42.157.128.50 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Weiyi Network Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-25 05:06:43

相同子网IP讨论:

IP	类型	评论内容	时间
42.157.128.188	attack	Dec 4 21:28:08 sauna sshd[51697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 Dec 4 21:28:10 sauna sshd[51697]: Failed password for invalid user tryjefaczka from 42.157.128.188 port 47104 ssh2 ...	2019-12-05 03:42:41
42.157.128.188	attack	2019-11-11T09:36:22.831622abusebot-5.cloudsearch.cf sshd\[2253\]: Invalid user butthead from 42.157.128.188 port 60064	2019-11-11 19:08:44
42.157.128.188	attackbots	2019-11-08T08:12:00.416155abusebot-5.cloudsearch.cf sshd\[29726\]: Invalid user gong from 42.157.128.188 port 35226	2019-11-08 16:18:18
42.157.128.188	attack	2019-11-08T05:54:43.503809abusebot-5.cloudsearch.cf sshd\[28339\]: Invalid user waggoner from 42.157.128.188 port 59696	2019-11-08 14:20:58
42.157.128.188	attack	2019-10-29T09:35:42.747247abusebot-5.cloudsearch.cf sshd\[31459\]: Invalid user test from 42.157.128.188 port 57978	2019-10-29 17:37:28
42.157.128.188	attack	2019-10-18T12:02:44.356210abusebot-5.cloudsearch.cf sshd\[19744\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 user=root	2019-10-19 03:54:10
42.157.128.188	attack	2019-10-15T07:48:34.028059abusebot-5.cloudsearch.cf sshd\[2265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 user=root	2019-10-15 15:53:16
42.157.128.188	attackbotsspam	Lines containing failures of 42.157.128.188 (max 1000) Oct 14 02:33:45 localhost sshd[5707]: Invalid user claire from 42.157.128.188 port 50542 Oct 14 02:33:45 localhost sshd[5707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 Oct 14 02:33:47 localhost sshd[5707]: Failed password for invalid user claire from 42.157.128.188 port 50542 ssh2 Oct 14 02:33:48 localhost sshd[5707]: Received disconnect from 42.157.128.188 port 50542:11: Bye Bye [preauth] Oct 14 02:33:48 localhost sshd[5707]: Disconnected from invalid user claire 42.157.128.188 port 50542 [preauth] Oct 14 02:54:39 localhost sshd[3600]: Invalid user bot2 from 42.157.128.188 port 49012 Oct 14 02:54:39 localhost sshd[3600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 Oct 14 02:54:41 localhost sshd[3600]: Failed password for invalid user bot2 from 42.157.128.188 port 49012 ssh2 Oct 14 02:54:42 local........ ------------------------------	2019-10-14 18:23:59
42.157.128.188	attack	2019-10-07T11:41:28.885551abusebot-5.cloudsearch.cf sshd\[21340\]: Invalid user max from 42.157.128.188 port 44572	2019-10-08 00:50:38
42.157.128.188	attack	Sep 26 05:43:47 OPSO sshd\[21465\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 user=root Sep 26 05:43:49 OPSO sshd\[21465\]: Failed password for root from 42.157.128.188 port 57930 ssh2 Sep 26 05:45:46 OPSO sshd\[21952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 user=root Sep 26 05:45:48 OPSO sshd\[21952\]: Failed password for root from 42.157.128.188 port 48152 ssh2 Sep 26 05:47:42 OPSO sshd\[22089\]: Invalid user alpha from 42.157.128.188 port 38200 Sep 26 05:47:42 OPSO sshd\[22089\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188	2019-09-26 16:54:43
42.157.128.188	attackspam	2019-09-05T20:28:36.991768ns557175 sshd\[28306\]: Invalid user ubuntu from 42.157.128.188 port 44472 2019-09-05T20:28:36.997184ns557175 sshd\[28306\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 2019-09-05T20:28:39.039492ns557175 sshd\[28306\]: Failed password for invalid user ubuntu from 42.157.128.188 port 44472 ssh2 2019-09-05T20:41:44.145535ns557175 sshd\[8182\]: Invalid user zj from 42.157.128.188 port 56718 2019-09-05T20:41:44.149961ns557175 sshd\[8182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 2019-09-05T20:41:46.368230ns557175 sshd\[8182\]: Failed password for invalid user zj from 42.157.128.188 port 56718 ssh2 2019-09-05T20:45:54.020727ns557175 sshd\[12135\]: Invalid user steam from 42.157.128.188 port 42342 2019-09-05T20:45:54.026629ns557175 sshd\[12135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.1 ...	2019-09-07 15:26:34
42.157.128.188	attackbotsspam	Sep 4 04:47:55 wbs sshd\[15662\]: Invalid user dayz from 42.157.128.188 Sep 4 04:47:55 wbs sshd\[15662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 Sep 4 04:47:58 wbs sshd\[15662\]: Failed password for invalid user dayz from 42.157.128.188 port 39630 ssh2 Sep 4 04:50:55 wbs sshd\[15946\]: Invalid user hoandy from 42.157.128.188 Sep 4 04:50:55 wbs sshd\[15946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188	2019-09-04 23:33:49
42.157.128.188	attackspam	$f2bV_matches	2019-09-01 13:50:23
42.157.128.188	attackspambots	2019-08-29T20:29:39.785343abusebot-2.cloudsearch.cf sshd\[2769\]: Invalid user metin2 from 42.157.128.188 port 43154	2019-08-30 04:47:30
42.157.128.188	attackspambots	Aug 22 22:43:35 tdfoods sshd\[17619\]: Invalid user hb from 42.157.128.188 Aug 22 22:43:35 tdfoods sshd\[17619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188 Aug 22 22:43:37 tdfoods sshd\[17619\]: Failed password for invalid user hb from 42.157.128.188 port 36602 ssh2 Aug 22 22:49:07 tdfoods sshd\[18139\]: Invalid user postgres from 42.157.128.188 Aug 22 22:49:07 tdfoods sshd\[18139\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.128.188	2019-08-23 16:51:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.157.128.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20266
