52.125.242.36 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.125.242.36
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15013
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.125.242.36.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021101 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 03:45:49 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 36.242.125.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 36.242.125.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.89.163.226	attackspam	2020-07-29T05:40:45.106566shield sshd\[21984\]: Invalid user stephanie from 159.89.163.226 port 37792 2020-07-29T05:40:45.112245shield sshd\[21984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.163.226 2020-07-29T05:40:47.022106shield sshd\[21984\]: Failed password for invalid user stephanie from 159.89.163.226 port 37792 ssh2 2020-07-29T05:45:15.583253shield sshd\[24447\]: Invalid user dan from 159.89.163.226 port 49524 2020-07-29T05:45:15.591585shield sshd\[24447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.163.226	2020-07-29 13:55:02
178.33.12.237	attack	20 attempts against mh-ssh on echoip	2020-07-29 14:25:13
49.235.5.82	attackspam	(sshd) Failed SSH login from 49.235.5.82 (CN/China/-): 5 in the last 3600 secs	2020-07-29 13:44:32
178.154.200.96	attack	[Wed Jul 29 10:55:01.250670 2020] [:error] [pid 1362:tid 139958750947072] [client 178.154.200.96:38568] [client 178.154.200.96] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XyDzFYGmph-FwvDnyaBUAQAAAv0"] ...	2020-07-29 14:03:29
137.116.128.105	attack	Jul 29 07:55:19 dev0-dcde-rnet sshd[1742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.116.128.105 Jul 29 07:55:21 dev0-dcde-rnet sshd[1742]: Failed password for invalid user xianyu from 137.116.128.105 port 2624 ssh2 Jul 29 08:00:05 dev0-dcde-rnet sshd[1781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.116.128.105	2020-07-29 14:05:46
103.239.74.45	attackbotsspam	PHP Info File Request - Possible PHP Version Scan	2020-07-29 14:22:34
31.14.73.63	attackbotsspam	(From Pavese18556@gmail.com) Hello, I was just on your website and filled out your contact form. The feedback page on your site sends you these messages via email which is why you're reading through my message at this moment right? That's the most important accomplishment with any kind of advertising, making people actually READ your ad and this is exactly what you're doing now! If you have something you would like to blast out to lots of websites via their contact forms in the US or anywhere in the world send me a quick note now, I can even target particular niches and my prices are super reasonable. Send a message to: fredspencer398@gmail.com	2020-07-29 14:13:57
88.99.11.16	attack		2020-07-29 14:01:22
190.128.129.18	attack	$f2bV_matches	2020-07-29 14:08:33
82.196.117.104	attackbots	DATE:2020-07-29 05:54:55, IP:82.196.117.104, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-07-29 14:13:27
35.187.233.244	attackbots	$f2bV_matches	2020-07-29 13:48:41
36.110.50.254	attackspambots	Invalid user sj from 36.110.50.254 port 2865	2020-07-29 14:24:03
103.215.24.254	attackbotsspam	Invalid user zhangyiyue from 103.215.24.254 port 46546	2020-07-29 13:42:47
222.186.169.194	attackspambots	2020-07-29T08:35:04.729342afi-git.jinr.ru sshd[16830]: Failed password for root from 222.186.169.194 port 62122 ssh2 2020-07-29T08:35:07.777181afi-git.jinr.ru sshd[16830]: Failed password for root from 222.186.169.194 port 62122 ssh2 2020-07-29T08:35:11.841617afi-git.jinr.ru sshd[16830]: Failed password for root from 222.186.169.194 port 62122 ssh2 2020-07-29T08:35:11.841798afi-git.jinr.ru sshd[16830]: error: maximum authentication attempts exceeded for root from 222.186.169.194 port 62122 ssh2 [preauth] 2020-07-29T08:35:11.841813afi-git.jinr.ru sshd[16830]: Disconnecting: Too many authentication failures [preauth] ...	2020-07-29 13:47:52
163.172.167.225	attackbots	Invalid user wf from 163.172.167.225 port 59204	2020-07-29 13:49:04

Recently Reported IPs

242.2.150.182	248.123.48.249	232.98.127.169	58.125.138.230
13.163.167.109	229.48.81.93	104.103.91.74	218.59.250.137
34.201.191.111	74.151.150.133	93.175.246.196	218.5.58.77
141.36.16.240	178.211.151.101	115.152.26.2	28.137.119.209
160.192.237.187	252.56.72.83	6.19.122.67	251.22.36.15