必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Telkom Indonesia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attackspambots
Unauthorized connection attempt from IP address 125.161.106.95 on Port 445(SMB)
2020-04-11 19:23:03
相同子网IP讨论:
IP 类型 评论内容 时间
125.161.106.44 attack
Honeypot attack, port: 445, PTR: 44.subnet125-161-106.speedy.telkom.net.id.
2020-03-27 02:46:19
125.161.106.215 attack
IP blocked
2020-03-21 00:05:50
125.161.106.13 attackbots
Unauthorized connection attempt from IP address 125.161.106.13 on Port 445(SMB)
2020-03-09 20:40:23
125.161.106.216 attack
Lines containing failures of 125.161.106.216
Feb 25 00:20:03 shared11 sshd[17061]: Invalid user admin from 125.161.106.216 port 25502
Feb 25 00:20:03 shared11 sshd[17061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.106.216
Feb 25 00:20:05 shared11 sshd[17061]: Failed password for invalid user admin from 125.161.106.216 port 25502 ssh2
Feb 25 00:20:06 shared11 sshd[17061]: Connection closed by invalid user admin 125.161.106.216 port 25502 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=125.161.106.216
2020-02-25 10:35:14
125.161.106.84 attackbots
Unauthorized connection attempt from IP address 125.161.106.84 on Port 445(SMB)
2020-02-14 02:19:09
125.161.106.91 attackbotsspam
unauthorized connection attempt
2020-01-28 18:34:54
125.161.106.7 attackbots
Unauthorized connection attempt detected from IP address 125.161.106.7 to port 445
2020-01-15 17:10:15
125.161.106.112 attack
20/1/11@08:07:04: FAIL: Alarm-Network address from=125.161.106.112
...
2020-01-12 04:03:36
125.161.106.22 attackspambots
Unauthorized connection attempt from IP address 125.161.106.22 on Port 445(SMB)
2019-12-23 05:08:54
125.161.106.101 attackbots
Unauthorized connection attempt from IP address 125.161.106.101 on Port 445(SMB)
2019-11-09 05:03:53
125.161.106.198 attackspambots
Unauthorized connection attempt from IP address 125.161.106.198 on Port 445(SMB)
2019-10-27 00:24:37
125.161.106.243 attackspam
Looking for /woocommerce.zip, Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
2019-10-19 16:29:06
125.161.106.228 attackspambots
Unauthorized connection attempt from IP address 125.161.106.228 on Port 445(SMB)
2019-08-30 20:18:12
125.161.106.130 attack
Unauthorized connection attempt from IP address 125.161.106.130 on Port 445(SMB)
2019-08-27 04:43:14
125.161.106.24 attackspambots
Unauthorized connection attempt from IP address 125.161.106.24 on Port 445(SMB)
2019-08-20 19:14:22
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.106.95
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40492
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.106.95.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051200 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun May 12 19:17:39 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:
95.106.161.125.in-addr.arpa domain name pointer 95.subnet125-161-106.speedy.telkom.net.id.
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
95.106.161.125.in-addr.arpa	name = 95.subnet125-161-106.speedy.telkom.net.id.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
103.125.95.63 attack
MultiHost/MultiPort Probe, Scan, Hack -
2020-02-18 21:48:44
139.162.78.6 attackspambots
Unauthorized connection attempt detected from IP address 139.162.78.6 to port 1080
2020-02-18 22:14:08
41.78.81.249 attackbots
1582032422 - 02/18/2020 14:27:02 Host: 41.78.81.249/41.78.81.249 Port: 445 TCP Blocked
2020-02-18 21:52:49
54.36.216.174 attackspam
Feb 18 04:20:08 auw2 sshd\[18627\]: Invalid user deasoft from 54.36.216.174
Feb 18 04:20:08 auw2 sshd\[18627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip174.ip-54-36-216.eu
Feb 18 04:20:09 auw2 sshd\[18627\]: Failed password for invalid user deasoft from 54.36.216.174 port 60028 ssh2
Feb 18 04:23:02 auw2 sshd\[18930\]: Invalid user backups from 54.36.216.174
Feb 18 04:23:02 auw2 sshd\[18930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip174.ip-54-36-216.eu
2020-02-18 22:32:42
175.24.14.69 attack
Automatic report - SSH Brute-Force Attack
2020-02-18 22:02:51
222.186.175.220 attackbots
2020-02-18T15:32:00.795556  sshd[541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220  user=root
2020-02-18T15:32:02.394460  sshd[541]: Failed password for root from 222.186.175.220 port 60852 ssh2
2020-02-18T15:32:07.960808  sshd[541]: Failed password for root from 222.186.175.220 port 60852 ssh2
2020-02-18T15:32:00.795556  sshd[541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220  user=root
2020-02-18T15:32:02.394460  sshd[541]: Failed password for root from 222.186.175.220 port 60852 ssh2
2020-02-18T15:32:07.960808  sshd[541]: Failed password for root from 222.186.175.220 port 60852 ssh2
...
