125.123.138.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
125.123.138.119	attackspam	Jan 3 13:59:43 web1 postfix/smtpd\[16740\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 13:59:56 web1 postfix/smtpd\[16736\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 14:00:13 web1 postfix/smtpd\[16740\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-01-04 03:24:41
125.123.138.130	attackspam	SASL broute force	2019-07-06 00:54:13

类型

评论内容

时间

125.123.138.119

attackspam

Jan  3 13:59:43 web1 postfix/smtpd\[16740\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan  3 13:59:56 web1 postfix/smtpd\[16736\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan  3 14:00:13 web1 postfix/smtpd\[16740\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

2020-01-04 03:24:41

125.123.138.130

attackspam

SASL broute force

2019-07-06 00:54:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.123.138.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53101
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;125.123.138.42.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 02:17:04 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 42.138.123.125.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.138.123.125.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
172.82.239.21	attackbotsspam	Aug 16 06:28:59 mail.srvfarm.net postfix/smtpd[1924775]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 16 06:32:26 mail.srvfarm.net postfix/smtpd[1928557]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 16 06:35:36 mail.srvfarm.net postfix/smtpd[1931103]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 16 06:36:40 mail.srvfarm.net postfix/smtpd[1931087]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 16 06:38:06 mail.srvfarm.net postfix/smtpd[1931084]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21]	2020-08-16 13:18:46
80.82.154.141	attackbotsspam	Aug 16 05:00:35 mail.srvfarm.net postfix/smtps/smtpd[1870327]: warning: unknown[80.82.154.141]: SASL PLAIN authentication failed: Aug 16 05:00:35 mail.srvfarm.net postfix/smtps/smtpd[1870327]: lost connection after AUTH from unknown[80.82.154.141] Aug 16 05:04:38 mail.srvfarm.net postfix/smtps/smtpd[1870325]: warning: unknown[80.82.154.141]: SASL PLAIN authentication failed: Aug 16 05:04:38 mail.srvfarm.net postfix/smtps/smtpd[1870325]: lost connection after AUTH from unknown[80.82.154.141] Aug 16 05:08:27 mail.srvfarm.net postfix/smtps/smtpd[1887813]: warning: unknown[80.82.154.141]: SASL PLAIN authentication failed:	2020-08-16 13:23:17
82.251.198.4	attackspambots	Aug 16 06:11:24 db sshd[23026]: User root from 82.251.198.4 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 13:40:16
187.95.50.202	attackbotsspam	Aug 16 05:09:35 mail.srvfarm.net postfix/smtps/smtpd[1874176]: warning: 187-95-50-202.vianet.net.br[187.95.50.202]: SASL PLAIN authentication failed: Aug 16 05:09:36 mail.srvfarm.net postfix/smtps/smtpd[1874176]: lost connection after AUTH from 187-95-50-202.vianet.net.br[187.95.50.202] Aug 16 05:10:04 mail.srvfarm.net postfix/smtps/smtpd[1888818]: warning: 187-95-50-202.vianet.net.br[187.95.50.202]: SASL PLAIN authentication failed: Aug 16 05:10:04 mail.srvfarm.net postfix/smtpd[1888503]: warning: 187-95-50-202.vianet.net.br[187.95.50.202]: SASL PLAIN authentication failed: Aug 16 05:10:04 mail.srvfarm.net postfix/smtpd[1888503]: lost connection after AUTH from 187-95-50-202.vianet.net.br[187.95.50.202] Aug 16 05:10:04 mail.srvfarm.net postfix/smtps/smtpd[1888818]: lost connection after AUTH from 187-95-50-202.vianet.net.br[187.95.50.202]	2020-08-16 13:12:35
223.71.167.164	attackbots	TCP (SYN) 223.71.167.164:60928 -> port 4444, len 44	2020-08-16 13:55:07
172.82.230.3	attack	Aug 16 06:32:24 mail.srvfarm.net postfix/smtpd[1931086]: lost connection after STARTTLS from r3.news.eu.rvca.com[172.82.230.3] Aug 16 06:35:37 mail.srvfarm.net postfix/smtpd[1931103]: lost connection after STARTTLS from r3.news.eu.rvca.com[172.82.230.3] Aug 16 06:36:41 mail.srvfarm.net postfix/smtpd[1931103]: lost connection after STARTTLS from r3.news.eu.rvca.com[172.82.230.3] Aug 16 06:38:03 mail.srvfarm.net postfix/smtpd[1931086]: lost connection after STARTTLS from r3.news.eu.rvca.com[172.82.230.3] Aug 16 06:39:11 mail.srvfarm.net postfix/smtpd[1931085]: lost connection after STARTTLS from r3.news.eu.rvca.com[172.82.230.3]	2020-08-16 13:19:31
166.111.68.25	attackbotsspam	Aug 16 05:35:34 localhost sshd[64028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.68.25 user=root Aug 16 05:35:35 localhost sshd[64028]: Failed password for root from 166.111.68.25 port 33938 ssh2 Aug 16 05:39:45 localhost sshd[64354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.68.25 user=root Aug 16 05:39:48 localhost sshd[64354]: Failed password for root from 166.111.68.25 port 41968 ssh2 Aug 16 05:43:52 localhost sshd[64662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.68.25 user=root Aug 16 05:43:54 localhost sshd[64662]: Failed password for root from 166.111.68.25 port 33676 ssh2 ...	2020-08-16 13:52:06
