31.47.55.140 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Iran (ISLAMIC Republic Of)

运营商(isp): Afranet

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Sep 2 03:36:09 mxgate1 postfix/postscreen[26329]: CONNECT from [31.47.55.140]:46536 to [176.31.12.44]:25 Sep 2 03:36:09 mxgate1 postfix/dnsblog[26341]: addr 31.47.55.140 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 2 03:36:09 mxgate1 postfix/dnsblog[26341]: addr 31.47.55.140 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 2 03:36:09 mxgate1 postfix/dnsblog[26339]: addr 31.47.55.140 listed by domain bl.spamcop.net as 127.0.0.2 Sep 2 03:36:09 mxgate1 postfix/dnsblog[26338]: addr 31.47.55.140 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 2 03:36:09 mxgate1 postfix/dnsblog[26337]: addr 31.47.55.140 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 2 03:36:09 mxgate1 postfix/dnsblog[26340]: addr 31.47.55.140 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 2 03:36:15 mxgate1 postfix/postscreen[26329]: DNSBL rank 6 for [31.47.55.140]:46536 Sep 2 03:36:16 mxgate1 postfix/postscreen[26329]: NOQUEUE: reject: RCPT from [31.47.55.140]:46536: 550 ........ -------------------------------	2019-09-02 21:36:13

类型

评论内容

时间

attackspam

Sep  2 03:36:09 mxgate1 postfix/postscreen[26329]: CONNECT from [31.47.55.140]:46536 to [176.31.12.44]:25
Sep  2 03:36:09 mxgate1 postfix/dnsblog[26341]: addr 31.47.55.140 listed by domain zen.spamhaus.org as 127.0.0.11
Sep  2 03:36:09 mxgate1 postfix/dnsblog[26341]: addr 31.47.55.140 listed by domain zen.spamhaus.org as 127.0.0.4
Sep  2 03:36:09 mxgate1 postfix/dnsblog[26339]: addr 31.47.55.140 listed by domain bl.spamcop.net as 127.0.0.2
Sep  2 03:36:09 mxgate1 postfix/dnsblog[26338]: addr 31.47.55.140 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Sep  2 03:36:09 mxgate1 postfix/dnsblog[26337]: addr 31.47.55.140 listed by domain cbl.abuseat.org as 127.0.0.2
Sep  2 03:36:09 mxgate1 postfix/dnsblog[26340]: addr 31.47.55.140 listed by domain b.barracudacentral.org as 127.0.0.2
Sep  2 03:36:15 mxgate1 postfix/postscreen[26329]: DNSBL rank 6 for [31.47.55.140]:46536
Sep  2 03:36:16 mxgate1 postfix/postscreen[26329]: NOQUEUE: reject: RCPT from [31.47.55.140]:46536: 550 ........
-------------------------------

2019-09-02 21:36:13

相同子网IP讨论:

