31.42.11.117 - IPInfo

基本信息:

城市(city): Radomsko

省份(region): Łódź Voivodeship

国家(country): Poland

运营商(isp): Marcin Malolepszy @Alfanet

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 31.42.11.117 to port 2323 [J]	2020-01-13 04:11:50

相同子网IP讨论:

IP	类型	评论内容	时间
31.42.11.180	attackbotsspam	Invalid user rrrr from 31.42.11.180 port 46791	2020-07-28 18:27:18
31.42.11.180	attack	708. On Jul 14 2020 experienced a Brute Force SSH login attempt -> 3 unique times by 31.42.11.180.	2020-07-15 07:46:30
31.42.11.180	attackbotsspam	Jun 25 01:58:56 eventyay sshd[16303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 Jun 25 01:58:58 eventyay sshd[16303]: Failed password for invalid user olimex from 31.42.11.180 port 60835 ssh2 Jun 25 02:02:19 eventyay sshd[16540]: Failed password for root from 31.42.11.180 port 57158 ssh2 ...	2020-06-25 08:10:19
31.42.11.180	attackspambots	May 21 13:21:05 vps46666688 sshd[15439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 May 21 13:21:08 vps46666688 sshd[15439]: Failed password for invalid user wur from 31.42.11.180 port 41684 ssh2 ...	2020-05-22 02:24:13
31.42.11.180	attackbotsspam	2020-04-24 UTC: (35x) - abdelhamid,adeline,aeneas,amavis,anonymous,brian,bullyserver,camilo,chen,cjchen,deploy1234,doug,fabio,gitolite,kmem,lia,liam,mc3,medieval,mv,mysql-test,postgrey,qody,quser,right,root(2x),sampath,site,teetotum,test5,tf2server,tomato,tomcat,vagrant	2020-04-25 17:50:13
31.42.11.180	attack	Apr 9 22:18:41 *** sshd[11699]: Invalid user plex from 31.42.11.180	2020-04-10 09:21:48
31.42.11.180	attackbots	Apr 9 00:12:02 h1745522 sshd[15163]: Invalid user luis from 31.42.11.180 port 52218 Apr 9 00:12:02 h1745522 sshd[15163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 Apr 9 00:12:02 h1745522 sshd[15163]: Invalid user luis from 31.42.11.180 port 52218 Apr 9 00:12:04 h1745522 sshd[15163]: Failed password for invalid user luis from 31.42.11.180 port 52218 ssh2 Apr 9 00:16:53 h1745522 sshd[15874]: Invalid user bot from 31.42.11.180 port 57690 Apr 9 00:16:53 h1745522 sshd[15874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 Apr 9 00:16:53 h1745522 sshd[15874]: Invalid user bot from 31.42.11.180 port 57690 Apr 9 00:16:56 h1745522 sshd[15874]: Failed password for invalid user bot from 31.42.11.180 port 57690 ssh2 Apr 9 00:21:40 h1745522 sshd[18472]: Invalid user teamspeak from 31.42.11.180 port 34929 ...	2020-04-09 06:43:09
31.42.11.180	attackbotsspam	Invalid user solaris from 31.42.11.180 port 54926	2020-03-11 18:22:56
31.42.11.180	attackspam	Mar 10 18:13:23 game-panel sshd[22294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180 Mar 10 18:13:25 game-panel sshd[22294]: Failed password for invalid user zouliangfeng from 31.42.11.180 port 59652 ssh2 Mar 10 18:17:49 game-panel sshd[22458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.42.11.180	2020-03-11 02:29:48
31.42.11.180	attack	(sshd) Failed SSH login from 31.42.11.180 (PL/Poland/31.42.11.180.alfanet24.pl): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 20 23:39:13 s1 sshd[32183]: Invalid user jiayx from 31.42.11.180 port 60830 Feb 20 23:39:15 s1 sshd[32183]: Failed password for invalid user jiayx from 31.42.11.180 port 60830 ssh2 Feb 20 23:47:27 s1 sshd[32508]: Invalid user chenlw from 31.42.11.180 port 57306 Feb 20 23:47:29 s1 sshd[32508]: Failed password for invalid user chenlw from 31.42.11.180 port 57306 ssh2 Feb 20 23:49:26 s1 sshd[32572]: Invalid user cpanelconnecttrack from 31.42.11.180 port 39135	2020-02-21 05:49:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.42.11.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1876
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.42.11.117.			IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011201 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 13 04:11:47 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

