42.51.1.112 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Hacker bot	2020-04-28 06:04:15

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.183.185	attackspambots	Sep 28 15:10:12 rancher-0 sshd[357606]: Invalid user tsbot from 42.51.183.185 port 46862 ...	2020-09-29 03:54:42
42.51.183.185	attackbotsspam	Sep 28 13:55:43 rancher-0 sshd[356345]: Failed password for root from 42.51.183.185 port 33499 ssh2 Sep 28 14:07:21 rancher-0 sshd[356494]: Invalid user test2 from 42.51.183.185 port 33724 ...	2020-09-28 20:08:51
42.51.183.185	attack	Sep 28 01:14:47 sshd\[16636\]: User root from 42.51.183.185 not allowed because not listed in AllowUsersSep 28 01:14:49 sshd\[16636\]: Failed password for invalid user root from 42.51.183.185 port 51454 ssh2 ...	2020-09-28 12:12:09
42.51.13.2	attack	Failed password for invalid user web from 42.51.13.2 port 46784 ssh2	2020-06-24 13:51:36
42.51.136.12	attackspam	Unauthorized connection attempt detected from IP address 42.51.136.12 to port 1433 [T]	2020-04-15 02:20:55
42.51.12.20	attack	Unauthorized access detected from black listed ip!	2020-04-05 07:11:45
42.51.195.216	attackspambots	DATE:2020-03-19 22:52:12, IP:42.51.195.216, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-03-20 07:52:28
42.51.12.20	attackspam	scanning for potential vulnerable apps (wordpress etc.) and database accesses. Requested URI: /wp-login.php	2020-03-17 04:07:31
42.51.195.216	attack	DATE:2020-02-28 14:28:25, IP:42.51.195.216, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-29 03:02:16
42.51.173.38	attackbots	[portscan] Port scan	2020-02-28 16:38:26
42.51.196.34	attackbotsspam	Unauthorized connection attempt detected from IP address 42.51.196.34 to port 8089 [T]	2020-01-07 04:18:59
42.51.133.29	attack	Dec 23 03:07:30 webhost01 sshd[21719]: Failed password for root from 42.51.133.29 port 38920 ssh2 ...	2019-12-23 04:14:34
42.51.133.29	attack	Dec 10 04:06:59 mailserver sshd[6868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:07:01 mailserver sshd[6868]: Failed password for r.r from 42.51.133.29 port 35671 ssh2 Dec 10 04:07:01 mailserver sshd[6868]: Received disconnect from 42.51.133.29 port 35671:11: Bye Bye [preauth] Dec 10 04:07:01 mailserver sshd[6868]: Disconnected from 42.51.133.29 port 35671 [preauth] Dec 10 04:29:59 mailserver sshd[8981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:30:01 mailserver sshd[8981]: Failed password for r.r from 42.51.133.29 port 44008 ssh2 Dec 10 04:30:01 mailserver sshd[8981]: Received disconnect from 42.51.133.29 port 44008:11: Bye Bye [preauth] Dec 10 04:30:01 mailserver sshd[8981]: Disconnected from 42.51.133.29 port 44008 [preauth] Dec 10 04:35:55 mailserver sshd[9430]: Invalid user brace from 42.51.133.29 Dec 10 04:35........ -------------------------------	2019-12-10 16:00:12
42.51.194.15	attackspam	Dec 5 17:40:18 reporting2 sshd[12581]: reveeclipse mapping checking getaddrinfo for idc.ly.ha [42.51.194.15] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 5 17:40:18 reporting2 sshd[12581]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 17:40:18 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:20 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:21 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:25 reporting2 sshd[12638]: .... truncated .... 539]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 18:22:17 reporting2 sshd[3539]........ -------------------------------	2019-12-06 19:10:30
42.51.100.139	attackbotsspam	Dec 1 18:52:06 web1 sshd\[9374\]: Invalid user janke from 42.51.100.139 Dec 1 18:52:06 web1 sshd\[9374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.100.139 Dec 1 18:52:08 web1 sshd\[9374\]: Failed password for invalid user janke from 42.51.100.139 port 38538 ssh2 Dec 1 18:59:00 web1 sshd\[10043\]: Invalid user turtle from 42.51.100.139 Dec 1 18:59:00 web1 sshd\[10043\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.100.139	2019-12-02 13:09:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.1.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53452
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.1.112.			IN	A

;; AUTHORITY SECTION:
.			437	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042702 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 28 06:04:11 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

