120.131.14.125

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Kingsoft Cloud Internet Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	prod8 ...	2020-10-07 03:25:26
attackspam	Oct 6 10:24:02 mellenthin sshd[17072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 user=root Oct 6 10:24:04 mellenthin sshd[17072]: Failed password for invalid user root from 120.131.14.125 port 37302 ssh2	2020-10-06 19:26:00
attackbotsspam	k+ssh-bruteforce	2020-09-14 15:48:05
attackspam	Sep 14 00:57:10 mellenthin sshd[23680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 Sep 14 00:57:11 mellenthin sshd[23680]: Failed password for invalid user admin from 120.131.14.125 port 22372 ssh2	2020-09-14 07:40:37
attackbotsspam	2020-08-11T12:18:15.960379dreamphreak.com sshd[46879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 user=root 2020-08-11T12:18:17.943620dreamphreak.com sshd[46879]: Failed password for root from 120.131.14.125 port 19160 ssh2 ...	2020-08-12 02:17:53
attackbots	2020-07-24T02:19:40.290298afi-git.jinr.ru sshd[12328]: Invalid user cdn from 120.131.14.125 port 12820 2020-07-24T02:19:40.293495afi-git.jinr.ru sshd[12328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 2020-07-24T02:19:40.290298afi-git.jinr.ru sshd[12328]: Invalid user cdn from 120.131.14.125 port 12820 2020-07-24T02:19:42.163290afi-git.jinr.ru sshd[12328]: Failed password for invalid user cdn from 120.131.14.125 port 12820 ssh2 2020-07-24T02:23:45.225827afi-git.jinr.ru sshd[13839]: Invalid user nicolas from 120.131.14.125 port 16096 ...	2020-07-24 07:36:50
attackbots	Jul 23 16:39:42 marvibiene sshd[26718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 Jul 23 16:39:44 marvibiene sshd[26718]: Failed password for invalid user produkcja from 120.131.14.125 port 20094 ssh2	2020-07-24 03:14:23
attack	Brute-force attempt banned	2020-07-10 01:10:48
attackbots	Jul 7 07:06:04 jumpserver sshd[371895]: Invalid user hadoop from 120.131.14.125 port 57456 Jul 7 07:06:06 jumpserver sshd[371895]: Failed password for invalid user hadoop from 120.131.14.125 port 57456 ssh2 Jul 7 07:09:58 jumpserver sshd[371954]: Invalid user wmdemo from 120.131.14.125 port 42156 ...	2020-07-07 15:58:28
attack	Jun 16 05:49:31 OPSO sshd\[10894\]: Invalid user admins from 120.131.14.125 port 61968 Jun 16 05:49:31 OPSO sshd\[10894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 Jun 16 05:49:32 OPSO sshd\[10894\]: Failed password for invalid user admins from 120.131.14.125 port 61968 ssh2 Jun 16 05:55:17 OPSO sshd\[11596\]: Invalid user student from 120.131.14.125 port 56176 Jun 16 05:55:17 OPSO sshd\[11596\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125	2020-06-16 12:14:34
attackspambots	SSH Bruteforce attack	2020-06-12 00:56:31
attackbots	Jun 4 20:03:58 ws25vmsma01 sshd[137545]: Failed password for root from 120.131.14.125 port 16798 ssh2 ...	2020-06-05 06:33:03
attackbots	SSH bruteforce	2020-05-26 03:15:59
attackbotsspam	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 Failed password for invalid user sek from 120.131.14.125 port 19778 ssh2 Invalid user qws from 120.131.14.125 port 57184 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 Failed password for invalid user qws from 120.131.14.125 port 57184 ssh2	2020-05-20 00:33:18
attackbotsspam	20 attempts against mh-ssh on cloud	2020-05-14 08:19:28
attackspam	Apr 29 15:25:27 host sshd[31900]: Invalid user testuser from 120.131.14.125 port 7714 ...	2020-04-29 21:47:03
attack	(sshd) Failed SSH login from 120.131.14.125 (CN/China/-): 5 in the last 3600 secs	2020-04-28 18:25:26
attack	Apr 21 23:20:07 vpn01 sshd[23967]: Failed password for root from 120.131.14.125 port 41118 ssh2 ...	2020-04-22 05:32:56
attackspam	Apr 21 16:36:10 OPSO sshd\[2460\]: Invalid user git from 120.131.14.125 port 25950 Apr 21 16:36:10 OPSO sshd\[2460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125 Apr 21 16:36:11 OPSO sshd\[2460\]: Failed password for invalid user git from 120.131.14.125 port 25950 ssh2 Apr 21 16:40:56 OPSO sshd\[3187\]: Invalid user hu from 120.131.14.125 port 15866 Apr 21 16:40:56 OPSO sshd\[3187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.131.14.125	2020-04-22 01:06:06
attackspambots	Invalid user git from 120.131.14.125 port 56726	2020-04-20 20:29:35

相同子网IP讨论:

