42.157.131.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): CHINANET Guangdong province network

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
42.157.131.201	attackbotsspam	Oct 2 00:59:38 m3061 sshd[5499]: Invalid user xiang from 42.157.131.201 Oct 2 00:59:38 m3061 sshd[5499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.157.131.201	2019-10-03 14:05:59
42.157.131.201	attackspambots	Oct 3 00:43:21 srv206 sshd[24656]: Invalid user sysdba from 42.157.131.201 Oct 3 00:43:21 srv206 sshd[24656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Oct 3 00:43:21 srv206 sshd[24656]: Invalid user sysdba from 42.157.131.201 Oct 3 00:43:23 srv206 sshd[24656]: Failed password for invalid user sysdba from 42.157.131.201 port 52730 ssh2 ...	2019-10-03 07:13:34
42.157.131.201	attack	Sep 26 23:03:49 hanapaa sshd\[32154\]: Invalid user adrc from 42.157.131.201 Sep 26 23:03:49 hanapaa sshd\[32154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 26 23:03:51 hanapaa sshd\[32154\]: Failed password for invalid user adrc from 42.157.131.201 port 54030 ssh2 Sep 26 23:07:55 hanapaa sshd\[32525\]: Invalid user kai from 42.157.131.201 Sep 26 23:07:55 hanapaa sshd\[32525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-27 19:53:07
42.157.131.201	attackspam	Sep 26 20:37:53 plex sshd[1986]: Invalid user zhao from 42.157.131.201 port 35790	2019-09-27 02:48:46
42.157.131.201	attack	Sep 21 18:19:09 tdfoods sshd\[24845\]: Invalid user gentry from 42.157.131.201 Sep 21 18:19:09 tdfoods sshd\[24845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 21 18:19:11 tdfoods sshd\[24845\]: Failed password for invalid user gentry from 42.157.131.201 port 58520 ssh2 Sep 21 18:23:26 tdfoods sshd\[25189\]: Invalid user listen from 42.157.131.201 Sep 21 18:23:26 tdfoods sshd\[25189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-22 19:15:02
42.157.131.201	attack	Sep 20 08:50:40 hpm sshd\[18288\]: Invalid user user from 42.157.131.201 Sep 20 08:50:40 hpm sshd\[18288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 20 08:50:42 hpm sshd\[18288\]: Failed password for invalid user user from 42.157.131.201 port 33346 ssh2 Sep 20 08:55:09 hpm sshd\[18643\]: Invalid user test101 from 42.157.131.201 Sep 20 08:55:09 hpm sshd\[18643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-21 03:00:41
42.157.131.201	attackspambots	Sep 11 01:04:05 friendsofhawaii sshd\[7732\]: Invalid user 119 from 42.157.131.201 Sep 11 01:04:05 friendsofhawaii sshd\[7732\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 11 01:04:07 friendsofhawaii sshd\[7732\]: Failed password for invalid user 119 from 42.157.131.201 port 42794 ssh2 Sep 11 01:08:16 friendsofhawaii sshd\[8093\]: Invalid user 162 from 42.157.131.201 Sep 11 01:08:16 friendsofhawaii sshd\[8093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-09-12 02:37:03
42.157.131.201	attack	Sep 9 10:50:05 nextcloud sshd\[23923\]: Invalid user www from 42.157.131.201 Sep 9 10:50:05 nextcloud sshd\[23923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Sep 9 10:50:07 nextcloud sshd\[23923\]: Failed password for invalid user www from 42.157.131.201 port 45444 ssh2 ...	2019-09-09 17:03:17
42.157.131.201	attackspam	Aug 30 08:33:50 lcdev sshd\[16254\]: Invalid user romaric from 42.157.131.201 Aug 30 08:33:50 lcdev sshd\[16254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Aug 30 08:33:53 lcdev sshd\[16254\]: Failed password for invalid user romaric from 42.157.131.201 port 45006 ssh2 Aug 30 08:38:28 lcdev sshd\[16653\]: Invalid user magenta from 42.157.131.201 Aug 30 08:38:28 lcdev sshd\[16653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-08-31 05:18:51
42.157.131.201	attack	Aug 29 18:50:16 server sshd\[27320\]: Invalid user hh from 42.157.131.201 port 48604 Aug 29 18:50:16 server sshd\[27320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201 Aug 29 18:50:18 server sshd\[27320\]: Failed password for invalid user hh from 42.157.131.201 port 48604 ssh2 Aug 29 18:56:51 server sshd\[20301\]: Invalid user gmod from 42.157.131.201 port 32854 Aug 29 18:56:51 server sshd\[20301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.157.131.201	2019-08-30 03:39:36

