42.51.1.112 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Hacker bot	2020-04-28 06:04:15

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.183.185	attackspambots	Sep 28 15:10:12 rancher-0 sshd[357606]: Invalid user tsbot from 42.51.183.185 port 46862 ...	2020-09-29 03:54:42
42.51.183.185	attackbotsspam	Sep 28 13:55:43 rancher-0 sshd[356345]: Failed password for root from 42.51.183.185 port 33499 ssh2 Sep 28 14:07:21 rancher-0 sshd[356494]: Invalid user test2 from 42.51.183.185 port 33724 ...	2020-09-28 20:08:51
42.51.183.185	attack	Sep 28 01:14:47 sshd\[16636\]: User root from 42.51.183.185 not allowed because not listed in AllowUsersSep 28 01:14:49 sshd\[16636\]: Failed password for invalid user root from 42.51.183.185 port 51454 ssh2 ...	2020-09-28 12:12:09
42.51.13.2	attack	Failed password for invalid user web from 42.51.13.2 port 46784 ssh2	2020-06-24 13:51:36
42.51.136.12	attackspam	Unauthorized connection attempt detected from IP address 42.51.136.12 to port 1433 [T]	2020-04-15 02:20:55
42.51.12.20	attack	Unauthorized access detected from black listed ip!	2020-04-05 07:11:45
42.51.195.216	attackspambots	DATE:2020-03-19 22:52:12, IP:42.51.195.216, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-03-20 07:52:28
42.51.12.20	attackspam	scanning for potential vulnerable apps (wordpress etc.) and database accesses. Requested URI: /wp-login.php	2020-03-17 04:07:31
42.51.195.216	attack	DATE:2020-02-28 14:28:25, IP:42.51.195.216, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-29 03:02:16
42.51.173.38	attackbots	[portscan] Port scan	2020-02-28 16:38:26
42.51.196.34	attackbotsspam	Unauthorized connection attempt detected from IP address 42.51.196.34 to port 8089 [T]	2020-01-07 04:18:59
42.51.133.29	attack	Dec 23 03:07:30 webhost01 sshd[21719]: Failed password for root from 42.51.133.29 port 38920 ssh2 ...	2019-12-23 04:14:34
42.51.133.29	attack	Dec 10 04:06:59 mailserver sshd[6868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:07:01 mailserver sshd[6868]: Failed password for r.r from 42.51.133.29 port 35671 ssh2 Dec 10 04:07:01 mailserver sshd[6868]: Received disconnect from 42.51.133.29 port 35671:11: Bye Bye [preauth] Dec 10 04:07:01 mailserver sshd[6868]: Disconnected from 42.51.133.29 port 35671 [preauth] Dec 10 04:29:59 mailserver sshd[8981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:30:01 mailserver sshd[8981]: Failed password for r.r from 42.51.133.29 port 44008 ssh2 Dec 10 04:30:01 mailserver sshd[8981]: Received disconnect from 42.51.133.29 port 44008:11: Bye Bye [preauth] Dec 10 04:30:01 mailserver sshd[8981]: Disconnected from 42.51.133.29 port 44008 [preauth] Dec 10 04:35:55 mailserver sshd[9430]: Invalid user brace from 42.51.133.29 Dec 10 04:35........ -------------------------------	2019-12-10 16:00:12
42.51.194.15	attackspam	Dec 5 17:40:18 reporting2 sshd[12581]: reveeclipse mapping checking getaddrinfo for idc.ly.ha [42.51.194.15] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 5 17:40:18 reporting2 sshd[12581]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 17:40:18 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:20 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:21 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:25 reporting2 sshd[12638]: .... truncated .... 539]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 18:22:17 reporting2 sshd[3539]........ -------------------------------	2019-12-06 19:10:30
42.51.100.139	attackbotsspam	Dec 1 18:52:06 web1 sshd\[9374\]: Invalid user janke from 42.51.100.139 Dec 1 18:52:06 web1 sshd\[9374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.100.139 Dec 1 18:52:08 web1 sshd\[9374\]: Failed password for invalid user janke from 42.51.100.139 port 38538 ssh2 Dec 1 18:59:00 web1 sshd\[10043\]: Invalid user turtle from 42.51.100.139 Dec 1 18:59:00 web1 sshd\[10043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.100.139	2019-12-02 13:09:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.1.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53452
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.1.112.			IN	A

