42.51.194.35 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-29 22:26:34
attackspam	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-23 15:01:44
attack	09/15/2019-19:22:10.539826 42.51.194.35 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-16 07:33:53
attackspam	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-15 22:07:14

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.194.15	attackspam	Dec 5 17:40:18 reporting2 sshd[12581]: reveeclipse mapping checking getaddrinfo for idc.ly.ha [42.51.194.15] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 5 17:40:18 reporting2 sshd[12581]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 17:40:18 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:20 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:21 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:25 reporting2 sshd[12638]: .... truncated .... 539]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 18:22:17 reporting2 sshd[3539]........ -------------------------------	2019-12-06 19:10:30
42.51.194.4	attackbotsspam	Nov 21 01:58:01 server sshd\[3484\]: Invalid user ngrc from 42.51.194.4 Nov 21 01:58:01 server sshd\[3484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 21 01:58:02 server sshd\[3484\]: Failed password for invalid user ngrc from 42.51.194.4 port 39830 ssh2 Nov 21 02:06:59 server sshd\[5946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root Nov 21 02:07:01 server sshd\[5946\]: Failed password for root from 42.51.194.4 port 38762 ssh2 ...	2019-11-21 07:38:27
42.51.194.4	attackspam	Nov 18 18:02:48 MK-Soft-VM8 sshd[3441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 18 18:02:50 MK-Soft-VM8 sshd[3441]: Failed password for invalid user webadmin from 42.51.194.4 port 53503 ssh2 ...	2019-11-19 01:06:58
42.51.194.4	attackbots	Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:30 fr01 sshd[4380]: Failed password for invalid user p@ssw0rd from 42.51.194.4 port 47203 ssh2 ...	2019-11-09 19:38:15
42.51.194.4	attack	Oct 23 01:43:16 server sshd\[29595\]: Invalid user long from 42.51.194.4 port 32908 Oct 23 01:43:16 server sshd\[29595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Oct 23 01:43:19 server sshd\[29595\]: Failed password for invalid user long from 42.51.194.4 port 32908 ssh2 Oct 23 01:47:59 server sshd\[2979\]: User root from 42.51.194.4 not allowed because listed in DenyUsers Oct 23 01:47:59 server sshd\[2979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root	2019-10-23 06:51:22
42.51.194.4	attackspambots	$f2bV_matches	2019-10-22 01:29:23
42.51.194.55	attack	Sep 5 15:24:16 hostnameproxy sshd[26462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:18 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:20 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:23 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:26 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:28 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:32 hostnameproxy sshd[26466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:34 hostnameproxy sshd[26466]: Failed password for r.r from 42.51.194.55 port 3584 ssh2 Sep 5 15:24:36 hostnameproxy sshd[26466]: Failed password for r.r from 42.51........ ------------------------------	2019-09-06 11:35:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.194.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53760
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.194.35.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 15 22:07:05 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

