125.64.94.147 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
125.64.94.136	attackbots	TCP (SYN) 125.64.94.136:40563 -> port 12000, len 44	2020-10-13 23:59:13
125.64.94.136	attackbots	=Multiport scan 187 ports : 1 13 22 31 32(x2) 38 70 82 111 113 123 280 322 497 510 517(x2) 518 523 548(x2) 556 587(x2) 620 623 636 731 783(x2) 898 990 994 995(x2) 1042(x2) 1080 1200 1241 1344 1400 1443 1503 1505 1521 1604 1830 1883 1900 1901 1967 2000 2010 2030 2052 2080(x3) 2086 2095 2181 2252 2332 2375(x2) 2404 2406(x2) 2443 2600 2601(x2) 2604 2715 2869 3075(x2) 3097 3260 3299 3310 3311 3333 3352 3372 3388 3390 3443 3520 3522 3525 3526 3529 3689 3774 3940 4022 4155 4430 4440 4444 4700 5007 5051 5061 5094 5269 5280 5353 5570 5672 5683 5900 5901 5902 5938 5984 6001(x2) 6112 6346 6443 6544 6666(x3) 6667 6669 6679 6697 6699 6881(x2) 6969 6998 7000 7001 7007 7077 7144 7199 7200(x2) 7778 8000 8001 8002 8004 8006 8007 8009(x2) 8030 8060 8069 8086 8123 8182 8332 8333 8500 8554 8880 8881(x2) 8884 8889 8899(x2) 9002 9030 9080 9300 9446(x3) 9595 9801 9944 9993 10000 10250 10255 10443 11371 12999 13666 13722 14534 15002 16514 16923 16993 19150 19999 20332 22335 25565 26470 27017(x2) 27018 31337 3....	2020-10-13 07:51:07
125.64.94.133	attack	scans once in preceeding hours on the ports (in chronological order) 32760 resulting in total of 3 scans from 125.64.0.0/13 block.	2020-10-11 01:32:26
125.64.94.136	attackbotsspam	TCP (SYN) 125.64.94.136:41809 -> port 50200, len 44	2020-10-07 06:39:26
125.64.94.136	attackspambots	Automatic report - Banned IP Access	2020-10-06 22:57:41
125.64.94.136	attackspam	firewall-block, port(s): 5427/tcp, 50111/tcp	2020-10-06 14:42:44
125.64.94.136	attack	TCP (SYN) 125.64.94.136:44297 -> port 50050, len 44	2020-09-22 20:55:43
125.64.94.136	attack	firewall-block, port(s): 1040/tcp, 4506/tcp, 5357/tcp, 40001/tcp	2020-09-22 05:04:54
125.64.94.136	attack	TCP (SYN) 125.64.94.136:52792 -> port 901, len 44	2020-09-20 00:40:07
125.64.94.136	attackspam	proto=tcp . spt=40362 . dpt=995 . src=125.64.94.136 . dst=xx.xx.4.1 . Found on Binary Defense (40)	2020-09-19 16:28:15
125.64.94.136	attackspambots	scans 3 times in preceeding hours on the ports (in chronological order) 8800 4949 15001 resulting in total of 5 scans from 125.64.0.0/13 block.	2020-09-18 22:39:06
125.64.94.136	attackspam	Found on Binary Defense / proto=6 . srcport=38676 . dstport=16993 . (77)	2020-09-18 14:53:34
125.64.94.136	attackbots	Hacking	2020-09-18 05:10:01
125.64.94.136	attack	firewall-block, port(s): 48649/tcp	2020-09-13 22:51:12
125.64.94.136	attackspambots	32/tcp 9864/tcp 32757/udp... [2020-09-09/13]118pkt,92pt.(tcp),20pt.(udp)	2020-09-13 14:47:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.64.94.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7797
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;125.64.94.147.			IN	A

