42.157.131.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): CHINANET Guangdong province network

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
42.157.131.201	attackbotsspam	Oct 2 00:59:38 m3061 sshd[5499]: Invalid user xiang from 42.157.131.201 Oct 2 00:59:38 m3061 sshd[5499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.157.131.201	2019-10-03 14:05:59
42.157.131.201	attackspambots	Oct 3 00:43:21 srv206 sshd[24656]: Invalid user sysdba from 42.157.131.201 Oct 3 00:43:21 srv206 sshd[24656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Oct 3 00:43:21 srv206 sshd[24656]: Invalid user sysdba from 42.157.131.201 Oct 3 00:43:23 srv206 sshd[24656]: Failed password for invalid user sysdba from 42.157.131.201 port 52730 ssh2 ...	2019-10-03 07:13:34
42.157.131.201	attack	Sep 26 23:03:49 hanapaa sshd\[32154\]: Invalid user adrc from 42.157.131.201 Sep 26 23:03:49 hanapaa sshd\[32154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 26 23:03:51 hanapaa sshd\[32154\]: Failed password for invalid user adrc from 42.157.131.201 port 54030 ssh2 Sep 26 23:07:55 hanapaa sshd\[32525\]: Invalid user kai from 42.157.131.201 Sep 26 23:07:55 hanapaa sshd\[32525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-27 19:53:07
42.157.131.201	attackspam	Sep 26 20:37:53 plex sshd[1986]: Invalid user zhao from 42.157.131.201 port 35790	2019-09-27 02:48:46
42.157.131.201	attack	Sep 21 18:19:09 tdfoods sshd\[24845\]: Invalid user gentry from 42.157.131.201 Sep 21 18:19:09 tdfoods sshd\[24845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 21 18:19:11 tdfoods sshd\[24845\]: Failed password for invalid user gentry from 42.157.131.201 port 58520 ssh2 Sep 21 18:23:26 tdfoods sshd\[25189\]: Invalid user listen from 42.157.131.201 Sep 21 18:23:26 tdfoods sshd\[25189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-22 19:15:02
42.157.131.201	attack	Sep 20 08:50:40 hpm sshd\[18288\]: Invalid user user from 42.157.131.201 Sep 20 08:50:40 hpm sshd\[18288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 20 08:50:42 hpm sshd\[18288\]: Failed password for invalid user user from 42.157.131.201 port 33346 ssh2 Sep 20 08:55:09 hpm sshd\[18643\]: Invalid user test101 from 42.157.131.201 Sep 20 08:55:09 hpm sshd\[18643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-21 03:00:41
42.157.131.201	attackspambots	Sep 11 01:04:05 friendsofhawaii sshd\[7732\]: Invalid user 119 from 42.157.131.201 Sep 11 01:04:05 friendsofhawaii sshd\[7732\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 11 01:04:07 friendsofhawaii sshd\[7732\]: Failed password for invalid user 119 from 42.157.131.201 port 42794 ssh2 Sep 11 01:08:16 friendsofhawaii sshd\[8093\]: Invalid user 162 from 42.157.131.201 Sep 11 01:08:16 friendsofhawaii sshd\[8093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-12 02:37:03
42.157.131.201	attack	Sep 9 10:50:05 nextcloud sshd\[23923\]: Invalid user www from 42.157.131.201 Sep 9 10:50:05 nextcloud sshd\[23923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 9 10:50:07 nextcloud sshd\[23923\]: Failed password for invalid user www from 42.157.131.201 port 45444 ssh2 ...	2019-09-09 17:03:17
42.157.131.201	attackspam	Aug 30 08:33:50 lcdev sshd\[16254\]: Invalid user romaric from 42.157.131.201 Aug 30 08:33:50 lcdev sshd\[16254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Aug 30 08:33:53 lcdev sshd\[16254\]: Failed password for invalid user romaric from 42.157.131.201 port 45006 ssh2 Aug 30 08:38:28 lcdev sshd\[16653\]: Invalid user magenta from 42.157.131.201 Aug 30 08:38:28 lcdev sshd\[16653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-08-31 05:18:51
42.157.131.201	attack	Aug 29 18:50:16 server sshd\[27320\]: Invalid user hh from 42.157.131.201 port 48604 Aug 29 18:50:16 server sshd\[27320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Aug 29 18:50:18 server sshd\[27320\]: Failed password for invalid user hh from 42.157.131.201 port 48604 ssh2 Aug 29 18:56:51 server sshd\[20301\]: Invalid user gmod from 42.157.131.201 port 32854 Aug 29 18:56:51 server sshd\[20301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-08-30 03:39:36

