139.155.125.218

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Attempts to probe for or exploit a Drupal 7.67 site on url: /shell.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2019-08-09 06:59:15

相同子网IP讨论:

IP	类型	评论内容	时间
139.155.125.16	attack	2019/11/02 21:19:36 \[error\] 789\#789: \*164489 limiting requests, excess: 0.048 by zone "one", client: 139.155.125.16, server: default_server, request: "GET /TP/index.php HTTP/1.1", host: "80.30.195.137" ...	2019-11-03 05:16:33

类型

评论内容

时间

139.155.125.16

attack

2019/11/02 21:19:36 \[error\] 789\#789: \*164489 limiting requests, excess: 0.048 by zone "one", client: 139.155.125.16, server: default_server, request: "GET /TP/index.php HTTP/1.1", host: "80.30.195.137"
...

2019-11-03 05:16:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.125.218
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26372
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.125.218.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 09 06:59:07 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 218.125.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 218.125.155.139.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.105.154.2	attack	103.105.154.2 - [04/Sep/2020:19:49:49 +0300] "POST /xmlrpc.php HTTP/1.1" 404 6308 "-" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1500.55 Safari/537.36" "3.83" 103.105.154.2 - [04/Sep/2020:19:49:52 +0300] "POST /wordpress/xmlrpc.php HTTP/1.1" 404 191 "-" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1500.55 Safari/537.36" "3.13" ...	2020-09-05 23:52:15
45.233.76.225	attack	Sep 4 18:49:24 mellenthin postfix/smtpd[32575]: NOQUEUE: reject: RCPT from unknown[45.233.76.225]: 554 5.7.1 Service unavailable; Client host [45.233.76.225] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/45.233.76.225; from= to= proto=ESMTP helo=<[45.233.76.225]>	2020-09-06 00:12:02
106.12.18.168	attack	Sep 5 17:47:05 marvibiene sshd[10776]: Failed password for mysql from 106.12.18.168 port 41662 ssh2 Sep 5 17:51:07 marvibiene sshd[12543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.168 Sep 5 17:51:09 marvibiene sshd[12543]: Failed password for invalid user wa from 106.12.18.168 port 60154 ssh2	2020-09-06 00:21:07
34.89.89.84	attackspam	$f2bV_matches	2020-09-06 00:29:37
181.49.176.36	attackspambots	445/tcp 445/tcp 445/tcp... [2020-07-09/09-04]21pkt,1pt.(tcp)	2020-09-05 23:51:45
93.118.119.114	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-06 00:04:03
179.125.179.197	attack	Automatic report - Port Scan Attack	2020-09-06 00:08:17
171.227.211.78	attackbots	2020-09-04T19:05:14.499376shiva sshd[24469]: Invalid user support from 171.227.211.78 port 54342 2020-09-04T19:05:31.345585shiva sshd[24473]: Invalid user user from 171.227.211.78 port 41560 2020-09-04T19:05:31.697535shiva sshd[24475]: Invalid user operator from 171.227.211.78 port 53560 2020-09-04T19:05:49.780171shiva sshd[24483]: Invalid user user from 171.227.211.78 port 34642 ...	2020-09-05 23:47:54
51.11.136.167	attackspam	h	2020-09-05 23:42:10
181.215.204.157	attackspambots	Automatic report - Banned IP Access	2020-09-06 00:19:25
218.82.244.255	attackbotsspam	Port Scan: TCP/23	2020-09-05 23:46:05
213.32.23.54	attackspam	Sep 5 15:43:09 plex-server sshd[1514642]: Failed password for root from 213.32.23.54 port 40052 ssh2 Sep 5 15:46:48 plex-server sshd[1516346]: Invalid user courier from 213.32.23.54 port 45072 Sep 5 15:46:48 plex-server sshd[1516346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.23.54 Sep 5 15:46:48 plex-server sshd[1516346]: Invalid user courier from 213.32.23.54 port 45072 Sep 5 15:46:50 plex-server sshd[1516346]: Failed password for invalid user courier from 213.32.23.54 port 45072 ssh2 ...	2020-09-05 23:50:19
176.65.241.165	attackspam	Honeypot attack, port: 445, PTR: mail.omanfuel.com.	2020-09-06 00:09:49
95.163.196.191	attackspambots	Sep 5 18:13:06 itv-usvr-02 sshd[2109]: Invalid user ubuntu from 95.163.196.191 port 33440 Sep 5 18:13:06 itv-usvr-02 sshd[2109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.163.196.191 Sep 5 18:13:06 itv-usvr-02 sshd[2109]: Invalid user ubuntu from 95.163.196.191 port 33440 Sep 5 18:13:09 itv-usvr-02 sshd[2109]: Failed password for invalid user ubuntu from 95.163.196.191 port 33440 ssh2 Sep 5 18:20:03 itv-usvr-02 sshd[2318]: Invalid user Test from 95.163.196.191 port 40766	2020-09-05 23:46:38
14.232.127.215	attackspambots	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-09-06 00:11:29

最近上报的IP列表

201.27.218.15	70.87.49.76	202.68.91.196	7.58.88.60
253.149.178.133	154.8.232.205	54.150.241.58	118.9.130.135
184.197.54.121	18.219.69.79	13.107.53.46	36.81.28.95
144.76.58.219	222.62.221.27	190.145.233.82	33.68.109.124
246.197.190.239	46.136.138.76	12.152.108.252	117.192.119.88