42.51.28.203 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	ECShop Remote Code Execution Vulnerability	2020-06-03 03:51:05
attackbots	Unauthorized connection attempt detected from IP address 42.51.28.203 to port 80	2020-05-31 02:43:05

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.28.182	attackspambots	Web Server Attack	2020-04-07 23:08:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.28.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 484
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.28.203.			IN	A

;; AUTHORITY SECTION:
.			586	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020053000 1800 900 604800 86400

;; Query time: 148 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 31 02:43:02 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

203.28.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
203.28.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
104.131.224.81	attack	$f2bV_matches	2019-12-19 01:06:16
40.92.255.69	attack	Dec 18 17:35:46 debian-2gb-vpn-nbg1-1 kernel: [1058110.610760] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.255.69 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=46291 DF PROTO=TCP SPT=51568 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-19 00:57:18
43.240.125.198	attack	Dec 18 23:24:49 webhost01 sshd[26497]: Failed password for root from 43.240.125.198 port 45702 ssh2 ...	2019-12-19 00:37:29
171.244.51.114	attackbotsspam	Dec 18 06:36:57 php1 sshd\[2751\]: Invalid user placrim from 171.244.51.114 Dec 18 06:36:57 php1 sshd\[2751\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.51.114 Dec 18 06:36:59 php1 sshd\[2751\]: Failed password for invalid user placrim from 171.244.51.114 port 42988 ssh2 Dec 18 06:44:02 php1 sshd\[3775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.51.114 user=root Dec 18 06:44:04 php1 sshd\[3775\]: Failed password for root from 171.244.51.114 port 49228 ssh2	2019-12-19 00:46:14
62.210.10.244	attackbots	62.210.10.244 was recorded 11 times by 11 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 11, 25, 582	2019-12-19 00:46:32
201.76.28.26	attackbotsspam	RDPBruteCAu	2019-12-19 01:07:08
190.175.37.221	attackspam	" "	2019-12-19 01:05:44
159.203.69.48	attackspambots	2019-12-18T16:59:17.602163 sshd[9697]: Invalid user qhsupport from 159.203.69.48 port 41232 2019-12-18T16:59:17.617281 sshd[9697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.69.48 2019-12-18T16:59:17.602163 sshd[9697]: Invalid user qhsupport from 159.203.69.48 port 41232 2019-12-18T16:59:19.822014 sshd[9697]: Failed password for invalid user qhsupport from 159.203.69.48 port 41232 ssh2 2019-12-18T17:04:27.992915 sshd[9863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.69.48 user=mysql 2019-12-18T17:04:30.423581 sshd[9863]: Failed password for mysql from 159.203.69.48 port 49708 ssh2 ...	2019-12-19 00:39:43
158.69.110.31	attackbots	Dec 18 16:44:29 pi sshd\[14857\]: Failed password for invalid user andy from 158.69.110.31 port 38064 ssh2 Dec 18 16:50:06 pi sshd\[15208\]: Invalid user brandolese from 158.69.110.31 port 48122 Dec 18 16:50:06 pi sshd\[15208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.110.31 Dec 18 16:50:07 pi sshd\[15208\]: Failed password for invalid user brandolese from 158.69.110.31 port 48122 ssh2 Dec 18 16:55:40 pi sshd\[15539\]: Invalid user jp from 158.69.110.31 port 57576 ...	2019-12-19 00:59:39
104.248.237.238	attack	Dec 18 17:38:51 srv206 sshd[6291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.237.238 user=root Dec 18 17:38:54 srv206 sshd[6291]: Failed password for root from 104.248.237.238 port 45044 ssh2 Dec 18 17:50:35 srv206 sshd[6440]: Invalid user network1 from 104.248.237.238 ...	2019-12-19 01:06:36
72.94.181.219	attack	2019-12-18T16:28:09.407766shield sshd\[32066\]: Invalid user maunu from 72.94.181.219 port 5965 2019-12-18T16:28:09.412241shield sshd\[32066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-72-94-181-219.phlapa.fios.verizon.net 2019-12-18T16:28:11.061506shield sshd\[32066\]: Failed password for invalid user maunu from 72.94.181.219 port 5965 ssh2 2019-12-18T16:35:01.471900shield sshd\[1399\]: Invalid user hirshman from 72.94.181.219 port 5969 2019-12-18T16:35:01.476214shield sshd\[1399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-72-94-181-219.phlapa.fios.verizon.net	2019-12-19 00:49:24
137.59.0.6	attackbotsspam	Dec 18 17:48:04 localhost sshd\[3410\]: Invalid user nfs from 137.59.0.6 Dec 18 17:48:04 localhost sshd\[3410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.59.0.6 Dec 18 17:48:06 localhost sshd\[3410\]: Failed password for invalid user nfs from 137.59.0.6 port 55023 ssh2 Dec 18 17:55:05 localhost sshd\[3848\]: Invalid user squid from 137.59.0.6 Dec 18 17:55:05 localhost sshd\[3848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.59.0.6 ...	2019-12-19 01:00:23
54.234.177.32	attack	Dec 16 07:17:36 server6 sshd[14130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-54-234-177-32.compute-1.amazonaws.com Dec 16 07:17:37 server6 sshd[14130]: Failed password for invalid user loren from 54.234.177.32 port 37876 ssh2 Dec 16 07:17:38 server6 sshd[14130]: Received disconnect from 54.234.177.32: 11: Bye Bye [preauth] Dec 16 07:27:35 server6 sshd[24389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-54-234-177-32.compute-1.amazonaws.com Dec 16 07:27:37 server6 sshd[24389]: Failed password for invalid user test from 54.234.177.32 port 51940 ssh2 Dec 16 07:27:37 server6 sshd[24389]: Received disconnect from 54.234.177.32: 11: Bye Bye [preauth] Dec 16 07:32:55 server6 sshd[29761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-54-234-177-32.compute-1.amazonaws.com user=r.r Dec 16 07:32:56 server6 sshd[29761]: Failed password f........ -------------------------------	2019-12-19 00:49:47
116.196.85.166	attackbots	Dec 18 16:47:19 lnxweb62 sshd[31431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.85.166	2019-12-19 00:40:13
188.165.255.8	attackbotsspam	Dec 18 10:27:49 Tower sshd[37748]: Connection from 188.165.255.8 port 42146 on 192.168.10.220 port 22 Dec 18 10:27:49 Tower sshd[37748]: Invalid user wyrsch from 188.165.255.8 port 42146 Dec 18 10:27:49 Tower sshd[37748]: error: Could not get shadow information for NOUSER Dec 18 10:27:49 Tower sshd[37748]: Failed password for invalid user wyrsch from 188.165.255.8 port 42146 ssh2 Dec 18 10:27:50 Tower sshd[37748]: Received disconnect from 188.165.255.8 port 42146:11: Bye Bye [preauth] Dec 18 10:27:50 Tower sshd[37748]: Disconnected from invalid user wyrsch 188.165.255.8 port 42146 [preauth]	2019-12-19 00:36:12

最近上报的IP列表

73.191.197.198	186.212.229.151	196.44.140.214	121.236.1.156
186.116.130.178	151.36.241.128	186.114.232.223	185.193.177.11
183.157.175.28	183.157.173.244	183.157.166.244	183.157.165.208
183.60.189.104	182.176.91.142	179.113.43.159	179.110.179.171
99.214.213.57	179.93.195.50	177.10.146.238	234.191.99.57