125.138.89.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea, Republic of

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 7 15:03:24 web8 sshd\[17927\]: Invalid user authoriz from 125.138.89.140 Dec 7 15:03:24 web8 sshd\[17927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.138.89.140 Dec 7 15:03:26 web8 sshd\[17927\]: Failed password for invalid user authoriz from 125.138.89.140 port 53037 ssh2 Dec 7 15:10:23 web8 sshd\[21126\]: Invalid user admin from 125.138.89.140 Dec 7 15:10:23 web8 sshd\[21126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.138.89.140	2019-12-07 23:16:07
attackspam	21 attempts against mh-ssh on cloud.magehost.pro	2019-12-07 03:00:33
attackspam	$f2bV_matches	2019-12-06 22:39:59
attack	Nov 29 03:08:03 xxxxxxx0 sshd[19740]: Invalid user baharom from 125.138.89.140 port 53831 Nov 29 03:08:03 xxxxxxx0 sshd[19740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.138.89.140 Nov 29 03:08:05 xxxxxxx0 sshd[19740]: Failed password for invalid user baharom from 125.138.89.140 port 53831 ssh2 Nov 29 03:11:37 xxxxxxx0 sshd[20263]: Invalid user juneau from 125.138.89.140 port 44405 Nov 29 03:11:37 xxxxxxx0 sshd[20263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.138.89.140 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.138.89.140	2019-12-01 13:41:35

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.138.89.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.138.89.140.			IN	A

;; AUTHORITY SECTION:
.			114	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400

;; Query time: 133 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 13:41:31 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 140.89.138.125.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.89.138.125.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
118.25.39.84	attack	Unauthorized connection attempt detected from IP address 118.25.39.84 to port 2220 [J]	2020-01-13 08:11:37
223.71.167.165	attackspambots	Unauthorized connection attempt detected from IP address 223.71.167.165 to port 4786 [J]	2020-01-13 08:10:25
180.76.116.68	attackbots	Jan 12 22:21:38 Invalid user oleg from 180.76.116.68 port 51844	2020-01-13 08:26:15
5.135.121.238	attackspam	Jan 13 00:23:02 vpn01 sshd[32482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.121.238 Jan 13 00:23:04 vpn01 sshd[32482]: Failed password for invalid user naveed from 5.135.121.238 port 41026 ssh2 ...	2020-01-13 08:03:16
123.113.191.117	attack	01/12/2020-16:23:38.731576 123.113.191.117 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-13 08:29:03
121.229.30.27	attackbots	Jan 12 20:38:47 firewall sshd[14721]: Invalid user steam from 121.229.30.27 Jan 12 20:38:49 firewall sshd[14721]: Failed password for invalid user steam from 121.229.30.27 port 39363 ssh2 Jan 12 20:46:00 firewall sshd[15056]: Invalid user zf from 121.229.30.27 ...	2020-01-13 08:11:15
112.85.42.176	attack	Jan 13 00:09:36 unicornsoft sshd\[13679\]: User root from 112.85.42.176 not allowed because not listed in AllowUsers Jan 13 00:09:36 unicornsoft sshd\[13679\]: Failed none for invalid user root from 112.85.42.176 port 65149 ssh2 Jan 13 00:09:36 unicornsoft sshd\[13679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root	2020-01-13 08:30:37
208.113.200.55	attackbotsspam	Jan 12 20:44:49 vzhost sshd[13540]: Invalid user zdp from 208.113.200.55 Jan 12 20:44:49 vzhost sshd[13540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com Jan 12 20:44:51 vzhost sshd[13540]: Failed password for invalid user zdp from 208.113.200.55 port 48556 ssh2 Jan 12 20:52:28 vzhost sshd[14916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com user=r.r Jan 12 20:52:30 vzhost sshd[14916]: Failed password for r.r from 208.113.200.55 port 47898 ssh2 Jan 12 20:55:18 vzhost sshd[15333]: Invalid user localhost from 208.113.200.55 Jan 12 20:55:18 vzhost sshd[15333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-208-113-200-55.dreamhost.com Jan 12 20:55:20 vzhost sshd[15333]: Failed password for invalid user localhost from 208.113.200.55 port 50768 ssh2 Jan 12 20:58:02 vzhost sshd[1575........ -------------------------------	2020-01-13 08:07:12
81.177.73.17	attack	2020-01-12 15:24:16 H=(tmbcpa.com) [81.177.73.17]:50781 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/81.177.73.17) 2020-01-12 15:24:17 H=(tmbcpa.com) [81.177.73.17]:50781 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-01-12 15:24:18 H=(tmbcpa.com) [81.177.73.17]:50781 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/81.177.73.17) ...	2020-01-13 08:07:47
91.185.193.58	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-01-13 08:31:58
80.82.77.86	attack	80.82.77.86 was recorded 163 times by 1 hosts attempting to connect to the following ports: 69. Incident counter (4h, 24h, all-time): 163, 499, 4780	2020-01-13 08:40:39
95.220.199.110	attack	Unauthorized connection attempt detected from IP address 95.220.199.110 to port 2220 [J]	2020-01-13 08:28:21
82.64.57.172	attack	Jan 12 21:16:44 localhost sshd\[61083\]: Invalid user oracle from 82.64.57.172 port 55972 Jan 12 21:16:44 localhost sshd\[61083\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.57.172 Jan 12 21:16:47 localhost sshd\[61083\]: Failed password for invalid user oracle from 82.64.57.172 port 55972 ssh2 Jan 12 21:24:06 localhost sshd\[61185\]: Invalid user mc1 from 82.64.57.172 port 46806 Jan 12 21:24:06 localhost sshd\[61185\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.57.172 ...	2020-01-13 08:12:53
185.234.217.164	attackbots	Jan 12 16:23:06 web1 postfix/smtpd[22883]: warning: unknown[185.234.217.164]: SASL LOGIN authentication failed: authentication failure ...	2020-01-13 08:42:07
81.33.29.213	attackspam	Unauthorized connection attempt detected from IP address 81.33.29.213 to port 2220 [J]	2020-01-13 08:22:38

最近上报的IP列表

142.21.99.201	185.92.150.236	95.78.9.232	177.93.152.1
79.142.76.244	103.5.1.214	18.195.235.2	177.76.164.94
222.170.204.168	177.22.123.90	220.172.193.180	113.94.48.2
220.158.216.129	114.32.161.69	174.211.208.246	57.108.243.195
48.183.63.24	106.74.156.119	209.150.119.224	98.186.169.178