125.123.138.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
125.123.138.119	attackspam	Jan 3 13:59:43 web1 postfix/smtpd\[16740\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 13:59:56 web1 postfix/smtpd\[16736\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 14:00:13 web1 postfix/smtpd\[16740\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-01-04 03:24:41
125.123.138.130	attackspam	SASL broute force	2019-07-06 00:54:13

类型

评论内容

时间

125.123.138.119

attackspam

Jan  3 13:59:43 web1 postfix/smtpd\[16740\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan  3 13:59:56 web1 postfix/smtpd\[16736\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan  3 14:00:13 web1 postfix/smtpd\[16740\]: warning: unknown\[125.123.138.119\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

2020-01-04 03:24:41

125.123.138.130

attackspam

SASL broute force

2019-07-06 00:54:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.123.138.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53101
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;125.123.138.42.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 02:17:04 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 42.138.123.125.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.138.123.125.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.89.136.104	attack	Jun 13 23:41:38 gestao sshd[26361]: Failed password for root from 51.89.136.104 port 54712 ssh2 Jun 13 23:45:48 gestao sshd[26481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.136.104 Jun 13 23:45:50 gestao sshd[26481]: Failed password for invalid user cesar from 51.89.136.104 port 56498 ssh2 ...	2020-06-14 08:12:57
92.55.251.69	attack	Jun 13 22:52:02 mail.srvfarm.net postfix/smtpd[1294829]: warning: unknown[92.55.251.69]: SASL PLAIN authentication failed: Jun 13 22:52:02 mail.srvfarm.net postfix/smtpd[1294829]: lost connection after AUTH from unknown[92.55.251.69] Jun 13 22:52:15 mail.srvfarm.net postfix/smtpd[1294827]: warning: unknown[92.55.251.69]: SASL PLAIN authentication failed: Jun 13 22:52:15 mail.srvfarm.net postfix/smtpd[1294827]: lost connection after AUTH from unknown[92.55.251.69] Jun 13 22:55:49 mail.srvfarm.net postfix/smtps/smtpd[1296537]: lost connection after CONNECT from unknown[92.55.251.69]	2020-06-14 08:37:43
185.140.243.49	attackspambots	Jun 13 22:36:46 mail.srvfarm.net postfix/smtpd[1287058]: warning: unknown[185.140.243.49]: SASL PLAIN authentication failed: Jun 13 22:36:46 mail.srvfarm.net postfix/smtpd[1287058]: lost connection after AUTH from unknown[185.140.243.49] Jun 13 22:38:52 mail.srvfarm.net postfix/smtpd[1286878]: warning: unknown[185.140.243.49]: SASL PLAIN authentication failed: Jun 13 22:38:52 mail.srvfarm.net postfix/smtpd[1286878]: lost connection after AUTH from unknown[185.140.243.49] Jun 13 22:46:10 mail.srvfarm.net postfix/smtps/smtpd[1288539]: warning: unknown[185.140.243.49]: SASL PLAIN authentication failed:	2020-06-14 08:34:26
164.132.70.22	attackbotsspam	SSH Invalid Login	2020-06-14 08:24:20
111.230.226.124	attack	Jun 14 02:07:06 home sshd[19086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.226.124 Jun 14 02:07:08 home sshd[19086]: Failed password for invalid user dovecot from 111.230.226.124 port 53428 ssh2 Jun 14 02:08:33 home sshd[20161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.226.124 ...	2020-06-14 08:15:40
