125.214.58.195

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Viettel Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
125.214.58.241	attackspambots	Unauthorized connection attempt from IP address 125.214.58.241 on Port 445(SMB)	2020-07-24 18:54:30
125.214.58.8	attackbotsspam	Brute force attempt	2020-07-13 19:36:51
125.214.58.55	attackspam	Automatic report - Port Scan Attack	2020-05-31 05:49:12
125.214.58.19	attackspambots	Unauthorized connection attempt from IP address 125.214.58.19 on Port 445(SMB)	2020-03-11 01:58:45
125.214.58.154	attackspam	Unauthorized connection attempt from IP address 125.214.58.154 on Port 445(SMB)	2020-03-09 02:45:29
125.214.58.131	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 06:57:16
125.214.58.214	attack	familiengesundheitszentrum-fulda.de 125.214.58.214 [19/Dec/2019:15:53:15 +0100] "POST /wp-login.php HTTP/1.1" 200 6330 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" familiengesundheitszentrum-fulda.de 125.214.58.214 [19/Dec/2019:15:53:20 +0100] "POST /wp-login.php HTTP/1.1" 200 6288 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-12-19 23:42:38
125.214.58.84	attackspambots	Unauthorized connection attempt from IP address 125.214.58.84 on Port 445(SMB)	2019-09-30 03:28:05
125.214.58.244	attack	445/tcp [2019-08-18]1pkt	2019-08-18 12:18:14
125.214.58.64	attackbots	[portscan] Port scan	2019-07-10 07:44:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.214.58.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29654
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.214.58.195.			IN	A

