45.112.125.66 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. Fiber Networks Indonesia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH authentication failure x 6 reported by Fail2Ban ...	2019-10-07 03:07:30
attackspam	Sep 27 00:28:00 core sshd[12912]: Invalid user tmp from 45.112.125.66 port 39046 Sep 27 00:28:02 core sshd[12912]: Failed password for invalid user tmp from 45.112.125.66 port 39046 ssh2 ...	2019-09-27 06:47:51

类型

评论内容

时间

attack

SSH authentication failure x 6 reported by Fail2Ban
...

2019-10-07 03:07:30

attackspam

Sep 27 00:28:00 core sshd[12912]: Invalid user tmp from 45.112.125.66 port 39046
Sep 27 00:28:02 core sshd[12912]: Failed password for invalid user tmp from 45.112.125.66 port 39046 ssh2
...

2019-09-27 06:47:51

相同子网IP讨论:

IP	类型	评论内容	时间
45.112.125.4	attackbotsspam	unauthorized connection attempt	2020-02-07 13:27:31
45.112.125.98	attack	Honeypot attack, port: 445, PTR: 98-125.fiber.net.id.	2019-06-27 19:32:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.112.125.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64635
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.112.125.66.			IN	A

;; AUTHORITY SECTION:
.			122	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092603 1800 900 604800 86400

;; Query time: 384 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 27 06:47:48 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

