42.51.34.155 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Henan Telcom Union Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	C2,WP GET /wp-login.php	2020-07-13 20:04:57
attackbots	C1,WP GET /wp-login.php	2019-08-31 12:22:24

相同子网IP讨论:

IP	类型	评论内容	时间
42.51.34.202	attack	URL Probing: /wp-login.php	2020-08-18 23:24:45
42.51.34.174	attack	baned by mod_evasive	2020-07-20 06:28:34
42.51.34.250	attackspambots	ET SCAN MS Terminal Server Traffic on Non-standard Port - port: 1000 proto: TCP cat: Attempted Information Leak	2019-12-11 06:56:51
42.51.34.202	attackbots	Attempt to run wp-login.php	2019-10-23 07:52:55
42.51.34.174	attackspambots	/wp-login.php	2019-08-14 02:38:17
42.51.34.202	attack	C2,WP GET /wp-login.php	2019-07-29 19:13:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.51.34.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11978
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.51.34.155.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083001 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 31 12:22:18 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

155.34.51.42.in-addr.arpa domain name pointer idc.ly.ha.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
155.34.51.42.in-addr.arpa	name = idc.ly.ha.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
49.88.112.54	attack	Jul 16 06:58:42 hgb10502 sshd[4116]: User r.r from 49.88.112.54 not allowed because not listed in AllowUsers Jul 16 06:58:44 hgb10502 sshd[4116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.54 user=r.r Jul 16 06:58:46 hgb10502 sshd[4116]: Failed password for invalid user r.r from 49.88.112.54 port 9788 ssh2 Jul 16 06:58:51 hgb10502 sshd[4116]: Failed password for invalid user r.r from 49.88.112.54 port 9788 ssh2 Jul 16 06:59:13 hgb10502 sshd[4116]: Failed password for invalid user r.r from 49.88.112.54 port 9788 ssh2 Jul 16 06:59:13 hgb10502 sshd[4116]: Received disconnect from 49.88.112.54 port 9788:11: [preauth] Jul 16 06:59:13 hgb10502 sshd[4116]: Disconnected from 49.88.112.54 port 9788 [preauth] Jul 16 06:59:13 hgb10502 sshd[4116]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.54 user=r.r Jul 16 06:59:14 hgb10502 sshd[4166]: Received disconnect from 49.88.112.54 port........ -------------------------------	2019-07-20 18:48:00
178.219.122.160	attackspam	port scan and connect, tcp 23 (telnet)	2019-07-20 19:13:31
107.170.234.57	attack	Jul 20 05:02:55 Tower sshd[33835]: Connection from 107.170.234.57 port 52940 on 192.168.10.220 port 22 Jul 20 05:02:59 Tower sshd[33835]: Invalid user ashton from 107.170.234.57 port 52940 Jul 20 05:02:59 Tower sshd[33835]: error: Could not get shadow information for NOUSER Jul 20 05:02:59 Tower sshd[33835]: Failed password for invalid user ashton from 107.170.234.57 port 52940 ssh2 Jul 20 05:02:59 Tower sshd[33835]: Received disconnect from 107.170.234.57 port 52940:11: Bye Bye [preauth] Jul 20 05:02:59 Tower sshd[33835]: Disconnected from invalid user ashton 107.170.234.57 port 52940 [preauth]	2019-07-20 18:52:11
35.243.106.213	attack	xmlrpc attack	2019-07-20 19:17:05
62.36.4.72	attackbotsspam	Automatic report - Port Scan Attack	2019-07-20 19:04:09
138.197.102.225	attackbots	Wordpress attack	2019-07-20 18:57:19
200.33.94.231	attackbotsspam	failed_logins	2019-07-20 19:17:25
218.92.0.194	attackspam	2019-07-20T10:09:18.439623abusebot-4.cloudsearch.cf sshd\[18581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.194 user=root	2019-07-20 19:16:31
217.30.75.78	attack	Jul 20 13:41:00 microserver sshd[25794]: Invalid user sentry from 217.30.75.78 port 42158 Jul 20 13:41:00 microserver sshd[25794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.30.75.78 Jul 20 13:41:02 microserver sshd[25794]: Failed password for invalid user sentry from 217.30.75.78 port 42158 ssh2 Jul 20 13:49:24 microserver sshd[26631]: Invalid user trac from 217.30.75.78 port 33618 Jul 20 13:49:24 microserver sshd[26631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.30.75.78 Jul 20 14:02:38 microserver sshd[28518]: Invalid user riley from 217.30.75.78 port 59144 Jul 20 14:02:38 microserver sshd[28518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.30.75.78 Jul 20 14:02:41 microserver sshd[28518]: Failed password for invalid user riley from 217.30.75.78 port 59144 ssh2 Jul 20 14:07:04 microserver sshd[29150]: Invalid user starbound from 217.30.75.78 port 58233 Jul 20 14	2019-07-20 19:30:39
37.187.248.39	attackbots	Jul 20 10:47:19 ip-172-31-1-72 sshd\[9100\]: Invalid user b from 37.187.248.39 Jul 20 10:47:19 ip-172-31-1-72 sshd\[9100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.248.39 Jul 20 10:47:21 ip-172-31-1-72 sshd\[9100\]: Failed password for invalid user b from 37.187.248.39 port 44978 ssh2 Jul 20 10:51:46 ip-172-31-1-72 sshd\[9161\]: Invalid user bnc from 37.187.248.39 Jul 20 10:51:46 ip-172-31-1-72 sshd\[9161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.248.39	2019-07-20 19:26:05
103.219.61.3	attackspambots	2019-07-20T12:19:32.708266lon01.zurich-datacenter.net sshd\[16484\]: Invalid user vel from 103.219.61.3 port 56354 2019-07-20T12:19:32.714130lon01.zurich-datacenter.net sshd\[16484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.219.61.3 2019-07-20T12:19:34.918966lon01.zurich-datacenter.net sshd\[16484\]: Failed password for invalid user vel from 103.219.61.3 port 56354 ssh2 2019-07-20T12:26:05.538777lon01.zurich-datacenter.net sshd\[16611\]: Invalid user admin from 103.219.61.3 port 50974 2019-07-20T12:26:05.544841lon01.zurich-datacenter.net sshd\[16611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.219.61.3 ...	2019-07-20 19:07:32
179.113.122.215	attackbotsspam	Automatic report - Port Scan Attack	2019-07-20 19:06:20
208.102.113.11	attackbotsspam	Jul 20 11:07:29 v22018076622670303 sshd\[8755\]: Invalid user death from 208.102.113.11 port 39978 Jul 20 11:07:29 v22018076622670303 sshd\[8755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.102.113.11 Jul 20 11:07:31 v22018076622670303 sshd\[8755\]: Failed password for invalid user death from 208.102.113.11 port 39978 ssh2 ...	2019-07-20 18:54:21
116.74.123.21	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-20 19:10:04
162.243.7.171	attack	Auto reported by IDS	2019-07-20 18:53:11

最近上报的IP列表

104.128.51.11	232.213.112.29	27.147.132.19	23.228.82.4
23.247.98.189	192.162.237.35	190.13.136.53	95.12.5.58
82.210.12.29	36.81.16.128	116.196.83.109	95.142.159.11
14.181.222.61	92.119.160.33	81.40.197.52	43.228.117.222
171.12.3.73	148.63.244.88	122.174.17.40	164.77.85.150