必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): Medan

省份(region): North Sumatra

国家(country): Indonesia

运营商(isp): PT Telkom Indonesia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attack
20/1/11@08:07:04: FAIL: Alarm-Network address from=125.161.106.112
...
2020-01-12 04:03:36
相同子网IP讨论:
IP 类型 评论内容 时间
125.161.106.95 attackspambots
Unauthorized connection attempt from IP address 125.161.106.95 on Port 445(SMB)
2020-04-11 19:23:03
125.161.106.44 attack
Honeypot attack, port: 445, PTR: 44.subnet125-161-106.speedy.telkom.net.id.
2020-03-27 02:46:19
125.161.106.215 attack
IP blocked
2020-03-21 00:05:50
125.161.106.13 attackbots
Unauthorized connection attempt from IP address 125.161.106.13 on Port 445(SMB)
2020-03-09 20:40:23
125.161.106.216 attack
Lines containing failures of 125.161.106.216
Feb 25 00:20:03 shared11 sshd[17061]: Invalid user admin from 125.161.106.216 port 25502
Feb 25 00:20:03 shared11 sshd[17061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.106.216
Feb 25 00:20:05 shared11 sshd[17061]: Failed password for invalid user admin from 125.161.106.216 port 25502 ssh2
Feb 25 00:20:06 shared11 sshd[17061]: Connection closed by invalid user admin 125.161.106.216 port 25502 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=125.161.106.216
2020-02-25 10:35:14
125.161.106.84 attackbots
Unauthorized connection attempt from IP address 125.161.106.84 on Port 445(SMB)
2020-02-14 02:19:09
125.161.106.91 attackbotsspam
unauthorized connection attempt
2020-01-28 18:34:54
125.161.106.7 attackbots
Unauthorized connection attempt detected from IP address 125.161.106.7 to port 445
2020-01-15 17:10:15
125.161.106.22 attackspambots
Unauthorized connection attempt from IP address 125.161.106.22 on Port 445(SMB)
2019-12-23 05:08:54
125.161.106.101 attackbots
Unauthorized connection attempt from IP address 125.161.106.101 on Port 445(SMB)
2019-11-09 05:03:53
125.161.106.198 attackspambots
Unauthorized connection attempt from IP address 125.161.106.198 on Port 445(SMB)
2019-10-27 00:24:37
125.161.106.243 attackspam
Looking for /woocommerce.zip, Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
2019-10-19 16:29:06
125.161.106.228 attackspambots
Unauthorized connection attempt from IP address 125.161.106.228 on Port 445(SMB)
2019-08-30 20:18:12
125.161.106.130 attack
Unauthorized connection attempt from IP address 125.161.106.130 on Port 445(SMB)
2019-08-27 04:43:14
125.161.106.24 attackspambots
Unauthorized connection attempt from IP address 125.161.106.24 on Port 445(SMB)
2019-08-20 19:14:22
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.106.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47701
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.106.112.		IN	A