66.125.112.45.in-addr.arpa domain name pointer 66-125.fiber.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.125.112.45.in-addr.arpa	name = 66-125.fiber.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
218.98.40.141	attack	Sep 9 22:07:25 tuxlinux sshd[38261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.141 user=root Sep 9 22:07:27 tuxlinux sshd[38261]: Failed password for root from 218.98.40.141 port 23447 ssh2 Sep 9 22:07:25 tuxlinux sshd[38261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.141 user=root Sep 9 22:07:27 tuxlinux sshd[38261]: Failed password for root from 218.98.40.141 port 23447 ssh2 Sep 9 22:07:25 tuxlinux sshd[38261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.141 user=root Sep 9 22:07:27 tuxlinux sshd[38261]: Failed password for root from 218.98.40.141 port 23447 ssh2 Sep 9 22:07:31 tuxlinux sshd[38261]: Failed password for root from 218.98.40.141 port 23447 ssh2 ...	2019-09-10 04:22:42
104.207.159.104	attackspam	michaelklotzbier.de 104.207.159.104 \[09/Sep/2019:17:41:09 +0200\] "POST /wp-login.php HTTP/1.1" 200 5837 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" michaelklotzbier.de 104.207.159.104 \[09/Sep/2019:17:41:11 +0200\] "POST /wp-login.php HTTP/1.1" 200 5794 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-10 04:12:17
202.88.246.161	attackspam	Sep 9 14:52:15 Tower sshd[17041]: Connection from 202.88.246.161 port 50622 on 192.168.10.220 port 22 Sep 9 14:52:17 Tower sshd[17041]: Invalid user test from 202.88.246.161 port 50622 Sep 9 14:52:17 Tower sshd[17041]: error: Could not get shadow information for NOUSER Sep 9 14:52:17 Tower sshd[17041]: Failed password for invalid user test from 202.88.246.161 port 50622 ssh2 Sep 9 14:52:17 Tower sshd[17041]: Received disconnect from 202.88.246.161 port 50622:11: Bye Bye [preauth] Sep 9 14:52:17 Tower sshd[17041]: Disconnected from invalid user test 202.88.246.161 port 50622 [preauth]	2019-09-10 04:23:02
103.28.70.154	attack	[portscan] Port scan	2019-09-10 04:10:04
178.128.87.28	attack	Sep 9 09:56:21 aiointranet sshd\[25593\]: Invalid user P@55w0rd! from 178.128.87.28 Sep 9 09:56:21 aiointranet sshd\[25593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.87.28 Sep 9 09:56:23 aiointranet sshd\[25593\]: Failed password for invalid user P@55w0rd! from 178.128.87.28 port 48378 ssh2 Sep 9 10:04:41 aiointranet sshd\[26243\]: Invalid user ircbot from 178.128.87.28 Sep 9 10:04:41 aiointranet sshd\[26243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.87.28	2019-09-10 04:31:20
191.33.62.82	attack	Automatic report - Port Scan Attack	2019-09-10 04:25:52
185.216.140.252	attack	" "	2019-09-10 04:11:30
94.191.64.101	attack	2019-09-09T15:00:29.196584abusebot.cloudsearch.cf sshd\[5319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.64.101 user=root	2019-09-10 04:23:42
106.12.215.130	attackbots	Sep 9 05:45:29 auw2 sshd\[18421\]: Invalid user ts from 106.12.215.130 Sep 9 05:45:29 auw2 sshd\[18421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.130 Sep 9 05:45:31 auw2 sshd\[18421\]: Failed password for invalid user ts from 106.12.215.130 port 43744 ssh2 Sep 9 05:49:22 auw2 sshd\[18848\]: Invalid user user1 from 106.12.215.130 Sep 9 05:49:22 auw2 sshd\[18848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.215.130	2019-09-10 04:01:31
173.249.48.86	attackbots	" "	2019-09-10 04:34:29
211.22.222.251	attack	Sep 9 19:10:57 pkdns2 sshd\[47509\]: Invalid user server from 211.22.222.251Sep 9 19:10:59 pkdns2 sshd\[47509\]: Failed password for invalid user server from 211.22.222.251 port 48279 ssh2Sep 9 19:12:12 pkdns2 sshd\[47564\]: Failed password for root from 211.22.222.251 port 57364 ssh2Sep 9 19:13:21 pkdns2 sshd\[47603\]: Invalid user user from 211.22.222.251Sep 9 19:13:24 pkdns2 sshd\[47603\]: Failed password for invalid user user from 211.22.222.251 port 33218 ssh2Sep 9 19:14:32 pkdns2 sshd\[47634\]: Invalid user ftpuser from 211.22.222.251 ...	2019-09-10 04:18:49
83.86.75.162	attackspambots	Sep 9 22:58:36 www5 sshd\[60101\]: Invalid user azureuser from 83.86.75.162 Sep 9 22:58:36 www5 sshd\[60101\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.86.75.162 Sep 9 22:58:38 www5 sshd\[60101\]: Failed password for invalid user azureuser from 83.86.75.162 port 37192 ssh2 ...	2019-09-10 04:05:21
27.106.60.179	attackbotsspam	Sep 9 10:16:42 kapalua sshd\[27367\]: Invalid user 123456 from 27.106.60.179 Sep 9 10:16:42 kapalua sshd\[27367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.106.60.179 Sep 9 10:16:44 kapalua sshd\[27367\]: Failed password for invalid user 123456 from 27.106.60.179 port 60266 ssh2 Sep 9 10:22:58 kapalua sshd\[27911\]: Invalid user minecraftpassword from 27.106.60.179 Sep 9 10:22:58 kapalua sshd\[27911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.106.60.179	2019-09-10 04:25:04
200.72.249.139	attackbots	Sep 9 19:20:20 www_kotimaassa_fi sshd[14914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.72.249.139 Sep 9 19:20:22 www_kotimaassa_fi sshd[14914]: Failed password for invalid user ts3server from 200.72.249.139 port 30031 ssh2 ...	2019-09-10 03:49:42
45.55.176.173	attackspam	Sep 9 15:31:40 ny01 sshd[10614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.176.173 Sep 9 15:31:43 ny01 sshd[10614]: Failed password for invalid user ftpuser from 45.55.176.173 port 52098 ssh2 Sep 9 15:37:41 ny01 sshd[11661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.176.173	2019-09-10 03:50:54

最近上报的IP列表

141.71.170.167	153.61.115.228	143.0.40.252	41.226.0.237
23.247.49.184	190.17.173.212	112.193.21.120	227.107.247.47
144.228.159.108	188.245.103.79	243.145.217.228	131.77.235.204
66.157.249.4	116.31.230.57	95.136.24.145	116.191.240.131
108.60.147.143	69.35.88.125	74.47.36.153	243.213.216.80