42.51.194.35 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-29 22:26:34
attackspam	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-23 15:01:44
attack	09/15/2019-19:22:10.539826 42.51.194.35 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-16 07:33:53
attackspam	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-15 22:07:14

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.194.15	attackspam	Dec 5 17:40:18 reporting2 sshd[12581]: reveeclipse mapping checking getaddrinfo for idc.ly.ha [42.51.194.15] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 5 17:40:18 reporting2 sshd[12581]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 17:40:18 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:20 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:21 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:25 reporting2 sshd[12638]: .... truncated .... 539]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 18:22:17 reporting2 sshd[3539]........ -------------------------------	2019-12-06 19:10:30
42.51.194.4	attackbotsspam	Nov 21 01:58:01 server sshd\[3484\]: Invalid user ngrc from 42.51.194.4 Nov 21 01:58:01 server sshd\[3484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 21 01:58:02 server sshd\[3484\]: Failed password for invalid user ngrc from 42.51.194.4 port 39830 ssh2 Nov 21 02:06:59 server sshd\[5946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root Nov 21 02:07:01 server sshd\[5946\]: Failed password for root from 42.51.194.4 port 38762 ssh2 ...	2019-11-21 07:38:27
42.51.194.4	attackspam	Nov 18 18:02:48 MK-Soft-VM8 sshd[3441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 18 18:02:50 MK-Soft-VM8 sshd[3441]: Failed password for invalid user webadmin from 42.51.194.4 port 53503 ssh2 ...	2019-11-19 01:06:58
42.51.194.4	attackbots	Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:30 fr01 sshd[4380]: Failed password for invalid user p@ssw0rd from 42.51.194.4 port 47203 ssh2 ...	2019-11-09 19:38:15
42.51.194.4	attack	Oct 23 01:43:16 server sshd\[29595\]: Invalid user long from 42.51.194.4 port 32908 Oct 23 01:43:16 server sshd\[29595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Oct 23 01:43:19 server sshd\[29595\]: Failed password for invalid user long from 42.51.194.4 port 32908 ssh2 Oct 23 01:47:59 server sshd\[2979\]: User root from 42.51.194.4 not allowed because listed in DenyUsers Oct 23 01:47:59 server sshd\[2979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root	2019-10-23 06:51:22
42.51.194.4	attackspambots	$f2bV_matches	2019-10-22 01:29:23
42.51.194.55	attack	Sep 5 15:24:16 hostnameproxy sshd[26462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:18 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:20 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:23 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:26 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:28 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:32 hostnameproxy sshd[26466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:34 hostnameproxy sshd[26466]: Failed password for r.r from 42.51.194.55 port 3584 ssh2 Sep 5 15:24:36 hostnameproxy sshd[26466]: Failed password for r.r from 42.51........ ------------------------------	2019-09-06 11:35:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.194.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53760
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.194.35.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 15 22:07:05 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

