139.99.125.58 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): OVH Singapore Pte. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=10001 . dstport=32936 . (1089)	2020-09-17 19:04:12

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.125.230	attack	TCP (SYN) 139.99.125.230:51409 -> port 22, len 48	2020-09-01 21:06:56
139.99.125.231	attackspambots	TCP (SYN) 139.99.125.231:50637 -> port 22, len 48	2020-09-01 19:04:17
139.99.125.230	attack	SmallBizIT.US 1 packets to tcp(22)	2020-09-01 18:25:28
139.99.125.230	attackspambots	2020-08-31T19:25:50.598331abusebot-2.cloudsearch.cf sshd[11620]: Invalid user ubnt from 139.99.125.230 port 59752 2020-08-31T19:25:50.645193abusebot-2.cloudsearch.cf sshd[11622]: Invalid user admin from 139.99.125.230 port 35698 2020-08-31T19:25:50.647160abusebot-2.cloudsearch.cf sshd[11626]: Invalid user 1234 from 139.99.125.230 port 43918 2020-08-31T19:25:51.722996abusebot-2.cloudsearch.cf sshd[11628]: Invalid user usuario from 139.99.125.230 port 49656 ...	2020-09-01 03:42:24
139.99.125.84	attackspambots	Port probing on unauthorized port 22	2020-08-29 02:11:39
139.99.125.86	attack	Attempted connection to port 64129.	2020-08-24 21:24:56
139.99.125.191	attackspam	139.99.125.191 was recorded 6 times by 4 hosts attempting to connect to the following ports: 26014,50570,39019,51856. Incident counter (4h, 24h, all-time): 6, 31, 1174	2020-04-28 21:33:58
139.99.125.191	attackbotsspam	139.99.125.191 was recorded 11 times by 7 hosts attempting to connect to the following ports: 26014,51856,39019,20269,50570,60429. Incident counter (4h, 24h, all-time): 11, 19, 1146	2020-04-27 23:12:32
139.99.125.191	attack	139.99.125.191 was recorded 28 times by 9 hosts attempting to connect to the following ports: 50570,51856,39019,54434,56610,52084,20269,60429,51142. Incident counter (4h, 24h, all-time): 28, 86, 1123	2020-04-25 21:06:30
139.99.125.191	attack	Port 27034 scan denied	2020-03-28 19:23:50
139.99.125.191	attackbots	139.99.125.191 was recorded 13 times by 8 hosts attempting to connect to the following ports: 39019,54434,20269,51856,56610,52084,60429,51142. Incident counter (4h, 24h, all-time): 13, 112, 855	2020-03-28 06:26:16
139.99.125.191	attackbotsspam	139.99.125.191 was recorded 8 times by 5 hosts attempting to connect to the following ports: 60429,54434,50570,52084,51142. Incident counter (4h, 24h, all-time): 8, 116, 846	2020-03-28 04:19:40
139.99.125.191	attackspam	probes 16 times on the port 34928 59003 62781	2020-03-27 18:25:06
139.99.125.191	attackspambots	139.99.125.191 was recorded 20 times by 9 hosts attempting to connect to the following ports: 51856,39019,50570,52084,54434,56610,51142,60429,26014. Incident counter (4h, 24h, all-time): 20, 82, 683	2020-03-26 16:58:49
139.99.125.191	attack	139.99.125.191 was recorded 20 times by 6 hosts attempting to connect to the following ports: 54434,56610,51142,51856,50570,60429. Incident counter (4h, 24h, all-time): 20, 96, 592	2020-03-25 14:04:47

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.125.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50123
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.125.58.			IN	A

;; AUTHORITY SECTION:
.			455	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091602 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 17 10:19:17 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

