125.164.50.3 - IPInfo

基本信息:

城市(city): Surabaya

省份(region): East Java

国家(country): Indonesia

运营商(isp): PT Telkom Indonesia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	1576853389 - 12/20/2019 15:49:49 Host: 125.164.50.3/125.164.50.3 Port: 445 TCP Blocked	2019-12-21 04:24:35

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.164.50.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3475
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.164.50.3.			IN	A

;; AUTHORITY SECTION:
.			553	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122001 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 04:24:32 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

3.50.164.125.in-addr.arpa domain name pointer 3.subnet125-164-50.speedy.telkom.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.50.164.125.in-addr.arpa	name = 3.subnet125-164-50.speedy.telkom.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
175.140.138.193	attackspam	Aug 7 22:24:00 vps200512 sshd\[25661\]: Invalid user design from 175.140.138.193 Aug 7 22:24:00 vps200512 sshd\[25661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.138.193 Aug 7 22:24:02 vps200512 sshd\[25661\]: Failed password for invalid user design from 175.140.138.193 port 48021 ssh2 Aug 7 22:28:43 vps200512 sshd\[25710\]: Invalid user ronjones from 175.140.138.193 Aug 7 22:28:43 vps200512 sshd\[25710\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.138.193	2019-08-08 10:45:43
45.95.32.220	attack	Aug 8 04:28:46 smtp postfix/smtpd[9837]: NOQUEUE: reject: RCPT from reinvent.protutoriais.com[45.95.32.220]: 554 5.7.1 Service unavailable; Client host [45.95.32.220] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= ...	2019-08-08 10:45:22
190.9.130.159	attackbots	Aug 7 22:39:03 vps200512 sshd\[25862\]: Invalid user ben from 190.9.130.159 Aug 7 22:39:03 vps200512 sshd\[25862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.130.159 Aug 7 22:39:05 vps200512 sshd\[25862\]: Failed password for invalid user ben from 190.9.130.159 port 59574 ssh2 Aug 7 22:44:08 vps200512 sshd\[25993\]: Invalid user itk from 190.9.130.159 Aug 7 22:44:08 vps200512 sshd\[25993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.130.159	2019-08-08 10:44:43
180.159.3.46	attack	SSH Brute-Force reported by Fail2Ban	2019-08-08 10:27:01
5.62.41.134	attack	\[2019-08-07 22:28:06\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.134:1167' - Wrong password \[2019-08-07 22:28:06\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-07T22:28:06.440-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="48088",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.134/54323",Challenge="32230956",ReceivedChallenge="32230956",ReceivedHash="37e5e938b0a11fe95d84fc439ad6c82e" \[2019-08-07 22:28:46\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.134:1063' - Wrong password \[2019-08-07 22:28:46\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-07T22:28:46.082-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="68180",SessionID="0x7ff4d0160998",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.134/5	2019-08-08 10:44:21
182.119.238.55	attackspambots	Aug 7 15:52:37 localhost kernel: [16451751.056930] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=182.119.238.55 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=48504 PROTO=TCP SPT=23405 DPT=37215 WINDOW=11285 RES=0x00 SYN URGP=0 Aug 7 15:52:37 localhost kernel: [16451751.056958] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=182.119.238.55 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=48504 PROTO=TCP SPT=23405 DPT=37215 SEQ=758669438 ACK=0 WINDOW=11285 RES=0x00 SYN URGP=0 Aug 7 22:28:30 localhost kernel: [16475503.770726] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=182.119.238.55 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=57664 PROTO=TCP SPT=23405 DPT=37215 WINDOW=11285 RES=0x00 SYN URGP=0 Aug 7 22:28:30 localhost kernel: [16475503.770752] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=182.119.238.55 DST=[mungedIP2] LEN=40 TOS	2019-08-08 10:51:53
124.239.191.101	attackspambots	SSH bruteforce (Triggered fail2ban)	2019-08-08 10:27:52
218.92.0.160	attack	Aug 8 04:28:15 cvbmail sshd\[13466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.160 user=root Aug 8 04:28:16 cvbmail sshd\[13466\]: Failed password for root from 218.92.0.160 port 51775 ssh2 Aug 8 04:28:33 cvbmail sshd\[13468\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.160 user=root	2019-08-08 10:48:45
191.53.195.24	attackspambots	Brute force SMTP login attempts.	2019-08-08 11:04:15
94.176.76.56	attackspambots	(Aug 8) LEN=40 TTL=244 ID=11444 DF TCP DPT=23 WINDOW=14600 SYN (Aug 8) LEN=40 TTL=244 ID=50616 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=42972 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=39646 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=30548 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=37043 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=64191 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=15132 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=33521 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=38838 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=8562 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=46985 DF TCP DPT=23 WINDOW=14600 SYN (Aug 7) LEN=40 TTL=244 ID=61050 DF TCP DPT=23 WINDOW=14600 SYN (Aug 6) LEN=40 TTL=244 ID=60251 DF TCP DPT=23 WINDOW=14600 SYN (Aug 6) LEN=40 TTL=244 ID=11614 DF TCP DPT=23 WINDOW=14600 S...	2019-08-08 10:15:17
157.230.235.233	attackbotsspam	Invalid user flavio from 157.230.235.233 port 53298 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.235.233 Failed password for invalid user flavio from 157.230.235.233 port 53298 ssh2 Invalid user ftpuser from 157.230.235.233 port 50466 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.235.233	2019-08-08 10:18:41
40.115.241.229	attackspam	Aug 7 19:27:08 herz-der-gamer sshd[27790]: Invalid user techadmin from 40.115.241.229 port 50978 Aug 7 19:27:08 herz-der-gamer sshd[27790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.115.241.229 Aug 7 19:27:08 herz-der-gamer sshd[27790]: Invalid user techadmin from 40.115.241.229 port 50978 Aug 7 19:27:10 herz-der-gamer sshd[27790]: Failed password for invalid user techadmin from 40.115.241.229 port 50978 ssh2 ...	2019-08-08 10:22:54
146.185.181.64	attack	k+ssh-bruteforce	2019-08-08 10:13:54
103.9.246.34	attack	Aug 8 03:42:12 dedicated sshd[23480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.9.246.34 user=root Aug 8 03:42:14 dedicated sshd[23480]: Failed password for root from 103.9.246.34 port 39110 ssh2	2019-08-08 10:11:44
52.189.232.109	attackspam	Aug 7 21:46:07 aat-srv002 sshd[26042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.189.232.109 Aug 7 21:46:09 aat-srv002 sshd[26042]: Failed password for invalid user testftp from 52.189.232.109 port 54324 ssh2 Aug 7 21:52:10 aat-srv002 sshd[26188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.189.232.109 Aug 7 21:52:13 aat-srv002 sshd[26188]: Failed password for invalid user pk from 52.189.232.109 port 50718 ssh2 ...	2019-08-08 10:58:54

最近上报的IP列表

90.193.20.245	95.59.251.101	99.24.30.118	151.141.233.35
193.108.163.209	2.10.198.118	97.193.173.89	95.164.82.19
97.243.130.111	66.46.20.10	87.189.23.4	119.24.191.8
105.158.171.0	142.149.69.210	126.67.210.230	23.88.214.72
175.7.185.15	190.178.64.164	67.128.35.105	115.248.233.45