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.157.128.50.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 05:06:38 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 50.128.157.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 50.128.157.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
180.253.88.209	attack	Unauthorized connection attempt from IP address 180.253.88.209 on Port 445(SMB)	2019-11-01 04:30:03
139.59.190.69	attackspambots	Oct 31 03:25:27 eddieflores sshd\[3404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69 user=root Oct 31 03:25:29 eddieflores sshd\[3404\]: Failed password for root from 139.59.190.69 port 42039 ssh2 Oct 31 03:29:23 eddieflores sshd\[3698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69 user=root Oct 31 03:29:25 eddieflores sshd\[3698\]: Failed password for root from 139.59.190.69 port 33497 ssh2 Oct 31 03:33:22 eddieflores sshd\[4010\]: Invalid user tanner from 139.59.190.69 Oct 31 03:33:22 eddieflores sshd\[4010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69	2019-11-01 04:09:06
119.29.132.143	attack	Oct 31 01:47:47 hostnameproxy sshd[1283]: Invalid user lan from 119.29.132.143 port 42468 Oct 31 01:47:47 hostnameproxy sshd[1283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.132.143 Oct 31 01:47:49 hostnameproxy sshd[1283]: Failed password for invalid user lan from 119.29.132.143 port 42468 ssh2 Oct 31 01:48:22 hostnameproxy sshd[1322]: Invalid user frank from 119.29.132.143 port 44072 Oct 31 01:48:22 hostnameproxy sshd[1322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.132.143 Oct 31 01:48:24 hostnameproxy sshd[1322]: Failed password for invalid user frank from 119.29.132.143 port 44072 ssh2 Oct 31 01:48:38 hostnameproxy sshd[1333]: Invalid user sinusbot from 119.29.132.143 port 45146 Oct 31 01:48:38 hostnameproxy sshd[1333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.132.143 Oct 31 01:48:41 hostnameproxy sshd[1333]:........ ------------------------------	2019-11-01 04:07:14
109.93.31.242	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/109.93.31.242/ RS - 1H : (3) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RS NAME ASN : ASN8400 IP : 109.93.31.242 CIDR : 109.92.0.0/15 PREFIX COUNT : 79 UNIQUE IP COUNT : 711680 ATTACKS DETECTED ASN8400 : 1H - 2 3H - 2 6H - 2 12H - 3 24H - 3 DateTime : 2019-10-31 21:15:56 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-01 04:24:00
45.82.153.76	attack	2019-10-31T21:15:10.285975mail01 postfix/smtpd[25758]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-10-31T21:15:33.318720mail01 postfix/smtpd[5429]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-10-31T21:15:54.019999mail01 postfix/smtpd[5429]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-01 04:27:25
117.241.96.70	attackspam	Unauthorized connection attempt from IP address 117.241.96.70 on Port 445(SMB)	2019-11-01 04:28:39
121.154.107.112	attackspam	DATE:2019-10-31 21:15:56, IP:121.154.107.112, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-01 04:25:50
47.98.161.90	attackbotsspam	PostgreSQL port 5432	2019-11-01 04:06:03
112.237.107.155	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/112.237.107.155/ CN - 1H : (744) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 112.237.107.155 CIDR : 112.224.0.0/11 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 11 3H - 38 6H - 75 12H - 154 24H - 250 DateTime : 2019-10-31 21:15:55 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-01 04:23:31
89.37.56.138	attackbots	postfix	2019-11-01 04:16:33
179.233.31.10	attackspambots	Oct 31 18:04:18 work-partkepr sshd\[5559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.233.31.10 user=root Oct 31 18:04:20 work-partkepr sshd\[5559\]: Failed password for root from 179.233.31.10 port 20918 ssh2 ...	2019-11-01 04:13:01
190.117.167.39	attackspambots	PostgreSQL port 5432	2019-11-01 04:13:46
106.13.32.106	attack	2019-10-30 17:57:57,561 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 18:22:13,617 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 18:45:18,592 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 19:07:04,864 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 19:27:57,936 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 17:57:57,561 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 18:22:13,617 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 18:45:18,592 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 19:07:04,864 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 19:27:57,936 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 17:57:57,561 fail2ban.actions \[1865\]: NOTICE \[ssh\] Ban 106.13.32.106 2019-10-30 1	2019-11-01 04:10:10
200.116.195.122	attackspam	$f2bV_matches	2019-11-01 04:02:29
122.228.19.79	attackspambots	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-11-01 04:01:36

最近上报的IP列表

207.180.192.52	124.195.168.82	217.58.186.155	171.242.11.115
218.150.220.198	170.130.187.2	138.0.145.192	200.52.60.227
189.194.132.250	183.159.182.39	114.67.74.139	117.60.133.122
114.239.164.196	113.160.223.167	52.167.43.30	2604:180:3:ba4::8374
36.233.101.79	27.66.127.191	14.223.54.139	14.11.36.2