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.157.131.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22051
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.157.131.48.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 07 03:58:27 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 48.131.157.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 48.131.157.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.88.112.70	attack	2020-04-08T18:43:06.616771shield sshd\[620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.70 user=root 2020-04-08T18:43:08.939032shield sshd\[620\]: Failed password for root from 49.88.112.70 port 60822 ssh2 2020-04-08T18:43:10.900829shield sshd\[620\]: Failed password for root from 49.88.112.70 port 60822 ssh2 2020-04-08T18:43:13.130255shield sshd\[620\]: Failed password for root from 49.88.112.70 port 60822 ssh2 2020-04-08T18:44:01.442140shield sshd\[896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.70 user=root	2020-04-09 03:07:25
162.243.128.11	attackbots	Port Scan detected from 162.243.128.11 (US/United States/California/San Francisco/zg-0312b-244.stretchoid.com). 4 hits in the last 286 seconds	2020-04-09 03:13:06
89.219.22.200	attackbotsspam	20/4/8@08:59:57: FAIL: Alarm-Network address from=89.219.22.200 20/4/8@08:59:57: FAIL: Alarm-Network address from=89.219.22.200 ...	2020-04-09 03:32:48
133.130.117.41	attackspam	Apr 8 19:29:28 MainVPS sshd[8445]: Invalid user postgres from 133.130.117.41 port 55404 Apr 8 19:29:28 MainVPS sshd[8445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=133.130.117.41 Apr 8 19:29:28 MainVPS sshd[8445]: Invalid user postgres from 133.130.117.41 port 55404 Apr 8 19:29:30 MainVPS sshd[8445]: Failed password for invalid user postgres from 133.130.117.41 port 55404 ssh2 Apr 8 19:33:11 MainVPS sshd[15742]: Invalid user alex from 133.130.117.41 port 47960 ...	2020-04-09 03:10:18
2400:6180:0:d1::802:7001	attack	2400:6180:0:d1::802:7001 - - [08/Apr/2020:17:16:46 +0300] "POST /wp-login.php HTTP/1.1" 200 2514 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-09 03:07:42
192.241.238.205	attack	" "	2020-04-09 03:01:11
192.241.238.100	attackbotsspam	8098/tcp 4786/tcp 115/tcp... [2020-03-13/04-07]32pkt,30pt.(tcp),1pt.(udp)	2020-04-09 03:20:02
51.68.198.113	attackspambots	5x Failed Password	2020-04-09 03:12:14
157.230.230.152	attack	2020-04-08T16:55:19.308112dmca.cloudsearch.cf sshd[23578]: Invalid user temp from 157.230.230.152 port 34360 2020-04-08T16:55:19.313243dmca.cloudsearch.cf sshd[23578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.230.152 2020-04-08T16:55:19.308112dmca.cloudsearch.cf sshd[23578]: Invalid user temp from 157.230.230.152 port 34360 2020-04-08T16:55:20.828531dmca.cloudsearch.cf sshd[23578]: Failed password for invalid user temp from 157.230.230.152 port 34360 ssh2 2020-04-08T16:58:52.021219dmca.cloudsearch.cf sshd[23957]: Invalid user admin1 from 157.230.230.152 port 44636 2020-04-08T16:58:52.028946dmca.cloudsearch.cf sshd[23957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.230.152 2020-04-08T16:58:52.021219dmca.cloudsearch.cf sshd[23957]: Invalid user admin1 from 157.230.230.152 port 44636 2020-04-08T16:58:54.452429dmca.cloudsearch.cf sshd[23957]: Failed password for invalid user admin1 f ...	2020-04-09 03:21:37
198.108.67.111	attackspambots	Fail2Ban Ban Triggered	2020-04-09 03:21:10
95.30.187.96	attackspam	Unauthorized connection attempt detected from IP address 95.30.187.96 to port 1433	2020-04-09 03:17:26
198.199.105.213	attack	Unauthorized connection attempt detected from IP address 198.199.105.213 to port 1830	2020-04-09 02:56:25
67.227.152.142	attackspam	Unauthorized connection attempt detected from IP address 67.227.152.142 to port 8545	2020-04-09 03:25:32
128.199.245.33	attack	WordPress login Brute force / Web App Attack on client site.	2020-04-09 03:03:53
187.6.67.246	attackspambots	firewall-block, port(s): 23/tcp	2020-04-09 03:22:43

最近上报的IP列表

1.251.83.112	88.156.32.27	67.27.249.35	192.227.210.138
80.128.180.202	173.82.94.126	143.0.140.218	130.36.225.38
31.221.66.187	119.112.136.90	175.22.37.207	119.132.10.197
113.160.131.160	229.100.234.111	237.117.41.195	112.81.119.200
78.123.55.150	183.11.16.175	108.250.71.177	200.165.48.202