125.16.196.130

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): India

运营商(isp): Sintex Industries Ltd. Site Office at & Post Lunsapur Rajula Jafrabad Rd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:54:28

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.16.196.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35833
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.16.196.130.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri May 17 08:15:54 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 130.196.16.125.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 130.196.16.125.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.77.141.158	attackbots	Oct 31 10:26:06 web1 sshd\[25426\]: Invalid user deutsche from 51.77.141.158 Oct 31 10:26:06 web1 sshd\[25426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.141.158 Oct 31 10:26:08 web1 sshd\[25426\]: Failed password for invalid user deutsche from 51.77.141.158 port 48022 ssh2 Oct 31 10:29:18 web1 sshd\[25687\]: Invalid user sammy from 51.77.141.158 Oct 31 10:29:18 web1 sshd\[25687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.141.158	2019-11-01 06:02:42
134.175.121.31	attack	Lines containing failures of 134.175.121.31 Oct 28 18:48:23 mailserver sshd[21966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.121.31 user=r.r Oct 28 18:48:25 mailserver sshd[21966]: Failed password for r.r from 134.175.121.31 port 40796 ssh2 Oct 28 18:48:25 mailserver sshd[21966]: Received disconnect from 134.175.121.31 port 40796:11: Bye Bye [preauth] Oct 28 18:48:25 mailserver sshd[21966]: Disconnected from authenticating user r.r 134.175.121.31 port 40796 [preauth] Oct 28 19:05:03 mailserver sshd[24304]: Invalid user www from 134.175.121.31 port 54624 Oct 28 19:05:03 mailserver sshd[24304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.121.31 Oct 28 19:05:06 mailserver sshd[24304]: Failed password for invalid user www from 134.175.121.31 port 54624 ssh2 Oct 28 19:05:06 mailserver sshd[24304]: Received disconnect from 134.175.121.31 port 54624:11: Bye Bye [preauth] ........ ------------------------------	2019-11-01 05:44:23
157.245.149.114	attackspam	Oct 31 22:18:12 h2177944 sshd\[5201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.149.114 user=root Oct 31 22:18:14 h2177944 sshd\[5201\]: Failed password for root from 157.245.149.114 port 46376 ssh2 Oct 31 22:22:26 h2177944 sshd\[5473\]: Invalid user user1 from 157.245.149.114 port 57700 Oct 31 22:22:26 h2177944 sshd\[5473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.149.114 ...	2019-11-01 05:35:07
221.204.170.238	attackspam	2019-10-31T22:17:36.950192 sshd[25444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.204.170.238 user=root 2019-10-31T22:17:39.450541 sshd[25444]: Failed password for root from 221.204.170.238 port 32880 ssh2 2019-10-31T22:27:11.490977 sshd[25536]: Invalid user teamspeak from 221.204.170.238 port 50853 2019-10-31T22:27:11.505413 sshd[25536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.204.170.238 2019-10-31T22:27:11.490977 sshd[25536]: Invalid user teamspeak from 221.204.170.238 port 50853 2019-10-31T22:27:13.277674 sshd[25536]: Failed password for invalid user teamspeak from 221.204.170.238 port 50853 ssh2 ...	2019-11-01 05:55:58
118.89.47.101	attackspambots	Oct 28 07:16:36 CT721 sshd[9535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.47.101 user=r.r Oct 28 07:16:38 CT721 sshd[9535]: Failed password for r.r from 118.89.47.101 port 54574 ssh2 Oct 28 07:16:39 CT721 sshd[9535]: Received disconnect from 118.89.47.101: 11: Bye Bye [preauth] Oct 28 07:31:07 CT721 sshd[9798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.47.101 user=r.r Oct 28 07:31:08 CT721 sshd[9798]: Failed password for r.r from 118.89.47.101 port 51004 ssh2 Oct 28 07:31:09 CT721 sshd[9798]: Received disconnect from 118.89.47.101: 11: Bye Bye [preauth] Oct 28 07:35:54 CT721 sshd[9904]: Invalid user adm from 118.89.47.101 Oct 28 07:35:54 CT721 sshd[9904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.47.101 Oct 28 07:35:56 CT721 sshd[9904]: Failed password for invalid user adm from 118.89.47.101 port 60522 ssh2 Oc........ -------------------------------	2019-11-01 05:58:50
66.172.33.144	attack	[ThuOct3120:23:49.4213442019][:error][pid24117:tid47536176129792][client66.172.33.144:55874][client66.172.33.144]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"ebtechnology.ch"][uri"/.env"][unique_id"Xbs0xfhrfWPxwIhhpoIWKgAAAAM"][ThuOct3120:39:26.2815012019][:error][pid24310:tid47536190838528][client66.172.33.144:52822][client66.172.33.144]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\	2019-11-01 05:59:13
106.52.121.64	attackspam	Oct 31 23:07:15 server sshd\[23287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 user=root Oct 31 23:07:17 server sshd\[23287\]: Failed password for root from 106.52.121.64 port 45346 ssh2 Oct 31 23:13:24 server sshd\[24604\]: Invalid user tania from 106.52.121.64 Oct 31 23:13:24 server sshd\[24604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 Oct 31 23:13:26 server sshd\[24604\]: Failed password for invalid user tania from 106.52.121.64 port 57922 ssh2 ...	2019-11-01 06:00:20
14.191.148.249	attack	Automatic report - Port Scan Attack	2019-11-01 05:51:25
180.76.246.104	attack	Oct 31 17:43:30 ny01 sshd[29505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.104 Oct 31 17:43:32 ny01 sshd[29505]: Failed password for invalid user marcus from 180.76.246.104 port 44148 ssh2 Oct 31 17:48:35 ny01 sshd[30069]: Failed password for root from 180.76.246.104 port 55024 ssh2	2019-11-01 06:02:02
217.30.64.26	attack	Automatic report - XMLRPC Attack	2019-11-01 05:50:01
149.255.56.144	attack	31.10.2019 21:14:00 - Wordpress fail Detected by ELinOX-ALM	2019-11-01 05:46:57
139.215.217.181	attackbotsspam	2019-10-31T21:15:01.913165abusebot-7.cloudsearch.cf sshd\[23217\]: Invalid user 1s4f6h8k0 from 139.215.217.181 port 57439	2019-11-01 05:45:00
69.171.74.150	attackspambots	Oct 31 22:42:20 vps01 sshd[23940]: Failed password for root from 69.171.74.150 port 55340 ssh2	2019-11-01 05:53:37
93.46.59.110	attack	Automatic report - Banned IP Access	2019-11-01 05:37:02
221.195.189.154	attack	Oct 31 21:55:08 sd-53420 sshd\[5118\]: Invalid user nanyou from 221.195.189.154 Oct 31 21:55:08 sd-53420 sshd\[5118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.195.189.154 Oct 31 21:55:10 sd-53420 sshd\[5118\]: Failed password for invalid user nanyou from 221.195.189.154 port 39816 ssh2 Oct 31 21:58:35 sd-53420 sshd\[5355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.195.189.154 user=root Oct 31 21:58:37 sd-53420 sshd\[5355\]: Failed password for root from 221.195.189.154 port 37370 ssh2 ...	2019-11-01 05:32:33

最近上报的IP列表

186.251.254.138	152.250.245.182	6.78.0.14	44.148.139.51
50.62.177.158	195.9.216.162	50.62.176.66	41.84.10.44
106.58.209.161	226.8.163.135	166.82.203.60	153.244.184.108
251.137.151.150	36.101.198.188	144.106.8.155	95.26.39.162
189.115.23.221	139.92.26.208	226.85.21.197	25.104.239.109