2020-02-18 22:35:32
167.71.118.16 attack
[munged]::443 167.71.118.16 - - [18/Feb/2020:14:26:16 +0100] "POST /[munged]: HTTP/1.1" 200 9156 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 167.71.118.16 - - [18/Feb/2020:14:26:19 +0100] "POST /[munged]: HTTP/1.1" 200 9156 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 167.71.118.16 - - [18/Feb/2020:14:26:19 +0100] "POST /[munged]: HTTP/1.1" 200 9156 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 167.71.118.16 - - [18/Feb/2020:14:26:22 +0100] "POST /[munged]: HTTP/1.1" 200 9156 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 167.71.118.16 - - [18/Feb/2020:14:26:22 +0100] "POST /[munged]: HTTP/1.1" 200 9156 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
[munged]::443 167.71.118.16 - - [18/Feb/2020:14:26:25 +0100] "POST /[munged]: HTTP/1.1" 200 9156 "-" "Mozilla/5.0 (X11; Ubun
2020-02-18 22:24:53
161.82.130.182 attackspam
Automatic report - XMLRPC Attack
2020-02-18 22:08:04
211.159.171.57 attack
$f2bV_matches
2020-02-18 22:15:48
118.24.38.12 attack
Feb 18 14:26:18 pornomens sshd\[31315\]: Invalid user ftpuser from 118.24.38.12 port 38400
Feb 18 14:26:18 pornomens sshd\[31315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.38.12
Feb 18 14:26:21 pornomens sshd\[31315\]: Failed password for invalid user ftpuser from 118.24.38.12 port 38400 ssh2
...
2020-02-18 22:30:41
202.155.216.114 attack
Feb 18 16:19:01 server sshd\[19806\]: Invalid user testuser from 202.155.216.114
Feb 18 16:19:01 server sshd\[19806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.155.216.114 
Feb 18 16:19:03 server sshd\[19806\]: Failed password for invalid user testuser from 202.155.216.114 port 41380 ssh2
Feb 18 16:26:44 server sshd\[21543\]: Invalid user kodak from 202.155.216.114
Feb 18 16:26:44 server sshd\[21543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.155.216.114 
...
2020-02-18 22:11:29
222.186.15.166 attack
2020-02-18T15:10:07.710969scmdmz1 sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.166  user=root
2020-02-18T15:10:09.390090scmdmz1 sshd[15504]: Failed password for root from 222.186.15.166 port 23875 ssh2
2020-02-18T15:10:12.916826scmdmz1 sshd[15504]: Failed password for root from 222.186.15.166 port 23875 ssh2
2020-02-18T15:10:07.710969scmdmz1 sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.166  user=root
2020-02-18T15:10:09.390090scmdmz1 sshd[15504]: Failed password for root from 222.186.15.166 port 23875 ssh2
2020-02-18T15:10:12.916826scmdmz1 sshd[15504]: Failed password for root from 222.186.15.166 port 23875 ssh2
2020-02-18T15:10:11.815627scmdmz1 sshd[15518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.166  user=root
2020-02-18T15:10:14.042030scmdmz1 sshd[15518]: Failed password for root from 222.186.15.166 port 43067 ssh2
.
2020-02-18 22:15:16
223.245.212.218 attack
Feb 18 14:27:01 grey postfix/smtpd\[25703\]: NOQUEUE: reject: RCPT from unknown\[223.245.212.218\]: 554 5.7.1 Service unavailable\; Client host \[223.245.212.218\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?223.245.212.218\; from=\ to=\ proto=ESMTP helo=\
...
2020-02-18 21:55:18
112.85.42.227 attackspam
Feb 18 08:20:38 NPSTNNYC01T sshd[16954]: Failed password for root from 112.85.42.227 port 11841 ssh2
Feb 18 08:26:40 NPSTNNYC01T sshd[17124]: Failed password for root from 112.85.42.227 port 27737 ssh2
Feb 18 08:26:43 NPSTNNYC01T sshd[17124]: Failed password for root from 112.85.42.227 port 27737 ssh2
...
2020-02-18 22:13:03
68.183.22.85 attackbots
Feb 18 15:26:49 silence02 sshd[23610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.22.85
Feb 18 15:26:51 silence02 sshd[23610]: Failed password for invalid user teamspeak3 from 68.183.22.85 port 38660 ssh2
Feb 18 15:30:08 silence02 sshd[23758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.22.85
2020-02-18 22:32:22

最近上报的IP列表

152.136.133.68 36.67.202.83 141.214.32.32 86.122.27.151
174.103.13.55 54.244.240.64 207.122.15.34 193.56.28.185
37.139.24.204 203.32.171.252 122.55.63.101 223.172.180.141
111.75.227.228 174.17.133.9 137.8.110.108 156.220.132.129
89.175.214.125 188.229.11.113 199.199.163.186 187.158.136.65