143.208.125.95

基本信息:

城市(city): Presidente Prudente

省份(region): Sao Paulo

国家(country): Brazil

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

b'#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       143.208.0.0 - 143.208.255.255
CIDR:           143.208.0.0/16
NetName:        LACNIC-ERX-143-208-0-0
NetHandle:      NET-143-208-0-0-1
Parent:         NET143 (NET-143-0-0-0-0)
NetType:        Transferred to LACNIC
OriginAS:       
Organization:   Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate:        2010-11-03
Updated:        2010-11-17
Comment:        This IP address range is under LACNIC responsibility
Comment:        for further allocations to users in LACNIC region.
Comment:        Please see http://www.lacnic.net/ for further details,
Comment:        or check the WHOIS server located at http://whois.lacnic.net
Ref:            https://rdap.arin.net/registry/ip/143.208.0.0

ResourceLink:  http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink:  whois.lacnic.net


OrgName:        Latin American and Caribbean IP address Regional Registry
OrgId:          LACNIC
Address:        Rambla Republica de Mexico 6125
City:           Montevideo
StateProv:      
PostalCode:     11400
Country:        UY
RegDate:        2002-07-27
Updated:        2018-03-15
Ref:            https://rdap.arin.net/registry/entity/LACNIC

ReferralServer:  whois://whois.lacnic.net
ResourceLink:  http://lacnic.net/cgi-bin/lacnic/whois

OrgAbuseHandle: LWI100-ARIN
OrgAbuseName:   LACNIC Whois Info
OrgAbusePhone:  +598-2604-2222 
OrgAbuseEmail:  abuse@lacnic.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/LWI100-ARIN

OrgTechHandle: LACNIC-ARIN
OrgTechName:   LACNIC Whois Info
OrgTechPhone:  +598-2604-2222 
OrgTechEmail:  whois-contact@lacnic.net
OrgTechRef:    https://rdap.arin.net/registry/entity/LACNIC-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.lacnic.net.

% IP Client: 8.214.16.196
 % Copyright (c) Nic.br - Use of this data is governed by the Use and
% Privacy Policy at https://registro.br/upp . Distribution,
% commercialization, reproduction, and use for advertising or similar
% purposes are expressly prohibited.
% 2026-03-27T02:13:45-03:00 - 8.214.16.196

inetnum:     143.208.125.92/30
aut-num:     AS265126
abuse-c:     CAEST65
owner:       Claudinei Dos Santos Soares ME
ownerid:     27.568.048/0001-57
responsible: Claudinei dos Santos Soares
country:     BR
owner-c:     CDSSO80
tech-c:      CDSSO80
created:     20240306
changed:     20240306
inetnum-up:  143.208.124.0/22

nic-hdl-br:  CDSSO80
person:      Claudinei dos Santos Soares
e-mail:      claudineiclark10@gmail.com
country:     BR
created:     20190902
changed:     20230918

nic-hdl-br:  CAEST65
person:      Cassio Esteves
e-mail:      cassiobesteves@gmail.com
country:     BR
created:     20150813
changed:     20240307

% Security and mail abuse issues should also be addressed to cert.br,
% respectivelly to cert@cert.br and mail-abuse@cert.br
%
% whois.registro.br only accepts exact match queries for domains,
% registrants, contacts, tickets, providers, IPs, and ASNs.'

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 143.208.125.95
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12302
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;143.208.125.95.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026032601 1800 900 604800 86400

;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 27 13:05:49 CST 2026
;; MSG SIZE  rcvd: 107

HOST信息:

95.125.208.143.in-addr.arpa domain name pointer 143-208-125-95.fleetnet.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
95.125.208.143.in-addr.arpa	name = 143-208-125-95.fleetnet.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
222.186.180.41	attackspam	Sep 7 01:02:33 dev0-dcde-rnet sshd[16216]: Failed password for root from 222.186.180.41 port 24126 ssh2 Sep 7 01:02:47 dev0-dcde-rnet sshd[16216]: error: maximum authentication attempts exceeded for root from 222.186.180.41 port 24126 ssh2 [preauth] Sep 7 01:02:52 dev0-dcde-rnet sshd[16218]: Failed password for root from 222.186.180.41 port 27548 ssh2	2020-09-07 07:03:22
40.124.48.111	attack	C1,WP GET //wp-includes/wlwmanifest.xml	2020-09-07 06:53:40
121.169.54.240	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-09-07 06:44:42
177.84.41.34	attack	Port probing on unauthorized port 8080	2020-09-07 06:54:31
123.206.190.82	attackspambots	(sshd) Failed SSH login from 123.206.190.82 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 6 12:19:48 server sshd[517]: Invalid user nemesis from 123.206.190.82 port 55540 Sep 6 12:19:50 server sshd[517]: Failed password for invalid user nemesis from 123.206.190.82 port 55540 ssh2 Sep 6 12:47:12 server sshd[8290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.190.82 user=root Sep 6 12:47:14 server sshd[8290]: Failed password for root from 123.206.190.82 port 53902 ssh2 Sep 6 12:52:02 server sshd[9572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.190.82 user=root	2020-09-07 07:09:51
146.185.215.21	attackbots	gcore scammer fraud bastard! day per DAY ! fake sender stolen identity ! Sun Sep 06 @ 6:37pm SPAM[from_blacklist] 146.185.215.21 bounce@magenta.de	2020-09-07 07:14:33
51.77.66.36	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-06T16:10:36Z and 2020-09-06T16:52:18Z	2020-09-07 07:04:41
180.249.183.191	attackbots	1599411138 - 09/06/2020 18:52:18 Host: 180.249.183.191/180.249.183.191 Port: 445 TCP Blocked	2020-09-07 06:57:35
104.248.130.17	attackspam	Sep 5 23:03:47 fwservlet sshd[21500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.17 user=r.r Sep 5 23:03:49 fwservlet sshd[21500]: Failed password for r.r from 104.248.130.17 port 49402 ssh2 Sep 5 23:03:49 fwservlet sshd[21500]: Received disconnect from 104.248.130.17 port 49402:11: Bye Bye [preauth] Sep 5 23:03:49 fwservlet sshd[21500]: Disconnected from 104.248.130.17 port 49402 [preauth] Sep 5 23:13:23 fwservlet sshd[21886]: Invalid user hosting from 104.248.130.17 Sep 5 23:13:23 fwservlet sshd[21886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.17 Sep 5 23:13:25 fwservlet sshd[21886]: Failed password for invalid user hosting from 104.248.130.17 port 53798 ssh2 Sep 5 23:13:25 fwservlet sshd[21886]: Received disconnect from 104.248.130.17 port 53798:11: Bye Bye [preauth] Sep 5 23:13:25 fwservlet sshd[21886]: Disconnected from 104.248.130.17 port 5........ -------------------------------	2020-09-07 06:53:17
213.32.70.208	attack	Sep 6 19:52:33 hosting sshd[6423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.ip-213-32-70.eu user=root Sep 6 19:52:35 hosting sshd[6423]: Failed password for root from 213.32.70.208 port 49292 ssh2 ...	2020-09-07 06:49:44
200.31.19.206	attackspam	SSH login attempts.	2020-09-07 06:41:04
178.255.126.198	attack	DATE:2020-09-06 19:22:26, IP:178.255.126.198, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-07 06:55:21
106.12.38.231	attack	2020-09-06T22:27:46.858167abusebot-4.cloudsearch.cf sshd[10495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.38.231 user=root 2020-09-06T22:27:49.245749abusebot-4.cloudsearch.cf sshd[10495]: Failed password for root from 106.12.38.231 port 52734 ssh2 2020-09-06T22:30:57.377221abusebot-4.cloudsearch.cf sshd[10510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.38.231 user=root 2020-09-06T22:30:59.986002abusebot-4.cloudsearch.cf sshd[10510]: Failed password for root from 106.12.38.231 port 41000 ssh2 2020-09-06T22:34:27.170621abusebot-4.cloudsearch.cf sshd[10562]: Invalid user rapport from 106.12.38.231 port 57490 2020-09-06T22:34:27.175948abusebot-4.cloudsearch.cf sshd[10562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.38.231 2020-09-06T22:34:27.170621abusebot-4.cloudsearch.cf sshd[10562]: Invalid user rapport from 106.12.38.231 port 5 ...	2020-09-07 07:12:54
64.227.22.214	attack	SSH login attempts.	2020-09-07 06:45:59
190.27.104.203	attackspam	Unauthorized connection attempt from IP address 190.27.104.203 on Port 445(SMB)	2020-09-07 06:52:28

最近上报的IP列表

113.112.51.110	2606:4700:10::6814:6858	2606:4700:10::6814:9833	2606:4700:10::6816:1086
2606:4700:10::6816:1169	14.207.194.11	2606:4700:10::6816:4771	2606:4700:10::6814:9120
10.2.216.131	65.102.164.10	203.242.106.212	180.153.236.194
91.92.41.58	84.52.77.248	222.109.132.215	2606:4700:10::6814:6042
2606:4700:10::6816:3586	2606:4700:10::ac43:2483	122.192.203.75	2606:4700:10::6814:8503