5.239.125.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Iran, Islamic Republic of

运营商(isp): Telecommunication Company of Tehran

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.239.125.12/ IR - 1H : (197) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IR NAME ASN : ASN12880 IP : 5.239.125.12 CIDR : 5.239.0.0/17 PREFIX COUNT : 276 UNIQUE IP COUNT : 1035264 WYKRYTE ATAKI Z ASN12880 : 1H - 3 3H - 5 6H - 9 12H - 13 24H - 15 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-24 00:06:28

类型

评论内容

时间

attack

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.239.125.12/ 
 IR - 1H : (197)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : IR 
 NAME ASN : ASN12880 
 
 IP : 5.239.125.12 
 
 CIDR : 5.239.0.0/17 
 
 PREFIX COUNT : 276 
 
 UNIQUE IP COUNT : 1035264 
 
 
 WYKRYTE ATAKI Z ASN12880 :  
  1H - 3 
  3H - 5 
  6H - 9 
 12H - 13 
 24H - 15 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-09-24 00:06:28

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.239.125.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24522
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.239.125.12.			IN	A

;; AUTHORITY SECTION:
.			325	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092300 1800 900 604800 86400

;; Query time: 542 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 24 00:06:19 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 12.125.239.5.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.125.239.5.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
192.144.140.20	attack	"$f2bV_matches"	2020-09-04 07:25:07
177.200.68.157	attackbotsspam	Sep 3 18:47:55 mellenthin postfix/smtpd[20177]: NOQUEUE: reject: RCPT from 177-200-68-157.dynamic.skysever.com.br[177.200.68.157]: 554 5.7.1 Service unavailable; Client host [177.200.68.157] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/177.200.68.157; from= to= proto=ESMTP helo=<177-200-68-157.dynamic.skysever.com.br>	2020-09-04 07:23:27
37.47.176.148	attackspam	Lines containing failures of 37.47.176.148 Sep 2 10:23:11 omfg postfix/smtpd[30643]: connect from public-gprs395603.centertel.pl[37.47.176.148] Sep x@x Sep 2 10:23:11 omfg postfix/smtpd[30643]: lost connection after DATA from public-gprs395603.centertel.pl[37.47.176.148] Sep 2 10:23:11 omfg postfix/smtpd[30643]: disconnect from public-gprs395603.centertel.pl[37.47.176.148] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.47.176.148	2020-09-04 07:26:31
116.103.168.253	attackbots	2020-09-03 11:41:08.585863-0500 localhost smtpd[17531]: NOQUEUE: reject: RCPT from unknown[116.103.168.253]: 554 5.7.1 Service unavailable; Client host [116.103.168.253] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/116.103.168.253; from= to= proto=ESMTP helo=<[116.103.168.253]>	2020-09-04 07:14:54
110.45.57.251	attackspam	Automatic report - Banned IP Access	2020-09-04 07:41:52
81.68.95.246	attack	2020-09-03T22:31:12.273367dmca.cloudsearch.cf sshd[32569]: Invalid user vc from 81.68.95.246 port 39730 2020-09-03T22:31:12.277592dmca.cloudsearch.cf sshd[32569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.95.246 2020-09-03T22:31:12.273367dmca.cloudsearch.cf sshd[32569]: Invalid user vc from 81.68.95.246 port 39730 2020-09-03T22:31:14.300304dmca.cloudsearch.cf sshd[32569]: Failed password for invalid user vc from 81.68.95.246 port 39730 ssh2 2020-09-03T22:37:28.885367dmca.cloudsearch.cf sshd[353]: Invalid user logview from 81.68.95.246 port 56324 2020-09-03T22:37:28.890624dmca.cloudsearch.cf sshd[353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.95.246 2020-09-03T22:37:28.885367dmca.cloudsearch.cf sshd[353]: Invalid user logview from 81.68.95.246 port 56324 2020-09-03T22:37:31.530807dmca.cloudsearch.cf sshd[353]: Failed password for invalid user logview from 81.68.95.246 port 56324 ssh2 ...	2020-09-04 07:34:24
