城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): Henan Telcom Union Technology Co. Ltd
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Data Center/Web Hosting/Transit
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attack | Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL) |
2019-09-29 22:26:34 |
| attackspam | Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL) |
2019-09-23 15:01:44 |
| attack | 09/15/2019-19:22:10.539826 42.51.194.35 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306 |
2019-09-16 07:33:53 |
| attackspam | Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL) |
2019-09-15 22:07:14 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 42.51.194.15 | attackspam | Dec 5 17:40:18 reporting2 sshd[12581]: reveeclipse mapping checking getaddrinfo for idc.ly.ha [42.51.194.15] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 5 17:40:18 reporting2 sshd[12581]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 17:40:18 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:20 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:21 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:25 reporting2 sshd[12638]: .... truncated .... 539]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 18:22:17 reporting2 sshd[3539]........ ------------------------------- |
2019-12-06 19:10:30 |
| 42.51.194.4 | attackbotsspam | Nov 21 01:58:01 server sshd\[3484\]: Invalid user ngrc from 42.51.194.4 Nov 21 01:58:01 server sshd\[3484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 21 01:58:02 server sshd\[3484\]: Failed password for invalid user ngrc from 42.51.194.4 port 39830 ssh2 Nov 21 02:06:59 server sshd\[5946\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root Nov 21 02:07:01 server sshd\[5946\]: Failed password for root from 42.51.194.4 port 38762 ssh2 ... |
2019-11-21 07:38:27 |
| 42.51.194.4 | attackspam | Nov 18 18:02:48 MK-Soft-VM8 sshd[3441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 18 18:02:50 MK-Soft-VM8 sshd[3441]: Failed password for invalid user webadmin from 42.51.194.4 port 53503 ssh2 ... |
2019-11-19 01:06:58 |
| 42.51.194.4 | attackbots | Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:30 fr01 sshd[4380]: Failed password for invalid user p@ssw0rd from 42.51.194.4 port 47203 ssh2 ... |
2019-11-09 19:38:15 |
| 42.51.194.4 | attack | Oct 23 01:43:16 server sshd\[29595\]: Invalid user long from 42.51.194.4 port 32908 Oct 23 01:43:16 server sshd\[29595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Oct 23 01:43:19 server sshd\[29595\]: Failed password for invalid user long from 42.51.194.4 port 32908 ssh2 Oct 23 01:47:59 server sshd\[2979\]: User root from 42.51.194.4 not allowed because listed in DenyUsers Oct 23 01:47:59 server sshd\[2979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root |
2019-10-23 06:51:22 |
| 42.51.194.4 | attackspambots | $f2bV_matches |
2019-10-22 01:29:23 |
| 42.51.194.55 | attack | Sep 5 15:24:16 hostnameproxy sshd[26462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:18 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:20 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:23 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:26 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:28 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:32 hostnameproxy sshd[26466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:34 hostnameproxy sshd[26466]: Failed password for r.r from 42.51.194.55 port 3584 ssh2 Sep 5 15:24:36 hostnameproxy sshd[26466]: Failed password for r.r from 42.51........ ------------------------------ |
2019-09-06 11:35:10 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.194.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53760
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.194.35. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019091500 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 15 22:07:05 CST 2019
;; MSG SIZE rcvd: 116
35.194.51.42.in-addr.arpa domain name pointer idc.ly.ha.
Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
35.194.51.42.in-addr.arpa name = idc.ly.ha.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 109.19.16.40 | attack | 2019-10-08T15:20:00.794091abusebot-5.cloudsearch.cf sshd\[5432\]: Invalid user robert from 109.19.16.40 port 55708 |
2019-10-09 01:40:13 |
| 134.209.203.238 | attackspam | wp bruteforce |
2019-10-09 01:20:36 |
