42.51.13.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Failed password for invalid user web from 42.51.13.2 port 46784 ssh2	2020-06-24 13:51:36

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.136.12	attackspam	Unauthorized connection attempt detected from IP address 42.51.136.12 to port 1433 [T]	2020-04-15 02:20:55
42.51.133.29	attack	Dec 23 03:07:30 webhost01 sshd[21719]: Failed password for root from 42.51.133.29 port 38920 ssh2 ...	2019-12-23 04:14:34
42.51.133.29	attack	Dec 10 04:06:59 mailserver sshd[6868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:07:01 mailserver sshd[6868]: Failed password for r.r from 42.51.133.29 port 35671 ssh2 Dec 10 04:07:01 mailserver sshd[6868]: Received disconnect from 42.51.133.29 port 35671:11: Bye Bye [preauth] Dec 10 04:07:01 mailserver sshd[6868]: Disconnected from 42.51.133.29 port 35671 [preauth] Dec 10 04:29:59 mailserver sshd[8981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.133.29 user=r.r Dec 10 04:30:01 mailserver sshd[8981]: Failed password for r.r from 42.51.133.29 port 44008 ssh2 Dec 10 04:30:01 mailserver sshd[8981]: Received disconnect from 42.51.133.29 port 44008:11: Bye Bye [preauth] Dec 10 04:30:01 mailserver sshd[8981]: Disconnected from 42.51.133.29 port 44008 [preauth] Dec 10 04:35:55 mailserver sshd[9430]: Invalid user brace from 42.51.133.29 Dec 10 04:35........ -------------------------------	2019-12-10 16:00:12
42.51.13.102	attackbots	Invalid user an from 42.51.13.102 port 53275	2019-10-23 07:54:04
42.51.13.107	attackbotsspam	Automatic report - Banned IP Access	2019-10-20 00:11:42
42.51.13.107	attackbots	2019-10-18T19:56:03.124936abusebot-6.cloudsearch.cf sshd\[2860\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.107 user=root	2019-10-19 04:44:39
42.51.13.102	attackspambots	$f2bV_matches	2019-10-16 14:23:15
42.51.13.102	attack	Oct 10 10:50:01 myhostname sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 10:50:03 myhostname sshd[20963]: Failed password for r.r from 42.51.13.102 port 57284 ssh2 Oct 10 10:50:03 myhostname sshd[20963]: Received disconnect from 42.51.13.102 port 57284:11: Bye Bye [preauth] Oct 10 10:50:03 myhostname sshd[20963]: Disconnected from 42.51.13.102 port 57284 [preauth] Oct 10 11:14:57 myhostname sshd[21029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 11:14:59 myhostname sshd[21029]: Failed password for r.r from 42.51.13.102 port 43249 ssh2 Oct 10 11:14:59 myhostname sshd[21029]: Received disconnect from 42.51.13.102 port 43249:11: Bye Bye [preauth] Oct 10 11:14:59 myhostname sshd[21029]: Disconnected from 42.51.13.102 port 43249 [preauth] Oct 10 11:19:42 myhostname sshd[21038]: pam_unix(sshd:auth): authentication fail........ -------------------------------	2019-10-13 16:57:43
42.51.13.102	attackbots	Oct 10 10:50:01 myhostname sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 10:50:03 myhostname sshd[20963]: Failed password for r.r from 42.51.13.102 port 57284 ssh2 Oct 10 10:50:03 myhostname sshd[20963]: Received disconnect from 42.51.13.102 port 57284:11: Bye Bye [preauth] Oct 10 10:50:03 myhostname sshd[20963]: Disconnected from 42.51.13.102 port 57284 [preauth] Oct 10 11:14:57 myhostname sshd[21029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 11:14:59 myhostname sshd[21029]: Failed password for r.r from 42.51.13.102 port 43249 ssh2 Oct 10 11:14:59 myhostname sshd[21029]: Received disconnect from 42.51.13.102 port 43249:11: Bye Bye [preauth] Oct 10 11:14:59 myhostname sshd[21029]: Disconnected from 42.51.13.102 port 43249 [preauth] Oct 10 11:19:42 myhostname sshd[21038]: pam_unix(sshd:auth): authentication fail........ -------------------------------	2019-10-11 06:48:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.13.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45245
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.13.2.			IN	A

;; AUTHORITY SECTION:
.			250	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062400 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 24 13:51:32 CST 2020
;; MSG SIZE  rcvd: 114

HOST信息:

2.13.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.13.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

IP	类型	评论内容	时间
74.82.47.16	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-05 19:58:44
165.227.97.108	attackbotsspam	2019-07-05T11:36:04.391290abusebot-4.cloudsearch.cf sshd\[12450\]: Invalid user star from 165.227.97.108 port 49636	2019-07-05 19:48:54
117.34.109.40	attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(07051145)	2019-07-05 19:45:55
104.236.81.204	attackspambots	Jul 5 13:38:52 [munged] sshd[16545]: Invalid user blower from 104.236.81.204 port 52140 Jul 5 13:38:52 [munged] sshd[16545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.81.204	2019-07-05 19:52:25
51.68.46.70	attackbots	Scanning and Vuln Attempts	2019-07-05 20:05:57
178.255.126.198	attackspambots	DATE:2019-07-05_09:59:48, IP:178.255.126.198, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-05 19:58:11
194.126.40.118	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 07:50:03,996 INFO [amun_request_handler] PortScan Detected on Port: 445 (194.126.40.118)	2019-07-05 19:47:54
47.99.182.57	attackspam	Scanning and Vuln Attempts	2019-07-05 20:10:35
52.76.222.0	attack	Scanning and Vuln Attempts	2019-07-05 19:36:16
47.52.41.19	attackspam	Scanning and Vuln Attempts	2019-07-05 20:14:45
190.203.76.155	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 18:50:31,976 INFO [shellcode_manager] (190.203.76.155) no match, writing hexdump (0bf59ecf6b4e35af586387c58d7d834e :2884727) - MS17010 (EternalBlue)	2019-07-05 19:41:26
101.227.59.50	attackbots	3389BruteforceFW21	2019-07-05 19:39:37
137.74.174.138	attack	wp-login.php	2019-07-05 20:07:43
74.82.47.12	attackbotsspam	" "	2019-07-05 19:56:34
185.234.218.234	attack	Time: Fri Jul 5 03:36:58 2019 -0400 IP: 185.234.218.234 (IE/Ireland/-) Failures: 15 (ftpd) Interval: 3600 seconds Blocked: Permanent Block	2019-07-05 19:40:11

最近上报的IP列表

73.153.246.88	166.92.22.142	142.44.240.82	152.10.214.66
184.210.180.249	108.224.234.105	9.180.161.33	210.128.56.80
110.49.19.128	237.102.18.137	84.66.27.7	28.197.95.223
36.2.119.63	114.69.27.213	147.109.165.190	66.249.68.26
214.116.48.183	221.129.112.24	157.87.155.193	155.199.91.249