35.194.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
35.194.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
180.124.76.241	attackspam	Web scan/attack: detected 1 distinct attempts within a 12-hour window (WebShell)	2020-10-07 12:36:04
193.107.103.39	attackbots	Unauthorized connection attempt from IP address 193.107.103.39 on Port 445(SMB)	2020-10-07 12:39:11
23.97.96.15	attackspam	Unauthorized connection attempt from IP address 23.97.96.15 on Port 445(SMB)	2020-10-07 12:40:58
42.194.217.169	attackbots	Oct 6 20:49:57 host sshd\[25309\]: Failed password for root from 42.194.217.169 port 57486 ssh2 Oct 6 20:54:29 host sshd\[26318\]: Failed password for root from 42.194.217.169 port 50506 ssh2 Oct 6 20:58:56 host sshd\[27327\]: Failed password for root from 42.194.217.169 port 43512 ssh2 ...	2020-10-07 12:44:27
150.158.193.244	attackbotsspam	Brute%20Force%20SSH	2020-10-07 12:20:04
121.69.89.78	attackbots	Oct 7 04:40:48 rancher-0 sshd[511647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.69.89.78 user=root Oct 7 04:40:50 rancher-0 sshd[511647]: Failed password for root from 121.69.89.78 port 51446 ssh2 ...	2020-10-07 12:37:07
24.118.69.61	attackspam	Oct 5 15:49:40 estefan sshd[19917]: Invalid user admin from 24.118.69.61 Oct 5 15:49:40 estefan sshd[19917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-24-118-69-61.hsd1.mn.comcast.net Oct 5 15:49:42 estefan sshd[19917]: Failed password for invalid user admin from 24.118.69.61 port 43177 ssh2 Oct 5 15:49:42 estefan sshd[19918]: Received disconnect from 24.118.69.61: 11: Bye Bye Oct 5 15:49:44 estefan sshd[19938]: Invalid user admin from 24.118.69.61 Oct 5 15:49:44 estefan sshd[19938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-24-118-69-61.hsd1.mn.comcast.net ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=24.118.69.61	2020-10-07 12:29:37
112.85.42.176	attackbots	"fail2ban match"	2020-10-07 12:46:16
106.13.177.53	attackspambots	Oct 6 23:48:03 sso sshd[4379]: Failed password for root from 106.13.177.53 port 39798 ssh2 ...	2020-10-07 12:34:11
182.150.57.34	attackspambots	Oct 6 23:49:49 vlre-nyc-1 sshd\[26097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.150.57.34 user=root Oct 6 23:49:50 vlre-nyc-1 sshd\[26097\]: Failed password for root from 182.150.57.34 port 46335 ssh2 Oct 6 23:52:46 vlre-nyc-1 sshd\[26199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.150.57.34 user=root Oct 6 23:52:48 vlre-nyc-1 sshd\[26199\]: Failed password for root from 182.150.57.34 port 47866 ssh2 Oct 6 23:55:38 vlre-nyc-1 sshd\[26267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.150.57.34 user=root ...	2020-10-07 12:36:26
218.92.0.165	attack	2020-10-07T03:59:30.375788shield sshd\[13162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root 2020-10-07T03:59:32.022331shield sshd\[13162\]: Failed password for root from 218.92.0.165 port 34324 ssh2 2020-10-07T03:59:35.394691shield sshd\[13162\]: Failed password for root from 218.92.0.165 port 34324 ssh2 2020-10-07T03:59:37.843227shield sshd\[13162\]: Failed password for root from 218.92.0.165 port 34324 ssh2 2020-10-07T03:59:41.370943shield sshd\[13162\]: Failed password for root from 218.92.0.165 port 34324 ssh2	2020-10-07 12:15:02
78.128.113.119	attack	Oct 7 05:10:38 websrv1.derweidener.de postfix/smtpd[107296]: warning: unknown[78.128.113.119]: SASL PLAIN authentication failed: Oct 7 05:10:38 websrv1.derweidener.de postfix/smtpd[107296]: lost connection after AUTH from unknown[78.128.113.119] Oct 7 05:10:42 websrv1.derweidener.de postfix/smtpd[107344]: lost connection after AUTH from unknown[78.128.113.119] Oct 7 05:10:47 websrv1.derweidener.de postfix/smtpd[107296]: lost connection after AUTH from unknown[78.128.113.119] Oct 7 05:10:51 websrv1.derweidener.de postfix/smtpd[107344]: lost connection after AUTH from unknown[78.128.113.119]	2020-10-07 12:11:02
192.241.236.169	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-07 12:31:36
180.76.148.87	attackspambots	Oct 7 03:49:49 ns382633 sshd\[27518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root Oct 7 03:49:51 ns382633 sshd\[27518\]: Failed password for root from 180.76.148.87 port 41596 ssh2 Oct 7 03:52:08 ns382633 sshd\[27736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root Oct 7 03:52:11 ns382633 sshd\[27736\]: Failed password for root from 180.76.148.87 port 53445 ssh2 Oct 7 03:53:24 ns382633 sshd\[27789\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root	2020-10-07 12:26:32
61.177.172.61	attack	Oct 7 05:37:38 mavik sshd[3699]: Failed password for root from 61.177.172.61 port 11564 ssh2 Oct 7 05:37:42 mavik sshd[3699]: Failed password for root from 61.177.172.61 port 11564 ssh2 Oct 7 05:37:45 mavik sshd[3699]: Failed password for root from 61.177.172.61 port 11564 ssh2 Oct 7 05:37:48 mavik sshd[3699]: Failed password for root from 61.177.172.61 port 11564 ssh2 Oct 7 05:37:52 mavik sshd[3699]: Failed password for root from 61.177.172.61 port 11564 ssh2 ...	2020-10-07 12:48:12

最近上报的IP列表

223.72.63.86	106.122.170.246	31.15.62.35	49.167.49.164
19.129.159.208	187.123.179.25	206.80.154.51	24.217.215.105
62.34.196.245	186.226.227.213	81.26.247.132	78.188.229.67
190.83.62.179	180.180.43.146	128.28.33.170	76.223.187.152
135.83.191.180	59.180.44.27	210.62.213.139	52.84.236.54