125.42.25.212 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
125.42.254.247	attack	SSH login attempts.	2020-02-17 17:16:16
125.42.253.127	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.42.253.127/ CN - 1H : (282) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 125.42.253.127 CIDR : 125.40.0.0/14 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 WYKRYTE ATAKI Z ASN4837 : 1H - 6 3H - 12 6H - 17 12H - 38 24H - 81 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-20 00:46:55

Type

Details

Datetime

125.42.254.247

attack

SSH login attempts.

2020-02-17 17:16:16

125.42.253.127

attackspambots

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.42.253.127/ 
 CN - 1H : (282)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN4837 
 
 IP : 125.42.253.127 
 
 CIDR : 125.40.0.0/14 
 
 PREFIX COUNT : 1262 
 
 UNIQUE IP COUNT : 56665856 
 
 
 WYKRYTE ATAKI Z ASN4837 :  
  1H - 6 
  3H - 12 
  6H - 17 
 12H - 38 
 24H - 81 
 
 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery

2019-09-20 00:46:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.42.25.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33654
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;125.42.25.212.			IN	A

;; AUTHORITY SECTION:
.			165	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 07:04:16 CST 2022
;; MSG SIZE  rcvd: 106

Host info

212.25.42.125.in-addr.arpa domain name pointer hn.kd.ny.adsl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
212.25.42.125.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
47.74.150.153	attack	Sep 17 05:58:11 xtremcommunity sshd\[175685\]: Invalid user w1r3 from 47.74.150.153 port 49312 Sep 17 05:58:11 xtremcommunity sshd\[175685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.74.150.153 Sep 17 05:58:13 xtremcommunity sshd\[175685\]: Failed password for invalid user w1r3 from 47.74.150.153 port 49312 ssh2 Sep 17 06:02:29 xtremcommunity sshd\[175767\]: Invalid user jp from 47.74.150.153 port 33272 Sep 17 06:02:29 xtremcommunity sshd\[175767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.74.150.153 ...	2019-09-17 19:17:35
193.112.74.137	attack	Sep 17 11:18:46 nextcloud sshd\[29571\]: Invalid user zabbix from 193.112.74.137 Sep 17 11:18:46 nextcloud sshd\[29571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.74.137 Sep 17 11:18:48 nextcloud sshd\[29571\]: Failed password for invalid user zabbix from 193.112.74.137 port 48634 ssh2 ...	2019-09-17 19:44:18
106.12.17.243	attack	Sep 17 11:46:55 nextcloud sshd\[16760\]: Invalid user jimmy from 106.12.17.243 Sep 17 11:46:55 nextcloud sshd\[16760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.243 Sep 17 11:46:57 nextcloud sshd\[16760\]: Failed password for invalid user jimmy from 106.12.17.243 port 58372 ssh2 ...	2019-09-17 20:00:02
14.240.105.196	attackspambots	Unauthorized connection attempt from IP address 14.240.105.196 on Port 445(SMB)	2019-09-17 19:29:52
123.162.97.252	attackspam	Unauthorized connection attempt from IP address 123.162.97.252 on Port 445(SMB)	2019-09-17 19:59:32
128.73.72.10	attackbotsspam	" "	2019-09-17 20:06:33
51.159.28.192	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-09-17 19:34:27
81.12.72.88	attackspambots	Unauthorized connection attempt from IP address 81.12.72.88 on Port 445(SMB)	2019-09-17 19:22:28
101.109.116.192	attackbotsspam	Unauthorized connection attempt from IP address 101.109.116.192 on Port 445(SMB)	2019-09-17 20:06:55
106.13.128.71	attackbots	Automatic report - Banned IP Access	2019-09-17 19:47:42
92.118.37.74	attack	Sep 17 13:35:02 mc1 kernel: \[ 6571.484128\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=19146 PROTO=TCP SPT=46525 DPT=50951 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 17 13:35:14 mc1 kernel: \[ 6583.911315\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=36810 PROTO=TCP SPT=46525 DPT=31122 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 17 13:36:25 mc1 kernel: \[ 6654.769498\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.74 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=53385 PROTO=TCP SPT=46525 DPT=12953 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-17 19:50:16
37.59.14.72	attackbots	Automatic report - Banned IP Access	2019-09-17 19:27:23
95.153.96.84	attackspambots	Unauthorized connection attempt from IP address 95.153.96.84 on Port 445(SMB)	2019-09-17 19:24:07
189.60.166.235	attack	Automatic report - Port Scan Attack	2019-09-17 19:56:52
95.173.179.151	attackspambots	www.goldgier.de 95.173.179.151 \[17/Sep/2019:05:32:15 +0200\] "POST /wp-login.php HTTP/1.1" 200 8729 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 95.173.179.151 \[17/Sep/2019:05:32:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 8729 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-17 19:58:14

Recently Reported IPs

125.42.236.244	125.42.239.24	125.42.28.139	125.43.119.191
125.42.97.26	125.42.97.48	125.43.134.188	125.42.25.95
125.43.163.34	125.43.18.141	125.43.193.213	125.43.188.110
125.43.21.12	125.43.216.136	125.43.217.98	125.43.22.141
125.43.33.157	125.43.36.20	125.43.36.36	125.43.36.80