119.42.125.225

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	20/8/23@08:25:24: FAIL: Alarm-Network address from=119.42.125.225 20/8/23@08:25:24: FAIL: Alarm-Network address from=119.42.125.225 ...	2020-08-23 20:39:47

Comments on same subnet:

IP	Type	Details	Datetime
119.42.125.124	attackspam	1582896425 - 02/28/2020 14:27:05 Host: 119.42.125.124/119.42.125.124 Port: 445 TCP Blocked	2020-02-29 03:55:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.125.225
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55099
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.42.125.225.			IN	A

;; AUTHORITY SECTION:
.			424	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082300 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 23 20:39:43 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 225.125.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 225.125.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.45.147.77	attack	May 16 02:26:20 eventyay sshd[15389]: Failed password for root from 110.45.147.77 port 47166 ssh2 May 16 02:33:03 eventyay sshd[15607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.45.147.77 May 16 02:33:05 eventyay sshd[15607]: Failed password for invalid user admin from 110.45.147.77 port 45974 ssh2 ...	2020-05-16 13:56:38
185.132.53.145	attackspam	SSH login attempts.	2020-05-16 13:58:10
185.254.32.3	attackbotsspam	Automatic report - Port Scan Attack	2020-05-16 14:02:25
195.24.61.7	attack	May 15 23:50:56 mail.srvfarm.net postfix/smtpd[2107345]: NOQUEUE: reject: RCPT from unknown[195.24.61.7]: 554 5.7.1 Service unavailable; Client host [195.24.61.7] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?195.24.61.7; from= to= proto=ESMTP helo= May 15 23:50:57 mail.srvfarm.net postfix/smtpd[2107345]: NOQUEUE: reject: RCPT from unknown[195.24.61.7]: 554 5.7.1 Service unavailable; Client host [195.24.61.7] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?195.24.61.7; from= to= proto=ESMTP helo= May 15 23:50:58 mail.srvfarm.net postfix/smtpd[2107345]: NOQUEUE: reject: RCPT from unknown[195.24.61.7]: 554 5.7.1 Service unavailable; Client host [195.24.61.7] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?195.24.61.7; from= to= proto=ESMTP helo= May 15 23:50:59	2020-05-16 13:33:37
194.36.191.35	attackspam	GET /Telerik.Web.UI.WebResource.axd?type=rau This vulnerability is detailed in CVE-2017-9248, and similarly in CVE-2017-11317 and CVE-2017-11357. Vulnerable versions of Telerik are those published between 2007 and 2017.	2020-05-16 13:35:57
191.232.193.163	attackbotsspam	May 15 20:07:33 NPSTNNYC01T sshd[29975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.193.163 May 15 20:07:35 NPSTNNYC01T sshd[29975]: Failed password for invalid user bali from 191.232.193.163 port 39628 ssh2 May 15 20:17:27 NPSTNNYC01T sshd[30909]: Failed password for root from 191.232.193.163 port 48314 ssh2 ...	2020-05-16 13:39:25
94.213.91.22	attackspambots	May 16 01:58:46 mout sshd[24482]: Failed password for pi from 94.213.91.22 port 43450 ssh2 May 16 01:58:44 mout sshd[24482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.213.91.22 user=pi May 16 01:58:46 mout sshd[24482]: Failed password for pi from 94.213.91.22 port 43450 ssh2	2020-05-16 14:04:09
13.228.35.231	attackbotsspam	13.228.35.231 - - [15/May/2020:16:04:57 +0200] "GET /wp-login.php HTTP/1.1" 200 6539 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.228.35.231 - - [15/May/2020:16:05:06 +0200] "POST /wp-login.php HTTP/1.1" 200 6790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 13.228.35.231 - - [15/May/2020:16:05:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-16 13:41:08
129.204.72.165	attackbotsspam	Invalid user admin from 129.204.72.165 port 52430	2020-05-16 13:59:45
165.227.42.106	attack	Invalid user amavis from 165.227.42.106 port 46124	2020-05-16 14:01:43
193.112.141.32	attackbotsspam	Invalid user miner from 193.112.141.32 port 51938	2020-05-16 13:37:55
61.111.32.137	attackspam	May 16 04:49:51 sso sshd[28195]: Failed password for root from 61.111.32.137 port 55714 ssh2 ...	2020-05-16 13:38:08
195.155.169.44	attackspam	Port scan denied	2020-05-16 14:11:05
27.128.247.123	attackbotsspam	May 16 01:32:25 santamaria sshd\[10335\]: Invalid user check from 27.128.247.123 May 16 01:32:25 santamaria sshd\[10335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.247.123 May 16 01:32:26 santamaria sshd\[10335\]: Failed password for invalid user check from 27.128.247.123 port 4957 ssh2 ...	2020-05-16 14:12:49
201.148.87.82	attack	prod6 ...	2020-05-16 13:58:27

Recently Reported IPs

114.34.98.186	52.56.86.79	62.197.255.226	103.18.169.224
68.228.175.11	45.81.226.59	42.115.94.139	53.35.39.1
47.189.232.81	199.204.248.112	84.39.254.103	212.156.57.160
55.54.2.136	121.122.119.89	206.189.153.222	231.95.122.146
51.75.71.111	19.181.134.28	68.183.226.209	105.186.148.192