;; AUTHORITY SECTION:
.			437	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042702 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 28 06:04:11 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

112.1.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.1.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
200.170.139.169	attack	Aug 23 21:54:03 localhost sshd\[4353\]: Invalid user mihai from 200.170.139.169 port 60549 Aug 23 21:54:03 localhost sshd\[4353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.170.139.169 Aug 23 21:54:04 localhost sshd\[4353\]: Failed password for invalid user mihai from 200.170.139.169 port 60549 ssh2	2019-08-24 04:05:15
106.75.3.35	attackbots	Splunk® : port scan detected: Aug 23 12:25:46 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=106.75.3.35 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=54321 PROTO=TCP SPT=60272 DPT=50050 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-24 03:34:41
43.224.212.59	attack	Aug 23 21:29:47 ubuntu-2gb-nbg1-dc3-1 sshd[25942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.224.212.59 Aug 23 21:29:49 ubuntu-2gb-nbg1-dc3-1 sshd[25942]: Failed password for invalid user ivan from 43.224.212.59 port 40630 ssh2 ...	2019-08-24 03:37:55
189.112.206.147	attack	Aug 23 00:36:50 localhost kernel: [272825.221007] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=189.112.206.147 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=4075 PROTO=TCP SPT=5437 DPT=52869 WINDOW=64461 RES=0x00 SYN URGP=0 Aug 23 00:36:50 localhost kernel: [272825.221029] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=189.112.206.147 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=4075 PROTO=TCP SPT=5437 DPT=52869 SEQ=758669438 ACK=0 WINDOW=64461 RES=0x00 SYN URGP=0 Aug 23 12:19:19 localhost kernel: [314974.957400] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=189.112.206.147 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=19509 PROTO=TCP SPT=5437 DPT=52869 WINDOW=64461 RES=0x00 SYN URGP=0 Aug 23 12:19:19 localhost kernel: [314974.957427] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=189.112.206.147 DST=[mungedIP2] LEN=40 TOS=0x00 PRE	2019-08-24 03:57:59
51.255.174.215	attackspambots	Aug 23 09:44:57 sachi sshd\[16097\]: Invalid user susan from 51.255.174.215 Aug 23 09:44:57 sachi sshd\[16097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.ip-51-255-174.eu Aug 23 09:44:59 sachi sshd\[16097\]: Failed password for invalid user susan from 51.255.174.215 port 46806 ssh2 Aug 23 09:50:12 sachi sshd\[16583\]: Invalid user mdomin from 51.255.174.215 Aug 23 09:50:12 sachi sshd\[16583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.ip-51-255-174.eu	2019-08-24 03:59:18
27.75.238.187	attack	Aug 23 18:39:48 dcd-gentoo sshd[25539]: Invalid user ahccadmin from 27.75.238.187 port 54191 Aug 23 18:39:54 dcd-gentoo sshd[25539]: error: PAM: Authentication failure for illegal user ahccadmin from 27.75.238.187 Aug 23 18:39:48 dcd-gentoo sshd[25539]: Invalid user ahccadmin from 27.75.238.187 port 54191 Aug 23 18:39:54 dcd-gentoo sshd[25539]: error: PAM: Authentication failure for illegal user ahccadmin from 27.75.238.187 Aug 23 18:39:48 dcd-gentoo sshd[25539]: Invalid user ahccadmin from 27.75.238.187 port 54191 Aug 23 18:39:54 dcd-gentoo sshd[25539]: error: PAM: Authentication failure for illegal user ahccadmin from 27.75.238.187 Aug 23 18:39:54 dcd-gentoo sshd[25539]: Failed keyboard-interactive/pam for invalid user ahccadmin from 27.75.238.187 port 54191 ssh2 ...	2019-08-24 04:02:22
