42.157.129.26 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Weiyi Network Technology Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-12 06:52:26

相同子网IP讨论:

IP	类型	评论内容	时间
42.157.129.46	attack	Dec 9 21:05:56 hcbbdb sshd\[8037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.46 user=news Dec 9 21:05:58 hcbbdb sshd\[8037\]: Failed password for news from 42.157.129.46 port 40414 ssh2 Dec 9 21:11:58 hcbbdb sshd\[8758\]: Invalid user 12345 from 42.157.129.46 Dec 9 21:11:58 hcbbdb sshd\[8758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.46 Dec 9 21:12:00 hcbbdb sshd\[8758\]: Failed password for invalid user 12345 from 42.157.129.46 port 41156 ssh2	2019-12-10 05:22:55
42.157.129.158	attackbotsspam	Nov 29 21:17:31 php1 sshd\[29750\]: Invalid user guhl from 42.157.129.158 Nov 29 21:17:31 php1 sshd\[29750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 Nov 29 21:17:33 php1 sshd\[29750\]: Failed password for invalid user guhl from 42.157.129.158 port 52992 ssh2 Nov 29 21:22:01 php1 sshd\[30202\]: Invalid user yoyo from 42.157.129.158 Nov 29 21:22:01 php1 sshd\[30202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158	2019-11-30 15:39:22
42.157.129.158	attackbotsspam	5x Failed Password	2019-11-27 09:29:52
42.157.129.158	attackspam	2019-11-24T22:55:46.982759abusebot-8.cloudsearch.cf sshd\[24162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 user=root	2019-11-25 09:06:07
42.157.129.158	attack	Nov 23 20:21:05 auw2 sshd\[7055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 user=root Nov 23 20:21:07 auw2 sshd\[7055\]: Failed password for root from 42.157.129.158 port 34970 ssh2 Nov 23 20:29:46 auw2 sshd\[7738\]: Invalid user praefect from 42.157.129.158 Nov 23 20:29:46 auw2 sshd\[7738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 Nov 23 20:29:48 auw2 sshd\[7738\]: Failed password for invalid user praefect from 42.157.129.158 port 41002 ssh2	2019-11-24 14:50:54
42.157.129.158	attackbots	Nov 15 18:50:43 web1 sshd\[15631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 user=bin Nov 15 18:50:44 web1 sshd\[15631\]: Failed password for bin from 42.157.129.158 port 45574 ssh2 Nov 15 18:56:25 web1 sshd\[16099\]: Invalid user students from 42.157.129.158 Nov 15 18:56:25 web1 sshd\[16099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 Nov 15 18:56:26 web1 sshd\[16099\]: Failed password for invalid user students from 42.157.129.158 port 54118 ssh2	2019-11-16 13:09:11
42.157.129.158	attack	Nov 13 01:28:32 srv2 sshd\[4663\]: Invalid user triplex from 42.157.129.158 Nov 13 01:28:32 srv2 sshd\[4663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 Nov 13 01:28:34 srv2 sshd\[4663\]: Failed password for invalid user triplex from 42.157.129.158 port 59484 ssh2 ...	2019-11-13 15:55:47
42.157.129.158	attackbotsspam	2019-10-27T05:00:30.093431abusebot-8.cloudsearch.cf sshd\[8276\]: Invalid user web5 from 42.157.129.158 port 38978	2019-10-27 14:04:50
42.157.129.158	attack	$f2bV_matches	2019-10-19 00:17:35
42.157.129.158	attackspambots	F2B jail: sshd. Time: 2019-10-16 08:04:44, Reported by: VKReport	2019-10-16 14:08:56
42.157.129.158	attack	Oct 10 18:34:55 root sshd[26974]: Failed password for root from 42.157.129.158 port 39360 ssh2 Oct 10 18:41:02 root sshd[27073]: Failed password for root from 42.157.129.158 port 45506 ssh2 ...	2019-10-11 01:27:08
42.157.129.158	attackbotsspam	Sep 29 20:49:45 game-panel sshd[3038]: Failed password for backup from 42.157.129.158 port 54146 ssh2 Sep 29 20:56:48 game-panel sshd[3279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 Sep 29 20:56:50 game-panel sshd[3279]: Failed password for invalid user lab from 42.157.129.158 port 43030 ssh2	2019-09-30 05:05:14
42.157.129.158	attackspambots	2019-09-28T18:23:25.8054681240 sshd\[30174\]: Invalid user ro from 42.157.129.158 port 38170 2019-09-28T18:23:25.8091051240 sshd\[30174\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 2019-09-28T18:23:28.0332811240 sshd\[30174\]: Failed password for invalid user ro from 42.157.129.158 port 38170 ssh2 ...	2019-09-29 00:44:18
42.157.129.158	attackspam	Sep 27 17:24:09 game-panel sshd[17890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158 Sep 27 17:24:11 game-panel sshd[17890]: Failed password for invalid user openvpn from 42.157.129.158 port 42652 ssh2 Sep 27 17:30:41 game-panel sshd[18146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.129.158	2019-09-28 01:42:51
