212.241.25.196

Basic Info

City: Bishkek

Region: Bishkek

Country: Kyrgyzstan

Internet Service Provider: O!

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
212.241.25.107	attack	DATE:2020-04-24 14:05:56, IP:212.241.25.107, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-04-24 23:39:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.241.25.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24821
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;212.241.25.196.			IN	A

;; AUTHORITY SECTION:
.			287	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022123100 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 31 23:21:08 CST 2022
;; MSG SIZE  rcvd: 107

Host info

196.25.241.212.in-addr.arpa domain name pointer 212-241-25-196.pppoe.ktnet.kg.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
196.25.241.212.in-addr.arpa	name = 212-241-25-196.pppoe.ktnet.kg.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.208.188.179	attackspam	Apr 17 23:08:47 lock-38 sshd[1143065]: Unable to negotiate with 82.208.188.179 port 47482: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Apr 17 23:09:42 lock-38 sshd[1143162]: Unable to negotiate with 82.208.188.179 port 33693: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Apr 17 23:10:39 lock-38 sshd[1143217]: Unable to negotiate with 82.208.188.179 port 48139: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Apr 17 23:11:31 lock-38 sshd[1143247]: Unable to negotiate with 82.208.188.179 port 34352: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Apr 17 23:12:24 lock-38 sshd ...	2020-04-18 06:48:30
91.212.38.210	attackbots	Port Scan: Events[1] countPorts[1]: 5060 ..	2020-04-18 06:45:31
104.206.128.42	attackbots	Port Scan: Events[1] countPorts[1]: 161 ..	2020-04-18 06:38:41
196.52.43.66	attackbotsspam	Port Scan: Events[1] countPorts[1]: 4567 ..	2020-04-18 06:49:02
220.106.13.14	attackspam	(sshd) Failed SSH login from 220.106.13.14 (JP/Japan/Ibaraki/Bando/p32014-ipbffx02marunouchi.tokyo.ocn.ne.jp/[AS4713 NTT Communications Corporation]): 1 in the last 3600 secs	2020-04-18 07:06:15
185.219.168.254	attack	Trying ports that it shouldn't be.	2020-04-18 06:54:10
193.56.28.207	attack	Apr 17 22:14:52 mail postfix/smtpd[129458]: warning: unknown[193.56.28.207]: SASL LOGIN authentication failed: generic failure Apr 17 22:19:39 mail postfix/smtpd[129553]: warning: unknown[193.56.28.207]: SASL LOGIN authentication failed: generic failure Apr 17 22:24:40 mail postfix/smtpd[129639]: warning: unknown[193.56.28.207]: SASL LOGIN authentication failed: generic failure ...	2020-04-18 06:41:17
178.62.60.97	attackspam	Fail2Ban - SSH Bruteforce Attempt	2020-04-18 07:13:56
222.186.175.182	attackspambots	[MK-Root1] SSH login failed	2020-04-18 07:07:42
168.205.133.65	attackbots	Apr 17 21:21:01 roki-contabo sshd\[25149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.205.133.65 user=root Apr 17 21:21:03 roki-contabo sshd\[25149\]: Failed password for root from 168.205.133.65 port 46764 ssh2 Apr 17 21:21:05 roki-contabo sshd\[25150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.205.133.65 user=root Apr 17 21:21:07 roki-contabo sshd\[25150\]: Failed password for root from 168.205.133.65 port 51134 ssh2 Apr 17 21:21:14 roki-contabo sshd\[25158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.205.133.65 user=root ...	2020-04-18 06:50:30
92.118.161.21	attackbots	Port Scan: Events[1] countPorts[1]: 2002 ..	2020-04-18 06:40:32
2.229.4.181	attackbots	Invalid user test from 2.229.4.181 port 42824	2020-04-18 07:11:53
148.70.116.223	attackbotsspam	Invalid user admin from 148.70.116.223 port 53684	2020-04-18 07:07:56
196.52.43.103	attackbots	Port Scan: Events[1] countPorts[1]: 50070 ..	2020-04-18 06:59:49
36.27.29.21	attackbotsspam	Lines containing failures of 36.27.29.21 Apr 17 15:13:12 neweola postfix/smtpd[3171]: connect from unknown[36.27.29.21] Apr 17 15:13:13 neweola postfix/smtpd[3171]: NOQUEUE: reject: RCPT from unknown[36.27.29.21]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo= Apr 17 15:13:13 neweola postfix/smtpd[3171]: disconnect from unknown[36.27.29.21] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Apr 17 15:13:14 neweola postfix/smtpd[3171]: connect from unknown[36.27.29.21] Apr 17 15:13:15 neweola postfix/smtpd[3171]: lost connection after AUTH from unknown[36.27.29.21] Apr 17 15:13:15 neweola postfix/smtpd[3171]: disconnect from unknown[36.27.29.21] ehlo=1 auth=0/1 commands=1/2 Apr 17 15:13:15 neweola postfix/smtpd[3171]: connect from unknown[36.27.29.21] Apr 17 15:13:16 neweola postfix/smtpd[3171]: lost connection after AUTH from unknown[36.27.29.21] Apr 17 15:13:16 neweola postfix/smtpd[3171]: disconnect from unknown[36.27.29.21] e........ ------------------------------	2020-04-18 07:05:04

Recently Reported IPs

10.245.28.14	45.142.125.16	40.89.177.10	36.72.233.53
154.247.21.200	94.128.223.117	96.67.70.51	41.100.46.230
218.253.143.93	188.114.236.61	2.113.57.250	180.40.29.160
177.155.89.62	168.104.165.187	149.2.213.132	121.234.207.30
66.53.70.151	82.138.180.200	28.1.236.99	2.238.173.49