| 104.131.13.199 | attackspam | Oct 8 17:44:56 server sshd\[17252\]: Invalid user 1qaz2wsx3edc4rfv5tgb6yhn from 104.131.13.199 port 54234 Oct 8 17:44:56 server sshd\[17252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.13.199 Oct 8 17:44:59 server sshd\[17252\]: Failed password for invalid user 1qaz2wsx3edc4rfv5tgb6yhn from 104.131.13.199 port 54234 ssh2 Oct 8 17:48:34 server sshd\[21447\]: Invalid user 1qaz2wsx3edc4rfv5tgb6yhn from 104.131.13.199 port 38166 Oct 8 17:48:34 server sshd\[21447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.13.199 |
2019-10-09 01:48:13 |
| 144.217.255.89 | attackspambots | 2019-10-08T16:59:06.197312abusebot.cloudsearch.cf sshd\[24912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns542132.ip-144-217-255.net user=root |
2019-10-09 01:53:38 |
| 86.124.84.83 | attackspambots | Automatic report - Port Scan Attack |
2019-10-09 01:42:18 |
| 219.233.217.123 | attackspam | postfix (unknown user, SPF fail or relay access denied) |
2019-10-09 01:31:51 |
| 46.229.168.130 | attackbots | Malicious Traffic/Form Submission |
2019-10-09 01:25:59 |
| 49.88.112.65 | attackbotsspam | Oct 8 15:48:10 hcbbdb sshd\[23070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Oct 8 15:48:12 hcbbdb sshd\[23070\]: Failed password for root from 49.88.112.65 port 19578 ssh2 Oct 8 15:48:53 hcbbdb sshd\[23144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Oct 8 15:48:55 hcbbdb sshd\[23144\]: Failed password for root from 49.88.112.65 port 34896 ssh2 Oct 8 15:49:50 hcbbdb sshd\[23246\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root |
2019-10-09 01:17:10 |
| 180.126.198.47 | attack | Unauthorised access (Oct 8) SRC=180.126.198.47 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=50945 TCP DPT=8080 WINDOW=62422 SYN |
2019-10-09 01:30:32 |
| 219.90.67.89 | attack | Oct 8 08:33:44 home sshd[10048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Oct 8 08:33:46 home sshd[10048]: Failed password for root from 219.90.67.89 port 60860 ssh2 Oct 8 08:49:40 home sshd[10151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Oct 8 08:49:42 home sshd[10151]: Failed password for root from 219.90.67.89 port 49326 ssh2 Oct 8 08:54:10 home sshd[10177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Oct 8 08:54:11 home sshd[10177]: Failed password for root from 219.90.67.89 port 33098 ssh2 Oct 8 08:58:42 home sshd[10249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Oct 8 08:58:44 home sshd[10249]: Failed password for root from 219.90.67.89 port 45096 ssh2 Oct 8 09:03:16 home sshd[10285]: pam_unix(sshd:auth): authenticatio |
2019-10-09 01:24:27 |
| 94.23.212.137 | attackbots | Oct 8 19:07:42 root sshd[24274]: Failed password for root from 94.23.212.137 port 46562 ssh2 Oct 8 19:11:51 root sshd[24370]: Failed password for root from 94.23.212.137 port 38276 ssh2 ... |
2019-10-09 01:34:01 |
| 71.6.199.23 | attackbotsspam | 21/tcp 26/tcp 1025/tcp... [2019-08-07/10-08]677pkt,264pt.(tcp),52pt.(udp) |
2019-10-09 01:15:11 |
| 118.25.12.59 | attack | Oct 8 16:00:04 vmanager6029 sshd\[20328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.12.59 user=root Oct 8 16:00:05 vmanager6029 sshd\[20328\]: Failed password for root from 118.25.12.59 port 51166 ssh2 Oct 8 16:05:18 vmanager6029 sshd\[20440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.12.59 user=root |
2019-10-09 01:50:11 |
| 154.83.13.119 | attackspambots | Oct 7 20:14:38 web1 sshd[18742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.13.119 user=r.r Oct 7 20:14:40 web1 sshd[18742]: Failed password for r.r from 154.83.13.119 port 40676 ssh2 Oct 7 20:14:41 web1 sshd[18742]: Received disconnect from 154.83.13.119: 11: Bye Bye [preauth] Oct 7 20:39:39 web1 sshd[20915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.13.119 user=r.r Oct 7 20:39:41 web1 sshd[20915]: Failed password for r.r from 154.83.13.119 port 16649 ssh2 Oct 7 20:39:42 web1 sshd[20915]: Received disconnect from 154.83.13.119: 11: Bye Bye [preauth] Oct 7 20:44:20 web1 sshd[21304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.13.119 user=r.r Oct 7 20:44:22 web1 sshd[21304]: Failed password for r.r from 154.83.13.119 port 58147 ssh2 Oct 7 20:44:22 web1 sshd[21304]: Received disconnect from 154.83.13.119: 1........ ------------------------------- |
2019-10-09 01:29:55 |
| 219.240.49.50 | attackspambots | Apr 15 04:11:56 ubuntu sshd[23587]: Failed password for root from 219.240.49.50 port 37359 ssh2 Apr 15 04:12:03 ubuntu sshd[23587]: Failed password for root from 219.240.49.50 port 37359 ssh2 Apr 15 04:12:06 ubuntu sshd[23587]: Failed password for root from 219.240.49.50 port 37359 ssh2 Apr 15 04:12:08 ubuntu sshd[23587]: Failed password for root from 219.240.49.50 port 37359 ssh2 Apr 15 04:12:08 ubuntu sshd[23587]: error: maximum authentication attempts exceeded for root from 219.240.49.50 port 37359 ssh2 [preauth] |
2019-10-09 01:48:25 |