58.125.99.139.in-addr.arpa domain name pointer ns568938.ip-139-99-125.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.125.99.139.in-addr.arpa	name = ns568938.ip-139-99-125.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
128.72.0.212	attackspam	RDPBruteGSL24	2020-09-18 19:41:09
163.172.157.193	attackspam	Sep 18 10:32:22 Ubuntu-1404-trusty-64-minimal sshd\[23543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root Sep 18 10:32:24 Ubuntu-1404-trusty-64-minimal sshd\[23543\]: Failed password for root from 163.172.157.193 port 58698 ssh2 Sep 18 10:35:43 Ubuntu-1404-trusty-64-minimal sshd\[25078\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root Sep 18 10:35:45 Ubuntu-1404-trusty-64-minimal sshd\[25078\]: Failed password for root from 163.172.157.193 port 34706 ssh2 Sep 18 10:38:22 Ubuntu-1404-trusty-64-minimal sshd\[26391\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.157.193 user=root	2020-09-18 19:14:46
118.24.104.55	attackspambots	2020-09-18T09:22:54.416834dmca.cloudsearch.cf sshd[9442]: Invalid user NetLinx from 118.24.104.55 port 53498 2020-09-18T09:22:54.422498dmca.cloudsearch.cf sshd[9442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.104.55 2020-09-18T09:22:54.416834dmca.cloudsearch.cf sshd[9442]: Invalid user NetLinx from 118.24.104.55 port 53498 2020-09-18T09:22:56.146870dmca.cloudsearch.cf sshd[9442]: Failed password for invalid user NetLinx from 118.24.104.55 port 53498 ssh2 2020-09-18T09:28:52.206332dmca.cloudsearch.cf sshd[9642]: Invalid user ranger from 118.24.104.55 port 59882 2020-09-18T09:28:52.209570dmca.cloudsearch.cf sshd[9642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.104.55 2020-09-18T09:28:52.206332dmca.cloudsearch.cf sshd[9642]: Invalid user ranger from 118.24.104.55 port 59882 2020-09-18T09:28:53.748163dmca.cloudsearch.cf sshd[9642]: Failed password for invalid user ranger from 118.24.10 ...	2020-09-18 19:13:51
1.9.128.2	attackspam	$f2bV_matches	2020-09-18 19:15:47
82.81.28.57	attackbotsspam	Automatic report - Port Scan Attack	2020-09-18 19:19:16
185.202.1.98	attackspam	IP 185.202.1.98 attacked honeypot on port: 1434 at 9/17/2020 9:55:08 AM	2020-09-18 19:15:17
139.215.208.125	attack	2020-09-18 12:45:44,153 fail2ban.actions: WARNING [ssh] Ban 139.215.208.125	2020-09-18 19:30:53
222.186.31.166	attackspam	Sep 18 13:27:38 theomazars sshd[11256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Sep 18 13:27:40 theomazars sshd[11256]: Failed password for root from 222.186.31.166 port 16074 ssh2	2020-09-18 19:33:25
106.38.33.70	attackbots	Sep 18 09:44:43 localhost sshd[217482]: Invalid user manager from 106.38.33.70 port 60320 ...	2020-09-18 19:39:12
103.59.113.193	attackspam	103.59.113.193 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 18 06:51:58 server5 sshd[2508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.33.13.124 user=root Sep 18 06:47:56 server5 sshd[582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.133.92.3 user=root Sep 18 06:47:58 server5 sshd[582]: Failed password for root from 125.133.92.3 port 40848 ssh2 Sep 18 06:51:30 server5 sshd[2174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.59.113.193 user=root Sep 18 06:51:32 server5 sshd[2174]: Failed password for root from 103.59.113.193 port 56808 ssh2 Sep 18 06:50:18 server5 sshd[1549]: Failed password for root from 149.202.55.18 port 53568 ssh2 IP Addresses Blocked: 112.33.13.124 (CN/China/-) 125.133.92.3 (KR/South Korea/-)	2020-09-18 19:33:38
167.249.211.210	attack	DATE:2020-09-17 18:53:16, IP:167.249.211.210, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-18 19:40:40
89.19.180.87	attack	Unauthorized connection attempt from IP address 89.19.180.87 on Port 445(SMB)	2020-09-18 19:45:53
80.113.12.34	attackbots	Sep 17 13:02:04 bilbo sshd[22693]: Invalid user admin from 80.113.12.34 Sep 17 13:02:15 bilbo sshd[22738]: User root from ip-80-113-12-34.ip.prioritytelecom.net not allowed because not listed in AllowUsers Sep 17 13:02:24 bilbo sshd[22740]: Invalid user admin from 80.113.12.34 Sep 17 13:02:34 bilbo sshd[22742]: Invalid user admin from 80.113.12.34 ...	2020-09-18 19:46:19
168.0.148.174	attackbotsspam	Unauthorized connection attempt from IP address 168.0.148.174 on Port 445(SMB)	2020-09-18 19:49:38
1.9.78.242	attackbotsspam	$f2bV_matches	2020-09-18 19:16:04

最近上报的IP列表

93.76.177.110	74.120.14.72	2.59.236.224	219.78.103.182
194.247.42.220	36.127.89.45	103.215.54.51	198.38.1.64
60.6.210.165	190.131.180.197	87.10.179.29	154.126.33.175
205.56.197.255	1.106.219.110	253.30.190.77	55.72.213.151
76.38.226.132	127.158.202.7	45.70.206.229	239.186.246.163