;; AUTHORITY SECTION:
.			581	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 10:56:24 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 147.94.64.125.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 125.64.94.147.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.4.134	attackbots	/var/log/secure-20190901:Aug 28 20:22:47 XXX sshd[39918]: Invalid user benjamin from 162.243.4.134 port 47842	2019-09-11 23:09:32
183.164.247.81	attackbotsspam	st-nyc1-01 recorded 3 login violations from 183.164.247.81 and was blocked at 2019-09-11 13:02:57. 183.164.247.81 has been blocked on 0 previous occasions. 183.164.247.81's first attempt was recorded at 2019-09-11 13:02:57	2019-09-11 23:23:01
185.85.219.74	attackbotsspam	email spam	2019-09-11 23:34:47
191.243.72.34	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 23:22:25
89.216.118.71	attackbots	2019-09-11 02:50:47 H=cable-89-216-118-71.static.sbb.rs [89.216.118.71]:36601 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-09-11 02:50:47 H=cable-89-216-118-71.static.sbb.rs [89.216.118.71]:36601 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-09-11 02:50:48 H=cable-89-216-118-71.static.sbb.rs [89.216.118.71]:36601 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/89.216.118.71) ...	2019-09-11 22:44:56
92.118.160.25	attack	[10/Sep/2019:11:47:23 -0400] "GET / HTTP/1.0" "NetSystemsResearch studies the availability of various services across the internet. Our website is netsystemsresearch.com"	2019-09-11 23:07:09
210.245.107.120	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(09111103)	2019-09-11 23:16:25
175.211.112.250	attack	Sep 11 12:48:10 unicornsoft sshd\[26469\]: User root from 175.211.112.250 not allowed because not listed in AllowUsers Sep 11 12:48:10 unicornsoft sshd\[26469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.250 user=root Sep 11 12:48:11 unicornsoft sshd\[26469\]: Failed password for invalid user root from 175.211.112.250 port 46690 ssh2	2019-09-11 22:51:04
219.129.237.188	attackbots	09/11/2019-03:50:53.301183 219.129.237.188 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-09-11 22:38:41
186.213.225.107	attackspam	Sep 10 07:03:41 dax sshd[683]: warning: /etc/hosts.deny, line 15136: can't verify hostname: getaddrinfo(186.213.225.107.static.host.gvt.net.br, AF_INET) failed Sep 10 07:03:42 dax sshd[683]: reveeclipse mapping checking getaddrinfo for 186.213.225.107.static.host.gvt.net.br [186.213.225.107] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 10 07:03:42 dax sshd[683]: Invalid user mcserver from 186.213.225.107 Sep 10 07:03:42 dax sshd[683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.213.225.107 Sep 10 07:03:45 dax sshd[683]: Failed password for invalid user mcserver from 186.213.225.107 port 51752 ssh2 Sep 10 07:03:45 dax sshd[683]: Received disconnect from 186.213.225.107: 11: Bye Bye [preauth] Sep 10 07:22:48 dax sshd[3441]: warning: /etc/hosts.deny, line 15136: can't verify hostname: getaddrinfo(186.213.225.107.static.host.gvt.net.br, AF_INET) failed Sep 10 07:22:49 dax sshd[3441]: reveeclipse mapping checking getaddrinfo for 18........ -------------------------------	2019-09-11 22:44:19
1.193.160.164	attackspam	Sep 11 17:09:31 eventyay sshd[4088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.193.160.164 Sep 11 17:09:33 eventyay sshd[4088]: Failed password for invalid user uploader from 1.193.160.164 port 62184 ssh2 Sep 11 17:19:13 eventyay sshd[4253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.193.160.164 ...	2019-09-11 23:26:23
54.39.50.204	attackbots	Sep 11 16:37:09 eventyay sshd[3375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.50.204 Sep 11 16:37:11 eventyay sshd[3375]: Failed password for invalid user admin from 54.39.50.204 port 10714 ssh2 Sep 11 16:43:29 eventyay sshd[3513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.50.204 ...	2019-09-11 22:50:21
149.129.251.152	attackspambots	Sep 11 05:01:52 friendsofhawaii sshd\[30724\]: Invalid user appltest from 149.129.251.152 Sep 11 05:01:52 friendsofhawaii sshd\[30724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.251.152 Sep 11 05:01:54 friendsofhawaii sshd\[30724\]: Failed password for invalid user appltest from 149.129.251.152 port 52086 ssh2 Sep 11 05:09:28 friendsofhawaii sshd\[31490\]: Invalid user admin from 149.129.251.152 Sep 11 05:09:28 friendsofhawaii sshd\[31490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.251.152	2019-09-11 23:17:33
119.145.165.122	attackspambots	Sep 11 14:26:50 mail sshd\[31275\]: Invalid user admin from 119.145.165.122 port 55474 Sep 11 14:26:50 mail sshd\[31275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.145.165.122 Sep 11 14:26:53 mail sshd\[31275\]: Failed password for invalid user admin from 119.145.165.122 port 55474 ssh2 Sep 11 14:33:30 mail sshd\[32192\]: Invalid user esbuser from 119.145.165.122 port 42260 Sep 11 14:33:30 mail sshd\[32192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.145.165.122	2019-09-11 22:31:58
164.132.104.58	attackbotsspam	Sep 11 11:40:40 SilenceServices sshd[25068]: Failed password for git from 164.132.104.58 port 35152 ssh2 Sep 11 11:46:19 SilenceServices sshd[27155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.104.58 Sep 11 11:46:21 SilenceServices sshd[27155]: Failed password for invalid user steam from 164.132.104.58 port 44028 ssh2	2019-09-11 23:28:58

Recently Reported IPs

125.65.173.165	125.65.176.33	125.65.229.232	125.65.228.127
125.65.228.114	125.66.104.33	125.65.229.126	125.67.151.192
125.65.228.239	125.68.139.127	125.67.96.41	125.7.100.102
125.67.11.86	125.67.139.202	125.69.40.160	125.7.65.130
125.7.65.150	125.7.65.155	125.69.160.82	125.7.24.133