125.64.94.0 - IPInfo

基本信息:

城市(city): Guangyuan

省份(region): Sichuan

国家(country): China

运营商(isp): SC CD Deyang Telecom

主机名(hostname): unknown

机构(organization): CHINANET SiChuan Telecom Internet Data Center

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-11 04:24:48
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-04 23:27:30
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-07 01:32:21
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-11 06:03:36

相同子网IP讨论:

IP	类型	评论内容	时间
125.64.94.136	attackbots	TCP (SYN) 125.64.94.136:40563 -> port 12000, len 44	2020-10-13 23:59:13
125.64.94.136	attackbots	=Multiport scan 187 ports : 1 13 22 31 32(x2) 38 70 82 111 113 123 280 322 497 510 517(x2) 518 523 548(x2) 556 587(x2) 620 623 636 731 783(x2) 898 990 994 995(x2) 1042(x2) 1080 1200 1241 1344 1400 1443 1503 1505 1521 1604 1830 1883 1900 1901 1967 2000 2010 2030 2052 2080(x3) 2086 2095 2181 2252 2332 2375(x2) 2404 2406(x2) 2443 2600 2601(x2) 2604 2715 2869 3075(x2) 3097 3260 3299 3310 3311 3333 3352 3372 3388 3390 3443 3520 3522 3525 3526 3529 3689 3774 3940 4022 4155 4430 4440 4444 4700 5007 5051 5061 5094 5269 5280 5353 5570 5672 5683 5900 5901 5902 5938 5984 6001(x2) 6112 6346 6443 6544 6666(x3) 6667 6669 6679 6697 6699 6881(x2) 6969 6998 7000 7001 7007 7077 7144 7199 7200(x2) 7778 8000 8001 8002 8004 8006 8007 8009(x2) 8030 8060 8069 8086 8123 8182 8332 8333 8500 8554 8880 8881(x2) 8884 8889 8899(x2) 9002 9030 9080 9300 9446(x3) 9595 9801 9944 9993 10000 10250 10255 10443 11371 12999 13666 13722 14534 15002 16514 16923 16993 19150 19999 20332 22335 25565 26470 27017(x2) 27018 31337 3....	2020-10-13 07:51:07
125.64.94.133	attack	scans once in preceeding hours on the ports (in chronological order) 32760 resulting in total of 3 scans from 125.64.0.0/13 block.	2020-10-11 01:32:26
125.64.94.136	attackbotsspam	TCP (SYN) 125.64.94.136:41809 -> port 50200, len 44	2020-10-07 06:39:26
125.64.94.136	attackspambots	Automatic report - Banned IP Access	2020-10-06 22:57:41
125.64.94.136	attackspam	firewall-block, port(s): 5427/tcp, 50111/tcp	2020-10-06 14:42:44
125.64.94.136	attack	TCP (SYN) 125.64.94.136:44297 -> port 50050, len 44	2020-09-22 20:55:43
125.64.94.136	attack	firewall-block, port(s): 1040/tcp, 4506/tcp, 5357/tcp, 40001/tcp	2020-09-22 05:04:54
125.64.94.136	attack	TCP (SYN) 125.64.94.136:52792 -> port 901, len 44	2020-09-20 00:40:07
125.64.94.136	attackspam	proto=tcp . spt=40362 . dpt=995 . src=125.64.94.136 . dst=xx.xx.4.1 . Found on Binary Defense (40)	2020-09-19 16:28:15
125.64.94.136	attackspambots	scans 3 times in preceeding hours on the ports (in chronological order) 8800 4949 15001 resulting in total of 5 scans from 125.64.0.0/13 block.	2020-09-18 22:39:06
125.64.94.136	attackspam	Found on Binary Defense / proto=6 . srcport=38676 . dstport=16993 . (77)	2020-09-18 14:53:34
125.64.94.136	attackbots	Hacking	2020-09-18 05:10:01
125.64.94.136	attack	firewall-block, port(s): 48649/tcp	2020-09-13 22:51:12
125.64.94.136	attackspambots	32/tcp 9864/tcp 32757/udp... [2020-09-09/13]118pkt,92pt.(tcp),20pt.(udp)	2020-09-13 14:47:58

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.64.94.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21293
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.64.94.0.			IN	A

