必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): Medan

省份(region): North Sumatra

国家(country): Indonesia

运营商(isp): PT Telkom Indonesia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attack
20/1/11@08:07:04: FAIL: Alarm-Network address from=125.161.106.112
...
2020-01-12 04:03:36
相同子网IP讨论:
IP 类型 评论内容 时间
125.161.106.95 attackspambots
Unauthorized connection attempt from IP address 125.161.106.95 on Port 445(SMB)
2020-04-11 19:23:03
125.161.106.44 attack
Honeypot attack, port: 445, PTR: 44.subnet125-161-106.speedy.telkom.net.id.
2020-03-27 02:46:19
125.161.106.215 attack
IP blocked
2020-03-21 00:05:50
125.161.106.13 attackbots
Unauthorized connection attempt from IP address 125.161.106.13 on Port 445(SMB)
2020-03-09 20:40:23
125.161.106.216 attack
Lines containing failures of 125.161.106.216
Feb 25 00:20:03 shared11 sshd[17061]: Invalid user admin from 125.161.106.216 port 25502
Feb 25 00:20:03 shared11 sshd[17061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.106.216
Feb 25 00:20:05 shared11 sshd[17061]: Failed password for invalid user admin from 125.161.106.216 port 25502 ssh2
Feb 25 00:20:06 shared11 sshd[17061]: Connection closed by invalid user admin 125.161.106.216 port 25502 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=125.161.106.216
2020-02-25 10:35:14
125.161.106.84 attackbots
Unauthorized connection attempt from IP address 125.161.106.84 on Port 445(SMB)
2020-02-14 02:19:09
125.161.106.91 attackbotsspam
unauthorized connection attempt
2020-01-28 18:34:54
125.161.106.7 attackbots
Unauthorized connection attempt detected from IP address 125.161.106.7 to port 445
2020-01-15 17:10:15
125.161.106.22 attackspambots
Unauthorized connection attempt from IP address 125.161.106.22 on Port 445(SMB)
2019-12-23 05:08:54
125.161.106.101 attackbots
Unauthorized connection attempt from IP address 125.161.106.101 on Port 445(SMB)
2019-11-09 05:03:53
125.161.106.198 attackspambots
Unauthorized connection attempt from IP address 125.161.106.198 on Port 445(SMB)
2019-10-27 00:24:37
125.161.106.243 attackspam
Looking for /woocommerce.zip, Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
2019-10-19 16:29:06
125.161.106.228 attackspambots
Unauthorized connection attempt from IP address 125.161.106.228 on Port 445(SMB)
2019-08-30 20:18:12
125.161.106.130 attack
Unauthorized connection attempt from IP address 125.161.106.130 on Port 445(SMB)
2019-08-27 04:43:14
125.161.106.24 attackspambots
Unauthorized connection attempt from IP address 125.161.106.24 on Port 445(SMB)
2019-08-20 19:14:22
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.106.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47701
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.106.112.		IN	A

