125.142.85.137

Basic Info

City: Goyang-si

Region: Gyeonggi-do

Country: South Korea

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Banned IP Access	2020-09-19 21:11:27
attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-19 04:44:35
attack	Sep 10 18:23:34 marvibiene sshd[60916]: Invalid user admin from 125.142.85.137 port 37398 Sep 10 18:23:35 marvibiene sshd[60916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.142.85.137 Sep 10 18:23:34 marvibiene sshd[60916]: Invalid user admin from 125.142.85.137 port 37398 Sep 10 18:23:37 marvibiene sshd[60916]: Failed password for invalid user admin from 125.142.85.137 port 37398 ssh2	2020-09-12 00:54:22
attackspam	Sep 10 18:23:34 marvibiene sshd[60916]: Invalid user admin from 125.142.85.137 port 37398 Sep 10 18:23:35 marvibiene sshd[60916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.142.85.137 Sep 10 18:23:34 marvibiene sshd[60916]: Invalid user admin from 125.142.85.137 port 37398 Sep 10 18:23:37 marvibiene sshd[60916]: Failed password for invalid user admin from 125.142.85.137 port 37398 ssh2	2020-09-11 16:51:39
attack	Sep 10 18:23:34 marvibiene sshd[60916]: Invalid user admin from 125.142.85.137 port 37398 Sep 10 18:23:35 marvibiene sshd[60916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.142.85.137 Sep 10 18:23:34 marvibiene sshd[60916]: Invalid user admin from 125.142.85.137 port 37398 Sep 10 18:23:37 marvibiene sshd[60916]: Failed password for invalid user admin from 125.142.85.137 port 37398 ssh2	2020-09-11 09:04:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.142.85.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61914
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.142.85.137.			IN	A

;; AUTHORITY SECTION:
.			376	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091001 1800 900 604800 86400

;; Query time: 126 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 11 09:04:37 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 137.85.142.125.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.85.142.125.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.177.172.158	attackbotsspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-05-05T01:27:24Z	2020-05-05 09:43:11
222.186.52.39	attackspambots	Unauthorized connection attempt detected from IP address 222.186.52.39 to port 22 [T]	2020-05-05 09:37:53
14.184.20.255	attackbots	Icarus honeypot on github	2020-05-05 09:33:02
117.173.67.119	attack	Triggered by Fail2Ban at Ares web server	2020-05-05 09:19:14
92.63.194.107	attack	Total attacks: 14	2020-05-05 09:31:44
76.167.229.7	attack	Automatic report - Port Scan Attack	2020-05-05 09:07:47
24.39.181.18	attackbotsspam	Honeypot attack, port: 81, PTR: bti18.badgertech.com.	2020-05-05 09:18:26
46.38.144.202	attackbots	May 5 03:11:14 vmanager6029 postfix/smtpd\[4633\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 5 03:12:39 vmanager6029 postfix/smtpd\[4633\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-05 09:26:19
92.63.194.104	attack	Total attacks: 20	2020-05-05 09:36:34
78.128.113.76	attackspambots	2020-05-05 03:23:43 dovecot_plain authenticator failed for $\[78.128.113.76\]$ \[78.128.113.76\]: 535 Incorrect authentication data $set_id=support@nopcommerce.it$ 2020-05-05 03:23:49 dovecot_plain authenticator failed for $\[78.128.113.76\]$ \[78.128.113.76\]: 535 Incorrect authentication data 2020-05-05 03:23:58 dovecot_plain authenticator failed for $\[78.128.113.76\]$ \[78.128.113.76\]: 535 Incorrect authentication data 2020-05-05 03:24:03 dovecot_plain authenticator failed for $\[78.128.113.76\]$ \[78.128.113.76\]: 535 Incorrect authentication data 2020-05-05 03:24:14 dovecot_plain authenticator failed for $\[78.128.113.76\]$ \[78.128.113.76\]: 535 Incorrect authentication data	2020-05-05 09:29:10
80.211.177.143	attack	$f2bV_matches	2020-05-05 09:36:55
170.238.147.252	attackspambots	Port probing on unauthorized port 9530	2020-05-05 09:13:24
49.248.12.82	attack	Unauthorized connection attempt from IP address 49.248.12.82 on Port 445(SMB)	2020-05-05 09:37:27
49.235.11.46	attackbotsspam	May 4 21:23:29 ny01 sshd[30552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.11.46 May 4 21:23:30 ny01 sshd[30552]: Failed password for invalid user git from 49.235.11.46 port 44368 ssh2 May 4 21:28:59 ny01 sshd[31715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.11.46	2020-05-05 09:35:48
222.186.52.86	attackbotsspam	May 4 21:07:05 ny01 sshd[28480]: Failed password for root from 222.186.52.86 port 48572 ssh2 May 4 21:12:24 ny01 sshd[29113]: Failed password for root from 222.186.52.86 port 25153 ssh2 May 4 21:12:26 ny01 sshd[29113]: Failed password for root from 222.186.52.86 port 25153 ssh2	2020-05-05 09:39:28

Recently Reported IPs

211.21.42.16	63.3.98.116	196.31.83.85	132.231.146.65
85.243.207.172	223.64.223.141	175.167.251.52	77.139.186.112
100.60.147.203	118.4.70.20	179.163.188.251	114.205.179.184
85.66.124.26	18.179.10.247	46.119.170.141	176.124.94.239
50.254.163.113	173.73.132.14	185.247.224.23	175.206.48.49