;; AUTHORITY SECTION:
.			2403	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041000 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 16:24:00 +08 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 0.94.64.125.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 0.94.64.125.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.51.3.121	attackspambots	Unauthorized connection attempt from IP address 106.51.3.121 on Port 445(SMB)	2019-12-27 06:09:22
157.245.115.45	attackspam	Dec 26 20:28:09 zeus sshd[11299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.115.45 Dec 26 20:28:10 zeus sshd[11299]: Failed password for invalid user eu from 157.245.115.45 port 40398 ssh2 Dec 26 20:31:07 zeus sshd[11379]: Failed password for mysql from 157.245.115.45 port 40886 ssh2	2019-12-27 06:16:11
37.187.60.182	attackbotsspam	Dec 26 04:19:27 * sshd[29543]: Failed password for invalid user ssh from 37.187.60.182 port 33304 ssh2 Dec 26 04:24:14 * sshd[29600]: Failed password for invalid user allie from 37.187.60.182 port 36580 ssh2 Dec 26 04:28:53 * sshd[29658]: Failed password for invalid user super from 37.187.60.182 port 39836 ssh2 Dec 26 04:38:08 * sshd[29781]: Failed password for invalid user gueras from 37.187.60.182 port 46320 ssh2 Dec 26 04:52:07 * sshd[29990]: Failed password for invalid user minecraft from 37.187.60.182 port 56070 ssh2 Dec 26 04:56:54 * sshd[30048]: Failed password for invalid user raffa from 37.187.60.182 port 59324 ssh2 Dec 26 05:01:45 * sshd[30110]: Failed password for invalid user elverta from 37.187.60.182 port 34522 ssh2 Dec 26 05:06:38 * sshd[30179]: Failed password for invalid user mysql from 37.187.60.182 port 37782 ssh2 Dec 26 05:11:07 * sshd[30286]: Failed password for invalid user fd from 37.187.60.182 port 41038 ssh2 Dec 26 05:15:44 * sshd[30353]: Failed password for invali	2019-12-27 06:28:31
106.201.21.135	attackspambots	" "	2019-12-27 06:11:16
94.25.175.198	attackspam	Unauthorized connection attempt from IP address 94.25.175.198 on Port 445(SMB)	2019-12-27 06:09:47
157.245.243.4	attackspambots	Dec 26 21:23:25 MK-Soft-VM8 sshd[9801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.243.4 Dec 26 21:23:27 MK-Soft-VM8 sshd[9801]: Failed password for invalid user admin from 157.245.243.4 port 55458 ssh2 ...	2019-12-27 06:15:58
185.86.164.108	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-12-27 06:26:58
46.105.124.219	attackbotsspam	2019-12-26T21:01:53.858649shield sshd\[1970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns385102.ip-46-105-124.eu user=root 2019-12-26T21:01:56.289412shield sshd\[1970\]: Failed password for root from 46.105.124.219 port 53296 ssh2 2019-12-26T21:04:10.033198shield sshd\[2481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns385102.ip-46-105-124.eu user=root 2019-12-26T21:04:11.942634shield sshd\[2481\]: Failed password for root from 46.105.124.219 port 48172 ssh2 2019-12-26T21:06:21.213344shield sshd\[3664\]: Invalid user test from 46.105.124.219 port 42752	2019-12-27 06:20:31
111.231.54.248	attack	Dec 26 11:02:53 web9 sshd\[766\]: Invalid user seroka from 111.231.54.248 Dec 26 11:02:53 web9 sshd\[766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Dec 26 11:02:55 web9 sshd\[766\]: Failed password for invalid user seroka from 111.231.54.248 port 60935 ssh2 Dec 26 11:06:22 web9 sshd\[1356\]: Invalid user erdal from 111.231.54.248 Dec 26 11:06:22 web9 sshd\[1356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248	2019-12-27 06:23:25
198.50.197.219	attack	SSH Brute Force	2019-12-27 06:14:41
2.92.81.75	attack	Unauthorized connection attempt from IP address 2.92.81.75 on Port 445(SMB)	2019-12-27 06:07:14
62.210.89.205	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-27 06:34:24
112.217.196.74	attack	2019-12-26T16:46:45.264868abusebot-5.cloudsearch.cf sshd[8765]: Invalid user apache from 112.217.196.74 port 54378 2019-12-26T16:46:45.271355abusebot-5.cloudsearch.cf sshd[8765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.217.196.74 2019-12-26T16:46:45.264868abusebot-5.cloudsearch.cf sshd[8765]: Invalid user apache from 112.217.196.74 port 54378 2019-12-26T16:46:47.511246abusebot-5.cloudsearch.cf sshd[8765]: Failed password for invalid user apache from 112.217.196.74 port 54378 ssh2 2019-12-26T16:48:57.054817abusebot-5.cloudsearch.cf sshd[8769]: Invalid user FIELD from 112.217.196.74 port 44878 2019-12-26T16:48:57.061828abusebot-5.cloudsearch.cf sshd[8769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.217.196.74 2019-12-26T16:48:57.054817abusebot-5.cloudsearch.cf sshd[8769]: Invalid user FIELD from 112.217.196.74 port 44878 2019-12-26T16:48:59.422280abusebot-5.cloudsearch.cf sshd[8769]: Fail ...	2019-12-27 06:39:01
103.134.170.6	attackbotsspam	Invalid user pi from 103.134.170.6 port 26713	2019-12-27 06:19:48
61.8.75.5	attack	SSH Brute Force	2019-12-27 06:25:30

最近上报的IP列表

79.134.155.29	125.253.119.226	187.185.28.143	80.28.234.134
115.231.8.131	106.12.192.44	78.187.192.74	60.190.63.91
119.29.170.170	115.231.8.0	107.170.238.62	212.47.254.106
122.165.119.22	107.170.238.33	78.46.145.208	107.170.238.32
36.68.5.156	85.254.5.10	107.170.238.236	193.32.163.110