125.209.125.146

基本信息:

城市(city): Karachi

省份(region): Sindh

国家(country): Pakistan

运营商(isp): Multinet Pakistan Pvt. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	1598445270 - 08/26/2020 14:34:30 Host: 125.209.125.146/125.209.125.146 Port: 445 TCP Blocked	2020-08-27 03:09:15
attackbotsspam	Unauthorized connection attempt detected from IP address 125.209.125.146 to port 445	2020-02-20 04:39:52

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.209.125.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52164
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.209.125.146.		IN	A

;; AUTHORITY SECTION:
.			425	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021901 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 04:39:49 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

146.125.209.125.in-addr.arpa domain name pointer 125-209-125-146.multi.net.pk.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
146.125.209.125.in-addr.arpa	name = 125-209-125-146.multi.net.pk.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
222.186.173.238	attackbots	Jan 25 06:11:43 srv206 sshd[23182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Jan 25 06:11:44 srv206 sshd[23182]: Failed password for root from 222.186.173.238 port 4092 ssh2 ...	2020-01-25 13:14:34
45.134.146.5	attackbotsspam	Unauthorized connection attempt detected from IP address 45.134.146.5 to port 2220 [J]	2020-01-25 13:25:44
188.120.244.48	attackbots	Jan 25 05:57:52 raspberrypi sshd\[22977\]: Invalid user ubuntu from 188.120.244.48 ...	2020-01-25 13:04:38
101.51.106.237	attackbots	DATE:2020-01-25 05:57:25, IP:101.51.106.237, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-01-25 13:09:27
146.88.240.4	attackbots	firewall-block, port(s): 17/udp, 111/udp, 137/udp, 389/udp, 1194/udp, 1434/udp, 1604/udp, 1900/udp, 3283/udp, 3702/udp, 5060/udp, 5353/udp, 7778/udp, 7779/udp, 27016/udp, 27019/udp	2020-01-25 13:23:27
222.186.175.161	attack	Jan 25 06:12:41 vmanager6029 sshd\[15012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.161 user=root Jan 25 06:12:43 vmanager6029 sshd\[15012\]: Failed password for root from 222.186.175.161 port 65122 ssh2 Jan 25 06:12:46 vmanager6029 sshd\[15012\]: Failed password for root from 222.186.175.161 port 65122 ssh2	2020-01-25 13:13:26
145.239.7.54	attackspam	Jan 25 06:27:18 ns381471 sshd[3104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.7.54 Jan 25 06:27:20 ns381471 sshd[3104]: Failed password for invalid user rdp from 145.239.7.54 port 46660 ssh2	2020-01-25 13:28:23
1.179.137.10	attackspam	Jan 25 05:56:43 sd-53420 sshd\[24115\]: User root from 1.179.137.10 not allowed because none of user's groups are listed in AllowGroups Jan 25 05:56:43 sd-53420 sshd\[24115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.137.10 user=root Jan 25 05:56:44 sd-53420 sshd\[24115\]: Failed password for invalid user root from 1.179.137.10 port 40019 ssh2 Jan 25 05:57:45 sd-53420 sshd\[24316\]: Invalid user admin from 1.179.137.10 Jan 25 05:57:45 sd-53420 sshd\[24316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.137.10 ...	2020-01-25 13:11:25
109.171.49.120	attackbots	Unauthorized connection attempt detected from IP address 109.171.49.120 to port 8080 [J]	2020-01-25 08:54:31
141.85.238.101	attackspambots	2020-01-25T05:10:01.232653shield sshd\[495\]: Invalid user tempuser from 141.85.238.101 port 36046 2020-01-25T05:10:01.236387shield sshd\[495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.238.101 2020-01-25T05:10:03.303867shield sshd\[495\]: Failed password for invalid user tempuser from 141.85.238.101 port 36046 ssh2 2020-01-25T05:14:14.360988shield sshd\[2061\]: Invalid user lalitha from 141.85.238.101 port 55246 2020-01-25T05:14:14.364474shield sshd\[2061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.85.238.101	2020-01-25 13:32:08
187.162.57.229	attackbots	Automatic report - Port Scan Attack	2020-01-25 13:15:51
190.15.50.20	attackspambots	Jan 25 05:57:24 h2177944 kernel: \[3126514.357979\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=190.15.50.20 DST=85.214.117.9 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=28103 PROTO=TCP SPT=21290 DPT=81 WINDOW=62763 RES=0x00 SYN URGP=0 Jan 25 05:57:24 h2177944 kernel: \[3126514.357996\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=190.15.50.20 DST=85.214.117.9 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=28103 PROTO=TCP SPT=21290 DPT=81 WINDOW=62763 RES=0x00 SYN URGP=0 Jan 25 05:57:45 h2177944 kernel: \[3126535.081168\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=190.15.50.20 DST=85.214.117.9 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=28103 PROTO=TCP SPT=21290 DPT=81 WINDOW=62763 RES=0x00 SYN URGP=0 Jan 25 05:57:45 h2177944 kernel: \[3126535.081183\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=190.15.50.20 DST=85.214.117.9 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=28103 PROTO=TCP SPT=21290 DPT=81 WINDOW=62763 RES=0x00 SYN URGP=0 Jan 25 05:57:45 h2177944 kernel: \[3126535.670865\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=190.15.50.20 DST=85.214.117.9 LEN=44 TOS=0	2020-01-25 13:10:53
107.13.186.21	attackbotsspam	(sshd) Failed SSH login from 107.13.186.21 (US/United States/mta-107-13-186-21.nc.rr.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 25 06:50:44 s1 sshd[32745]: Invalid user parsa from 107.13.186.21 port 33798 Jan 25 06:50:46 s1 sshd[32745]: Failed password for invalid user parsa from 107.13.186.21 port 33798 ssh2 Jan 25 06:55:12 s1 sshd[394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.13.186.21 user=root Jan 25 06:55:13 s1 sshd[394]: Failed password for root from 107.13.186.21 port 41896 ssh2 Jan 25 06:57:48 s1 sshd[471]: Invalid user gg from 107.13.186.21 port 41650	2020-01-25 13:08:02
64.225.124.16	attackspam	unauthorized connection attempt	2020-01-25 13:18:49
212.118.5.38	attackspambots	Jan 24 19:10:14 php1 sshd\[24800\]: Invalid user apache from 212.118.5.38 Jan 24 19:10:14 php1 sshd\[24800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.118.5.38 Jan 24 19:10:16 php1 sshd\[24800\]: Failed password for invalid user apache from 212.118.5.38 port 59093 ssh2 Jan 24 19:16:58 php1 sshd\[25576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.118.5.38 user=root Jan 24 19:17:01 php1 sshd\[25576\]: Failed password for root from 212.118.5.38 port 45092 ssh2	2020-01-25 13:29:23

最近上报的IP列表

37.6.31.25	213.109.112.106	183.82.63.55	113.84.226.244
166.177.218.123	14.7.140.107	124.77.208.167	91.172.238.141
139.67.85.31	101.228.125.31	41.15.34.237	148.231.164.223
64.227.61.5	179.124.227.234	88.121.239.92	180.155.49.198
184.2.206.89	82.78.188.35	153.130.148.226	14.98.166.30