;; AUTHORITY SECTION:
.			2175	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062500 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 25 19:58:29 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 195.58.214.125.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 195.58.214.125.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
221.0.125.48	attack	DATE:2020-09-22 19:00:43, IP:221.0.125.48, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-24 02:50:23
171.235.82.169	attackbots	Sep 22 20:43:16 serwer sshd\[10405\]: Invalid user support from 171.235.82.169 port 39216 Sep 22 20:43:16 serwer sshd\[10405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.235.82.169 Sep 22 20:43:19 serwer sshd\[10405\]: Failed password for invalid user support from 171.235.82.169 port 39216 ssh2 Sep 22 20:43:37 serwer sshd\[10447\]: Invalid user ubnt from 171.235.82.169 port 51668 Sep 22 20:43:38 serwer sshd\[10447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.235.82.169 Sep 22 20:43:40 serwer sshd\[10447\]: Failed password for invalid user ubnt from 171.235.82.169 port 51668 ssh2 Sep 22 20:43:47 serwer sshd\[10459\]: Invalid user user from 171.235.82.169 port 44846 Sep 22 20:43:48 serwer sshd\[10459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.235.82.169 Sep 22 20:43:50 serwer sshd\[10459\]: Failed password for invalid user user f ...	2020-09-24 02:50:07
78.118.90.119	attackbotsspam	Invalid user dimas from 78.118.90.119 port 36096	2020-09-24 02:34:43
50.230.96.15	attack	Invalid user user from 50.230.96.15 port 37368	2020-09-24 02:44:21
190.142.106.9	attack	Sep 23 15:36:16 ssh2 sshd[13941]: Invalid user user from 190.142.106.9 port 42950 Sep 23 15:36:16 ssh2 sshd[13941]: Failed password for invalid user user from 190.142.106.9 port 42950 ssh2 Sep 23 15:36:20 ssh2 sshd[13941]: Connection closed by invalid user user 190.142.106.9 port 42950 [preauth] ...	2020-09-24 02:59:27
125.212.238.36	attackspambots	125.212.238.36 - - [23/Sep/2020:15:57:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2516 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 125.212.238.36 - - [23/Sep/2020:15:57:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 125.212.238.36 - - [23/Sep/2020:15:57:45 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-24 02:41:54
180.76.245.228	attack	Sep 23 20:09:31 inter-technics sshd[29528]: Invalid user admin from 180.76.245.228 port 39278 Sep 23 20:09:31 inter-technics sshd[29528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.245.228 Sep 23 20:09:31 inter-technics sshd[29528]: Invalid user admin from 180.76.245.228 port 39278 Sep 23 20:09:33 inter-technics sshd[29528]: Failed password for invalid user admin from 180.76.245.228 port 39278 ssh2 Sep 23 20:12:16 inter-technics sshd[29696]: Invalid user logviewer from 180.76.245.228 port 37166 ...	2020-09-24 02:35:00
49.88.112.118	attackspam	2020-09-23T18:18:12.155970server.espacesoutien.com sshd[10945]: Failed password for root from 49.88.112.118 port 49860 ssh2 2020-09-23T18:18:14.451670server.espacesoutien.com sshd[10945]: Failed password for root from 49.88.112.118 port 49860 ssh2 2020-09-23T18:19:18.482337server.espacesoutien.com sshd[11090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.118 user=root 2020-09-23T18:19:21.252898server.espacesoutien.com sshd[11090]: Failed password for root from 49.88.112.118 port 32809 ssh2 ...	2020-09-24 02:24:30
3.90.106.190	attackspambots	[portscan] Port scan	2020-09-24 02:23:07
18.130.229.194	attackspambots	18.130.229.194 - - [23/Sep/2020:07:50:37 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.130.229.194 - - [23/Sep/2020:07:50:37 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.130.229.194 - - [23/Sep/2020:07:50:37 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.130.229.194 - - [23/Sep/2020:07:50:37 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.130.229.194 - - [23/Sep/2020:07:50:37 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.130.229.194 - - [23/Sep/2020:07:50:38 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-09-24 02:46:48
201.249.50.74	attack	201.249.50.74 (VE/Venezuela/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 22 12:58:52 server2 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.249.50.74 user=root Sep 22 12:58:54 server2 sshd[14937]: Failed password for root from 201.249.50.74 port 36721 ssh2 Sep 22 12:55:56 server2 sshd[11144]: Failed password for root from 144.22.108.33 port 36832 ssh2 Sep 22 13:00:43 server2 sshd[17150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.16.140 user=root Sep 22 12:55:24 server2 sshd[10897]: Failed password for root from 191.239.249.47 port 47130 ssh2 IP Addresses Blocked:	2020-09-24 02:45:10
140.210.90.197	attackbotsspam	Sep 23 19:31:31 inter-technics sshd[26812]: Invalid user bitrix from 140.210.90.197 port 41196 Sep 23 19:31:31 inter-technics sshd[26812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.210.90.197 Sep 23 19:31:31 inter-technics sshd[26812]: Invalid user bitrix from 140.210.90.197 port 41196 Sep 23 19:31:34 inter-technics sshd[26812]: Failed password for invalid user bitrix from 140.210.90.197 port 41196 ssh2 Sep 23 19:34:06 inter-technics sshd[26908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.210.90.197 user=root Sep 23 19:34:08 inter-technics sshd[26908]: Failed password for root from 140.210.90.197 port 46426 ssh2 ...	2020-09-24 02:38:37
106.104.34.120	attack	Sep 21 21:09:28 roki-contabo sshd\[24047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.104.34.120 user=root Sep 21 21:09:30 roki-contabo sshd\[24047\]: Failed password for root from 106.104.34.120 port 44148 ssh2 Sep 22 19:00:43 roki-contabo sshd\[20458\]: Invalid user admin from 106.104.34.120 Sep 22 19:00:43 roki-contabo sshd\[20458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.104.34.120 Sep 22 19:00:45 roki-contabo sshd\[20458\]: Failed password for invalid user admin from 106.104.34.120 port 44057 ssh2 ...	2020-09-24 02:46:04
94.23.216.212	attack	94.23.216.212 - - [19/Sep/2020:15:40:40 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 401 3586 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 3.324 94.23.216.212 - - [19/Sep/2020:15:40:59 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 4.128 94.23.216.212 - - [21/Sep/2020:20:02:51 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 0.828 94.23.216.212 - - [21/Sep/2020:20:03:15 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 9.161 94.23.216.212 - - [23/Sep/2020:17:04:20 +0200] "www.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4947 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 0.911 ...	2020-09-24 02:37:37
59.20.154.52	attackbotsspam	24028/udp 5555/tcp [2020-09-04/22]2pkt	2020-09-24 02:54:38

最近上报的IP列表

79.248.186.21	216.83.54.252	45.65.125.74	125.213.135.42
138.94.210.50	79.120.183.51	178.22.220.28	200.66.116.186
114.238.122.145	222.136.204.129	51.184.254.28	191.53.220.243
91.207.174.75	215.210.67.126	27.186.176.62	1.1.202.228
117.59.178.116	54.36.149.89	182.71.130.10	7.5.147.74