161.142.208.31

Basic Info

City: unknown

Region: unknown

Country: Malaysia

Internet Service Provider: TT Dotcom Sdn Bhd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 161.142.208.31 to port 5555 [J]	2020-01-07 19:19:46

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 161.142.208.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7174
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;161.142.208.31.			IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010700 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 07 19:19:37 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 31.208.142.161.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 31.208.142.161.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.220.207	attack	2020-01-25T23:55:09.958089shield sshd\[32233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.220.207 user=root 2020-01-25T23:55:11.696594shield sshd\[32233\]: Failed password for root from 128.199.220.207 port 42382 ssh2 2020-01-25T23:59:15.432913shield sshd\[966\]: Invalid user d from 128.199.220.207 port 39080 2020-01-25T23:59:15.437790shield sshd\[966\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.220.207 2020-01-25T23:59:17.281592shield sshd\[966\]: Failed password for invalid user d from 128.199.220.207 port 39080 ssh2	2020-01-26 08:09:22
49.233.142.213	attack	Jan 25 22:10:24 tuxlinux sshd[19149]: Invalid user marcelo from 49.233.142.213 port 46040 Jan 25 22:10:24 tuxlinux sshd[19149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.142.213 Jan 25 22:10:24 tuxlinux sshd[19149]: Invalid user marcelo from 49.233.142.213 port 46040 Jan 25 22:10:24 tuxlinux sshd[19149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.142.213 Jan 25 22:10:24 tuxlinux sshd[19149]: Invalid user marcelo from 49.233.142.213 port 46040 Jan 25 22:10:24 tuxlinux sshd[19149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.142.213 Jan 25 22:10:27 tuxlinux sshd[19149]: Failed password for invalid user marcelo from 49.233.142.213 port 46040 ssh2 ...	2020-01-26 07:45:19
193.31.24.113	attackspam	01/26/2020-00:27:33.131159 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2020-01-26 07:40:18
185.234.218.50	attackbotsspam	Tried to access pma/print.css	2020-01-26 07:41:42
84.1.159.121	attackbotsspam	Invalid user devuser from 84.1.159.121 port 39109	2020-01-26 07:58:10
216.245.208.126	attackspambots	firewall-block, port(s): 5060/tcp	2020-01-26 07:44:02
49.235.221.86	attack	Jan 26 00:59:47 vps691689 sshd[14285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.221.86 Jan 26 00:59:49 vps691689 sshd[14285]: Failed password for invalid user hadoop from 49.235.221.86 port 60770 ssh2 ...	2020-01-26 08:14:17
185.234.217.194	attackspambots	Jan 26 00:51:22 server postfix/smtpd[4160]: warning: unknown[185.234.217.194]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 26 00:51:48 server postfix/smtpd[4160]: warning: unknown[185.234.217.194]: SASL LOGIN authentication failed: Connection lost to authentication server Jan 26 00:52:40 server postfix/smtpd[4160]: warning: unknown[185.234.217.194]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-01-26 08:07:38
94.23.62.187	attack	Jan 25 23:02:46 pkdns2 sshd\[37149\]: Invalid user solr from 94.23.62.187Jan 25 23:02:47 pkdns2 sshd\[37149\]: Failed password for invalid user solr from 94.23.62.187 port 59492 ssh2Jan 25 23:06:26 pkdns2 sshd\[37391\]: Invalid user bayou from 94.23.62.187Jan 25 23:06:28 pkdns2 sshd\[37391\]: Failed password for invalid user bayou from 94.23.62.187 port 39950 ssh2Jan 25 23:10:08 pkdns2 sshd\[37667\]: Invalid user laptop from 94.23.62.187Jan 25 23:10:09 pkdns2 sshd\[37667\]: Failed password for invalid user laptop from 94.23.62.187 port 48664 ssh2 ...	2020-01-26 07:56:15
160.16.74.198	attackspam	$f2bV_matches	2020-01-26 07:54:34
152.136.50.26	attack	Jan 26 00:32:08 meumeu sshd[19434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.50.26 Jan 26 00:32:10 meumeu sshd[19434]: Failed password for invalid user gus from 152.136.50.26 port 41906 ssh2 Jan 26 00:35:39 meumeu sshd[19918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.50.26 ...	2020-01-26 07:45:39
180.178.129.226	attackspambots	DATE:2020-01-25 22:09:09, IP:180.178.129.226, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-01-26 08:13:57
221.143.181.58	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-26 07:42:12
83.97.20.33	attackbotsspam	01/26/2020-00:35:11.006637 83.97.20.33 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-26 07:46:30
168.61.176.121	attackbots	Unauthorized connection attempt detected from IP address 168.61.176.121 to port 2220 [J]	2020-01-26 07:40:59

Recently Reported IPs

103.9.134.247	95.9.156.13	78.213.156.57	78.171.45.188
77.45.116.45	77.42.94.28	73.76.9.187	61.221.55.4
59.127.45.109	49.233.85.15	46.42.51.45	45.118.9.32
42.112.161.17	235.128.74.40	41.38.133.110	12.218.98.102
2.87.240.188	220.134.139.98	219.71.18.187	218.35.74.95