必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
Sep  5 15:24:16 hostnameproxy sshd[26462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55  user=r.r
Sep  5 15:24:18 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2
Sep  5 15:24:20 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2
Sep  5 15:24:23 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2
Sep  5 15:24:26 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2
Sep  5 15:24:28 hostnameproxy sshd[26462]: Failed password for r.r from 42.51.194.55 port 1428 ssh2
Sep  5 15:24:32 hostnameproxy sshd[26466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.55  user=r.r
Sep  5 15:24:34 hostnameproxy sshd[26466]: Failed password for r.r from 42.51.194.55 port 3584 ssh2
Sep  5 15:24:36 hostnameproxy sshd[26466]: Failed password for r.r from 42.51........
------------------------------
2019-09-06 11:35:10
相同子网IP讨论:
IP 类型 评论内容 时间
42.51.194.15 attackspam
Dec  5 17:40:18 reporting2 sshd[12581]: reveeclipse mapping checking getaddrinfo for idc.ly.ha [42.51.194.15] failed - POSSIBLE BREAK-IN ATTEMPT!
Dec  5 17:40:18 reporting2 sshd[12581]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers
Dec  5 17:40:18 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2
Dec  5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2
Dec  5 17:40:19 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2
Dec  5 17:40:20 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2
Dec  5 17:40:21 reporting2 sshd[12581]: Failed password for invalid user r.r from 42.51.194.15 port 1244 ssh2
Dec  5 17:40:25 reporting2 sshd[12638]:
.... truncated .... 
539]: User r.r from 42.51.194.15 not allowed because not listed in AllowUsers
Dec  5 18:22:17 reporting2 sshd[3539]........
-------------------------------
2019-12-06 19:10:30
42.51.194.4 attackbotsspam
Nov 21 01:58:01 server sshd\[3484\]: Invalid user ngrc from 42.51.194.4
Nov 21 01:58:01 server sshd\[3484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 
Nov 21 01:58:02 server sshd\[3484\]: Failed password for invalid user ngrc from 42.51.194.4 port 39830 ssh2
Nov 21 02:06:59 server sshd\[5946\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4  user=root
Nov 21 02:07:01 server sshd\[5946\]: Failed password for root from 42.51.194.4 port 38762 ssh2
...
2019-11-21 07:38:27
42.51.194.4 attackspam
Nov 18 18:02:48 MK-Soft-VM8 sshd[3441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4 
Nov 18 18:02:50 MK-Soft-VM8 sshd[3441]: Failed password for invalid user webadmin from 42.51.194.4 port 53503 ssh2
...
2019-11-19 01:06:58
42.51.194.4 attackbots
Nov  9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4
Nov  9 10:22:29 fr01 sshd[4380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4
Nov  9 10:22:29 fr01 sshd[4380]: Invalid user p@ssw0rd from 42.51.194.4
Nov  9 10:22:30 fr01 sshd[4380]: Failed password for invalid user p@ssw0rd from 42.51.194.4 port 47203 ssh2
...
2019-11-09 19:38:15
42.51.194.4 attack
Oct 23 01:43:16 server sshd\[29595\]: Invalid user long from 42.51.194.4 port 32908
Oct 23 01:43:16 server sshd\[29595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4
Oct 23 01:43:19 server sshd\[29595\]: Failed password for invalid user long from 42.51.194.4 port 32908 ssh2
Oct 23 01:47:59 server sshd\[2979\]: User root from 42.51.194.4 not allowed because listed in DenyUsers
Oct 23 01:47:59 server sshd\[2979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.194.4  user=root
2019-10-23 06:51:22
42.51.194.4 attackspambots
$f2bV_matches
2019-10-22 01:29:23
42.51.194.35 attack
Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)
2019-09-29 22:26:34
42.51.194.35 attackspam
Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)
2019-09-23 15:01:44
42.51.194.35 attack
09/15/2019-19:22:10.539826 42.51.194.35 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306
2019-09-16 07:33:53
42.51.194.35 attackspam
Unauthorized connection attempt from IP address 42.51.194.35 on Port 3306(MYSQL)
2019-09-15 22:07:14
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.194.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24994
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.194.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 06 11:35:03 CST 2019
;; MSG SIZE  rcvd: 116
HOST信息:
55.194.51.42.in-addr.arpa domain name pointer idc.ly.ha.
