125.27.245.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.27.245.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41103
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;125.27.245.29.			IN	A

;; AUTHORITY SECTION:
.			592	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 03:54:27 CST 2022
;; MSG SIZE  rcvd: 106

Host info

29.245.27.125.in-addr.arpa domain name pointer node-1cf1.pool-125-27.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.245.27.125.in-addr.arpa	name = node-1cf1.pool-125-27.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.44.240.190	attackspam	Apr 11 15:42:38 ewelt sshd[9985]: Invalid user ping from 142.44.240.190 port 45522 Apr 11 15:42:39 ewelt sshd[9985]: Failed password for invalid user ping from 142.44.240.190 port 45522 ssh2 Apr 11 15:46:37 ewelt sshd[10183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.240.190 user=root Apr 11 15:46:39 ewelt sshd[10183]: Failed password for root from 142.44.240.190 port 55294 ssh2 ...	2020-04-11 21:52:26
42.119.204.163	attack	" "	2020-04-11 22:13:57
222.186.175.220	attackspambots	DATE:2020-04-11 16:05:47, IP:222.186.175.220, PORT:ssh SSH brute force auth on honeypot server (epe-honey1-hq)	2020-04-11 22:12:05
37.252.189.70	attack	Apr 11 02:15:37 web9 sshd\[9527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.252.189.70 user=root Apr 11 02:15:39 web9 sshd\[9527\]: Failed password for root from 37.252.189.70 port 36260 ssh2 Apr 11 02:19:45 web9 sshd\[10176\]: Invalid user patriots from 37.252.189.70 Apr 11 02:19:45 web9 sshd\[10176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.252.189.70 Apr 11 02:19:46 web9 sshd\[10176\]: Failed password for invalid user patriots from 37.252.189.70 port 44804 ssh2	2020-04-11 21:47:35
206.189.204.63	attackbots	Apr 11 09:18:44 ws12vmsma01 sshd[62049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.204.63 Apr 11 09:18:44 ws12vmsma01 sshd[62049]: Invalid user mailman1 from 206.189.204.63 Apr 11 09:18:46 ws12vmsma01 sshd[62049]: Failed password for invalid user mailman1 from 206.189.204.63 port 52128 ssh2 ...	2020-04-11 21:56:41
165.22.97.17	attack	Apr 11 02:11:16 web1 sshd\[7112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.97.17 user=root Apr 11 02:11:18 web1 sshd\[7112\]: Failed password for root from 165.22.97.17 port 37582 ssh2 Apr 11 02:15:26 web1 sshd\[7577\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.97.17 user=root Apr 11 02:15:28 web1 sshd\[7577\]: Failed password for root from 165.22.97.17 port 43972 ssh2 Apr 11 02:19:35 web1 sshd\[8107\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.97.17 user=root	2020-04-11 21:57:28
178.154.200.38	attack	[Sat Apr 11 19:19:16.606257 2020] [:error] [pid 7944:tid 139985705707264] [client 178.154.200.38:46852] [client 178.154.200.38] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XpG1xMkz5Lc7f6enOkJElgAAAh0"] ...	2020-04-11 22:09:10
172.69.33.229	attackspambots	$f2bV_matches	2020-04-11 21:57:14
182.20.127.1	attackspam	Hits on port :	2020-04-11 22:29:30
106.124.129.115	attackspam	Apr 11 02:16:39 web1 sshd\[7727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.129.115 user=root Apr 11 02:16:42 web1 sshd\[7727\]: Failed password for root from 106.124.129.115 port 58537 ssh2 Apr 11 02:18:57 web1 sshd\[8003\]: Invalid user db2inst1 from 106.124.129.115 Apr 11 02:18:57 web1 sshd\[8003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.129.115 Apr 11 02:19:00 web1 sshd\[8003\]: Failed password for invalid user db2inst1 from 106.124.129.115 port 43147 ssh2	2020-04-11 22:29:47
104.248.49.55	attackspambots	Apr 11 15:05:59 legacy sshd[16269]: Failed password for root from 104.248.49.55 port 49220 ssh2 Apr 11 15:09:57 legacy sshd[16388]: Failed password for root from 104.248.49.55 port 59046 ssh2 Apr 11 15:13:58 legacy sshd[16603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.55 ...	2020-04-11 22:34:09
222.186.180.8	attackbots	Apr 11 16:31:55 server sshd[52688]: Failed none for root from 222.186.180.8 port 22412 ssh2 Apr 11 16:31:57 server sshd[52688]: Failed password for root from 222.186.180.8 port 22412 ssh2 Apr 11 16:32:00 server sshd[52688]: Failed password for root from 222.186.180.8 port 22412 ssh2	2020-04-11 22:33:17
122.53.157.26	attackspam	Apr 11 18:37:03 gw1 sshd[23384]: Failed password for root from 122.53.157.26 port 47612 ssh2 ...	2020-04-11 21:44:24
219.233.49.236	attackbotsspam	DATE:2020-04-11 14:19:04, IP:219.233.49.236, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-11 22:27:42
173.232.62.82	attackspambots	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-04-11 22:19:47

Recently Reported IPs

125.27.245.33	125.27.245.34	125.27.245.4	125.27.245.40
125.27.245.43	125.27.245.44	125.27.245.46	125.27.245.57
125.27.245.51	125.27.245.63	125.27.245.59	125.27.245.71
125.27.245.64	125.27.245.72	118.119.58.252	125.27.245.77
125.27.245.78	125.27.245.82	125.27.245.89	125.27.245.95