;; AUTHORITY SECTION:
.			323	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011100 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 04:03:33 CST 2020
;; MSG SIZE  rcvd: 119
HOST信息:
112.106.161.125.in-addr.arpa domain name pointer 112.subnet125-161-106.speedy.telkom.net.id.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.106.161.125.in-addr.arpa	name = 112.subnet125-161-106.speedy.telkom.net.id.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
182.18.146.201 attack
Nov 29 07:05:15 tdfoods sshd\[363\]: Invalid user markes from 182.18.146.201
Nov 29 07:05:15 tdfoods sshd\[363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.146.201
Nov 29 07:05:16 tdfoods sshd\[363\]: Failed password for invalid user markes from 182.18.146.201 port 47604 ssh2
Nov 29 07:09:01 tdfoods sshd\[693\]: Invalid user klingel from 182.18.146.201
Nov 29 07:09:01 tdfoods sshd\[693\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.18.146.201
2019-11-30 01:11:44
51.38.51.108 attackspambots
Nov 29 18:15:44 SilenceServices sshd[9344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.51.108
Nov 29 18:15:46 SilenceServices sshd[9344]: Failed password for invalid user oracle from 51.38.51.108 port 60188 ssh2
Nov 29 18:18:38 SilenceServices sshd[10107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.51.108
2019-11-30 01:29:41
185.143.223.81 attack
Nov 29 17:12:58 h2177944 kernel: \[7919252.569727\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=53849 PROTO=TCP SPT=48939 DPT=10671 WINDOW=1024 RES=0x00 SYN URGP=0 
Nov 29 17:13:38 h2177944 kernel: \[7919292.683427\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=51415 PROTO=TCP SPT=48939 DPT=21559 WINDOW=1024 RES=0x00 SYN URGP=0 
Nov 29 17:16:23 h2177944 kernel: \[7919457.881591\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=54350 PROTO=TCP SPT=48939 DPT=57210 WINDOW=1024 RES=0x00 SYN URGP=0 
Nov 29 17:22:08 h2177944 kernel: \[7919802.825236\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=63330 PROTO=TCP SPT=48939 DPT=63195 WINDOW=1024 RES=0x00 SYN URGP=0 
Nov 29 17:28:49 h2177944 kernel: \[7920203.297554\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.
2019-11-30 01:23:48
69.94.140.123 attack
TCP src-port=49317   dst-port=25   Listed on   dnsbl-sorbs spamcop zen-spamhaus         (542)
2019-11-30 01:50:49
218.90.180.146 attackbots
MultiHost/MultiPort Probe, Scan, Hack -
2019-11-30 01:54:19
118.24.38.53 attackbotsspam
Nov 29 17:37:41 sd-53420 sshd\[6425\]: User root from 118.24.38.53 not allowed because none of user's groups are listed in AllowGroups
Nov 29 17:37:41 sd-53420 sshd\[6425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.38.53  user=root
Nov 29 17:37:42 sd-53420 sshd\[6425\]: Failed password for invalid user root from 118.24.38.53 port 54222 ssh2
Nov 29 17:47:26 sd-53420 sshd\[7964\]: Invalid user ryohei from 118.24.38.53
Nov 29 17:47:26 sd-53420 sshd\[7964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.38.53
...
2019-11-30 01:09:18
165.22.76.53 attackspam
Invalid user geam from 165.22.76.53 port 33400
2019-11-30 01:53:09
92.63.194.30 attack
11/29/2019-17:40:00.783124 92.63.194.30 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2019-11-30 01:10:16
217.77.171.2 attackspam
Spam Timestamp : 29-Nov-19 14:55   BlockList Provider  combined abuse   (554)
2019-11-30 01:33:00
92.222.88.102 attackspambots
detected by Fail2Ban
2019-11-30 01:25:01
1.245.61.144 attackspambots
$f2bV_matches
2019-11-30 01:26:28
217.61.121.48 attack
2019-11-29T11:29:06.4558091495-001 sshd\[33449\]: Failed password for invalid user zyromski from 217.61.121.48 port 43928 ssh2
2019-11-29T12:31:40.1821861495-001 sshd\[35840\]: Invalid user vu from 217.61.121.48 port 35108
2019-11-29T12:31:40.1861311495-001 sshd\[35840\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.121.48
2019-11-29T12:31:42.2598551495-001 sshd\[35840\]: Failed password for invalid user vu from 217.61.121.48 port 35108 ssh2
2019-11-29T12:34:49.3829621495-001 sshd\[35933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.121.48  user=root
2019-11-29T12:34:51.4018121495-001 sshd\[35933\]: Failed password for root from 217.61.121.48 port 43140 ssh2
...
2019-11-30 01:45:56
123.23.50.146 attackbotsspam
Spam Timestamp : 29-Nov-19 14:16   BlockList Provider  combined abuse   (548)
2019-11-30 01:40:28
107.175.149.34 attackbots
port scan/probe/communication attempt
2019-11-30 01:23:21
138.197.5.191 attackbots
Invalid user teste from 138.197.5.191 port 38212
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191
Failed password for invalid user teste from 138.197.5.191 port 38212 ssh2
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191  user=root
Failed password for root from 138.197.5.191 port 45638 ssh2
2019-11-30 01:32:01

最近上报的IP列表

36.230.253.85 179.182.116.253 194.90.79.231 46.86.93.87
35.230.72.13 120.236.117.205 128.90.27.246 24.180.212.254
65.11.120.201 37.146.203.222 120.132.9.7 141.163.48.81
63.66.215.34 206.138.195.24 3.252.40.83 188.232.241.165
91.19.189.176 119.109.216.42 114.242.125.219 94.167.79.9