41.80.31.43 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Kenya

运营商(isp): Safaricom Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	TCP Port Scanning	2019-11-26 16:07:56

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.80.31.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64568
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.80.31.43.			IN	A

;; AUTHORITY SECTION:
.			359	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112600 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 26 16:07:53 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 43.31.80.41.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 43.31.80.41.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
116.255.245.208	attackbots	116.255.245.208 - - [26/Sep/2020:19:19:13 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.255.245.208 - - [26/Sep/2020:19:19:16 +0100] "POST /wp-login.php HTTP/1.1" 200 2466 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 116.255.245.208 - - [26/Sep/2020:19:19:17 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-27 03:12:08
51.91.251.20	attack	s2.hscode.pl - SSH Attack	2020-09-27 02:59:40
75.98.148.84	attackbots	Found on CINS badguys / proto=6 . srcport=32977 . dstport=35656 . (3512)	2020-09-27 02:58:15
203.183.68.135	attack	Sep 26 20:55:29 localhost sshd\[25608\]: Invalid user idc from 203.183.68.135 Sep 26 20:55:29 localhost sshd\[25608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.183.68.135 Sep 26 20:55:32 localhost sshd\[25608\]: Failed password for invalid user idc from 203.183.68.135 port 51068 ssh2 Sep 26 20:59:37 localhost sshd\[25687\]: Invalid user crystal from 203.183.68.135 Sep 26 20:59:37 localhost sshd\[25687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.183.68.135 ...	2020-09-27 03:13:30
45.148.122.19	attack	Sep 24 13:30:38 XXX sshd[13947]: Invalid user fake from 45.148.122.19 Sep 24 13:30:38 XXX sshd[13947]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:38 XXX sshd[13949]: Invalid user admin from 45.148.122.19 Sep 24 13:30:39 XXX sshd[13949]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:39 XXX sshd[13951]: User r.r from 45.148.122.19 not allowed because none of user's groups are listed in AllowGroups Sep 24 13:30:39 XXX sshd[13951]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:39 XXX sshd[13953]: Invalid user ubnt from 45.148.122.19 Sep 24 13:30:39 XXX sshd[13953]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:40 XXX sshd[13955]: Invalid user guest from 45.148.122.19 Sep 24 13:30:40 XXX sshd[13955]: Received disconnect from 45.148.122.19: 11: Bye Bye [preauth] Sep 24 13:30:40 XXX sshd[13957]: Invalid user support from 45.148.122.19 Sep 24 13:30:40 XXX sshd[........ -------------------------------	2020-09-27 02:47:32
106.12.220.84	attackspambots	Sep 26 19:08:37 MainVPS sshd[17540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.84 user=root Sep 26 19:08:40 MainVPS sshd[17540]: Failed password for root from 106.12.220.84 port 60272 ssh2 Sep 26 19:13:04 MainVPS sshd[21983]: Invalid user admin from 106.12.220.84 port 60058 Sep 26 19:13:05 MainVPS sshd[21983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.220.84 Sep 26 19:13:04 MainVPS sshd[21983]: Invalid user admin from 106.12.220.84 port 60058 Sep 26 19:13:07 MainVPS sshd[21983]: Failed password for invalid user admin from 106.12.220.84 port 60058 ssh2 ...	2020-09-27 02:52:15
109.207.38.87	attackbots	Automatic report - Port Scan Attack	2020-09-27 02:50:26
188.166.20.37	attackbotsspam	Invalid user anonftp from 188.166.20.37 port 34914	2020-09-27 02:43:12
171.6.146.130	attackspam	2020-09-26T07:14:39.688709hostname sshd[112194]: Failed password for root from 171.6.146.130 port 44012 ssh2 ...	2020-09-27 02:49:56
94.102.63.95	attackspam	firewall-block, port(s): 1900/udp	2020-09-27 02:41:52
193.27.228.157	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 12917 proto: tcp cat: Misc Attackbytes: 60	2020-09-27 03:09:56
23.96.90.32	attackbots	Sep 26 19:55:46 pve1 sshd[3094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.96.90.32 Sep 26 19:55:48 pve1 sshd[3094]: Failed password for invalid user 157 from 23.96.90.32 port 41574 ssh2 ...	2020-09-27 02:41:32
149.129.242.86	attackspam	Sep 26 19:38:24 xxxxxxx1 sshd[17295]: Invalid user minecraft from 149.129.242.86 port 51338 Sep 26 19:38:24 xxxxxxx1 sshd[17295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.86 Sep 26 19:38:27 xxxxxxx1 sshd[17295]: Failed password for invalid user minecraft from 149.129.242.86 port 51338 ssh2 Sep 26 19:45:35 xxxxxxx1 sshd[18230]: Invalid user rtorrent from 149.129.242.86 port 33394 Sep 26 19:45:35 xxxxxxx1 sshd[18230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.86 Sep 26 19:45:37 xxxxxxx1 sshd[18230]: Failed password for invalid user rtorrent from 149.129.242.86 port 33394 ssh2 Sep 26 19:46:35 xxxxxxx1 sshd[18248]: Invalid user serverpilot from 149.129.242.86 port 37960 Sep 26 19:46:35 xxxxxxx1 sshd[18248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.86 Sep 26 19:46:36 xxxxxxx1 sshd[18248]: Failed passwor........ ------------------------------	2020-09-27 03:05:29
182.120.48.198	attackbotsspam	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=48883 . dstport=23 . (3511)	2020-09-27 03:00:09
218.75.72.82	attack	(sshd) Failed SSH login from 218.75.72.82 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 08:39:58 jbs1 sshd[7638]: Invalid user uno from 218.75.72.82 Sep 26 08:39:58 jbs1 sshd[7638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.72.82 Sep 26 08:40:00 jbs1 sshd[7638]: Failed password for invalid user uno from 218.75.72.82 port 31661 ssh2 Sep 26 08:43:53 jbs1 sshd[9105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.72.82 user=root Sep 26 08:43:54 jbs1 sshd[9105]: Failed password for root from 218.75.72.82 port 49294 ssh2	2020-09-27 02:43:27

最近上报的IP列表

227.206.239.170	227.119.102.223	64.94.179.83	49.235.248.81
54.204.10.224	40.112.172.151	118.24.17.109	31.171.108.133
64.94.179.82	111.235.50.161	95.59.71.114	122.147.182.167
18.237.226.55	201.231.83.201	103.214.13.20	64.94.179.80
192.140.187.188	123.15.43.218	51.140.227.135	64.94.179.86