42.51.194.4 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Nov 21 01:58:01 server sshd\[3484\]: Invalid user ngrc from 42.51.194.4 Nov 21 01:58:01 server sshd\[3484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 21 01:58:02 server sshd\[3484\]: Failed password for invalid user ngrc from 42.51.194.4 port 39830 ssh2 Nov 21 02:06:59 server sshd\[5946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root Nov 21 02:07:01 server sshd\[5946\]: Failed password for root from 42.51.194.4 port 38762 ssh2 ...	2019-11-21 07:38:27
attackspam	Nov 18 18:02:48 MK-Soft-VM8 sshd[3441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 18 18:02:50 MK-Soft-VM8 sshd[3441]: Failed password for invalid user webadmin from 42.51.194.4 port 53503 ssh2 ...	2019-11-19 01:06:58
attackbots	Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Nov 9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4 Nov 9 10:22:30 fr01 sshd[4380]: Failed password for invalid user p@ssw0rd from 42.51.194.4 port 47203 ssh2 ...	2019-11-09 19:38:15
attack	Oct 23 01:43:16 server sshd\[29595\]: Invalid user long from 42.51.194.4 port 32908 Oct 23 01:43:16 server sshd\[29595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 Oct 23 01:43:19 server sshd\[29595\]: Failed password for invalid user long from 42.51.194.4 port 32908 ssh2 Oct 23 01:47:59 server sshd\[2979\]: User root from 42.51.194.4 not allowed because listed in DenyUsers Oct 23 01:47:59 server sshd\[2979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 user=root	2019-10-23 06:51:22
attackspambots	$f2bV_matches	2019-10-22 01:29:23

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.194.15	attackspam	Dec 5 17:40:18 reporting2 sshd[12581]: reveeclipse mapping checking getaddrinfo for idc.ly.ha [42.51.194.15] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 5 17:40:18 reporting2 sshd[12581]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 17:40:18 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:20 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:21 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2 Dec 5 17:40:25 reporting2 sshd[12638]: .... truncated .... 539]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers Dec 5 18:22:17 reporting2 sshd[3539]........ -------------------------------	2019-12-06 19:10:30
42.51.194.35	attack	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-29 22:26:34
42.51.194.35	attackspam	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-23 15:01:44
42.51.194.35	attack	09/15/2019-19:22:10.539826 42.51.194.35 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-16 07:33:53
42.51.194.35	attackspam	Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)	2019-09-15 22:07:14
42.51.194.55	attack	Sep 5 15:24:16 hostnameproxy sshd[26462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:18 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:20 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:23 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:26 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:28 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2 Sep 5 15:24:32 hostnameproxy sshd[26466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55 user=r.r Sep 5 15:24:34 hostnameproxy sshd[26466]: Failed password for r.r from 42.51.194.55 port 3584 ssh2 Sep 5 15:24:36 hostnameproxy sshd[26466]: Failed password for r.r from 42.51........ ------------------------------	2019-09-06 11:35:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.194.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10529
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.194.4.			IN	A

;; AUTHORITY SECTION:
.			343	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102100 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 01:29:20 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

4.194.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.194.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
93.29.187.145	attack	Feb 20 10:21:37 areeb-Workstation sshd[6738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.29.187.145 Feb 20 10:21:38 areeb-Workstation sshd[6738]: Failed password for invalid user git from 93.29.187.145 port 55084 ssh2 ...	2020-02-20 18:20:11
128.199.204.164	attackbotsspam	Feb 20 07:48:37 server sshd\[19733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.204.164 user=nagios Feb 20 07:48:39 server sshd\[19733\]: Failed password for nagios from 128.199.204.164 port 57360 ssh2 Feb 20 07:57:54 server sshd\[21717\]: Invalid user support from 128.199.204.164 Feb 20 07:57:54 server sshd\[21717\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.204.164 Feb 20 07:57:55 server sshd\[21717\]: Failed password for invalid user support from 128.199.204.164 port 42258 ssh2 ...	2020-02-20 18:52:18
191.186.238.81	attackspambots	Honeypot attack, port: 81, PTR: bfbaee51.virtua.com.br.	2020-02-20 18:50:09
124.118.129.5	attack	Feb 19 22:44:18 hanapaa sshd\[8791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.118.129.5 user=bin Feb 19 22:44:20 hanapaa sshd\[8791\]: Failed password for bin from 124.118.129.5 port 42074 ssh2 Feb 19 22:48:05 hanapaa sshd\[9151\]: Invalid user dingwei from 124.118.129.5 Feb 19 22:48:05 hanapaa sshd\[9151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.118.129.5 Feb 19 22:48:07 hanapaa sshd\[9151\]: Failed password for invalid user dingwei from 124.118.129.5 port 33296 ssh2	2020-02-20 18:48:04
195.54.166.33	attack	firewall-block, port(s): 3308/tcp, 3310/tcp, 3313/tcp, 3328/tcp	2020-02-20 18:44:48
14.234.205.144	attackspambots	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-02-20 18:26:54
49.235.221.86	attackbots	Invalid user ubuntu from 49.235.221.86 port 45176	2020-02-20 18:15:34
188.251.26.126	attackspam	Feb 20 10:29:12 ns381471 sshd[28213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.251.26.126 Feb 20 10:29:14 ns381471 sshd[28213]: Failed password for invalid user tom from 188.251.26.126 port 64383 ssh2	2020-02-20 18:48:30
118.71.97.96	attackbots	Honeypot attack, port: 445, PTR: ip-address-pool-xxx.fpt.vn.	2020-02-20 18:38:00
3.82.218.170	attack	$f2bV_matches	2020-02-20 18:36:34
80.82.78.100	attackbots	80.82.78.100 was recorded 22 times by 12 hosts attempting to connect to the following ports: 41092,41022,48899. Incident counter (4h, 24h, all-time): 22, 130, 19124	2020-02-20 18:38:30
157.230.231.114	attackbotsspam	Feb 20 11:37:32 MK-Soft-VM5 sshd[3897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.231.114 Feb 20 11:37:33 MK-Soft-VM5 sshd[3897]: Failed password for invalid user Michelle from 157.230.231.114 port 59676 ssh2 ...	2020-02-20 18:40:49
61.255.86.82	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-20 18:16:36
121.46.26.126	attack	Invalid user nagios from 121.46.26.126 port 56008	2020-02-20 18:35:39
80.252.146.210	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-20 18:43:34

最近上报的IP列表

8.23.35.201	183.166.59.149	178.164.245.151	82.31.74.17
79.17.58.116	115.182.62.224	71.192.13.137	27.145.88.192
187.2.17.180	76.38.227.87	132.232.66.60	25.46.182.185
18.144.156.248	102.118.31.23	214.190.230.216	122.117.68.151
228.28.14.24	160.67.88.193	58.70.155.214	114.32.8.15