42.157.129.158	attackbots	ssh brute force	2019-09-25 18:45:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.157.129.26
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29119
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.157.129.26.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 30 23:48:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 26.129.157.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 26.129.157.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
54.37.68.66	attackspam	Unauthorized access to SSH at 8/Jul/2020:17:36:16 +0000.	2020-07-09 03:25:02
49.51.10.24	attack	[Sat May 23 08:33:36 2020] - DDoS Attack From IP: 49.51.10.24 Port: 41612	2020-07-09 03:37:23
46.38.148.18	attack	Jul 8 21:22:04 srv01 postfix/smtpd\[15042\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 21:22:31 srv01 postfix/smtpd\[4474\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 21:22:57 srv01 postfix/smtpd\[15042\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 21:23:24 srv01 postfix/smtpd\[4474\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 21:23:49 srv01 postfix/smtpd\[4474\]: warning: unknown\[46.38.148.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-09 03:40:03
120.53.9.188	attack	Jul 8 19:49:19 sshgateway sshd\[9046\]: Invalid user qemu from 120.53.9.188 Jul 8 19:49:19 sshgateway sshd\[9046\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.9.188 Jul 8 19:49:21 sshgateway sshd\[9046\]: Failed password for invalid user qemu from 120.53.9.188 port 33970 ssh2	2020-07-09 03:28:40
123.206.118.47	attack	Jul 8 23:59:02 gw1 sshd[32413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.118.47 Jul 8 23:59:05 gw1 sshd[32413]: Failed password for invalid user git from 123.206.118.47 port 47614 ssh2 ...	2020-07-09 03:19:10
167.172.208.189	attackspambots	[Fri May 22 20:27:12 2020] - DDoS Attack From IP: 167.172.208.189 Port: 44023	2020-07-09 03:43:41
167.172.241.91	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-09 03:43:12
176.59.194.97	attack	1594208690 - 07/08/2020 13:44:50 Host: 176.59.194.97/176.59.194.97 Port: 445 TCP Blocked	2020-07-09 03:22:20
162.243.138.96	attackbots	[Sat May 23 01:11:21 2020] - DDoS Attack From IP: 162.243.138.96 Port: 38759	2020-07-09 03:41:31
202.158.123.42	attackspambots	Jul 8 19:13:36 rush sshd[17556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.158.123.42 Jul 8 19:13:39 rush sshd[17556]: Failed password for invalid user zhousp from 202.158.123.42 port 48810 ssh2 Jul 8 19:17:38 rush sshd[17681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.158.123.42 ...	2020-07-09 03:30:15
68.183.86.198	attackbotsspam	[Fri May 22 20:30:06 2020] - DDoS Attack From IP: 68.183.86.198 Port: 46934	2020-07-09 03:42:59
157.230.100.192	attack	Jul 8 19:36:10 rush sshd[18204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.100.192 Jul 8 19:36:12 rush sshd[18204]: Failed password for invalid user industry from 157.230.100.192 port 60986 ssh2 Jul 8 19:38:54 rush sshd[18301]: Failed password for mail from 157.230.100.192 port 55920 ssh2 ...	2020-07-09 03:42:29
155.94.143.112	attack	Jul 8 16:22:11 meumeu sshd[148280]: Invalid user jeannie from 155.94.143.112 port 42436 Jul 8 16:22:11 meumeu sshd[148280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.143.112 Jul 8 16:22:11 meumeu sshd[148280]: Invalid user jeannie from 155.94.143.112 port 42436 Jul 8 16:22:13 meumeu sshd[148280]: Failed password for invalid user jeannie from 155.94.143.112 port 42436 ssh2 Jul 8 16:25:14 meumeu sshd[148383]: Invalid user caiwch from 155.94.143.112 port 44212 Jul 8 16:25:14 meumeu sshd[148383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.143.112 Jul 8 16:25:14 meumeu sshd[148383]: Invalid user caiwch from 155.94.143.112 port 44212 Jul 8 16:25:15 meumeu sshd[148383]: Failed password for invalid user caiwch from 155.94.143.112 port 44212 ssh2 Jul 8 16:28:05 meumeu sshd[148480]: Invalid user marvin from 155.94.143.112 port 46010 ...	2020-07-09 03:27:50
62.118.140.194	attackbotsspam	IP 62.118.140.194 attacked honeypot on port: 1433 at 7/8/2020 4:44:24 AM	2020-07-09 03:30:59
124.156.244.173	attackspam	[Sun May 24 23:06:42 2020] - DDoS Attack From IP: 124.156.244.173 Port: 45937	2020-07-09 03:32:07

最近上报的IP列表

58.219.246.87	42.119.138.122	190.163.48.229	197.58.93.82
91.219.238.147	90.151.88.14	42.117.20.71	14.161.2.105
42.115.149.154	24.246.3.165	149.129.39.34	42.117.20.58
5.18.248.186	171.109.58.240	111.90.150.254	111.90.150.98
197.84.204.170	223.206.245.40	24.215.214.206	208.110.237.143