125.141.139.20

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea Republic of

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	47146 "2020-05-29 00:39:13","125.141.139.20","//www.facebook.com/plugins/like.php?locale=en_US&href=%7Blocation_href%7D&layout=button_count&show_faces=true&width=500&action=like&font&colorscheme=light&height=23","Mozilla/4.0 (com 47147 "2020-05-29 00:39:15","125.141.139.20","//www.facebook.com/plugins/like.php?locale=en_US&href=%7Blocation_href%7D&layout=button_count&show_faces=true&width=500&action=like&font&colorscheme=light&height=23","Mozilla/4.0 (com 47148 "2020-05-29 00:39:17","125.141.139.20","//www.microsoft.com/store/buy/cartcount","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 47149 "2020-05-29 00:39:22","125.141.139.20","/g,ga=new","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 47150 "2020-05-29 00:39:58","125.141.139.20","/this.root/","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"	2020-05-29 07:18:02

类型

评论内容

时间

attack

47146 "2020-05-29 00:39:13","125.141.139.20","//www.facebook.com/plugins/like.php?locale=en_US&href=%7Blocation_href%7D&layout=button_count&show_faces=true&width=500&action=like&font&colorscheme=light&height=23","Mozilla/4.0 (com
47147 "2020-05-29 00:39:15","125.141.139.20","//www.facebook.com/plugins/like.php?locale=en_US&href=%7Blocation_href%7D&layout=button_count&show_faces=true&width=500&action=like&font&colorscheme=light&height=23","Mozilla/4.0 (com
47148 "2020-05-29 00:39:17","125.141.139.20","//www.microsoft.com/store/buy/cartcount","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
47149 "2020-05-29 00:39:22","125.141.139.20","/g,ga=new","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
47150 "2020-05-29 00:39:58","125.141.139.20","/this.root/","Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"

2020-05-29 07:18:02

相同子网IP讨论:

IP	类型	评论内容	时间
125.141.139.29	attackbots	fail2ban -- 125.141.139.29 ...	2020-10-12 22:54:28
125.141.139.29	attackbots	Oct 11 22:41:31 srv-ubuntu-dev3 sshd[75446]: Invalid user matu from 125.141.139.29 Oct 11 22:41:31 srv-ubuntu-dev3 sshd[75446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 Oct 11 22:41:31 srv-ubuntu-dev3 sshd[75446]: Invalid user matu from 125.141.139.29 Oct 11 22:41:34 srv-ubuntu-dev3 sshd[75446]: Failed password for invalid user matu from 125.141.139.29 port 58738 ssh2 Oct 11 22:45:04 srv-ubuntu-dev3 sshd[75996]: Invalid user huawei from 125.141.139.29 Oct 11 22:45:04 srv-ubuntu-dev3 sshd[75996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 Oct 11 22:45:04 srv-ubuntu-dev3 sshd[75996]: Invalid user huawei from 125.141.139.29 Oct 11 22:45:05 srv-ubuntu-dev3 sshd[75996]: Failed password for invalid user huawei from 125.141.139.29 port 52230 ssh2 Oct 11 22:48:28 srv-ubuntu-dev3 sshd[76490]: Invalid user newsletter from 125.141.139.29 ...	2020-10-12 14:20:56
125.141.139.9	attackspambots	Sep 22 08:16:15 mockhub sshd[422056]: Failed password for invalid user eas from 125.141.139.9 port 36550 ssh2 Sep 22 08:20:51 mockhub sshd[422223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.9 user=root Sep 22 08:20:53 mockhub sshd[422223]: Failed password for root from 125.141.139.9 port 48446 ssh2 ...	2020-09-22 23:35:51
125.141.139.9	attack	Sep 22 08:39:30 xeon sshd[59739]: Failed password for root from 125.141.139.9 port 57260 ssh2	2020-09-22 15:41:52
125.141.139.9	attack	2020-09-22T00:14:52.286999afi-git.jinr.ru sshd[14339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.9 2020-09-22T00:14:52.283675afi-git.jinr.ru sshd[14339]: Invalid user noreply from 125.141.139.9 port 34058 2020-09-22T00:14:54.094679afi-git.jinr.ru sshd[14339]: Failed password for invalid user noreply from 125.141.139.9 port 34058 ssh2 2020-09-22T00:17:25.338518afi-git.jinr.ru sshd[14978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.9 user=root 2020-09-22T00:17:27.818471afi-git.jinr.ru sshd[14978]: Failed password for root from 125.141.139.9 port 40666 ssh2 ...	2020-09-22 07:43:42
125.141.139.29	attackbotsspam	2020-09-12T10:06:54.694366ionos.janbro.de sshd[82217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=root 2020-09-12T10:06:56.888282ionos.janbro.de sshd[82217]: Failed password for root from 125.141.139.29 port 43360 ssh2 2020-09-12T10:09:32.600535ionos.janbro.de sshd[82245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=root 2020-09-12T10:09:34.483495ionos.janbro.de sshd[82245]: Failed password for root from 125.141.139.29 port 46372 ssh2 2020-09-12T10:12:12.122563ionos.janbro.de sshd[82258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=root 2020-09-12T10:12:13.970426ionos.janbro.de sshd[82258]: Failed password for root from 125.141.139.29 port 49388 ssh2 2020-09-12T10:14:38.177068ionos.janbro.de sshd[82263]: Invalid user test from 125.141.139.29 port 52408 2020-09-12T10:14:38.186130ionos.janbro.de ...	2020-09-13 03:14:46
125.141.139.29	attack	2020-09-12T10:06:54.694366ionos.janbro.de sshd[82217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=root 2020-09-12T10:06:56.888282ionos.janbro.de sshd[82217]: Failed password for root from 125.141.139.29 port 43360 ssh2 2020-09-12T10:09:32.600535ionos.janbro.de sshd[82245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=root 2020-09-12T10:09:34.483495ionos.janbro.de sshd[82245]: Failed password for root from 125.141.139.29 port 46372 ssh2 2020-09-12T10:12:12.122563ionos.janbro.de sshd[82258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=root 2020-09-12T10:12:13.970426ionos.janbro.de sshd[82258]: Failed password for root from 125.141.139.29 port 49388 ssh2 2020-09-12T10:14:38.177068ionos.janbro.de sshd[82263]: Invalid user test from 125.141.139.29 port 52408 2020-09-12T10:14:38.186130ionos.janbro.de ...	2020-09-12 19:21:11
125.141.139.29	attack	Invalid user grid from 125.141.139.29 port 53168	2020-08-28 00:31:21
125.141.139.29	attackspambots	Time: Wed Aug 26 12:53:51 2020 +0000 IP: 125.141.139.29 (-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 26 12:43:22 ca-16-ede1 sshd[26073]: Invalid user radio from 125.141.139.29 port 35920 Aug 26 12:43:23 ca-16-ede1 sshd[26073]: Failed password for invalid user radio from 125.141.139.29 port 35920 ssh2 Aug 26 12:50:00 ca-16-ede1 sshd[26908]: Invalid user kun from 125.141.139.29 port 43872 Aug 26 12:50:03 ca-16-ede1 sshd[26908]: Failed password for invalid user kun from 125.141.139.29 port 43872 ssh2 Aug 26 12:53:47 ca-16-ede1 sshd[27398]: Invalid user charles from 125.141.139.29 port 33468	2020-08-26 21:07:07
125.141.139.9	attackspambots	(sshd) Failed SSH login from 125.141.139.9 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 23 19:15:51 srv sshd[31240]: Invalid user client from 125.141.139.9 port 44704 Aug 23 19:15:54 srv sshd[31240]: Failed password for invalid user client from 125.141.139.9 port 44704 ssh2 Aug 23 19:29:07 srv sshd[31465]: Invalid user random from 125.141.139.9 port 48240 Aug 23 19:29:09 srv sshd[31465]: Failed password for invalid user random from 125.141.139.9 port 48240 ssh2 Aug 23 19:33:52 srv sshd[31539]: Invalid user kcc from 125.141.139.9 port 56086	2020-08-24 03:48:58
125.141.139.9	attack	Aug 22 14:12:53 pve1 sshd[1204]: Failed password for root from 125.141.139.9 port 55634 ssh2 Aug 22 14:15:41 pve1 sshd[2531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.9 ...	2020-08-22 21:05:24
125.141.139.29	attack	Aug 21 07:16:22 OPSO sshd\[8139\]: Invalid user paulb from 125.141.139.29 port 39244 Aug 21 07:16:22 OPSO sshd\[8139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 Aug 21 07:16:24 OPSO sshd\[8139\]: Failed password for invalid user paulb from 125.141.139.29 port 39244 ssh2 Aug 21 07:21:15 OPSO sshd\[9025\]: Invalid user teamspeak3 from 125.141.139.29 port 46512 Aug 21 07:21:15 OPSO sshd\[9025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29	2020-08-21 13:33:43