117.11.42.31.in-addr.arpa domain name pointer 31.42.11.117.alfanet24.pl.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
117.11.42.31.in-addr.arpa	name = 31.42.11.117.alfanet24.pl.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
175.98.112.29	attack	...	2020-06-07 07:20:19
51.91.77.104	attackspambots	2020-06-06T23:49:36.924161vps773228.ovh.net sshd[5732]: Failed password for root from 51.91.77.104 port 42200 ssh2 2020-06-06T23:52:54.704646vps773228.ovh.net sshd[5799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.ip-51-91-77.eu user=root 2020-06-06T23:52:56.776648vps773228.ovh.net sshd[5799]: Failed password for root from 51.91.77.104 port 45142 ssh2 2020-06-06T23:56:20.659201vps773228.ovh.net sshd[5894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.ip-51-91-77.eu user=root 2020-06-06T23:56:23.012220vps773228.ovh.net sshd[5894]: Failed password for root from 51.91.77.104 port 48062 ssh2 ...	2020-06-07 07:54:19
62.234.83.138	attackbots	Jun 6 22:09:28 ns382633 sshd\[27695\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.83.138 user=root Jun 6 22:09:30 ns382633 sshd\[27695\]: Failed password for root from 62.234.83.138 port 42074 ssh2 Jun 6 22:39:43 ns382633 sshd\[720\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.83.138 user=root Jun 6 22:39:45 ns382633 sshd\[720\]: Failed password for root from 62.234.83.138 port 51484 ssh2 Jun 6 22:43:37 ns382633 sshd\[1543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.83.138 user=root	2020-06-07 07:23:04
107.150.58.99	attackbotsspam	michaelklotzbier.de 107.150.58.99 [06/Jun/2020:22:43:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4272 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" MICHAELKLOTZBIER.DE 107.150.58.99 [06/Jun/2020:22:43:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4272 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"	2020-06-07 07:36:23
222.186.42.136	attack	Jun 6 19:44:31 NPSTNNYC01T sshd[11637]: Failed password for root from 222.186.42.136 port 31236 ssh2 Jun 6 19:44:43 NPSTNNYC01T sshd[11669]: Failed password for root from 222.186.42.136 port 43592 ssh2 Jun 6 19:44:45 NPSTNNYC01T sshd[11669]: Failed password for root from 222.186.42.136 port 43592 ssh2 ...	2020-06-07 07:55:00
187.101.253.164	attackspam	Jun 6 03:09:33 vh1 sshd[523]: reveeclipse mapping checking getaddrinfo for 187-101-253-164.dsl.telesp.net.br [187.101.253.164] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 6 03:09:34 vh1 sshd[523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.101.253.164 user=r.r Jun 6 03:09:35 vh1 sshd[523]: Failed password for r.r from 187.101.253.164 port 60478 ssh2 Jun 6 03:09:36 vh1 sshd[524]: Received disconnect from 187.101.253.164: 11: Bye Bye Jun 6 03:24:49 vh1 sshd[1181]: reveeclipse mapping checking getaddrinfo for 187-101-253-164.dsl.telesp.net.br [187.101.253.164] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 6 03:24:49 vh1 sshd[1181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.101.253.164 user=r.r Jun 6 03:24:50 vh1 sshd[1181]: Failed password for r.r from 187.101.253.164 port 50952 ssh2 Jun 6 03:24:51 vh1 sshd[1182]: Received disconnect from 187.101.253.164: 11: Bye Bye Jun 6 0........ -------------------------------	2020-06-07 07:47:53
94.130.149.34	attackspambots	TCP (SYN) 94.130.149.34:54855 -> port 23, len 40	2020-06-07 08:00:47
190.117.62.241	attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-07 07:52:16
222.186.15.62	attack	Jun 7 01:29:09 amit sshd\[3530\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Jun 7 01:29:11 amit sshd\[3530\]: Failed password for root from 222.186.15.62 port 34473 ssh2 Jun 7 01:29:18 amit sshd\[3532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root ...	2020-06-07 07:32:29
51.83.72.243	attackspam	Jun 7 01:20:54 pve1 sshd[10168]: Failed password for root from 51.83.72.243 port 37652 ssh2 ...	2020-06-07 07:47:34
192.35.168.128	attackbots	Port Scans and hacking attempted. Totally infested subnet. Blocked 192.35.168.0/24	2020-06-07 07:31:58
37.229.198.155	attackspambots	0,27-02/23 [bc01/m15] PostRequest-Spammer scoring: maputo01_x2b	2020-06-07 07:39:12
69.94.235.219	attack	fail2ban -- 69.94.235.219 ...	2020-06-07 07:57:30
144.172.79.5	attackspam	Jun 6 02:09:47 h1637304 sshd[22621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.172.79.5 Jun 6 02:09:50 h1637304 sshd[22621]: Failed password for invalid user honey from 144.172.79.5 port 50584 ssh2 Jun 6 02:09:50 h1637304 sshd[22621]: Received disconnect from 144.172.79.5: 11: PECL/ssh2 (hxxp://pecl.php.net/packages/ssh2) [preauth] Jun 6 02:09:55 h1637304 sshd[22626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.172.79.5 user=r.r Jun 6 02:09:57 h1637304 sshd[22626]: Failed password for r.r from 144.172.79.5 port 58770 ssh2 Jun 6 02:09:57 h1637304 sshd[22626]: Received disconnect from 144.172.79.5: 11: PECL/ssh2 (hxxp://pecl.php.net/packages/ssh2) [preauth] Jun 6 02:10:03 h1637304 sshd[22628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.172.79.5 user=r.r Jun 6 02:10:05 h1637304 sshd[22628]: Failed password for r.r fro........ -------------------------------	2020-06-07 07:44:26
195.54.160.135	attackspam	TCP (SYN) 195.54.160.135:59360 -> port 443, len 44	2020-06-07 07:51:32

最近上报的IP列表

217.215.68.88	220.135.180.137	107.197.114.96	219.70.207.84
59.92.212.55	106.48.239.202	217.165.119.164	125.40.178.241
220.98.46.163	211.21.191.40	60.188.241.27	210.246.24.202
69.62.229.141	167.122.85.40	93.93.88.218	207.200.17.76
59.114.120.161	195.43.237.145	37.203.254.33	194.109.181.22