77.70.96.195	attackbotsspam	Aug 23 18:12:13 Ubuntu-1404-trusty-64-minimal sshd\[21346\]: Invalid user marci from 77.70.96.195 Aug 23 18:12:13 Ubuntu-1404-trusty-64-minimal sshd\[21346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.70.96.195 Aug 23 18:12:15 Ubuntu-1404-trusty-64-minimal sshd\[21346\]: Failed password for invalid user marci from 77.70.96.195 port 37252 ssh2 Aug 23 18:19:51 Ubuntu-1404-trusty-64-minimal sshd\[24570\]: Invalid user adminuser from 77.70.96.195 Aug 23 18:19:51 Ubuntu-1404-trusty-64-minimal sshd\[24570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.70.96.195	2019-08-24 03:33:11
218.189.15.99	attack	445/tcp 445/tcp 445/tcp... [2019-06-29/08-23]10pkt,1pt.(tcp)	2019-08-24 04:10:01
103.60.137.111	attack	445/tcp 445/tcp 445/tcp... [2019-06-29/08-23]13pkt,1pt.(tcp)	2019-08-24 03:52:42
192.99.32.86	attackbotsspam	Aug 23 21:32:01 SilenceServices sshd[20969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.32.86 Aug 23 21:32:03 SilenceServices sshd[20969]: Failed password for invalid user dev from 192.99.32.86 port 33878 ssh2 Aug 23 21:35:41 SilenceServices sshd[24404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.32.86	2019-08-24 03:39:17
118.24.95.31	attackspam	Automatic report - Banned IP Access	2019-08-24 04:07:13
61.33.196.235	attackspam	2019-08-23T21:33:36.065134 sshd[18702]: Invalid user srcnet from 61.33.196.235 port 50706 2019-08-23T21:33:36.081732 sshd[18702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.33.196.235 2019-08-23T21:33:36.065134 sshd[18702]: Invalid user srcnet from 61.33.196.235 port 50706 2019-08-23T21:33:37.755867 sshd[18702]: Failed password for invalid user srcnet from 61.33.196.235 port 50706 ssh2 2019-08-23T21:38:14.520979 sshd[18752]: Invalid user bcampbel from 61.33.196.235 port 39682 ...	2019-08-24 04:04:08
139.99.201.100	attackbotsspam	Aug 23 22:04:02 SilenceServices sshd[16965]: Failed password for root from 139.99.201.100 port 60128 ssh2 Aug 23 22:08:57 SilenceServices sshd[21480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.201.100 Aug 23 22:08:59 SilenceServices sshd[21480]: Failed password for invalid user qiu from 139.99.201.100 port 49060 ssh2	2019-08-24 04:13:37
85.209.0.161	attackspambots	Port Scan detected from 85.209.0.161 (RU/Russia/-). 11 hits in the last 30 seconds	2019-08-24 03:38:24
145.239.73.103	attackbots	Aug 23 21:52:27 SilenceServices sshd[6773]: Failed password for root from 145.239.73.103 port 55308 ssh2 Aug 23 21:56:18 SilenceServices sshd[10163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.73.103 Aug 23 21:56:21 SilenceServices sshd[10163]: Failed password for invalid user ping from 145.239.73.103 port 44566 ssh2	2019-08-24 04:00:45

最近上报的IP列表

151.61.105.119	184.75.209.46	134.11.23.213	122.51.245.236
46.145.81.88	144.180.94.224	71.61.249.34	221.4.93.250
185.220.47.199	52.53.157.140	74.144.205.161	221.37.94.129
209.254.242.163	173.27.220.139	154.76.10.148	71.158.194.190
88.172.235.81	176.143.156.242	158.154.31.48	13.52.240.178