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.157.131.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22051
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.157.131.48.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 07 03:58:27 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 48.131.157.42.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 48.131.157.42.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.125.66.35	attackbotsspam	Dec 24 06:39:03 web1 postfix/smtpd[21423]: warning: unknown[45.125.66.35]: SASL LOGIN authentication failed: authentication failure ...	2019-12-24 20:49:27
80.82.77.245	attack	Dec 24 13:21:33 debian-2gb-nbg1-2 kernel: \[842833.905404\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.245 DST=195.201.40.59 LEN=29 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=UDP SPT=59237 DPT=120 LEN=9	2019-12-24 20:47:33
14.241.247.104	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 24-12-2019 07:15:10.	2019-12-24 20:57:28
113.160.113.145	attackspambots	1577171731 - 12/24/2019 08:15:31 Host: 113.160.113.145/113.160.113.145 Port: 445 TCP Blocked	2019-12-24 20:30:39
94.250.254.120	attack	Dec 24 13:21:42 mout sshd[29897]: Invalid user 1qa2ws3ed4rf5tg from 94.250.254.120 port 52456	2019-12-24 20:32:34
103.62.235.221	attack	Unauthorized connection attempt detected from IP address 103.62.235.221 to port 445	2019-12-24 20:31:12
117.102.104.178	attack	Unauthorized connection attempt detected from IP address 117.102.104.178 to port 445	2019-12-24 20:35:20
36.89.234.161	attack	Unauthorized connection attempt from IP address 36.89.234.161 on Port 445(SMB)	2019-12-24 20:30:53
106.52.206.191	attack	Triggered by Fail2Ban at Vostok web server	2019-12-24 20:17:36
113.176.46.40	attackbotsspam	1577171722 - 12/24/2019 08:15:22 Host: 113.176.46.40/113.176.46.40 Port: 445 TCP Blocked	2019-12-24 20:42:34
183.166.170.22	attackbots	2019-12-24T08:15:39.250290 X postfix/smtpd[10716]: lost connection after AUTH from unknown[183.166.170.22] 2019-12-24T08:15:40.678754 X postfix/smtpd[10750]: lost connection after AUTH from unknown[183.166.170.22] 2019-12-24T08:15:41.459899 X postfix/smtpd[12693]: lost connection after AUTH from unknown[183.166.170.22]	2019-12-24 20:19:18
125.224.107.111	attackbots	1577171711 - 12/24/2019 08:15:11 Host: 125.224.107.111/125.224.107.111 Port: 445 TCP Blocked	2019-12-24 20:55:30
103.235.236.224	attackbots	Dec 24 08:12:07 srv-ubuntu-dev3 sshd[71461]: Invalid user webadmin from 103.235.236.224 Dec 24 08:12:07 srv-ubuntu-dev3 sshd[71461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.235.236.224 Dec 24 08:12:07 srv-ubuntu-dev3 sshd[71461]: Invalid user webadmin from 103.235.236.224 Dec 24 08:12:09 srv-ubuntu-dev3 sshd[71461]: Failed password for invalid user webadmin from 103.235.236.224 port 64924 ssh2 Dec 24 08:13:43 srv-ubuntu-dev3 sshd[71572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.235.236.224 user=root Dec 24 08:13:46 srv-ubuntu-dev3 sshd[71572]: Failed password for root from 103.235.236.224 port 11890 ssh2 Dec 24 08:15:21 srv-ubuntu-dev3 sshd[71707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.235.236.224 user=irc Dec 24 08:15:22 srv-ubuntu-dev3 sshd[71707]: Failed password for irc from 103.235.236.224 port 23368 ssh2 ...	2019-12-24 20:40:59
105.154.192.204	attack	Attempted to connect 3 times to port 8291 TCP	2019-12-24 20:46:00
139.199.58.118	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2019-12-24 20:26:53

最近上报的IP列表

1.251.83.112	88.156.32.27	67.27.249.35	192.227.210.138
80.128.180.202	173.82.94.126	143.0.140.218	130.36.225.38
31.221.66.187	119.112.136.90	175.22.37.207	119.132.10.197
113.160.131.160	229.100.234.111	237.117.41.195	112.81.119.200
78.123.55.150	183.11.16.175	108.250.71.177	200.165.48.202