125.141.139.29	attack	Lines containing failures of 125.141.139.29 (max 1000) Aug 13 08:40:52 localhost sshd[12336]: User r.r from 125.141.139.29 not allowed because listed in DenyUsers Aug 13 08:40:52 localhost sshd[12336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=r.r Aug 13 08:40:54 localhost sshd[12336]: Failed password for invalid user r.r from 125.141.139.29 port 53794 ssh2 Aug 13 08:40:56 localhost sshd[12336]: Received disconnect from 125.141.139.29 port 53794:11: Bye Bye [preauth] Aug 13 08:40:56 localhost sshd[12336]: Disconnected from invalid user r.r 125.141.139.29 port 53794 [preauth] Aug 13 08:57:55 localhost sshd[20179]: User r.r from 125.141.139.29 not allowed because listed in DenyUsers Aug 13 08:57:55 localhost sshd[20179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=r.r Aug 13 08:57:57 localhost sshd[20179]: Failed password for invalid user r.r ........ ------------------------------	2020-08-15 19:24:32
125.141.139.9	attackbots	Aug 12 05:11:58 game-panel sshd[22597]: Failed password for root from 125.141.139.9 port 38772 ssh2 Aug 12 05:17:03 game-panel sshd[22758]: Failed password for root from 125.141.139.9 port 49228 ssh2	2020-08-12 13:57:44
125.141.139.29	attackspam	Aug 8 20:18:56 marvibiene sshd[62207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=root Aug 8 20:18:58 marvibiene sshd[62207]: Failed password for root from 125.141.139.29 port 55652 ssh2 Aug 8 20:25:53 marvibiene sshd[62320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.29 user=root Aug 8 20:25:55 marvibiene sshd[62320]: Failed password for root from 125.141.139.29 port 37790 ssh2	2020-08-09 06:53:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.141.139.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8609
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.141.139.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 17:40:37 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 20.139.141.125.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.139.141.125.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.157.170.191	attack	Tried our host z.	2020-06-09 13:15:23
46.38.145.253	attackbotsspam	Jun 9 06:46:40 srv01 postfix/smtpd\[16221\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 06:46:51 srv01 postfix/smtpd\[16223\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 06:47:28 srv01 postfix/smtpd\[16223\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 06:48:03 srv01 postfix/smtpd\[16223\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 9 06:48:23 srv01 postfix/smtpd\[16223\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-09 12:54:10
222.186.52.39	attack	Jun 9 04:57:10 rush sshd[25639]: Failed password for root from 222.186.52.39 port 24809 ssh2 Jun 9 04:57:19 rush sshd[25648]: Failed password for root from 222.186.52.39 port 19799 ssh2 ...	2020-06-09 13:00:48
124.114.148.212	attackspam	CN_APNIC-HM_<177>1591674999 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 124.114.148.212:56948	2020-06-09 13:10:29
51.178.78.152	attackbots	Jun 9 07:55:34 debian kernel: [581091.420104] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=51.178.78.152 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=48877 DPT=8881 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-09 13:00:03
106.52.188.43	attack	Jun 9 06:40:01 lnxded63 sshd[1650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.188.43	2020-06-09 13:13:43
46.101.226.91	attack	fail2ban	2020-06-09 13:03:06
128.199.44.102	attack	2020-06-09T03:50:20.818684abusebot-5.cloudsearch.cf sshd[1782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.44.102 user=root 2020-06-09T03:50:23.474219abusebot-5.cloudsearch.cf sshd[1782]: Failed password for root from 128.199.44.102 port 36362 ssh2 2020-06-09T03:53:39.038408abusebot-5.cloudsearch.cf sshd[1790]: Invalid user selnagar from 128.199.44.102 port 37381 2020-06-09T03:53:39.045057abusebot-5.cloudsearch.cf sshd[1790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.44.102 2020-06-09T03:53:39.038408abusebot-5.cloudsearch.cf sshd[1790]: Invalid user selnagar from 128.199.44.102 port 37381 2020-06-09T03:53:40.350866abusebot-5.cloudsearch.cf sshd[1790]: Failed password for invalid user selnagar from 128.199.44.102 port 37381 ssh2 2020-06-09T03:56:42.559471abusebot-5.cloudsearch.cf sshd[1804]: Invalid user sinusbot from 128.199.44.102 port 38395 ...	2020-06-09 13:06:09
192.35.168.220	attackspambots	Fail2Ban Ban Triggered	2020-06-09 12:42:35
31.156.146.26	attackspam	PowerShell/Ploprolo.A	2020-06-09 12:52:55
27.78.14.83	attackbots	Invalid user support from 27.78.14.83 port 54974 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.78.14.83 Invalid user support from 27.78.14.83 port 54974 Failed password for invalid user support from 27.78.14.83 port 54974 ssh2 Invalid user guest from 27.78.14.83 port 35282	2020-06-09 12:33:10
165.22.251.121	attackbots	165.22.251.121 has been banned for [WebApp Attack] ...	2020-06-09 12:32:17
51.77.140.111	attackspambots	Jun 9 06:30:03 [host] sshd[7700]: Invalid user fo Jun 9 06:30:03 [host] sshd[7700]: pam_unix(sshd:a Jun 9 06:30:05 [host] sshd[7700]: Failed password	2020-06-09 12:39:35
142.93.108.77	attackbots	Jun 9 06:53:15 * sshd[15763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.108.77 Jun 9 06:53:17 * sshd[15763]: Failed password for invalid user libuuid12345 from 142.93.108.77 port 51426 ssh2	2020-06-09 12:59:26
5.135.253.172	attackspambots	Jun 9 05:57:11 debian-2gb-nbg1-2 kernel: \[13933768.106965\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=5.135.253.172 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=10886 PROTO=TCP SPT=46584 DPT=8700 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-09 12:41:25

最近上报的IP列表

59.153.74.16	179.180.190.43	101.255.86.18	14.232.30.49
223.24.154.235	112.200.31.21	144.210.216.235	3.213.107.0
123.11.41.189	160.194.251.117	5.196.131.167	34.242.151.75
177.61.22.126	169.62.34.22	99.198.222.253	41.78.174.227
95.167.123.54	86.34.230.162	126.26.57.33	74.63.251.206