42.51.194.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Nov 21 01:58:01 server sshd\[3484\]: Invalid user ngrc from 42.51.194.4 Nov 21 01:58:01 server sshd\[3484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 21 01:58:02 server sshd\[3484\]: Failed password for invalid user ngrc from 42.51.194.4 port 39830 ssh2 Nov 21 02:06:59 server sshd\[5946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root Nov 21 02:07:01 server sshd\[5946\]: Failed password for root from 42.51.194.4 port 38762 ssh2 ...	2019-11-21 07:38:27
attackspam	Nov 18 18:02:48 MK-Soft-VM8 sshd[3441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 18 18:02:50 MK-Soft-VM8 sshd[3441]: Failed password for invalid user webadmin from 42.51.194.4 port 53503 ssh2 ...	2019-11-19 01:06:58
attackbots	Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:30 fr01 sshd[4380]: Failed password for invalid user p@ssw0rd from 42.51.194.4 port 47203 ssh2 ...	2019-11-09 19:38:15
attack	Oct 23 01:43:16 server sshd\[29595\]: Invalid user long from 42.51.194.4 port 32908 Oct 23 01:43:16 server sshd\[29595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Oct 23 01:43:19 server sshd\[29595\]: Failed password for invalid user long from 42.51.194.4 port 32908 ssh2 Oct 23 01:47:59 server sshd\[2979\]: User root from 42.51.194.4 not allowed because listed in DenyUsers Oct 23 01:47:59 server sshd\[2979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root	2019-10-23 06:51:22
attackspambots	$f2bV_matches	2019-10-22 01:29:23

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.194.15	attackspam	Dec 5 17:40:18 reporting2 sshd[12581]: reveeclipse mapping checking getaddrinfo for idc.ly.ha [42.51.194.15] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 5 17:40:18 reporting2 sshd[12581]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 17:40:18 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:20 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:21 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:25 reporting2 sshd[12638]: .... truncated .... 539]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 18:22:17 reporting2 sshd[3539]........ -------------------------------	2019-12-06 19:10:30
42.51.194.35	attack	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-29 22:26:34
42.51.194.35	attackspam	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-23 15:01:44
42.51.194.35	attack	09/15/2019-19:22:10.539826 42.51.194.35 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-16 07:33:53
42.51.194.35	attackspam	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-15 22:07:14
42.51.194.55	attack	Sep 5 15:24:16 hostnameproxy sshd[26462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:18 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:20 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:23 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:26 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:28 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:32 hostnameproxy sshd[26466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:34 hostnameproxy sshd[26466]: Failed password for r.r from 42.51.194.55 port 3584 ssh2 Sep 5 15:24:36 hostnameproxy sshd[26466]: Failed password for r.r from 42.51........ ------------------------------	2019-09-06 11:35:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.194.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10529
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.194.4.			IN	A

;; AUTHORITY SECTION:
.			343	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102100 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 01:29:20 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

4.194.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.194.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
95.156.150.74	attack	Automatic report - Port Scan Attack	2020-05-03 02:46:06
222.240.92.224	attack	May 2 13:49:05 roki-contabo sshd\[21676\]: Invalid user testuser1 from 222.240.92.224 May 2 13:49:05 roki-contabo sshd\[21676\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.240.92.224 May 2 13:49:07 roki-contabo sshd\[21676\]: Failed password for invalid user testuser1 from 222.240.92.224 port 12295 ssh2 May 2 14:08:03 roki-contabo sshd\[22072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.240.92.224 user=root May 2 14:08:05 roki-contabo sshd\[22072\]: Failed password for root from 222.240.92.224 port 14404 ssh2 ...	2020-05-03 02:56:04
185.186.247.35	attack	$f2bV_matches	2020-05-03 02:25:28
198.199.73.239	attackbotsspam	May 2 19:53:38 markkoudstaal sshd[15944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.73.239 May 2 19:53:40 markkoudstaal sshd[15944]: Failed password for invalid user bobo from 198.199.73.239 port 57050 ssh2 May 2 19:58:23 markkoudstaal sshd[16824]: Failed password for root from 198.199.73.239 port 34899 ssh2	2020-05-03 02:14:39
139.59.215.241	attackspambots	Automatically reported by fail2ban report script (mx1)	2020-05-03 02:57:09
120.92.111.13	attackbots	May 2 15:11:19 vpn01 sshd[2321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.111.13 May 2 15:11:21 vpn01 sshd[2321]: Failed password for invalid user italo from 120.92.111.13 port 16022 ssh2 ...	2020-05-03 02:49:16
185.220.101.7	attackspam	CMS (WordPress or Joomla) login attempt.	2020-05-03 02:13:52
51.158.28.134	attack	[01/May/2020:12:34:27 -0400] "GET / HTTP/1.1" Blank UA	2020-05-03 02:39:09
222.186.175.216	attackbots	May 2 20:52:47 vpn01 sshd[9869]: Failed password for root from 222.186.175.216 port 23656 ssh2 May 2 20:52:50 vpn01 sshd[9869]: Failed password for root from 222.186.175.216 port 23656 ssh2 ...	2020-05-03 02:53:39
66.240.236.119	attackspambots	Unauthorized connection attempt detected from IP address 66.240.236.119 to port 8008	2020-05-03 02:24:13
148.235.137.212	attackspambots	SSH invalid-user multiple login attempts	2020-05-03 02:52:48
139.59.65.8	attackbots	139.59.65.8 - - [02/May/2020:14:08:14 +0200] "GET /wp-login.php HTTP/1.1" 200 6124 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.65.8 - - [02/May/2020:14:08:20 +0200] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.65.8 - - [02/May/2020:14:08:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-03 02:45:41
46.148.38.46	attackbotsspam	[01/May/2020:15:34:32 -0400] "GET / HTTP/1.1" Chrome 51.0 UA	2020-05-03 02:57:42
218.92.0.168	attack	May 2 14:35:10 NPSTNNYC01T sshd[15166]: Failed password for root from 218.92.0.168 port 7095 ssh2 May 2 14:35:25 NPSTNNYC01T sshd[15166]: Failed password for root from 218.92.0.168 port 7095 ssh2 May 2 14:35:25 NPSTNNYC01T sshd[15166]: error: maximum authentication attempts exceeded for root from 218.92.0.168 port 7095 ssh2 [preauth] ...	2020-05-03 02:38:51
111.93.168.150	attackspambots	Repeated RDP login failures. Last user: ks	2020-05-03 02:23:24

最近上报的IP列表

8.23.35.201	183.166.59.149	178.164.245.151	82.31.74.17
79.17.58.116	115.182.62.224	71.192.13.137	27.145.88.192
187.2.17.180	76.38.227.87	132.232.66.60	25.46.182.185
18.144.156.248	102.118.31.23	214.190.230.216	122.117.68.151
228.28.14.24	160.67.88.193	58.70.155.214	114.32.8.15