2.202.194.246	attackbotsspam	Lines containing failures of 2.202.194.246 Sep 2 01:24:44 metroid sshd[2609]: User r.r from 2.202.194.246 not allowed because listed in DenyUsers Sep 2 01:24:44 metroid sshd[2609]: Received disconnect from 2.202.194.246 port 42198:11: Bye Bye [preauth] Sep 2 01:24:44 metroid sshd[2609]: Disconnected from invalid user r.r 2.202.194.246 port 42198 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=2.202.194.246	2020-09-04 07:28:48
188.146.174.107	attack	2020-09-03 11:34:36.973977-0500 localhost smtpd[17531]: NOQUEUE: reject: RCPT from 188.146.174.107.nat.umts.dynamic.t-mobile.pl[188.146.174.107]: 554 5.7.1 Service unavailable; Client host [188.146.174.107] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/188.146.174.107; from= to= proto=ESMTP helo=<188.146.174.107.nat.umts.dynamic.t-mobile.pl>	2020-09-04 07:16:09
106.12.26.160	attackbots	Port scan: Attack repeated for 24 hours	2020-09-04 07:18:30
184.178.172.28	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-09-04 07:11:02
77.120.93.135	attack	Dovecot Invalid User Login Attempt.	2020-09-04 07:12:10
111.72.194.128	attackspambots	Sep 3 21:01:28 srv01 postfix/smtpd\[17580\]: warning: unknown\[111.72.194.128\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 21:01:40 srv01 postfix/smtpd\[17580\]: warning: unknown\[111.72.194.128\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 21:01:56 srv01 postfix/smtpd\[17580\]: warning: unknown\[111.72.194.128\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 21:02:14 srv01 postfix/smtpd\[17580\]: warning: unknown\[111.72.194.128\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 3 21:02:26 srv01 postfix/smtpd\[17580\]: warning: unknown\[111.72.194.128\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-04 07:20:57
49.88.112.116	attackbotsspam	Sep 4 01:08:18 mail sshd[13674]: refused connect from 49.88.112.116 (49.88.112.116) Sep 4 01:09:20 mail sshd[13711]: refused connect from 49.88.112.116 (49.88.112.116) Sep 4 01:10:24 mail sshd[13744]: refused connect from 49.88.112.116 (49.88.112.116) Sep 4 01:11:19 mail sshd[13827]: refused connect from 49.88.112.116 (49.88.112.116) Sep 4 01:12:42 mail sshd[13912]: refused connect from 49.88.112.116 (49.88.112.116) ...	2020-09-04 07:13:17
222.186.31.166	attackspambots	Sep 4 01:39:17 eventyay sshd[15367]: Failed password for root from 222.186.31.166 port 39440 ssh2 Sep 4 01:39:26 eventyay sshd[15369]: Failed password for root from 222.186.31.166 port 18914 ssh2 ...	2020-09-04 07:43:34
41.142.245.48	attackspambots	2020-09-03 11:40:01.688513-0500 localhost smtpd[17531]: NOQUEUE: reject: RCPT from unknown[41.142.245.48]: 554 5.7.1 Service unavailable; Client host [41.142.245.48] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/41.142.245.48; from= to= proto=ESMTP helo=<[41.142.245.48]>	2020-09-04 07:15:38

最近上报的IP列表

54.36.150.32	93.174.93.5	103.122.60.139	51.38.199.241
114.236.59.34	222.186.180.6	197.34.243.3	51.77.144.50
188.65.168.180	51.83.74.126	184.185.2.80	26.228.39.109
220.136.15.45	218.173.31.91	104.140.73.203	223.247.200.137
191.23.110.20	120.9.161.208	190.153.228.250	187.173.153.239