42.51.13.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Failed password for invalid user web from 42.51.13.2 port 46784 ssh2	2020-06-24 13:51:36

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.136.12	attackspam	Unauthorized connection attempt detected from IP address 42.51.136.12 to port 1433 [T]	2020-04-15 02:20:55
42.51.133.29	attack	Dec 23 03:07:30 webhost01 sshd[21719]: Failed password for root from 42.51.133.29 port 38920 ssh2 ...	2019-12-23 04:14:34
42.51.133.29	attack	Dec 10 04:06:59 mailserver sshd[6868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:07:01 mailserver sshd[6868]: Failed password for r.r from 42.51.133.29 port 35671 ssh2 Dec 10 04:07:01 mailserver sshd[6868]: Received disconnect from 42.51.133.29 port 35671:11: Bye Bye [preauth] Dec 10 04:07:01 mailserver sshd[6868]: Disconnected from 42.51.133.29 port 35671 [preauth] Dec 10 04:29:59 mailserver sshd[8981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:30:01 mailserver sshd[8981]: Failed password for r.r from 42.51.133.29 port 44008 ssh2 Dec 10 04:30:01 mailserver sshd[8981]: Received disconnect from 42.51.133.29 port 44008:11: Bye Bye [preauth] Dec 10 04:30:01 mailserver sshd[8981]: Disconnected from 42.51.133.29 port 44008 [preauth] Dec 10 04:35:55 mailserver sshd[9430]: Invalid user brace from 42.51.133.29 Dec 10 04:35........ -------------------------------	2019-12-10 16:00:12
42.51.13.102	attackbots	Invalid user an from 42.51.13.102 port 53275	2019-10-23 07:54:04
42.51.13.107	attackbotsspam	Automatic report - Banned IP Access	2019-10-20 00:11:42
42.51.13.107	attackbots	2019-10-18T19:56:03.124936abusebot-6.cloudsearch.cf sshd\[2860\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.107 user=root	2019-10-19 04:44:39
42.51.13.102	attackspambots	$f2bV_matches	2019-10-16 14:23:15
42.51.13.102	attack	Oct 10 10:50:01 myhostname sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 10:50:03 myhostname sshd[20963]: Failed password for r.r from 42.51.13.102 port 57284 ssh2 Oct 10 10:50:03 myhostname sshd[20963]: Received disconnect from 42.51.13.102 port 57284:11: Bye Bye [preauth] Oct 10 10:50:03 myhostname sshd[20963]: Disconnected from 42.51.13.102 port 57284 [preauth] Oct 10 11:14:57 myhostname sshd[21029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 11:14:59 myhostname sshd[21029]: Failed password for r.r from 42.51.13.102 port 43249 ssh2 Oct 10 11:14:59 myhostname sshd[21029]: Received disconnect from 42.51.13.102 port 43249:11: Bye Bye [preauth] Oct 10 11:14:59 myhostname sshd[21029]: Disconnected from 42.51.13.102 port 43249 [preauth] Oct 10 11:19:42 myhostname sshd[21038]: pam_unix(sshd:auth): authentication fail........ -------------------------------	2019-10-13 16:57:43
42.51.13.102	attackbots	Oct 10 10:50:01 myhostname sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 10:50:03 myhostname sshd[20963]: Failed password for r.r from 42.51.13.102 port 57284 ssh2 Oct 10 10:50:03 myhostname sshd[20963]: Received disconnect from 42.51.13.102 port 57284:11: Bye Bye [preauth] Oct 10 10:50:03 myhostname sshd[20963]: Disconnected from 42.51.13.102 port 57284 [preauth] Oct 10 11:14:57 myhostname sshd[21029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 11:14:59 myhostname sshd[21029]: Failed password for r.r from 42.51.13.102 port 43249 ssh2 Oct 10 11:14:59 myhostname sshd[21029]: Received disconnect from 42.51.13.102 port 43249:11: Bye Bye [preauth] Oct 10 11:14:59 myhostname sshd[21029]: Disconnected from 42.51.13.102 port 43249 [preauth] Oct 10 11:19:42 myhostname sshd[21038]: pam_unix(sshd:auth): authentication fail........ -------------------------------	2019-10-11 06:48:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.13.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45245
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.13.2.			IN	A

;; AUTHORITY SECTION:
.			250	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 13:51:32 CST 2020
;; MSG SIZE  rcvd: 114

HOST信息:

2.13.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.13.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
121.229.13.229	attackbots	Feb 25 04:01:08 ns382633 sshd\[3113\]: Invalid user pms from 121.229.13.229 port 32984 Feb 25 04:01:08 ns382633 sshd\[3113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.13.229 Feb 25 04:01:10 ns382633 sshd\[3113\]: Failed password for invalid user pms from 121.229.13.229 port 32984 ssh2 Feb 25 04:13:52 ns382633 sshd\[5083\]: Invalid user ts3 from 121.229.13.229 port 56034 Feb 25 04:13:52 ns382633 sshd\[5083\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.13.229	2020-02-25 11:49:50
179.177.18.234	attack	20/2/24@18:21:23: FAIL: Alarm-Network address from=179.177.18.234 ...	2020-02-25 12:01:51
117.50.67.214	attackspambots	Feb 25 03:57:24 sd-53420 sshd\[13391\]: Invalid user ubuntu8 from 117.50.67.214 Feb 25 03:57:24 sd-53420 sshd\[13391\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.67.214 Feb 25 03:57:26 sd-53420 sshd\[13391\]: Failed password for invalid user ubuntu8 from 117.50.67.214 port 45874 ssh2 Feb 25 04:01:42 sd-53420 sshd\[13792\]: Invalid user deployer from 117.50.67.214 Feb 25 04:01:42 sd-53420 sshd\[13792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.67.214 ...	2020-02-25 12:15:18
78.246.35.3	attack	Feb 25 04:39:53 pornomens sshd\[9979\]: Invalid user biguiqi from 78.246.35.3 port 36186 Feb 25 04:39:53 pornomens sshd\[9979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.246.35.3 Feb 25 04:39:55 pornomens sshd\[9979\]: Failed password for invalid user biguiqi from 78.246.35.3 port 36186 ssh2 ...	2020-02-25 11:43:21
103.245.181.2	attack	Feb 24 17:09:06 hanapaa sshd\[19368\]: Invalid user www from 103.245.181.2 Feb 24 17:09:06 hanapaa sshd\[19368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.245.181.2 Feb 24 17:09:07 hanapaa sshd\[19368\]: Failed password for invalid user www from 103.245.181.2 port 50155 ssh2 Feb 24 17:15:12 hanapaa sshd\[19861\]: Invalid user jill from 103.245.181.2 Feb 24 17:15:12 hanapaa sshd\[19861\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.245.181.2	2020-02-25 11:43:05
221.158.194.50	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-25 11:43:38
82.251.138.44	attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-02-25 11:53:32
128.199.169.146	attackspambots	Feb 25 01:03:28 srv2 sshd\[17579\]: Invalid user kadmin from 128.199.169.146 port 50208 Feb 25 01:06:52 srv2 sshd\[17615\]: Invalid user kadmin from 128.199.169.146 port 54394 Feb 25 01:11:09 srv2 sshd\[17759\]: Invalid user kadmin from 128.199.169.146 port 58596	2020-02-25 11:49:28
111.229.101.220	attackspam	2020-02-01T19:02:51.817267suse-nuc sshd[22702]: Invalid user ftptest from 111.229.101.220 port 52692 ...	2020-02-25 12:01:09
66.42.56.21	attackspambots	66.42.56.21 - - [24/Feb/2020:23:21:39 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.42.56.21 - - [24/Feb/2020:23:21:40 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-02-25 11:46:08
52.183.21.61	attackspambots	SSH brute force	2020-02-25 11:42:06
59.62.37.37	attackspambots	1582586490 - 02/25/2020 00:21:30 Host: 59.62.37.37/59.62.37.37 Port: 445 TCP Blocked	2020-02-25 11:57:34
14.138.178.27	attackspambots	Port probing on unauthorized port 9009	2020-02-25 11:40:33
218.82.126.86	attack	Honeypot attack, port: 445, PTR: 86.126.82.218.broad.xw.sh.dynamic.163data.com.cn.	2020-02-25 12:10:56
119.29.65.240	attackbots	Feb 25 02:29:28 lnxmysql61 sshd[634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.65.240	2020-02-25 12:06:01

最近上报的IP列表

73.153.246.88	166.92.22.142	142.44.240.82	152.10.214.66
184.210.180.249	108.224.234.105	9.180.161.33	210.128.56.80
110.49.19.128	237.102.18.137	84.66.27.7	28.197.95.223
36.2.119.63	114.69.27.213	147.109.165.190	66.249.68.26
214.116.48.183	221.129.112.24	157.87.155.193	155.199.91.249