35.194.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
35.194.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
109.19.16.40	attack	2019-10-08T15:20:00.794091abusebot-5.cloudsearch.cf sshd\[5432\]: Invalid user robert from 109.19.16.40 port 55708	2019-10-09 01:40:13
134.209.203.238	attackspam	wp bruteforce	2019-10-09 01:20:36
104.131.13.199	attackspam	Oct 8 17:44:56 server sshd\[17252\]: Invalid user 1qaz2wsx3edc4rfv5tgb6yhn from 104.131.13.199 port 54234 Oct 8 17:44:56 server sshd\[17252\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.13.199 Oct 8 17:44:59 server sshd\[17252\]: Failed password for invalid user 1qaz2wsx3edc4rfv5tgb6yhn from 104.131.13.199 port 54234 ssh2 Oct 8 17:48:34 server sshd\[21447\]: Invalid user 1qaz2wsx3edc4rfv5tgb6yhn from 104.131.13.199 port 38166 Oct 8 17:48:34 server sshd\[21447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.13.199	2019-10-09 01:48:13
144.217.255.89	attackspambots	2019-10-08T16:59:06.197312abusebot.cloudsearch.cf sshd\[24912\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns542132.ip-144-217-255.net user=root	2019-10-09 01:53:38
86.124.84.83	attackspambots	Automatic report - Port Scan Attack	2019-10-09 01:42:18
219.233.217.123	attackspam	postfix (unknown user, SPF fail or relay access denied)	2019-10-09 01:31:51
46.229.168.130	attackbots	Malicious Traffic/Form Submission	2019-10-09 01:25:59
49.88.112.65	attackbotsspam	Oct 8 15:48:10 hcbbdb sshd\[23070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Oct 8 15:48:12 hcbbdb sshd\[23070\]: Failed password for root from 49.88.112.65 port 19578 ssh2 Oct 8 15:48:53 hcbbdb sshd\[23144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Oct 8 15:48:55 hcbbdb sshd\[23144\]: Failed password for root from 49.88.112.65 port 34896 ssh2 Oct 8 15:49:50 hcbbdb sshd\[23246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root	2019-10-09 01:17:10
180.126.198.47	attack	Unauthorised access (Oct 8) SRC=180.126.198.47 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=50945 TCP DPT=8080 WINDOW=62422 SYN	2019-10-09 01:30:32
219.90.67.89	attack	Oct 8 08:33:44 home sshd[10048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Oct 8 08:33:46 home sshd[10048]: Failed password for root from 219.90.67.89 port 60860 ssh2 Oct 8 08:49:40 home sshd[10151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Oct 8 08:49:42 home sshd[10151]: Failed password for root from 219.90.67.89 port 49326 ssh2 Oct 8 08:54:10 home sshd[10177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Oct 8 08:54:11 home sshd[10177]: Failed password for root from 219.90.67.89 port 33098 ssh2 Oct 8 08:58:42 home sshd[10249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 user=root Oct 8 08:58:44 home sshd[10249]: Failed password for root from 219.90.67.89 port 45096 ssh2 Oct 8 09:03:16 home sshd[10285]: pam_unix(sshd:auth): authenticatio	2019-10-09 01:24:27
94.23.212.137	attackbots	Oct 8 19:07:42 root sshd[24274]: Failed password for root from 94.23.212.137 port 46562 ssh2 Oct 8 19:11:51 root sshd[24370]: Failed password for root from 94.23.212.137 port 38276 ssh2 ...	2019-10-09 01:34:01
71.6.199.23	attackbotsspam	21/tcp 26/tcp 1025/tcp... [2019-08-07/10-08]677pkt,264pt.(tcp),52pt.(udp)	2019-10-09 01:15:11
118.25.12.59	attack	Oct 8 16:00:04 vmanager6029 sshd\[20328\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.12.59 user=root Oct 8 16:00:05 vmanager6029 sshd\[20328\]: Failed password for root from 118.25.12.59 port 51166 ssh2 Oct 8 16:05:18 vmanager6029 sshd\[20440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.12.59 user=root	2019-10-09 01:50:11
154.83.13.119	attackspambots	Oct 7 20:14:38 web1 sshd[18742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.13.119 user=r.r Oct 7 20:14:40 web1 sshd[18742]: Failed password for r.r from 154.83.13.119 port 40676 ssh2 Oct 7 20:14:41 web1 sshd[18742]: Received disconnect from 154.83.13.119: 11: Bye Bye [preauth] Oct 7 20:39:39 web1 sshd[20915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.13.119 user=r.r Oct 7 20:39:41 web1 sshd[20915]: Failed password for r.r from 154.83.13.119 port 16649 ssh2 Oct 7 20:39:42 web1 sshd[20915]: Received disconnect from 154.83.13.119: 11: Bye Bye [preauth] Oct 7 20:44:20 web1 sshd[21304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.13.119 user=r.r Oct 7 20:44:22 web1 sshd[21304]: Failed password for r.r from 154.83.13.119 port 58147 ssh2 Oct 7 20:44:22 web1 sshd[21304]: Received disconnect from 154.83.13.119: 1........ -------------------------------	2019-10-09 01:29:55
219.240.49.50	attackspambots	Apr 15 04:11:56 ubuntu sshd[23587]: Failed password for root from 219.240.49.50 port 37359 ssh2 Apr 15 04:12:03 ubuntu sshd[23587]: Failed password for root from 219.240.49.50 port 37359 ssh2 Apr 15 04:12:06 ubuntu sshd[23587]: Failed password for root from 219.240.49.50 port 37359 ssh2 Apr 15 04:12:08 ubuntu sshd[23587]: Failed password for root from 219.240.49.50 port 37359 ssh2 Apr 15 04:12:08 ubuntu sshd[23587]: error: maximum authentication attempts exceeded for root from 219.240.49.50 port 37359 ssh2 [preauth]	2019-10-09 01:48:25

最近上报的IP列表

223.72.63.86	106.122.170.246	31.15.62.35	49.167.49.164
19.129.159.208	187.123.179.25	206.80.154.51	24.217.215.105
62.34.196.245	186.226.227.213	81.26.247.132	78.188.229.67
190.83.62.179	180.180.43.146	128.28.33.170	76.223.187.152
135.83.191.180	59.180.44.27	210.62.213.139	52.84.236.54