42.51.12.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): Henan

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): Zhengzhou Fastidc Technology Co.,Ltd.

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized access detected from black listed ip!	2020-04-05 07:11:45
attackspam	scanning for potential vulnerable apps (wordpress etc.) and database accesses. Requested URI: /wp-login.php	2020-03-17 04:07:31
attackbots	Attempts to probe for or exploit a Drupal site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2019-08-17 01:29:50

类型

评论内容

时间

attack

Unauthorized access detected from black listed ip!

2020-04-05 07:11:45

attackspam

scanning for potential vulnerable apps (wordpress etc.) and database accesses. Requested URI: /wp-login.php

2020-03-17 04:07:31

attackbots

Attempts to probe for or exploit a Drupal site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb.

2019-08-17 01:29:50

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.12.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41771
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.12.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 20 16:39:01 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 20.12.51.42.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 20.12.51.42.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
145.239.19.186	attack	Sep 7 22:04:47 h2829583 sshd[20011]: Failed password for root from 145.239.19.186 port 41332 ssh2	2020-09-08 04:39:25
51.254.220.20	attack	$f2bV_matches	2020-09-08 04:23:39
200.17.114.215	attackbots	2020-09-07T11:25:59.2863431495-001 sshd[19983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.17.114.215 user=root 2020-09-07T11:26:00.6780801495-001 sshd[19983]: Failed password for root from 200.17.114.215 port 35265 ssh2 2020-09-07T11:29:28.6101861495-001 sshd[20208]: Invalid user admin from 200.17.114.215 port 58184 2020-09-07T11:29:28.6135801495-001 sshd[20208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.17.114.215 2020-09-07T11:29:28.6101861495-001 sshd[20208]: Invalid user admin from 200.17.114.215 port 58184 2020-09-07T11:29:31.3649251495-001 sshd[20208]: Failed password for invalid user admin from 200.17.114.215 port 58184 ssh2 ...	2020-09-08 04:19:19
165.22.49.205	attackspam	Sep 7 18:15:14 ovpn sshd\[6970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.49.205 user=root Sep 7 18:15:17 ovpn sshd\[6970\]: Failed password for root from 165.22.49.205 port 49044 ssh2 Sep 7 18:24:39 ovpn sshd\[9261\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.49.205 user=root Sep 7 18:24:41 ovpn sshd\[9261\]: Failed password for root from 165.22.49.205 port 49030 ssh2 Sep 7 18:28:52 ovpn sshd\[10302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.49.205 user=root	2020-09-08 04:29:41
124.113.193.108	attack	Sep 7 13:06:18 v26 sshd[29549]: Invalid user sanjavier from 124.113.193.108 port 59878 Sep 7 13:06:18 v26 sshd[29549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.113.193.108 Sep 7 13:06:20 v26 sshd[29549]: Failed password for invalid user sanjavier from 124.113.193.108 port 59878 ssh2 Sep 7 13:06:20 v26 sshd[29549]: Received disconnect from 124.113.193.108 port 59878:11: Bye Bye [preauth] Sep 7 13:06:20 v26 sshd[29549]: Disconnected from 124.113.193.108 port 59878 [preauth] Sep 7 13:15:53 v26 sshd[30768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.113.193.108 user=r.r Sep 7 13:15:55 v26 sshd[30768]: Failed password for r.r from 124.113.193.108 port 55824 ssh2 Sep 7 13:15:56 v26 sshd[30768]: Received disconnect from 124.113.193.108 port 55824:11: Bye Bye [preauth] Sep 7 13:15:56 v26 sshd[30768]: Disconnected from 124.113.193.108 port 55824 [preauth] ........ --------------------------------------------	2020-09-08 04:35:18
160.16.101.57	attack	160.16.101.57 (JP/Japan/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 7 12:35:43 cvps sshd[14616]: Failed password for root from 160.16.101.57 port 35866 ssh2 Sep 7 12:34:22 cvps sshd[14243]: Failed password for root from 176.31.163.192 port 47762 ssh2 Sep 7 12:44:45 cvps sshd[17810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.40.83 user=root Sep 7 12:28:51 cvps sshd[12201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.240.225.205 user=root Sep 7 12:28:53 cvps sshd[12201]: Failed password for root from 189.240.225.205 port 55814 ssh2 IP Addresses Blocked:	2020-09-08 04:32:31
156.222.125.118	attackspam	Attempted connection to port 23.	2020-09-08 04:14:48
189.1.132.75	attackbotsspam	Invalid user ljq from 189.1.132.75 port 37848	2020-09-08 04:35:43
45.7.198.141	attack	Unauthorized connection attempt from IP address 45.7.198.141 on Port 445(SMB)	2020-09-08 04:30:50
201.17.28.14	attackspambots	Unauthorized connection attempt from IP address 201.17.28.14 on Port 445(SMB)	2020-09-08 04:14:01
45.142.120.78	attackspam	2020-09-07T14:45:43.283153linuxbox-skyline auth[139006]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=helpcenter rhost=45.142.120.78 ...	2020-09-08 04:45:54
95.85.30.24	attackbots	$f2bV_matches	2020-09-08 04:23:12
191.35.161.129	attack	20/9/6@12:45:22: FAIL: Alarm-Network address from=191.35.161.129 20/9/6@12:45:22: FAIL: Alarm-Network address from=191.35.161.129 ...	2020-09-08 04:29:03
45.142.120.166	attack	2020-09-07 22:31:08 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data 2020-09-07 22:39:03 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=recherche@no-server.de$ 2020-09-07 22:39:32 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=recherche@no-server.de$ 2020-09-07 22:39:49 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=brandon@no-server.de$ 2020-09-07 22:40:19 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=brandon@no-server.de$ 2020-09-07 22:40:19 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=brandon@no-server.de$ 2020-09-07 22:40:19 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect au ...	2020-09-08 04:43:47
187.233.216.104	attackbotsspam	1599414065 - 09/06/2020 19:41:05 Host: 187.233.216.104/187.233.216.104 Port: 445 TCP Blocked	2020-09-08 04:18:59

最近上报的IP列表

178.137.17.11	198.216.233.114	114.67.56.71	39.69.71.200
20.166.90.200	122.252.250.250	37.94.238.164	114.230.122.43
119.53.211.64	197.3.7.157	66.158.210.171	129.120.110.245
49.86.196.153	157.230.178.246	220.78.222.139	123.143.245.224
143.146.145.187	113.161.186.193	197.136.180.126	32.204.241.255