 port 57690 Apr 9 00:16:56 h1745522 sshd[15874]: Failed password for invalid user bot from 31.42.11.180 port 57690 ssh2 Apr 9 00:21:40 h1745522 sshd[18472]: Invalid user teamspeak from 31.42.11.180 port 34929 ...	2020-04-09 06:43:09
31.42.11.180	attackbotsspam	Invalid user solaris from 31.42.11.180 port 54926	2020-03-11 18:22:56
31.42.11.180	attackspam	Mar 10 18:13:23 game-panel sshd[22294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 Mar 10 18:13:25 game-panel sshd[22294]: Failed password for invalid user zouliangfeng from 31.42.11.180 port 59652 ssh2 Mar 10 18:17:49 game-panel sshd[22458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180	2020-03-11 02:29:48
31.42.11.180	attack	(sshd) Failed SSH login from 31.42.11.180 (PL/Poland/31.42.11.180.alfanet24.pl): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 20 23:39:13 s1 sshd[32183]: Invalid user jiayx from 31.42.11.180 port 60830 Feb 20 23:39:15 s1 sshd[32183]: Failed password for invalid user jiayx from 31.42.11.180 port 60830 ssh2 Feb 20 23:47:27 s1 sshd[32508]: Invalid user chenlw from 31.42.11.180 port 57306 Feb 20 23:47:29 s1 sshd[32508]: Failed password for invalid user chenlw from 31.42.11.180 port 57306 ssh2 Feb 20 23:49:26 s1 sshd[32572]: Invalid user cpanelconnecttrack from 31.42.11.180 port 39135	2020-02-21 05:49:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.42.11.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1876
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.42.11.117.			IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011201 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 13 04:11:47 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

117.11.42.31.in-addr.arpa domain name pointer 31.42.11.117.alfanet24.pl.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
117.11.42.31.in-addr.arpa	name = 31.42.11.117.alfanet24.pl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.218.170.116	attackspambots	Feb 13 21:24:17 plex sshd[18488]: Invalid user hadoop from 103.218.170.116 port 40090	2020-02-14 04:29:38
106.12.33.78	attack	Brute-force attempt banned	2020-02-14 04:29:13
201.80.32.7	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 04:55:10
223.17.147.201	attackspambots	Unauthorized connection attempt detected from IP address 223.17.147.201 to port 23	2020-02-14 04:34:14
49.88.66.160	attack	Feb 13 20:14:35 grey postfix/smtpd\[13564\]: NOQUEUE: reject: RCPT from unknown\[49.88.66.160\]: 554 5.7.1 Service unavailable\; Client host \[49.88.66.160\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[49.88.66.160\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-14 04:26:15
222.186.30.209	attackbotsspam	Feb 13 21:17:03 debian64 sshd[30450]: Failed password for root from 222.186.30.209 port 11706 ssh2 Feb 13 21:17:08 debian64 sshd[30450]: Failed password for root from 222.186.30.209 port 11706 ssh2 ...	2020-02-14 04:28:48
94.102.56.181	attackspambots	firewall-block, port(s): 4004/tcp, 4006/tcp, 4008/tcp, 4023/tcp, 4028/tcp	2020-02-14 04:39:15
222.186.42.136	attack	Feb 13 21:34:57 vmanager6029 sshd\[6605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root Feb 13 21:34:59 vmanager6029 sshd\[6605\]: Failed password for root from 222.186.42.136 port 27979 ssh2 Feb 13 21:35:02 vmanager6029 sshd\[6605\]: Failed password for root from 222.186.42.136 port 27979 ssh2	2020-02-14 04:40:19
45.175.125.254	attackspam	20/2/13@14:14:29: FAIL: Alarm-Network address from=45.175.125.254 20/2/13@14:14:29: FAIL: Alarm-Network address from=45.175.125.254 ...	2020-02-14 04:33:00
201.236.160.142	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 05:02:02
213.142.151.241	attackspam	from treatkneel.icu (Unknown [213.142.151.241]) by cauvin.org with ESMTP ; Thu, 13 Feb 2020 13:13:15 -0600	2020-02-14 04:49:58
222.186.30.57	attackspambots	Feb 13 21:29:04 MK-Soft-Root2 sshd[1061]: Failed password for root from 222.186.30.57 port 13041 ssh2 Feb 13 21:29:07 MK-Soft-Root2 sshd[1061]: Failed password for root from 222.186.30.57 port 13041 ssh2 ...	2020-02-14 04:31:00
81.218.169.122	attack	Feb 10 02:03:01 PiServer sshd[22681]: Invalid user hlq from 81.218.169.122 Feb 10 02:03:04 PiServer sshd[22681]: Failed password for invalid user hlq from 81.218.169.122 port 33569 ssh2 Feb 10 02:10:53 PiServer sshd[23000]: Invalid user jxt from 81.218.169.122 Feb 10 02:10:55 PiServer sshd[23000]: Failed password for invalid user jxt from 81.218.169.122 port 55346 ssh2 Feb 10 02:13:26 PiServer sshd[23087]: Invalid user kby from 81.218.169.122 Feb 10 02:13:27 PiServer sshd[23087]: Failed password for invalid user kby from 81.218.169.122 port 33878 ssh2 Feb 10 02:44:51 PiServer sshd[24249]: Invalid user xwh from 81.218.169.122 Feb 10 02:44:53 PiServer sshd[24249]: Failed password for invalid user xwh from 81.218.169.122 port 35773 ssh2 Feb 10 02:47:04 PiServer sshd[24349]: Invalid user pya from 81.218.169.122 Feb 10 02:47:06 PiServer sshd[24349]: Failed password for invalid user pya from 81.218.169.122 port 42537 ssh2 Feb 10 02:49:12 PiServer sshd[24370]: Invalid user mzb ........ ------------------------------	2020-02-14 04:22:42
222.186.175.220	attackspam	Feb 13 05:30:18 debian sshd[29711]: Unable to negotiate with 222.186.175.220 port 9064: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Feb 13 15:34:12 debian sshd[27634]: Unable to negotiate with 222.186.175.220 port 61834: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2020-02-14 04:46:42
222.186.175.181	attack	Feb 13 20:56:06 sshgateway sshd\[26325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.181 user=root Feb 13 20:56:08 sshgateway sshd\[26325\]: Failed password for root from 222.186.175.181 port 36092 ssh2 Feb 13 20:56:21 sshgateway sshd\[26325\]: error: maximum authentication attempts exceeded for root from 222.186.175.181 port 36092 ssh2 \[preauth\]	2020-02-14 04:58:46

最近上报的IP列表

217.215.68.88	220.135.180.137	107.197.114.96	219.70.207.84
59.92.212.55	106.48.239.202	217.165.119.164	125.40.178.241
220.98.46.163	211.21.191.40	60.188.241.27	210.246.24.202
69.62.229.141	167.122.85.40	93.93.88.218	207.200.17.76
59.114.120.161	195.43.237.145	37.203.254.33	194.109.181.22