NSLOOKUP信息:
;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
55.194.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
222.99.84.121 attackbotsspam
SSH Brute-Forcing (server2)
2020-04-19 21:10:23
152.136.46.203 attackspam
Apr 19 14:33:04 odroid64 sshd\[14407\]: Invalid user ua from 152.136.46.203
Apr 19 14:33:04 odroid64 sshd\[14407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.46.203
...
2020-04-19 20:58:25
222.89.92.196 attackspam
Apr 19 14:05:16 vpn01 sshd[28988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.89.92.196
Apr 19 14:05:19 vpn01 sshd[28988]: Failed password for invalid user admin from 222.89.92.196 port 10350 ssh2
...
2020-04-19 20:47:13
189.26.149.28 attackbotsspam
Unauthorised access (Apr 19) SRC=189.26.149.28 LEN=44 TTL=50 ID=9034 TCP DPT=23 WINDOW=47463 SYN
2020-04-19 20:37:52
142.93.235.47 attackspam
Triggered by Fail2Ban at Ares web server
2020-04-19 21:01:01
134.175.68.129 attackbots
Apr 19 13:57:34 vserver sshd\[12268\]: Invalid user qd from 134.175.68.129Apr 19 13:57:36 vserver sshd\[12268\]: Failed password for invalid user qd from 134.175.68.129 port 33228 ssh2Apr 19 14:05:08 vserver sshd\[12381\]: Invalid user br from 134.175.68.129Apr 19 14:05:11 vserver sshd\[12381\]: Failed password for invalid user br from 134.175.68.129 port 40404 ssh2
...
2020-04-19 20:53:41
201.76.184.110 attackspam
" "
2020-04-19 20:41:22
87.110.181.30 attackspambots
Apr 19 14:00:39 server sshd[29714]: Failed password for root from 87.110.181.30 port 51172 ssh2
Apr 19 14:05:12 server sshd[30934]: User postgres from 87.110.181.30 not allowed because not listed in AllowUsers
Apr 19 14:05:14 server sshd[30934]: Failed password for invalid user postgres from 87.110.181.30 port 43502 ssh2
2020-04-19 20:51:18
222.186.31.83 attackbots
Apr 19 14:45:41 vpn01 sshd[30035]: Failed password for root from 222.186.31.83 port 49475 ssh2
...
2020-04-19 20:57:06
51.161.8.70 attack
Apr 19 14:18:29 OPSO sshd\[21104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.161.8.70  user=root
Apr 19 14:18:31 OPSO sshd\[21104\]: Failed password for root from 51.161.8.70 port 53846 ssh2
Apr 19 14:22:53 OPSO sshd\[21897\]: Invalid user ah from 51.161.8.70 port 40974
Apr 19 14:22:53 OPSO sshd\[21897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.161.8.70
Apr 19 14:22:55 OPSO sshd\[21897\]: Failed password for invalid user ah from 51.161.8.70 port 40974 ssh2
2020-04-19 20:38:25
222.186.175.23 attack
Apr 19 08:50:14 plusreed sshd[12549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23  user=root
Apr 19 08:50:17 plusreed sshd[12549]: Failed password for root from 222.186.175.23 port 51131 ssh2
...
2020-04-19 20:55:15
183.162.144.93 attackspambots
(smtpauth) Failed SMTP AUTH login from 183.162.144.93 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-19 16:34:52 login authenticator failed for (nAYmryL) [183.162.144.93]: 535 Incorrect authentication data (set_id=info)
2020-04-19 21:12:05
106.13.26.67 attack
IP blocked
2020-04-19 20:46:33
5.77.6.203 attack
Port probing on unauthorized port 445
2020-04-19 20:46:49
107.180.92.3 attackspam
Apr 19 15:05:12 sso sshd[31625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.180.92.3
Apr 19 15:05:13 sso sshd[31625]: Failed password for invalid user admin from 107.180.92.3 port 61197 ssh2
...
2020-04-19 21:10:44

最近上报的IP列表

97.240.59.31 91.221.221.21 37.238.26.23 152.246.36.1
11.84.138.115 159.203.203.64 119.76.149.189 88.0.80.224
223.85.57.70 176.228.202.123 141.98.81.253 163.231.59.210
109.247.156.243 220.149.54.241 133.177.178.52 1.27.47.108
51.79.73.206 219.203.169.118 142.219.233.24 92.131.135.18