144.48.125.130

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Room 806 8F Feiya Industrial Center Health Street

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Oct 19 07:14:40 lnxweb62 sshd[8798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.130	2019-10-19 19:20:21

相同子网IP讨论:

IP	类型	评论内容	时间
144.48.125.186	attackspambots	Oct 2 18:20:40 OPSO sshd\[9877\]: Invalid user ow from 144.48.125.186 port 43003 Oct 2 18:20:40 OPSO sshd\[9877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.186 Oct 2 18:20:42 OPSO sshd\[9877\]: Failed password for invalid user ow from 144.48.125.186 port 43003 ssh2 Oct 2 18:24:45 OPSO sshd\[10488\]: Invalid user upload from 144.48.125.186 port 34715 Oct 2 18:24:45 OPSO sshd\[10488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.186	2019-10-03 00:29:10
144.48.125.186	attack	Sep 29 13:46:15 web1 sshd\[12596\]: Invalid user imh from 144.48.125.186 Sep 29 13:46:15 web1 sshd\[12596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.186 Sep 29 13:46:17 web1 sshd\[12596\]: Failed password for invalid user imh from 144.48.125.186 port 35489 ssh2 Sep 29 13:50:37 web1 sshd\[12997\]: Invalid user admin from 144.48.125.186 Sep 29 13:50:37 web1 sshd\[12997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.186	2019-09-30 08:03:28

类型

评论内容

时间

144.48.125.186

attackspambots

Oct  2 18:20:40 OPSO sshd\[9877\]: Invalid user ow from 144.48.125.186 port 43003
Oct  2 18:20:40 OPSO sshd\[9877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.186
Oct  2 18:20:42 OPSO sshd\[9877\]: Failed password for invalid user ow from 144.48.125.186 port 43003 ssh2
Oct  2 18:24:45 OPSO sshd\[10488\]: Invalid user upload from 144.48.125.186 port 34715
Oct  2 18:24:45 OPSO sshd\[10488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.186

2019-10-03 00:29:10

144.48.125.186

attack

Sep 29 13:46:15 web1 sshd\[12596\]: Invalid user imh from 144.48.125.186
Sep 29 13:46:15 web1 sshd\[12596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.186
Sep 29 13:46:17 web1 sshd\[12596\]: Failed password for invalid user imh from 144.48.125.186 port 35489 ssh2
Sep 29 13:50:37 web1 sshd\[12997\]: Invalid user admin from 144.48.125.186
Sep 29 13:50:37 web1 sshd\[12997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.48.125.186

2019-09-30 08:03:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 144.48.125.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28174
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;144.48.125.130.			IN	A

;; AUTHORITY SECTION:
.			590	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101900 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 19:20:18 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 130.125.48.144.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 130.125.48.144.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
112.85.42.173	attackspambots	Sep 5 22:52:02 dignus sshd[19392]: Failed password for root from 112.85.42.173 port 36394 ssh2 Sep 5 22:52:06 dignus sshd[19392]: Failed password for root from 112.85.42.173 port 36394 ssh2 Sep 5 22:52:10 dignus sshd[19392]: Failed password for root from 112.85.42.173 port 36394 ssh2 Sep 5 22:52:13 dignus sshd[19392]: Failed password for root from 112.85.42.173 port 36394 ssh2 Sep 5 22:52:17 dignus sshd[19392]: Failed password for root from 112.85.42.173 port 36394 ssh2 ...	2020-09-06 14:05:08
200.76.202.183	attackspambots	Automatic report - Port Scan Attack	2020-09-06 14:04:43
51.91.132.52	attackbots	failed attempts to inject php and access /.env	2020-09-06 14:12:24
218.92.0.247	attackspam	Sep 6 06:23:28 marvibiene sshd[19419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.247 user=root Sep 6 06:23:30 marvibiene sshd[19419]: Failed password for root from 218.92.0.247 port 42158 ssh2 Sep 6 06:23:34 marvibiene sshd[19419]: Failed password for root from 218.92.0.247 port 42158 ssh2 Sep 6 06:23:28 marvibiene sshd[19419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.247 user=root Sep 6 06:23:30 marvibiene sshd[19419]: Failed password for root from 218.92.0.247 port 42158 ssh2 Sep 6 06:23:34 marvibiene sshd[19419]: Failed password for root from 218.92.0.247 port 42158 ssh2	2020-09-06 14:23:47
98.176.168.11	attackspambots	firewall-block, port(s): 81/tcp	2020-09-06 14:26:20
67.205.135.65	attack	TCP (SYN) 67.205.135.65:42871 -> port 31846, len 44	2020-09-06 14:06:22
167.71.63.130	attackbotsspam	Excessive Port-Scanning	2020-09-06 14:20:11
58.218.200.113	attack	Icarus honeypot on github	2020-09-06 13:44:01
45.82.136.246	attackbots	Fail2Ban	2020-09-06 14:05:53
222.186.175.215	attackbots	Sep 6 07:51:35 abendstille sshd\[16849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root Sep 6 07:51:36 abendstille sshd\[16849\]: Failed password for root from 222.186.175.215 port 55574 ssh2 Sep 6 07:51:50 abendstille sshd\[16849\]: Failed password for root from 222.186.175.215 port 55574 ssh2 Sep 6 07:51:54 abendstille sshd\[17033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root Sep 6 07:51:56 abendstille sshd\[17033\]: Failed password for root from 222.186.175.215 port 8510 ssh2 ...	2020-09-06 13:54:02
154.220.96.130	attackbots	2020-09-05T15:41:31.859573correo.[domain] sshd[24744]: Failed password for root from 154.220.96.130 port 41072 ssh2 2020-09-05T15:41:34.499858correo.[domain] sshd[24744]: Failed password for root from 154.220.96.130 port 41072 ssh2 2020-09-05T15:41:36.083539correo.[domain] sshd[24744]: Failed password for root from 154.220.96.130 port 41072 ssh2 ...	2020-09-06 14:23:26
218.92.0.207	attack	Sep 6 08:18:07 santamaria sshd\[18052\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root Sep 6 08:18:08 santamaria sshd\[18052\]: Failed password for root from 218.92.0.207 port 11268 ssh2 Sep 6 08:19:49 santamaria sshd\[18076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root ...	2020-09-06 14:27:19
81.170.148.27	attackspam	DATE:2020-09-05 18:51:22, IP:81.170.148.27, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-06 13:48:10
222.186.30.57	attackspambots	Sep 6 07:51:27 eventyay sshd[15138]: Failed password for root from 222.186.30.57 port 39130 ssh2 Sep 6 07:51:30 eventyay sshd[15138]: Failed password for root from 222.186.30.57 port 39130 ssh2 Sep 6 07:51:32 eventyay sshd[15138]: Failed password for root from 222.186.30.57 port 39130 ssh2 ...	2020-09-06 13:54:35
54.37.159.12	attack	Sep 6 07:58:48 sshd\[794\]: Invalid user orauat from 54.37.159.12Sep 6 07:58:49 sshd\[794\]: Failed password for invalid user orauat from 54.37.159.12 port 33370 ssh2 ...	2020-09-06 14:00:00

最近上报的IP列表

117.30.74.58	72.52.252.9	77.64.34.100	48.45.95.71
182.72.250.129	117.158.94.153	113.190.234.93	171.231.74.93
91.92.133.146	191.193.245.161	77.14.4.137	124.204.68.242
61.86.5.25	106.12.130.148	175.199.169.49	129.205.201.27
218.11.30.20	157.245.90.37	139.59.43.225	116.11.184.46