必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Telkom Indonesia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attackspam
Unauthorized connection attempt from IP address 125.161.139.188 on Port 445(SMB)
2019-08-19 01:00:39
attackspam
445/tcp
[2019-08-16]1pkt
2019-08-16 19:52:10
相同子网IP讨论:
IP 类型 评论内容 时间
125.161.139.27 attack
Icarus honeypot on github
2020-09-01 06:54:06
125.161.139.88 attackbotsspam
Aug 15 07:12:11 cdc sshd[29247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.139.88  user=pi
Aug 15 07:12:13 cdc sshd[29247]: Failed password for invalid user pi from 125.161.139.88 port 2779 ssh2
2020-08-15 15:30:28
125.161.139.28 attack
Unauthorized connection attempt from IP address 125.161.139.28 on Port 445(SMB)
2020-08-11 02:58:14
125.161.139.239 attackspam
1593740866 - 07/03/2020 03:47:46 Host: 125.161.139.239/125.161.139.239 Port: 445 TCP Blocked
2020-07-04 01:59:32
125.161.139.52 attackbots
125.161.139.52 - - \[26/Apr/2020:05:00:00 -0700\] "POST /index.php/admin/ HTTP/1.1" 404 20411125.161.139.52 - - \[26/Apr/2020:05:00:00 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 20435125.161.139.52 - - \[26/Apr/2020:05:00:01 -0700\] "POST /index.php/admin/sales_order/ HTTP/1.1" 404 20459
...
2020-04-27 02:08:51
125.161.139.30 attack
Honeypot attack, port: 445, PTR: 30.subnet125-161-139.speedy.telkom.net.id.
2020-02-27 22:06:28
125.161.139.90 attackspam
1581396504 - 02/11/2020 05:48:24 Host: 125.161.139.90/125.161.139.90 Port: 445 TCP Blocked
2020-02-11 20:55:44
125.161.139.52 attackspambots
1579868924 - 01/24/2020 13:28:44 Host: 125.161.139.52/125.161.139.52 Port: 445 TCP Blocked
2020-01-25 04:52:34
125.161.139.148 attackbotsspam
Invalid user pi from 125.161.139.148 port 50862
2019-11-20 02:43:52
125.161.139.42 attackspambots
Attempt to attack host OS, exploiting network vulnerabilities, on 18-10-2019 12:45:23.
2019-10-18 19:55:10
125.161.139.248 attackbotsspam
Attempt to attack host OS, exploiting network vulnerabilities, on 12-10-2019 15:15:18.
2019-10-13 00:17:17
125.161.139.2 attackspambots
Unauthorized connection attempt from IP address 125.161.139.2 on Port 445(SMB)
2019-10-06 01:35:11
125.161.139.240 attackspambots
@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 03:50:48,625 INFO [amun_request_handler] PortScan Detected on Port: 445 (125.161.139.240)
2019-09-12 13:48:54
125.161.139.215 attackbots
Sep  9 22:32:53 srv206 sshd[13747]: Invalid user tomcat from 125.161.139.215
...
2019-09-10 05:18:01
125.161.139.58 attackspam
Unauthorized connection attempt from IP address 125.161.139.58 on Port 445(SMB)
2019-09-09 18:57:15
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.139.188
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49475
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.139.188.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 16 19:52:05 CST 2019
;; MSG SIZE  rcvd: 119
HOST信息:
188.139.161.125.in-addr.arpa domain name pointer 188.subnet125-161-139.speedy.telkom.net.id.
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
188.139.161.125.in-addr.arpa	name = 188.subnet125-161-139.speedy.telkom.net.id.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
206.189.72.161 attackspam
$f2bV_matches
2020-09-14 06:04:31
103.148.15.38 attackspambots
php WP PHPmyadamin ABUSE blocked for 12h
2020-09-14 05:51:42
134.119.189.180 attackbotsspam
[HOST2] Port Scan detected
2020-09-14 06:18:49
140.143.19.144 attackspambots
Lines containing failures of 140.143.19.144 (max 1000)
Sep 12 13:20:08 localhost sshd[15495]: User r.r from 140.143.19.144 not allowed because listed in DenyUsers
Sep 12 13:20:08 localhost sshd[15495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.19.144  user=r.r
Sep 12 13:20:10 localhost sshd[15495]: Failed password for invalid user r.r from 140.143.19.144 port 56772 ssh2
Sep 12 13:20:12 localhost sshd[15495]: Received disconnect from 140.143.19.144 port 56772:11: Bye Bye [preauth]
Sep 12 13:20:12 localhost sshd[15495]: Disconnected from invalid user r.r 140.143.19.144 port 56772 [preauth]
Sep 12 13:34:27 localhost sshd[20314]: Invalid user ghostname from 140.143.19.144 port 49952
Sep 12 13:34:27 localhost sshd[20314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.19.144 
Sep 12 13:34:30 localhost sshd[20314]: Failed password for invalid user ghostname from 140.143.19.14........
------------------------------
2020-09-14 06:02:39
80.82.78.20 attack
A portscan was detected. Details about the event:

