42.51.195.214 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SASL broute force	2019-07-22 11:29:35

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.195.216	attackspambots	DATE:2020-03-19 22:52:12, IP:42.51.195.216, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-03-20 07:52:28
42.51.195.216	attack	DATE:2020-02-28 14:28:25, IP:42.51.195.216, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-29 03:02:16
42.51.195.205	attackbots	account brute force by foreign IP	2019-08-06 11:18:44
42.51.195.155	attackspambots	Unauthorised access (Aug 4) SRC=42.51.195.155 LEN=40 TTL=110 ID=256 TCP DPT=3306 WINDOW=16384 SYN	2019-08-04 23:52:11
42.51.195.204	attackbots	postfix-failedauth jail [dl]	2019-08-04 03:06:06
42.51.195.155	attackspambots	:	2019-07-26 20:20:31
42.51.195.155	attack	CloudCIX Reconnaissance Scan Detected, PTR: idc.ly.ha.	2019-07-26 15:10:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.195.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32156
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.195.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 22 11:29:27 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

214.195.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
214.195.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
94.191.40.166	attack	Dec 4 12:11:56 vtv3 sshd[14748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.40.166 Dec 4 12:11:59 vtv3 sshd[14748]: Failed password for invalid user ming from 94.191.40.166 port 39672 ssh2 Dec 4 12:18:10 vtv3 sshd[17630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.40.166 Dec 4 12:31:42 vtv3 sshd[23944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.40.166 Dec 4 12:31:44 vtv3 sshd[23944]: Failed password for invalid user wedgworth from 94.191.40.166 port 46978 ssh2 Dec 4 12:38:20 vtv3 sshd[27264]: Failed password for root from 94.191.40.166 port 49412 ssh2 Dec 4 12:50:52 vtv3 sshd[1214]: Failed password for root from 94.191.40.166 port 54278 ssh2 Dec 4 12:57:07 vtv3 sshd[4111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.40.166 Dec 4 12:57:09 vtv3 sshd[4111]: Failed password for invalid user guest	2019-12-04 21:42:24
37.32.42.184	attackspambots	Telnet/23 MH Probe, BF, Hack -	2019-12-04 21:40:59
218.92.0.135	attack	Dec 4 14:29:27 legacy sshd[23303]: Failed password for root from 218.92.0.135 port 45091 ssh2 Dec 4 14:29:39 legacy sshd[23303]: error: maximum authentication attempts exceeded for root from 218.92.0.135 port 45091 ssh2 [preauth] Dec 4 14:29:47 legacy sshd[23309]: Failed password for root from 218.92.0.135 port 10467 ssh2 ...	2019-12-04 21:41:28
190.96.49.189	attackspam	Dec 4 03:39:31 web1 sshd\[10072\]: Invalid user test from 190.96.49.189 Dec 4 03:39:31 web1 sshd\[10072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.96.49.189 Dec 4 03:39:34 web1 sshd\[10072\]: Failed password for invalid user test from 190.96.49.189 port 52044 ssh2 Dec 4 03:46:55 web1 sshd\[10822\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.96.49.189 user=root Dec 4 03:46:58 web1 sshd\[10822\]: Failed password for root from 190.96.49.189 port 60388 ssh2	2019-12-04 21:47:47
61.175.134.190	attackbotsspam	2019-12-04T11:55:59.949527abusebot-4.cloudsearch.cf sshd\[3406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.175.134.190 user=root	2019-12-04 22:16:28
124.156.218.80	attackbots	Dec 4 15:05:38 localhost sshd\[12193\]: Invalid user server from 124.156.218.80 port 46460 Dec 4 15:05:38 localhost sshd\[12193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.218.80 Dec 4 15:05:40 localhost sshd\[12193\]: Failed password for invalid user server from 124.156.218.80 port 46460 ssh2	2019-12-04 22:15:47
101.78.209.39	attackbotsspam	Dec 4 02:08:18 auw2 sshd\[399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.209.39 user=daemon Dec 4 02:08:21 auw2 sshd\[399\]: Failed password for daemon from 101.78.209.39 port 52358 ssh2 Dec 4 02:14:35 auw2 sshd\[1230\]: Invalid user brunell from 101.78.209.39 Dec 4 02:14:35 auw2 sshd\[1230\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.78.209.39 Dec 4 02:14:37 auw2 sshd\[1230\]: Failed password for invalid user brunell from 101.78.209.39 port 57628 ssh2	2019-12-04 22:04:04
218.92.0.176	attackspam	$f2bV_matches	2019-12-04 22:08:31
61.183.35.44	attackbotsspam	2019-12-04T12:32:35.554940abusebot-5.cloudsearch.cf sshd\[26986\]: Invalid user robert from 61.183.35.44 port 33813	2019-12-04 22:16:13
51.75.70.30	attackspambots	Dec 4 14:25:53 cvbnet sshd[13224]: Failed password for root from 51.75.70.30 port 45768 ssh2 ...	2019-12-04 21:53:55
185.112.149.220	attackbots	Telnet/23 MH Probe, BF, Hack -	2019-12-04 22:14:47
186.227.139.11	attack	Telnet/23 MH Probe, BF, Hack -	2019-12-04 22:08:49
129.204.79.131	attack	Dec 4 12:53:28 ns381471 sshd[1795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.79.131 Dec 4 12:53:30 ns381471 sshd[1795]: Failed password for invalid user khosrovi from 129.204.79.131 port 45336 ssh2	2019-12-04 21:46:53
78.27.198.108	attackspam	Port scan on 4 port(s): 2375 2376 2377 4243	2019-12-04 21:53:26
106.13.138.3	attack	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2019-12-04 22:21:04

最近上报的IP列表

5.202.93.155	41.41.14.210	185.171.233.141	131.221.185.114
114.47.168.140	95.38.79.52	103.92.153.69	177.130.9.212
156.197.180.218	204.216.66.36	122.176.95.125	102.206.105.80
80.245.201.221	180.202.26.11	186.41.88.29	85.96.192.156
201.136.64.20	201.250.159.208	112.220.245.150	133.14.241.7