103.65.195.162	attack	Jun 13 15:19:06 gutwein sshd[15678]: Failed password for invalid user llgadmin from 103.65.195.162 port 44022 ssh2 Jun 13 15:19:06 gutwein sshd[15678]: Received disconnect from 103.65.195.162: 11: Bye Bye [preauth] Jun 13 15:27:21 gutwein sshd[17220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.65.195.162 user=r.r Jun 13 15:27:23 gutwein sshd[17220]: Failed password for r.r from 103.65.195.162 port 38200 ssh2 Jun 13 15:27:23 gutwein sshd[17220]: Received disconnect from 103.65.195.162: 11: Bye Bye [preauth] Jun 13 15:33:30 gutwein sshd[18379]: Failed password for invalid user dale from 103.65.195.162 port 37626 ssh2 Jun 13 15:33:30 gutwein sshd[18379]: Received disconnect from 103.65.195.162: 11: Bye Bye [preauth] Jun 13 15:36:42 gutwein sshd[19024]: Failed password for invalid user doc from 103.65.195.162 port 36642 ssh2 Jun 13 15:36:43 gutwein sshd[19024]: Received disconnect from 103.65.195.162: 11: Bye Bye [preauth] J........ -------------------------------	2020-06-14 08:17:14
176.101.135.32	attackbotsspam	Brute force attempt	2020-06-14 08:35:52
80.187.114.89	attackbots	Germany was blocked by firewall for Malicious File Upload (Patterns) at /%20/?gf_page=upload 6/6/2020 6:45:39 (7 days 10 hours ago) IP: 80.187.114.89 Hostname: tmo-114-89.customers.d1-online.com Human/Bot: Human Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31	2020-06-14 07:58:33
124.43.9.184	attackbots	(sshd) Failed SSH login from 124.43.9.184 (LK/Sri Lanka/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 13 23:10:08 ubnt-55d23 sshd[11565]: Invalid user postgres from 124.43.9.184 port 53836 Jun 13 23:10:09 ubnt-55d23 sshd[11565]: Failed password for invalid user postgres from 124.43.9.184 port 53836 ssh2	2020-06-14 08:16:16
87.246.7.66	attackbots	2020-06-13T18:38:43.398639linuxbox-skyline auth[365181]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=smsd rhost=87.246.7.66 ...	2020-06-14 08:38:52
78.169.141.130	attackspam	SS5,WP GET /wp-login.php	2020-06-14 08:00:27
222.186.15.62	attack	Jun 14 02:12:59 vpn01 sshd[31882]: Failed password for root from 222.186.15.62 port 62694 ssh2 ...	2020-06-14 08:18:53
49.233.206.241	attackspambots	PHP Info File Request - Possible PHP Version Scan	2020-06-14 08:26:25
217.112.142.144	attackspambots	Jun 13 22:32:10 mail.srvfarm.net postfix/smtpd[1286879]: NOQUEUE: reject: RCPT from unknown[217.112.142.144]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 13 22:32:10 mail.srvfarm.net postfix/smtpd[1275552]: NOQUEUE: reject: RCPT from unknown[217.112.142.144]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 13 22:32:10 mail.srvfarm.net postfix/smtpd[1286848]: NOQUEUE: reject: RCPT from unknown[217.112.142.144]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 13 22:32:14 mail.srvfarm.net postfix/smtpd[1275649]: NOQUEUE: reject: RCPT from unknown[217.112.142.144]: 450 4.1.8	2020-06-14 08:29:47
193.189.77.114	attackbotsspam	Jun 13 22:57:12 mail.srvfarm.net postfix/smtpd[1294894]: warning: unknown[193.189.77.114]: SASL PLAIN authentication failed: Jun 13 22:57:12 mail.srvfarm.net postfix/smtpd[1294894]: lost connection after AUTH from unknown[193.189.77.114] Jun 13 23:01:27 mail.srvfarm.net postfix/smtpd[1294955]: warning: unknown[193.189.77.114]: SASL PLAIN authentication failed: Jun 13 23:01:27 mail.srvfarm.net postfix/smtpd[1294955]: lost connection after AUTH from unknown[193.189.77.114] Jun 13 23:03:51 mail.srvfarm.net postfix/smtpd[1295544]: lost connection after CONNECT from unknown[193.189.77.114]	2020-06-14 08:31:54

最近上报的IP列表

117.70.40.27	125.123.138.40	125.123.138.52	125.123.138.46
125.123.138.49	125.123.138.57	125.123.138.6	125.123.138.54
125.123.138.51	117.70.40.30	125.123.138.59	125.123.138.62
125.123.138.58	125.123.138.60	125.123.138.64	125.123.138.66
125.123.138.77	125.123.138.74	117.70.40.32	125.123.138.70