5.2.143.125 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: RCS & RDS S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 30 00:03:25 debian-2gb-nbg1-2 kernel: \[1313315.057824\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=5.2.143.125 DST=195.201.40.59 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=35894 DF PROTO=TCP SPT=35350 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0	2019-12-30 08:06:06

Type

Details

Datetime

attack

Dec 30 00:03:25 debian-2gb-nbg1-2 kernel: \[1313315.057824\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=5.2.143.125 DST=195.201.40.59 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=35894 DF PROTO=TCP SPT=35350 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0

2019-12-30 08:06:06

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.2.143.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51498
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.2.143.125.			IN	A

;; AUTHORITY SECTION:
.			340	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122901 1800 900 604800 86400

;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 30 08:06:04 CST 2019
;; MSG SIZE  rcvd: 115

Host info

125.143.2.5.in-addr.arpa domain name pointer static-5-2-143-125.rdsnet.ro.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
125.143.2.5.in-addr.arpa	name = static-5-2-143-125.rdsnet.ro.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.96.49.189	attackspam	Sep 10 01:25:26 MK-Soft-Root1 sshd\[24374\]: Invalid user steam from 190.96.49.189 port 33546 Sep 10 01:25:26 MK-Soft-Root1 sshd\[24374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.96.49.189 Sep 10 01:25:28 MK-Soft-Root1 sshd\[24374\]: Failed password for invalid user steam from 190.96.49.189 port 33546 ssh2 ...	2019-09-10 08:18:00
106.52.156.219	attackbots	Sep 9 17:54:20 hosting sshd[14384]: Invalid user oneadmin from 106.52.156.219 port 40876 ...	2019-09-10 08:32:34
157.230.128.195	attack	firewall-block, port(s): 962/tcp	2019-09-10 08:13:59
121.165.66.226	attack	Sep 9 16:54:38 srv206 sshd[11447]: Invalid user uftp from 121.165.66.226 ...	2019-09-10 08:21:56
132.247.172.26	attackbots	2019-09-10T02:18:13.393656lon01.zurich-datacenter.net sshd\[10166\]: Invalid user 123321 from 132.247.172.26 port 50876 2019-09-10T02:18:13.399282lon01.zurich-datacenter.net sshd\[10166\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.247.172.26 2019-09-10T02:18:15.439755lon01.zurich-datacenter.net sshd\[10166\]: Failed password for invalid user 123321 from 132.247.172.26 port 50876 ssh2 2019-09-10T02:25:16.501481lon01.zurich-datacenter.net sshd\[10347\]: Invalid user 1 from 132.247.172.26 port 56368 2019-09-10T02:25:16.506423lon01.zurich-datacenter.net sshd\[10347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.247.172.26 ...	2019-09-10 08:27:40
45.136.109.40	attackspambots	firewall-block, port(s): 8122/tcp, 8588/tcp, 8610/tcp, 8655/tcp, 8759/tcp, 8766/tcp	2019-09-10 08:05:51
142.93.102.38	attack	tcp_port_scan	2019-09-10 08:23:37
165.22.110.16	attackspambots	Sep 9 13:37:55 tdfoods sshd\[12107\]: Invalid user 1 from 165.22.110.16 Sep 9 13:37:55 tdfoods sshd\[12107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.110.16 Sep 9 13:37:56 tdfoods sshd\[12107\]: Failed password for invalid user 1 from 165.22.110.16 port 52194 ssh2 Sep 9 13:45:15 tdfoods sshd\[13048\]: Invalid user 1234qwer from 165.22.110.16 Sep 9 13:45:15 tdfoods sshd\[13048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.110.16	2019-09-10 08:40:32
60.190.56.6	attackspambots	09/09/2019-10:54:03.013391 60.190.56.6 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 59	2019-09-10 08:14:18
103.221.252.46	attackspam	Sep 9 13:59:17 eddieflores sshd\[10016\]: Invalid user admin from 103.221.252.46 Sep 9 13:59:17 eddieflores sshd\[10016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.221.252.46 Sep 9 13:59:19 eddieflores sshd\[10016\]: Failed password for invalid user admin from 103.221.252.46 port 48606 ssh2 Sep 9 14:06:34 eddieflores sshd\[10656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.221.252.46 user=mysql Sep 9 14:06:36 eddieflores sshd\[10656\]: Failed password for mysql from 103.221.252.46 port 53748 ssh2	2019-09-10 08:28:09
218.76.87.67	attack	F2B jail: sshd. Time: 2019-09-10 02:14:16, Reported by: VKReport	2019-09-10 08:25:31
112.186.77.106	attack	Sep 10 00:29:54 nextcloud sshd\[23487\]: Invalid user temp1 from 112.186.77.106 Sep 10 00:29:54 nextcloud sshd\[23487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.186.77.106 Sep 10 00:29:57 nextcloud sshd\[23487\]: Failed password for invalid user temp1 from 112.186.77.106 port 57940 ssh2 ...	2019-09-10 08:01:39
167.71.99.248	attack	Sep 9 22:45:02 yabzik sshd[6421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.99.248 Sep 9 22:45:05 yabzik sshd[6421]: Failed password for invalid user test from 167.71.99.248 port 41596 ssh2 Sep 9 22:50:36 yabzik sshd[8765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.99.248	2019-09-10 08:03:38
81.183.253.86	attack	Sep 9 11:44:51 sachi sshd\[26429\]: Invalid user server from 81.183.253.86 Sep 9 11:44:51 sachi sshd\[26429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dsl51b7fd56.fixip.t-online.hu Sep 9 11:44:53 sachi sshd\[26429\]: Failed password for invalid user server from 81.183.253.86 port 12288 ssh2 Sep 9 11:53:09 sachi sshd\[27179\]: Invalid user support@123 from 81.183.253.86 Sep 9 11:53:09 sachi sshd\[27179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dsl51b7fd56.fixip.t-online.hu	2019-09-10 08:07:16
175.6.248.61	attackbots	Port Scan detected from 175.6.248.61 (CN/China/-). 4 hits in the last 75 seconds	2019-09-10 08:07:51

Recently Reported IPs

52.91.36.203	46.105.91.255	193.107.88.136	74.131.225.52
192.254.129.171	124.195.197.40	36.78.252.99	188.158.78.60
197.64.135.219	220.102.197.185	79.163.171.16	14.231.21.148
2001:41d0:800:1e8e::	206.189.141.92	185.186.191.14	197.57.115.0
84.17.51.133	51.15.108.142	117.102.73.98	61.62.246.8