112.1.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.1.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
104.211.216.173	attackbots	Nov 18 14:50:21 sshgateway sshd\[5546\]: Invalid user godgjest from 104.211.216.173 Nov 18 14:50:21 sshgateway sshd\[5546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.216.173 Nov 18 14:50:22 sshgateway sshd\[5546\]: Failed password for invalid user godgjest from 104.211.216.173 port 41784 ssh2	2019-11-19 02:28:33
113.184.80.186	attack	Sending SPAM email	2019-11-19 02:42:28
177.72.223.139	attack	Automatic report - Port Scan Attack	2019-11-19 02:35:56
112.121.7.115	attackbotsspam	Nov 18 15:28:35 h2812830 sshd[25294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.121.7.115 user=mysql Nov 18 15:28:37 h2812830 sshd[25294]: Failed password for mysql from 112.121.7.115 port 47354 ssh2 Nov 18 15:43:31 h2812830 sshd[25610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.121.7.115 user=mysql Nov 18 15:43:33 h2812830 sshd[25610]: Failed password for mysql from 112.121.7.115 port 43950 ssh2 Nov 18 15:50:10 h2812830 sshd[25789]: Invalid user petra from 112.121.7.115 port 55014 ...	2019-11-19 02:41:03
91.121.87.93	attack	F2B jail: sshd. Time: 2019-11-18 18:11:24, Reported by: VKReport	2019-11-19 02:39:00
143.208.181.35	attackbotsspam	Nov 18 17:54:28 root sshd[19324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.208.181.35 Nov 18 17:54:31 root sshd[19324]: Failed password for invalid user rajfur from 143.208.181.35 port 43420 ssh2 Nov 18 17:57:56 root sshd[19391]: Failed password for root from 143.208.181.35 port 38604 ssh2 ...	2019-11-19 02:56:27
201.150.5.14	attackspambots	Nov 18 19:04:41 vps sshd[3048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.150.5.14 Nov 18 19:04:43 vps sshd[3048]: Failed password for invalid user tomekw from 201.150.5.14 port 56678 ssh2 Nov 18 19:27:16 vps sshd[4214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.150.5.14 ...	2019-11-19 02:49:58
222.186.3.249	attackbots	Nov 18 13:34:58 ny01 sshd[30421]: Failed password for root from 222.186.3.249 port 40210 ssh2 Nov 18 13:37:02 ny01 sshd[30623]: Failed password for root from 222.186.3.249 port 33625 ssh2	2019-11-19 02:54:51
37.98.224.105	attackbots	Nov 18 18:55:10 nextcloud sshd\[29284\]: Invalid user alta from 37.98.224.105 Nov 18 18:55:10 nextcloud sshd\[29284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.98.224.105 Nov 18 18:55:12 nextcloud sshd\[29284\]: Failed password for invalid user alta from 37.98.224.105 port 44670 ssh2 ...	2019-11-19 02:33:14
176.100.103.229	attackspam	Sending SPAM email	2019-11-19 02:41:39
176.62.188.138	attack	firewall-block, port(s): 9000/tcp	2019-11-19 02:34:52
163.172.93.131	attackbots	Nov 18 15:26:05 ns382633 sshd\[22495\]: Invalid user chung from 163.172.93.131 port 37626 Nov 18 15:26:05 ns382633 sshd\[22495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.93.131 Nov 18 15:26:08 ns382633 sshd\[22495\]: Failed password for invalid user chung from 163.172.93.131 port 37626 ssh2 Nov 18 15:50:01 ns382633 sshd\[26996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.93.131 user=root Nov 18 15:50:03 ns382633 sshd\[26996\]: Failed password for root from 163.172.93.131 port 36318 ssh2	2019-11-19 02:45:50
185.142.236.34	attackbotsspam	185.142.236.34 was recorded 9 times by 7 hosts attempting to connect to the following ports: 11,8123,2000,104,5632,4782,8545,1025. Incident counter (4h, 24h, all-time): 9, 60, 706	2019-11-19 02:30:05
182.252.0.188	attack	2019-11-18T18:41:50.216544abusebot-5.cloudsearch.cf sshd\[19409\]: Invalid user matt from 182.252.0.188 port 33292	2019-11-19 02:56:56
222.186.175.167	attack	Nov 18 19:26:43 ovpn sshd\[11078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Nov 18 19:26:44 ovpn sshd\[11078\]: Failed password for root from 222.186.175.167 port 39336 ssh2 Nov 18 19:26:57 ovpn sshd\[11078\]: Failed password for root from 222.186.175.167 port 39336 ssh2 Nov 18 19:27:00 ovpn sshd\[11125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Nov 18 19:27:02 ovpn sshd\[11125\]: Failed password for root from 222.186.175.167 port 38956 ssh2	2019-11-19 02:34:24

最近上报的IP列表

151.61.105.119	184.75.209.46	134.11.23.213	122.51.245.236
46.145.81.88	144.180.94.224	71.61.249.34	221.4.93.250
185.220.47.199	52.53.157.140	74.144.205.161	221.37.94.129
209.254.242.163	173.27.220.139	154.76.10.148	71.158.194.190
88.172.235.81	176.143.156.242	158.154.31.48	13.52.240.178