145.239.214.125

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): France

运营商(isp): OVH SAS

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Trying to log into mailserver (postfix/smtp) using multiple names and passwords	2019-07-29 21:20:16
attackbotsspam	Unauthorized connection attempt from IP address 145.239.214.125	2019-07-24 14:48:07
attackbotsspam	Brute force SMTP login attempts.	2019-07-23 11:47:01

相同子网IP讨论:

IP	类型	评论内容	时间
145.239.214.124	attackbotsspam	proto=tcp . spt=52911 . dpt=25 . (listed on Blocklist de Jun 22) (42)	2019-06-23 12:59:28
145.239.214.124	attackbotsspam	Jun 21 16:59:28 lnxmail61 postfix/smtpd[18478]: warning: [munged]:[145.239.214.124]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 21 16:59:28 lnxmail61 postfix/smtpd[18478]: lost connection after AUTH from [munged]:[145.239.214.124] Jun 21 16:59:34 lnxmail61 postfix/smtpd[17244]: warning: [munged]:[145.239.214.124]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 21 16:59:34 lnxmail61 postfix/smtpd[17244]: lost connection after AUTH from [munged]:[145.239.214.124] Jun 21 16:59:44 lnxmail61 postfix/smtpd[17845]: warning: [munged]:[145.239.214.124]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 21 16:59:44 lnxmail61 postfix/smtpd[17845]: lost connection after AUTH from [munged]:[145.239.214.124]	2019-06-21 23:15:12

类型

评论内容

时间

145.239.214.124

attackbotsspam

proto=tcp  .  spt=52911  .  dpt=25  .     (listed on Blocklist de  Jun 22)     (42)

2019-06-23 12:59:28

145.239.214.124

attackbotsspam

Jun 21 16:59:28 lnxmail61 postfix/smtpd[18478]: warning: [munged]:[145.239.214.124]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 21 16:59:28 lnxmail61 postfix/smtpd[18478]: lost connection after AUTH from [munged]:[145.239.214.124]
Jun 21 16:59:34 lnxmail61 postfix/smtpd[17244]: warning: [munged]:[145.239.214.124]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 21 16:59:34 lnxmail61 postfix/smtpd[17244]: lost connection after AUTH from [munged]:[145.239.214.124]
Jun 21 16:59:44 lnxmail61 postfix/smtpd[17845]: warning: [munged]:[145.239.214.124]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 21 16:59:44 lnxmail61 postfix/smtpd[17845]: lost connection after AUTH from [munged]:[145.239.214.124]

2019-06-21 23:15:12

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.214.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52308
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.239.214.125.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jun 10 15:05:13 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

125.214.239.145.in-addr.arpa domain name pointer ip125.ip-145-239-214.eu.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
125.214.239.145.in-addr.arpa	name = ip125.ip-145-239-214.eu.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
5.62.41.170	attackspambots	\[2019-09-09 07:38:37\] NOTICE\[9368\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.41.170:13190' $callid: 1203170097-675946563-208547998$ - Failed to authenticate \[2019-09-09 07:38:37\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-09-09T07:38:37.048+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1203170097-675946563-208547998",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/5.62.41.170/13190",Challenge="1568007516/caeaab6b3dc8e42027bf21bcce7af2a7",Response="6285afb57c0c154f3ebf9a6c9ab9cf39",ExpectedResponse="" \[2019-09-09 07:38:37\] NOTICE\[1168\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.41.170:13190' $callid: 1203170097-675946563-208547998$ - Failed to authenticate \[2019-09-09 07:38:37\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",	2019-09-09 14:17:30
202.131.152.2	attackspam	F2B jail: sshd. Time: 2019-09-09 07:20:51, Reported by: VKReport	2019-09-09 13:27:13
128.199.65.26	attackbotsspam	Automatic report - CMS Brute-Force Attack	2019-09-09 13:59:18
132.255.25.146	attackspam	port scan and connect, tcp 23 (telnet)	2019-09-09 13:24:16
118.233.92.22	attackspambots	firewall-block, port(s): 23/tcp	2019-09-09 14:07:52
54.38.47.28	attackbots	Sep 8 19:57:31 eddieflores sshd\[3145\]: Invalid user web from 54.38.47.28 Sep 8 19:57:31 eddieflores sshd\[3145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3115987.ip-54-38-47.eu Sep 8 19:57:33 eddieflores sshd\[3145\]: Failed password for invalid user web from 54.38.47.28 port 58000 ssh2 Sep 8 20:03:04 eddieflores sshd\[3604\]: Invalid user daniel from 54.38.47.28 Sep 8 20:03:04 eddieflores sshd\[3604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3115987.ip-54-38-47.eu	2019-09-09 14:08:18
103.248.25.171	attackbotsspam	Sep 9 06:40:18 lnxweb61 sshd[13408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.25.171	2019-09-09 14:00:07
182.61.42.234	attackspam	2019-09-09T05:45:46.297634abusebot-6.cloudsearch.cf sshd\[4138\]: Invalid user ftpuser from 182.61.42.234 port 39698	2019-09-09 13:57:04
112.85.42.232	attack	F2B jail: sshd. Time: 2019-09-09 07:09:33, Reported by: VKReport	2019-09-09 13:44:07
222.186.42.94	attack	$f2bV_matches	2019-09-09 13:25:01
117.48.209.161	attackbots	Sep 8 19:38:40 auw2 sshd\[20349\]: Invalid user squadserver from 117.48.209.161 Sep 8 19:38:40 auw2 sshd\[20349\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.209.161 Sep 8 19:38:42 auw2 sshd\[20349\]: Failed password for invalid user squadserver from 117.48.209.161 port 53552 ssh2 Sep 8 19:45:48 auw2 sshd\[21055\]: Invalid user mailtest from 117.48.209.161 Sep 8 19:45:48 auw2 sshd\[21055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.209.161	2019-09-09 13:47:55
159.203.199.24	attack	firewall-block, port(s): 9001/tcp	2019-09-09 14:06:10
171.244.36.103	attackbotsspam	Sep 9 08:04:40 meumeu sshd[28098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.36.103 Sep 9 08:04:43 meumeu sshd[28098]: Failed password for invalid user 1 from 171.244.36.103 port 38068 ssh2 Sep 9 08:11:52 meumeu sshd[28962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.36.103 ...	2019-09-09 14:19:03
42.101.44.212	attackspambots	2019-09-09T05:13:32.212271abusebot.cloudsearch.cf sshd\[31648\]: Invalid user ivan from 42.101.44.212 port 34784	2019-09-09 13:50:39
106.13.140.52	attackspambots	Sep 9 08:01:25 mail sshd\[10746\]: Invalid user student from 106.13.140.52 port 53322 Sep 9 08:01:25 mail sshd\[10746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.52 Sep 9 08:01:26 mail sshd\[10746\]: Failed password for invalid user student from 106.13.140.52 port 53322 ssh2 Sep 9 08:09:11 mail sshd\[12381\]: Invalid user ftpuser from 106.13.140.52 port 56818 Sep 9 08:09:11 mail sshd\[12381\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.52	2019-09-09 14:14:35

最近上报的IP列表

178.216.44.7	208.90.161.245	208.64.252.53	37.177.83.161
109.159.120.213	206.180.162.9	93.68.170.202	216.163.170.61
204.42.253.139	230.4.213.205	207.23.77.100	203.124.42.222
202.239.38.215	44.105.124.127	34.246.136.136	172.170.122.202
242.17.120.128	68.183.191.218	201.149.59.134	125.123.142.77