IP	类型	评论内容	时间
31.47.55.114	attackspambots	20/8/31@17:07:44: FAIL: Alarm-Network address from=31.47.55.114 ...	2020-09-01 09:02:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.47.55.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41037
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.47.55.140.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 02 21:35:58 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 140.55.47.31.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 140.55.47.31.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
124.109.32.106	attackbots	Jul 16 05:01:14 vibhu-HP-Z238-Microtower-Workstation sshd\[15743\]: Invalid user jamesm from 124.109.32.106 Jul 16 05:01:14 vibhu-HP-Z238-Microtower-Workstation sshd\[15743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.109.32.106 Jul 16 05:01:16 vibhu-HP-Z238-Microtower-Workstation sshd\[15743\]: Failed password for invalid user jamesm from 124.109.32.106 port 34308 ssh2 Jul 16 05:07:11 vibhu-HP-Z238-Microtower-Workstation sshd\[16930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.109.32.106 user=root Jul 16 05:07:13 vibhu-HP-Z238-Microtower-Workstation sshd\[16930\]: Failed password for root from 124.109.32.106 port 33934 ssh2 ...	2019-07-16 07:42:53
35.240.242.87	attackspambots	Jul 16 02:16:35 vps691689 sshd[16844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.242.87 Jul 16 02:16:37 vps691689 sshd[16844]: Failed password for invalid user subway from 35.240.242.87 port 60368 ssh2 Jul 16 02:22:17 vps691689 sshd[16997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.242.87 ...	2019-07-16 08:25:06
203.99.62.158	attack	Jul 16 05:39:56 vibhu-HP-Z238-Microtower-Workstation sshd\[23575\]: Invalid user release from 203.99.62.158 Jul 16 05:39:56 vibhu-HP-Z238-Microtower-Workstation sshd\[23575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.99.62.158 Jul 16 05:39:58 vibhu-HP-Z238-Microtower-Workstation sshd\[23575\]: Failed password for invalid user release from 203.99.62.158 port 35749 ssh2 Jul 16 05:45:47 vibhu-HP-Z238-Microtower-Workstation sshd\[24739\]: Invalid user hk from 203.99.62.158 Jul 16 05:45:47 vibhu-HP-Z238-Microtower-Workstation sshd\[24739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.99.62.158 ...	2019-07-16 08:20:20
201.211.209.121	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-15 16:00:59,204 INFO [shellcode_manager] (201.211.209.121) no match, writing hexdump (5a20277e1eb89b8f5b7fe3dbed4ed001 :1905893) - SMB (Unknown)	2019-07-16 08:03:10
60.191.38.77	attackbots	Port scan: Attack repeated for 24 hours 60.191.38.77 - - [23/Jun/2018:04:31:03 0300] "GET / HTTP/1.1" 404 2135 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0"	2019-07-16 08:22:02
64.76.163.183	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-15 16:03:34,069 INFO [shellcode_manager] (64.76.163.183) no match, writing hexdump (62fac287814c195fd321eaba9c13180c :6283) - SMB (Unknown)	2019-07-16 07:57:19
178.252.191.250	attackbots	Jul 16 00:54:31 microserver sshd[12013]: Invalid user cooper from 178.252.191.250 port 56280 Jul 16 00:54:31 microserver sshd[12013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.252.191.250 Jul 16 00:54:33 microserver sshd[12013]: Failed password for invalid user cooper from 178.252.191.250 port 56280 ssh2 Jul 16 00:59:59 microserver sshd[14032]: Invalid user jana from 178.252.191.250 port 55262 Jul 16 00:59:59 microserver sshd[14032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.252.191.250 Jul 16 01:11:06 microserver sshd[18739]: Invalid user griffin from 178.252.191.250 port 53238 Jul 16 01:11:06 microserver sshd[18739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.252.191.250 Jul 16 01:11:08 microserver sshd[18739]: Failed password for invalid user griffin from 178.252.191.250 port 53238 ssh2 Jul 16 01:16:37 microserver sshd[20765]: pam_unix(sshd:auth): authenticati	2019-07-16 07:47:50
113.176.7.225	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-07-16 08:26:20
89.221.92.73	attackbots	445/tcp 445/tcp [2019-07-09/15]2pkt	2019-07-16 07:44:41
80.227.51.50	attackbots	Jul1518:05:04server6dovecot:imap-login:Abortedlogin\(authfailed\,5attemptsin20secs\):user=\\,method=PLAIN\,rip=80.227.51.50\,lip=81.17.25.249\,TLS\,session=\Jul1518:10:32server6dovecot:imap-login:Abortedlogin\(authfailed\,5attemptsin22secs\):user=\\,method=PLAIN\,rip=80.227.51.50\,lip=81.17.25.249\,TLS\,session=\Jul1518:15:01server6dovecot:imap-login:Abortedlogin\(authfailed\,5attemptsin22secs\):user=\\,method=PLAIN\,rip=80.227.51.50\,lip=81.17.25.249\,TLS\,session=\Jul1518:15:12server6dovecot:imap-login:Abortedlogin\(authfailed\,5attemptsin10secs\):user=\\,method=PLAIN\,rip=80.227.51.50\,lip=81.17.25.249\,TLS\,session=\Jul1518:30:05server6dovecot:imap-login:Abortedlogin\(authfailed\,5attemptsin22secs\):user=\\,method=PLAIN\,rip=80.227.51.50\,lip=81.17.25.249\,TLS\,se	2019-07-16 07:51:02
112.217.236.234	attackspambots	445/tcp 445/tcp 445/tcp... [2019-07-01/15]6pkt,1pt.(tcp)	2019-07-16 07:55:47
131.0.245.4	attack	Jul 14 07:42:33 vpxxxxxxx22308 sshd[7097]: Invalid user bert from 131.0.245.4 Jul 14 07:42:33 vpxxxxxxx22308 sshd[7097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.0.245.4 Jul 14 07:42:35 vpxxxxxxx22308 sshd[7097]: Failed password for invalid user bert from 131.0.245.4 port 49234 ssh2 Jul 14 07:48:53 vpxxxxxxx22308 sshd[8728]: Invalid user football from 131.0.245.4 Jul 14 07:48:53 vpxxxxxxx22308 sshd[8728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.0.245.4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=131.0.245.4	2019-07-16 08:07:30
46.18.205.211	attackspam	445/tcp 445/tcp 445/tcp... [2019-05-29/07-15]22pkt,1pt.(tcp)	2019-07-16 08:24:24
121.233.227.42	attackbotsspam	Forbidden directory scan :: 2019/07/16 02:48:47 [error] 1106#1106: *113206 access forbidden by rule, client: 121.233.227.42, server: [censored_1], request: "GET /.../exchange-2010-disconnected-mailbox-not-appearing HTTP/1.1", host: "www.[censored_1]"	2019-07-16 08:11:34
54.38.18.211	attackbotsspam	Jul 15 21:25:33 lnxmysql61 sshd[16972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.18.211	2019-07-16 07:43:28

最近上报的IP列表

87.192.177.47	129.98.44.52	113.229.108.40	246.115.219.80
150.39.203.233	128.222.200.198	130.210.155.104	197.194.119.146
179.44.248.223	231.99.180.144	117.146.209.209	3.93.178.120
229.30.103.35	66.162.0.15	196.188.241.234	83.220.178.87
138.124.191.229	163.216.44.152	27.206.115.60	4.14.115.26