125.70.244.58 - IPInfo

Basic Info

City: Chengdu

Region: Sichuan

Country: China

Internet Service Provider: ChinaNet Sichuan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	445/tcp 445/tcp 445/tcp... [2019-09-14/10-01]4pkt,1pt.(tcp)	2019-10-02 02:58:05

Comments on same subnet:

IP	Type	Details	Datetime
125.70.244.4	attackbots	"fail2ban match"	2020-08-13 08:56:41
125.70.244.4	attackspam	Aug 8 06:16:10 Host-KLAX-C sshd[14285]: User root from 125.70.244.4 not allowed because not listed in AllowUsers ...	2020-08-08 22:05:56
125.70.244.4	attack	2020-08-08T10:54:09.997081n23.at sshd[2551106]: Failed password for root from 125.70.244.4 port 46808 ssh2 2020-08-08T10:55:03.936468n23.at sshd[2551936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 user=root 2020-08-08T10:55:05.438555n23.at sshd[2551936]: Failed password for root from 125.70.244.4 port 52154 ssh2 ...	2020-08-08 17:49:19
125.70.244.4	attack	2020-08-01T01:33:25.754548+02:00 sshd[31991]: Failed password for root from 125.70.244.4 port 60194 ssh2	2020-08-01 07:44:04
125.70.244.4	attack	Jul 28 09:57:15 gw1 sshd[9438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 Jul 28 09:57:17 gw1 sshd[9438]: Failed password for invalid user sunfang from 125.70.244.4 port 47538 ssh2 ...	2020-07-28 15:22:01
125.70.244.4	attack	Jul 24 05:51:08 icinga sshd[15768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 Jul 24 05:51:09 icinga sshd[15768]: Failed password for invalid user btsync from 125.70.244.4 port 37698 ssh2 Jul 24 06:01:05 icinga sshd[32687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 ...	2020-07-24 12:05:40
125.70.244.4	attack	Jul 5 17:40:34 plex-server sshd[206658]: Invalid user administrator from 125.70.244.4 port 58994 Jul 5 17:40:34 plex-server sshd[206658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 Jul 5 17:40:34 plex-server sshd[206658]: Invalid user administrator from 125.70.244.4 port 58994 Jul 5 17:40:36 plex-server sshd[206658]: Failed password for invalid user administrator from 125.70.244.4 port 58994 ssh2 Jul 5 17:44:14 plex-server sshd[207901]: Invalid user user from 125.70.244.4 port 57610 ...	2020-07-06 02:31:57
125.70.244.4	attackspambots	Jun 19 20:53:58 dignus sshd[29594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 Jun 19 20:54:00 dignus sshd[29594]: Failed password for invalid user thh from 125.70.244.4 port 60088 ssh2 Jun 19 20:56:27 dignus sshd[29805]: Invalid user ismael from 125.70.244.4 port 51388 Jun 19 20:56:27 dignus sshd[29805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 Jun 19 20:56:29 dignus sshd[29805]: Failed password for invalid user ismael from 125.70.244.4 port 51388 ssh2 ...	2020-06-20 12:06:21
125.70.244.4	attack	2020-06-13T10:48:31.399080upcloud.m0sh1x2.com sshd[16744]: Invalid user dirsrv from 125.70.244.4 port 59170	2020-06-13 19:09:11
125.70.244.4	attack	Jun 10 01:24:44 hosting sshd[19075]: Invalid user nagios from 125.70.244.4 port 48764 ...	2020-06-10 06:56:17
125.70.244.4	attackbots	Invalid user lichengzhang from 125.70.244.4 port 39454	2020-05-02 17:02:47
125.70.244.4	attackspam	Invalid user lichengzhang from 125.70.244.4 port 39454	2020-04-29 18:09:03
125.70.244.4	attackbots	Mar 21 06:35:26 ns382633 sshd\[30491\]: Invalid user jennelle from 125.70.244.4 port 58706 Mar 21 06:35:26 ns382633 sshd\[30491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 Mar 21 06:35:28 ns382633 sshd\[30491\]: Failed password for invalid user jennelle from 125.70.244.4 port 58706 ssh2 Mar 21 07:18:38 ns382633 sshd\[5978\]: Invalid user fork1 from 125.70.244.4 port 47610 Mar 21 07:18:38 ns382633 sshd\[5978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4	2020-03-21 15:50:28
125.70.244.61	attackbots	01/24/2020-23:50:29.594605 125.70.244.61 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-25 17:10:09
125.70.244.4	attackspam	Unauthorized connection attempt detected from IP address 125.70.244.4 to port 2220 [J]	2020-01-24 19:05:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.70.244.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49452
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.70.244.58.			IN	A

