31.163.139.244

Basic Info

City: Kurgan

Region: Kurgan Oblast

Country: Russia

Internet Service Provider: OJSC Rostelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Telnet Server BruteForce Attack	2019-10-07 02:52:54

Comments on same subnet:

IP	Type	Details	Datetime
31.163.139.66	attack	Port Scan detected! ...	2020-06-27 03:17:38
31.163.139.70	attackbots	Port probing on unauthorized port 23	2020-05-02 02:38:00
31.163.139.153	attackbots	unauthorized connection attempt	2020-02-04 15:07:47
31.163.139.99	attack	Unauthorised access (Nov 19) SRC=31.163.139.99 LEN=40 TTL=52 ID=44698 TCP DPT=23 WINDOW=35592 SYN	2019-11-19 14:29:34
31.163.139.117	attackbots	Invalid user admin from 31.163.139.117 port 40446	2019-10-11 21:27:18
31.163.139.24	attackbotsspam	DATE:2019-07-06_05:39:55, IP:31.163.139.24, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-06 18:40:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 31.163.139.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38223
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;31.163.139.244.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100601 1800 900 604800 86400

;; Query time: 133 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 07 02:52:50 CST 2019
;; MSG SIZE  rcvd: 118

Host info

244.139.163.31.in-addr.arpa domain name pointer ws244.zone31-163-139.zaural.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
244.139.163.31.in-addr.arpa	name = ws244.zone31-163-139.zaural.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.143.220.252	attackspam	[2020-03-28 03:10:53] NOTICE[1148] chan_sip.c: Registration from '"402" ' failed for '45.143.220.252:5570' - Wrong password [2020-03-28 03:10:53] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-28T03:10:53.437-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="402",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.252/5570",Challenge="05106849",ReceivedChallenge="05106849",ReceivedHash="ef95d6eca6d1bb7aaf02d78933dff5d6" [2020-03-28 03:10:53] NOTICE[1148] chan_sip.c: Registration from '"402" ' failed for '45.143.220.252:5570' - Wrong password [2020-03-28 03:10:53] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-28T03:10:53.535-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="402",SessionID="0x7fd82cdb8718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.14 ...	2020-03-28 15:10:56
113.125.159.5	attack	Invalid user lv from 113.125.159.5 port 41718	2020-03-28 15:06:23
157.230.255.37	attack	-	2020-03-28 14:54:11
14.232.160.213	attackspambots	$f2bV_matches	2020-03-28 15:30:30
172.69.234.135	attackbotsspam	Wordpress XMLRPC attack	2020-03-28 14:46:43
177.85.118.70	attack	Mar 28 07:13:52 vmd48417 sshd[25958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.85.118.70	2020-03-28 15:02:11
152.44.45.47	attack	Invalid user ph from 152.44.45.47 port 53072	2020-03-28 14:44:53
45.136.108.85	attackbots	Mar 28 02:38:12 yolandtech-ams3 sshd\[2619\]: Invalid user 0 from 45.136.108.85 Mar 28 02:38:14 yolandtech-ams3 sshd\[2621\]: Invalid user 22 from 45.136.108.85 Mar 28 02:38:15 yolandtech-ams3 sshd\[2623\]: Invalid user 101 from 45.136.108.85 Mar 28 02:38:19 yolandtech-ams3 sshd\[2625\]: Invalid user 123 from 45.136.108.85 Mar 28 02:38:24 yolandtech-ams3 sshd\[2627\]: Invalid user 1111 from 45.136.108.85 ...	2020-03-28 14:45:32
115.48.137.108	attackspam	Unauthorised access (Mar 28) SRC=115.48.137.108 LEN=40 TTL=50 ID=54885 TCP DPT=8080 WINDOW=17628 SYN	2020-03-28 14:43:36
61.153.237.252	attackspambots	Mar 28 07:02:28 dev0-dcde-rnet sshd[24583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.153.237.252 Mar 28 07:02:30 dev0-dcde-rnet sshd[24583]: Failed password for invalid user comercial from 61.153.237.252 port 53636 ssh2 Mar 28 07:12:34 dev0-dcde-rnet sshd[24770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.153.237.252	2020-03-28 14:56:02
148.227.227.64	attack	Mar 28 07:50:45 mailserver sshd\[25983\]: Invalid user snl from 148.227.227.64 ...	2020-03-28 14:58:53
92.222.224.189	attackbotsspam	Mar 28 03:14:41 firewall sshd[31401]: Invalid user rm from 92.222.224.189 Mar 28 03:14:43 firewall sshd[31401]: Failed password for invalid user rm from 92.222.224.189 port 48182 ssh2 Mar 28 03:18:36 firewall sshd[31597]: Invalid user yci from 92.222.224.189 ...	2020-03-28 14:59:29
77.126.89.239	attackbots	Unauthorized access detected from black listed ip!	2020-03-28 14:58:22
132.232.245.79	attackspam	5x Failed Password	2020-03-28 15:23:03
190.130.22.62	attackspam	DATE:2020-03-28 04:47:51, IP:190.130.22.62, PORT:5900 VNC brute force auth on honeypot server (epe-honey1-hq)	2020-03-28 14:55:38

Recently Reported IPs

222.65.86.5	97.231.67.212	69.37.105.31	140.172.10.122
34.67.180.216	221.98.199.36	99.241.198.41	32.114.209.41
105.154.30.60	183.73.105.163	221.237.240.148	95.52.149.5
166.169.165.179	86.178.95.207	13.231.111.199	197.56.19.1
81.35.100.23	36.85.205.96	92.103.146.175	87.173.79.103