Time.............: 2020-09-11 16:14:35

Source IP address: 80.82.78.20 (test4.com)
2020-09-14 05:51:55
27.6.123.226 attack
[N10.H2.VM2] Port Scanner Detected Blocked by UFW
2020-09-14 06:17:31
118.98.96.184 attackspam
(sshd) Failed SSH login from 118.98.96.184 (ID/Indonesia/-): 5 in the last 3600 secs
2020-09-14 06:11:15
51.210.96.169 attackbotsspam
Sep 14 00:00:16 eventyay sshd[27747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.96.169
Sep 14 00:00:17 eventyay sshd[27747]: Failed password for invalid user test from 51.210.96.169 port 59345 ssh2
Sep 14 00:04:40 eventyay sshd[27965]: Failed password for root from 51.210.96.169 port 35414 ssh2
...
2020-09-14 06:18:23
61.244.222.25 attackbots
Icarus honeypot on github
2020-09-14 06:20:29
177.12.227.131 attackspam
Sep 13 03:01:30 main sshd[25012]: Failed password for invalid user lfp from 177.12.227.131 port 26311 ssh2
Sep 13 03:29:58 main sshd[25365]: Failed password for invalid user status from 177.12.227.131 port 18528 ssh2
Sep 13 04:04:22 main sshd[25808]: Failed password for invalid user naj from 177.12.227.131 port 27397 ssh2
Sep 13 05:21:01 main sshd[26852]: Failed password for invalid user rizon from 177.12.227.131 port 20128 ssh2
2020-09-14 06:02:13
98.248.156.94 attackspambots
Sep 13 15:00:06 Host-KLAX-C sshd[215949]: Disconnected from invalid user root 98.248.156.94 port 50122 [preauth]
...
2020-09-14 05:56:14
81.24.82.250 attackbotsspam
Automatic report - Port Scan Attack
2020-09-14 06:10:29
67.205.141.165 attackspambots
 TCP (SYN) 67.205.141.165:57099 -> port 19573, len 44
2020-09-14 06:22:30
94.8.25.168 attackspam
Chat Spam
2020-09-14 06:12:08
61.177.172.128 attack
Sep 13 23:14:51 rocket sshd[14221]: Failed password for root from 61.177.172.128 port 27924 ssh2
Sep 13 23:14:54 rocket sshd[14221]: Failed password for root from 61.177.172.128 port 27924 ssh2
Sep 13 23:14:57 rocket sshd[14221]: Failed password for root from 61.177.172.128 port 27924 ssh2
...
2020-09-14 06:28:17

最近上报的IP列表

237.211.208.199 27.64.143.10 54.202.219.60 208.38.101.199
49.69.35.206 211.228.97.216 228.182.170.190 19.179.93.35
74.137.12.50 75.58.240.101 66.189.103.1 247.254.185.194
2.44.157.133 51.167.211.52 91.226.122.172 35.169.77.193
180.246.118.217 242.224.98.252 118.89.192.39 117.6.94.244