;; AUTHORITY SECTION:
.			552	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100102 1800 900 604800 86400

;; Query time: 284 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 02 02:57:59 CST 2019
;; MSG SIZE  rcvd: 117

Host info

58.244.70.125.in-addr.arpa domain name pointer 58.244.70.125.broad.cd.sc.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.244.70.125.in-addr.arpa	name = 58.244.70.125.broad.cd.sc.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
172.105.4.63	attack	Unauthorized connection attempt detected from IP address 172.105.4.63 to port 80	2019-12-30 04:50:32
71.6.146.185	attack	Unauthorized connection attempt detected from IP address 71.6.146.185 to port 4911	2019-12-30 05:04:09
85.105.43.222	attackbotsspam	Unauthorized connection attempt detected from IP address 85.105.43.222 to port 8000	2019-12-30 04:58:14
201.190.184.31	attackbots	Unauthorized connection attempt detected from IP address 201.190.184.31 to port 1433	2019-12-30 04:41:26
13.77.142.89	attack	$f2bV_matches	2019-12-30 05:11:49
13.56.233.74	attackspambots	Unauthorized connection attempt detected from IP address 13.56.233.74 to port 8181	2019-12-30 05:08:43
222.186.173.180	attackspam	Dec 29 19:10:05 v22018086721571380 sshd[31898]: error: maximum authentication attempts exceeded for root from 222.186.173.180 port 37240 ssh2 [preauth] Dec 29 22:16:02 v22018086721571380 sshd[12130]: Failed password for root from 222.186.173.180 port 18066 ssh2	2019-12-30 05:17:00
104.244.73.192	attackbots	Unauthorized connection attempt detected from IP address 104.244.73.192 to port 23	2019-12-30 04:54:34
196.202.117.110	attack	Unauthorized connection attempt detected from IP address 196.202.117.110 to port 445	2019-12-30 04:42:59
186.56.230.25	attackspam	Unauthorized connection attempt detected from IP address 186.56.230.25 to port 8080	2019-12-30 04:47:23
89.76.102.212	attack	SSH/22 MH Probe, BF, Hack -	2019-12-30 05:15:10
71.6.199.23	attackbots	Unauthorized connection attempt detected from IP address 71.6.199.23 to port 2379	2019-12-30 05:02:38
34.214.236.157	attackspambots	Unauthorized connection attempt detected from IP address 34.214.236.157 to port 8181	2019-12-30 04:38:52
78.168.40.106	attackbots	Unauthorized connection attempt detected from IP address 78.168.40.106 to port 8080	2019-12-30 05:00:45
189.125.151.228	attackbotsspam	Unauthorized connection attempt detected from IP address 189.125.151.228 to port 445	2019-12-30 04:45:58

Recently Reported IPs

126.57.58.33	34.192.84.230	203.20.166.6	54.177.194.202
85.92.88.24	95.124.20.141	28.133.55.174	168.155.1.11
100.242.133.231	1.140.238.185	117.102.125.26	93.223.27.10
105.67.132.111	65.16.195.186	24.75.224.71	61.180.72.2
122.236.91.231	222.93.203.64	27.105.24.125	220.117.231.69