;; AUTHORITY SECTION:
.			323	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011100 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 04:03:33 CST 2020
;; MSG SIZE  rcvd: 119
HOST信息:
112.106.161.125.in-addr.arpa domain name pointer 112.subnet125-161-106.speedy.telkom.net.id.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.106.161.125.in-addr.arpa	name = 112.subnet125-161-106.speedy.telkom.net.id.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
122.116.200.126 attackbotsspam
Honeypot attack, port: 81, PTR: 122-116-200-126.HINET-IP.hinet.net.
2020-02-11 10:11:01
124.158.174.122 attackspam
Feb 11 02:15:13 www sshd[20842]: Invalid user qyr from 124.158.174.122
Feb 11 02:15:15 www sshd[20842]: Failed password for invalid user qyr from 124.158.174.122 port 55327 ssh2
Feb 11 02:18:02 www sshd[20921]: Invalid user lvz from 124.158.174.122
Feb 11 02:18:04 www sshd[20921]: Failed password for invalid user lvz from 124.158.174.122 port 35644 ssh2
Feb 11 02:20:07 www sshd[21005]: Invalid user zfn from 124.158.174.122
Feb 11 02:20:10 www sshd[21005]: Failed password for invalid user zfn from 124.158.174.122 port 44138 ssh2
Feb 11 02:22:11 www sshd[21115]: Invalid user dzd from 124.158.174.122
Feb 11 02:22:13 www sshd[21115]: Failed password for invalid user dzd from 124.158.174.122 port 52687 ssh2
Feb 11 02:24:19 www sshd[21159]: Invalid user qmo from 124.158.174.122
Feb 11 02:24:21 www sshd[21159]: Failed password for invalid user qmo from 124.158.174.122 port 33224 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=124.158.174.122
2020-02-11 09:57:46
172.111.134.20 attack
Feb 10 20:24:47 plusreed sshd[17233]: Invalid user hzq from 172.111.134.20
...
2020-02-11 09:55:44
222.186.52.139 attackspam
Feb 11 02:51:38 vmanager6029 sshd\[30202\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.139  user=root
Feb 11 02:51:40 vmanager6029 sshd\[30202\]: Failed password for root from 222.186.52.139 port 58377 ssh2
Feb 11 02:51:41 vmanager6029 sshd\[30202\]: Failed password for root from 222.186.52.139 port 58377 ssh2
2020-02-11 09:54:28
213.150.209.178 attackspam
Honeypot attack, port: 445, PTR: 213-150-209-178.iconnecttelecoms.com.
2020-02-11 10:30:25
92.119.160.52 attackspambots
Unauthorised access (Feb 11) SRC=92.119.160.52 LEN=40 TTL=248 ID=62257 TCP DPT=3389 WINDOW=1024 SYN 
Unauthorised access (Feb 10) SRC=92.119.160.52 LEN=40 TTL=249 ID=59197 TCP DPT=3389 WINDOW=1024 SYN
2020-02-11 10:06:33
125.64.94.213 attackbots
[Mon Feb 10 13:38:46.285262 2020] [php7:error] [pid 27844] [client 125.64.94.213:53932] script '/var/www/net/list.php' not found or unable to stat
[Mon Feb 10 13:38:47.692120 2020] [php7:error] [pid 27844] [client 125.64.94.213:53932] script '/var/www/net/bencandy.php' not found or unable to stat
[Mon Feb 10 13:38:49.268105 2020] [negotiation:error] [pid 27844] [client 125.64.94.213:53932] AH00687: Negotiation: discovered file(s) matching request: /var/www/net/default (None could be negotiated).
[Mon Feb 10 13:38:55.067412 2020] [php7:error] [pid 27844] [client 125.64.94.213:53932] script '/var/www/net/index.php' not found or unable to stat
2020-02-11 10:15:42
172.81.204.249 attack
Invalid user flx from 172.81.204.249 port 47094
2020-02-11 10:02:00
222.186.30.209 attackbotsspam
2020-02-09T22:19:29.365310matrix sshd[1855977]: User root from 222.186.30.209 not allowed because none of user's groups are listed in AllowGroups
2020-02-10T00:16:23.574842matrix sshd[1861071]: User root from 222.186.30.209 not allowed because none of user's groups are listed in AllowGroups
2020-02-11T02:24:45.945453matrix sshd[1938243]: User root from 222.186.30.209 not allowed because none of user's groups are listed in AllowGroups
...
2020-02-11 10:30:11
103.27.238.107 attackspambots
2020-02-11T01:12:31.736503  sshd[21084]: Invalid user qvx from 103.27.238.107 port 58776
2020-02-11T01:12:31.752157  sshd[21084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.107
2020-02-11T01:12:31.736503  sshd[21084]: Invalid user qvx from 103.27.238.107 port 58776
2020-02-11T01:12:33.648109  sshd[21084]: Failed password for invalid user qvx from 103.27.238.107 port 58776 ssh2
2020-02-11T01:16:27.205685  sshd[21239]: Invalid user pzd from 103.27.238.107 port 59962
...
2020-02-11 09:52:30
89.248.162.136 attackspam
Feb 11 03:02:22 h2177944 kernel: \[4584550.798380\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.162.136 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=37153 PROTO=TCP SPT=48785 DPT=2939 WINDOW=1024 RES=0x00 SYN URGP=0 
Feb 11 03:02:22 h2177944 kernel: \[4584550.798391\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.162.136 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=37153 PROTO=TCP SPT=48785 DPT=2939 WINDOW=1024 RES=0x00 SYN URGP=0 
Feb 11 03:07:25 h2177944 kernel: \[4584853.620501\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.162.136 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=12827 PROTO=TCP SPT=48785 DPT=2377 WINDOW=1024 RES=0x00 SYN URGP=0 
Feb 11 03:07:25 h2177944 kernel: \[4584853.620517\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.162.136 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=12827 PROTO=TCP SPT=48785 DPT=2377 WINDOW=1024 RES=0x00 SYN URGP=0 
Feb 11 03:20:24 h2177944 kernel: \[4585631.926167\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=89.248.162.136 DST=85.214.
2020-02-11 10:25:15
181.193.48.229 attackspam
Honeypot attack, port: 445, PTR: PTR record not found
2020-02-11 10:22:58
37.49.225.166 attack
Fail2Ban Ban Triggered
2020-02-11 10:15:14
93.174.93.195 attackspam
93.174.93.195 was recorded 31 times by 13 hosts attempting to connect to the following ports: 40895,40898,40899. Incident counter (4h, 24h, all-time): 31, 171, 4239
2020-02-11 10:11:54
175.147.108.254 attackbots
MultiHost/MultiPort Probe, Scan, Hack -
2020-02-11 09:50:06

最近上报的IP列表

36.230.253.85 179.182.116.253 194.90.79.231 46.86.93.87
35.230.72.13 120.236.117.205 128.90.27.246 24.180.212.254
65.11.120.201 37.146.203.222 120.132.9.7 141.163.48.81
63.66.215.34 206.138.195.24 3.252.40.83 188.232.241.165
91.19.189.176 119.109.216.42 114.242.125.219 94.167.79.9