112.85.42.173	attack	2020-08-16T05:50:22.136611dmca.cloudsearch.cf sshd[758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root 2020-08-16T05:50:24.467590dmca.cloudsearch.cf sshd[758]: Failed password for root from 112.85.42.173 port 25493 ssh2 2020-08-16T05:50:27.787144dmca.cloudsearch.cf sshd[758]: Failed password for root from 112.85.42.173 port 25493 ssh2 2020-08-16T05:50:22.136611dmca.cloudsearch.cf sshd[758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root 2020-08-16T05:50:24.467590dmca.cloudsearch.cf sshd[758]: Failed password for root from 112.85.42.173 port 25493 ssh2 2020-08-16T05:50:27.787144dmca.cloudsearch.cf sshd[758]: Failed password for root from 112.85.42.173 port 25493 ssh2 2020-08-16T05:50:22.136611dmca.cloudsearch.cf sshd[758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root 2020-08-16T05:50:24.46 ...	2020-08-16 13:53:45
112.85.42.186	attackbots	2020-08-16T08:29:17.888298lavrinenko.info sshd[25791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.186 user=root 2020-08-16T08:29:19.888628lavrinenko.info sshd[25791]: Failed password for root from 112.85.42.186 port 63397 ssh2 2020-08-16T08:29:17.888298lavrinenko.info sshd[25791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.186 user=root 2020-08-16T08:29:19.888628lavrinenko.info sshd[25791]: Failed password for root from 112.85.42.186 port 63397 ssh2 2020-08-16T08:29:23.855077lavrinenko.info sshd[25791]: Failed password for root from 112.85.42.186 port 63397 ssh2 ...	2020-08-16 13:40:32
139.59.59.75	attackbots	139.59.59.75 - - [16/Aug/2020:07:24:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1307 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [16/Aug/2020:07:24:22 +0200] "POST /wp-login.php HTTP/1.1" 200 1701 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [16/Aug/2020:07:24:22 +0200] "GET /wp-login.php HTTP/1.1" 200 1307 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [16/Aug/2020:07:24:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1682 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [16/Aug/2020:07:24:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1307 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.59.75 - - [16/Aug/2020:07:24:34 +0200] "POST /wp-login.php HTTP/1.1" 200 1686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ...	2020-08-16 13:47:16
62.210.194.7	attackbots	Aug 16 06:28:58 mail.srvfarm.net postfix/smtpd[1924773]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] Aug 16 06:32:25 mail.srvfarm.net postfix/smtpd[1931086]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] Aug 16 06:35:38 mail.srvfarm.net postfix/smtpd[1931096]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] Aug 16 06:36:42 mail.srvfarm.net postfix/smtpd[1931087]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7] Aug 16 06:38:05 mail.srvfarm.net postfix/smtpd[1929155]: lost connection after STARTTLS from r7.news.eu.rvca.com[62.210.194.7]	2020-08-16 13:25:00
62.210.194.8	attackspam	Aug 16 06:28:59 mail.srvfarm.net postfix/smtpd[1924775]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:32:26 mail.srvfarm.net postfix/smtpd[1931100]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:35:38 mail.srvfarm.net postfix/smtpd[1931102]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:36:43 mail.srvfarm.net postfix/smtpd[1931100]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:38:05 mail.srvfarm.net postfix/smtpd[1931097]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8]	2020-08-16 13:24:36
172.82.230.4	attackbots	Aug 16 06:32:25 mail.srvfarm.net postfix/smtpd[1931085]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Aug 16 06:35:37 mail.srvfarm.net postfix/smtpd[1931086]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Aug 16 06:36:42 mail.srvfarm.net postfix/smtpd[1931087]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Aug 16 06:38:04 mail.srvfarm.net postfix/smtpd[1931096]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Aug 16 06:39:12 mail.srvfarm.net postfix/smtpd[1924775]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4]	2020-08-16 13:19:15
78.128.113.116	attackbotsspam	2020-08-16 07:21:31 dovecot_login authenticator failed for \(ip-113-116.4vendeta.com.\) \[78.128.113.116\]: 535 Incorrect authentication data \(set_id=spamzorbadoo@no-server.de\) 2020-08-16 07:21:38 dovecot_login authenticator failed for \(ip-113-116.4vendeta.com.\) \[78.128.113.116\]: 535 Incorrect authentication data 2020-08-16 07:21:47 dovecot_login authenticator failed for \(ip-113-116.4vendeta.com.\) \[78.128.113.116\]: 535 Incorrect authentication data 2020-08-16 07:21:53 dovecot_login authenticator failed for \(ip-113-116.4vendeta.com.\) \[78.128.113.116\]: 535 Incorrect authentication data 2020-08-16 07:22:04 dovecot_login authenticator failed for \(ip-113-116.4vendeta.com.\) \[78.128.113.116\]: 535 Incorrect authentication data ...	2020-08-16 13:24:04
218.92.0.219	attackspam	Aug 16 05:55:08 game-panel sshd[19410]: Failed password for root from 218.92.0.219 port 36087 ssh2 Aug 16 05:55:10 game-panel sshd[19410]: Failed password for root from 218.92.0.219 port 36087 ssh2 Aug 16 05:55:12 game-panel sshd[19410]: Failed password for root from 218.92.0.219 port 36087 ssh2	2020-08-16 13:55:50

最近上报的IP列表

117.70.40.27	125.123.138.40	125.123.138.52	125.123.138.46
125.123.138.49	125.123.138.57	125.123.138.6	125.123.138.54
125.123.138.51	117.70.40.30	125.123.138.59	125.123.138.62
125.123.138.58	125.123.138.60	125.123.138.64	125.123.138.66
125.123.138.77	125.123.138.74	117.70.40.32	125.123.138.70