IP	类型	评论内容	时间
120.131.14.235	attackspambots	unauthorized connection attempt	2020-03-06 18:26:14
120.131.14.235	attackbotsspam	Unauthorized connection attempt detected from IP address 120.131.14.235 to port 8080 [J]	2020-01-07 07:32:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.131.14.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58180
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.131.14.125.			IN	A

;; AUTHORITY SECTION:
.			418	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042000 1800 900 604800 86400

;; Query time: 153 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 20:29:28 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 125.14.131.120.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 125.14.131.120.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
188.162.176.95	attackbotsspam	Email rejected due to spam filtering	2020-03-05 05:11:09
218.92.0.132	attackspambots	$f2bV_matches	2020-03-05 05:16:24
181.40.73.86	attackbotsspam	Brute-force attempt banned	2020-03-05 05:15:08
122.51.46.172	attackspambots	Mar 4 20:26:14 ns382633 sshd\[2845\]: Invalid user cssserver from 122.51.46.172 port 37060 Mar 4 20:26:14 ns382633 sshd\[2845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.46.172 Mar 4 20:26:15 ns382633 sshd\[2845\]: Failed password for invalid user cssserver from 122.51.46.172 port 37060 ssh2 Mar 4 20:37:15 ns382633 sshd\[4543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.46.172 user=root Mar 4 20:37:17 ns382633 sshd\[4543\]: Failed password for root from 122.51.46.172 port 40470 ssh2	2020-03-05 05:13:26
121.178.212.67	attackspam	2020-03-04T22:21:38.136438centos sshd\[8633\]: Invalid user act1 from 121.178.212.67 port 49346 2020-03-04T22:21:38.142807centos sshd\[8633\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.178.212.67 2020-03-04T22:21:39.765552centos sshd\[8633\]: Failed password for invalid user act1 from 121.178.212.67 port 49346 ssh2	2020-03-05 05:30:13
218.78.44.63	attackbots	$f2bV_matches	2020-03-05 05:27:09
218.78.53.37	attack	$f2bV_matches	2020-03-05 05:22:29
139.59.23.68	attackbots	Mar 4 20:53:51 ip-172-31-62-245 sshd\[31315\]: Invalid user e from 139.59.23.68\ Mar 4 20:53:54 ip-172-31-62-245 sshd\[31315\]: Failed password for invalid user e from 139.59.23.68 port 46296 ssh2\ Mar 4 20:56:20 ip-172-31-62-245 sshd\[31346\]: Invalid user kevin from 139.59.23.68\ Mar 4 20:56:21 ip-172-31-62-245 sshd\[31346\]: Failed password for invalid user kevin from 139.59.23.68 port 57532 ssh2\ Mar 4 20:58:45 ip-172-31-62-245 sshd\[31377\]: Failed password for root from 139.59.23.68 port 40536 ssh2\	2020-03-05 05:36:09
54.198.76.105	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/54.198.76.105/ US - 1H : (126) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN14618 IP : 54.198.76.105 CIDR : 54.198.0.0/16 PREFIX COUNT : 433 UNIQUE IP COUNT : 19526400 ATTACKS DETECTED ASN14618 : 1H - 2 3H - 4 6H - 12 12H - 16 24H - 16 DateTime : 2020-03-04 14:32:13 INFO : DNS DENIED Scan Detected and Blocked by ADMIN - data recovery	2020-03-05 04:56:14
85.132.44.123	attack	Unauthorized connection attempt from IP address 85.132.44.123 on Port 445(SMB)	2020-03-05 04:54:20
189.170.30.59	attackbotsspam	1583328728 - 03/04/2020 14:32:08 Host: 189.170.30.59/189.170.30.59 Port: 445 TCP Blocked	2020-03-05 04:59:56
125.224.82.242	attackbots	Unauthorized connection attempt from IP address 125.224.82.242 on Port 445(SMB)	2020-03-05 05:17:38
218.90.138.98	attack	$f2bV_matches	2020-03-05 05:19:32
158.69.210.168	attackspam	$f2bV_matches	2020-03-05 05:23:55
49.235.202.65	attack	2020-03-04T20:35:08.639146shield sshd\[29892\]: Invalid user test from 49.235.202.65 port 45556 2020-03-04T20:35:08.644130shield sshd\[29892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.202.65 2020-03-04T20:35:10.914662shield sshd\[29892\]: Failed password for invalid user test from 49.235.202.65 port 45556 ssh2 2020-03-04T20:43:05.580500shield sshd\[30558\]: Invalid user kuaisuweb from 49.235.202.65 port 54476 2020-03-04T20:43:05.586331shield sshd\[30558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.202.65	2020-03-05 05:00:40

最近上报的IP列表

208.195.125.148	252.149.253.135	29.163.98.160	168.20.201.177
106.203.31.201	18.103.46.153	64.225.106.133	61.19.86.219
47.148.172.82	37.188.83.174	35.220.251.197	35.200.168.65
31.7.62.115	27.150.183.32	98.211.9.243	14.253.69.143
14.236.150.177	223.194.7.107	212.129.242.171	202.186.38.188