59.125.240.149

Basic Info

City: unknown

Region: unknown

Country: Republic of China (ROC)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
59.125.240.33	attackbotsspam	Unauthorised access (Sep 2) SRC=59.125.240.33 LEN=52 PREC=0x20 TTL=116 ID=29827 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-03 07:01:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.125.240.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33797
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;59.125.240.149.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 07:44:53 CST 2022
;; MSG SIZE  rcvd: 107

Host info

149.240.125.59.in-addr.arpa domain name pointer 59-125-240-149.hinet-ip.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.240.125.59.in-addr.arpa	name = 59-125-240-149.hinet-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.149.221.186	attackspambots	Feb 4 14:50:19 grey postfix/smtpd\[26854\]: NOQUEUE: reject: RCPT from unknown\[121.149.221.186\]: 554 5.7.1 Service unavailable\; Client host \[121.149.221.186\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?121.149.221.186\; from=\ to=\ proto=ESMTP helo=\<\[121.149.221.186\]\> ...	2020-02-05 01:33:22
77.247.108.243	attack	firewall-block, port(s): 1070/udp	2020-02-05 01:49:31
49.51.242.225	attackbotsspam	Unauthorized connection attempt detected from IP address 49.51.242.225 to port 8480 [J]	2020-02-05 01:34:19
181.48.155.149	attack	Feb 4 15:53:03 srv-ubuntu-dev3 sshd[28896]: Invalid user maletsky from 181.48.155.149 Feb 4 15:53:03 srv-ubuntu-dev3 sshd[28896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.155.149 Feb 4 15:53:03 srv-ubuntu-dev3 sshd[28896]: Invalid user maletsky from 181.48.155.149 Feb 4 15:53:05 srv-ubuntu-dev3 sshd[28896]: Failed password for invalid user maletsky from 181.48.155.149 port 55090 ssh2 Feb 4 15:56:33 srv-ubuntu-dev3 sshd[29230]: Invalid user cominvest from 181.48.155.149 Feb 4 15:56:33 srv-ubuntu-dev3 sshd[29230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.155.149 Feb 4 15:56:33 srv-ubuntu-dev3 sshd[29230]: Invalid user cominvest from 181.48.155.149 Feb 4 15:56:36 srv-ubuntu-dev3 sshd[29230]: Failed password for invalid user cominvest from 181.48.155.149 port 56858 ssh2 Feb 4 16:00:09 srv-ubuntu-dev3 sshd[29568]: Invalid user saloha from 181.48.155.149 ...	2020-02-05 01:14:22
222.186.30.187	attackspambots	Fail2Ban Ban Triggered (2)	2020-02-05 01:32:13
66.220.149.15	attackspambots	[Tue Feb 04 20:50:11.983466 2020] [:error] [pid 2034:tid 140558491895552] [client 66.220.149.15:40430] [client 66.220.149.15] ModSecurity: Access denied with code 403 (phase 2). Found 3 byte(s) in REQUEST_URI outside range: 32-36,38-126. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1304"] [id "920272"] [msg "Invalid character in request (outside of printable chars below ascii 127)"] [data "REQUEST_URI=/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika/2020/01_Januari_2020/Das-III/Analisis_Dinamika_Atmosfer\\xe2\\x80\\x93Laut_Dan_Prediksi_Curah_Hujan_Update_Dasarian_III_Januari_2020.jpg"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [tag "paranoia-level/3"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika/ ...	2020-02-05 01:39:46
138.122.96.80	attackbotsspam	2019-03-11 20:34:29 H=$\[138.122.96.80\]$ \[138.122.96.80\]:13237 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-11 20:34:35 H=$\[138.122.96.80\]$ \[138.122.96.80\]:13332 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-11 20:34:41 H=$\[138.122.96.80\]$ \[138.122.96.80\]:13398 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-05 01:21:49
139.180.137.38	attackbots	2020-02-01 15:30:38 SMTP protocol synchronization error $input sent without waiting for greeting$: rejected connection from H=\[139.180.137.38\]:63683 I=\[193.107.88.166\]:25 input="CONNECT 35.170.216.115:443 HTTP/" 2020-02-01 15:30:38 SMTP protocol synchronization error $input sent without waiting for greeting$: rejected connection from H=\[139.180.137.38\]:63707 I=\[193.107.88.166\]:25 input="\004\001\001�\#��s" 2020-02-01 15:30:38 SMTP protocol synchronization error $input sent without waiting for greeting$: rejected connection from H=\[139.180.137.38\]:63728 I=\[193.107.88.166\]:25 input="\005\001" ...	2020-02-05 01:09:06
138.117.131.65	attackspambots	Feb 4 17:40:58 grey postfix/smtpd\[15370\]: NOQUEUE: reject: RCPT from unknown\[138.117.131.65\]: 554 5.7.1 Service unavailable\; Client host \[138.117.131.65\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[138.117.131.65\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-05 01:22:21
138.185.76.52	attackspam	2019-06-22 19:21:39 1hejhp-0002s5-Mk SMTP connection from $\[138.185.76.52\]$ \[138.185.76.52\]:38165 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-06-22 19:22:03 1hejiE-0002sL-0o SMTP connection from $\[138.185.76.52\]$ \[138.185.76.52\]:44824 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-06-22 19:22:18 1hejiS-0002sY-ED SMTP connection from $\[138.185.76.52\]$ \[138.185.76.52\]:43424 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 01:20:57
134.73.87.133	attackbotsspam	2019-11-11 16:13:43 SMTP protocol error in "AUTH LOGIN" H=$Bipidbveim$ \[134.73.87.133\]:64102 I=\[193.107.88.166\]:25 AUTH command used when not advertised 2019-11-11 16:13:44 SMTP protocol error in "AUTH LOGIN" H=$fqfKgT$ \[134.73.87.133\]:56481 I=\[193.107.88.166\]:25 AUTH command used when not advertised 2019-11-11 16:13:45 SMTP protocol error in "AUTH LOGIN" H=$iju5hoHIse$ \[134.73.87.133\]:58510 I=\[193.107.88.166\]:25 AUTH command used when not advertised 2019-11-11 16:13:46 SMTP protocol error in "AUTH LOGIN" H=$c8ECeuXm$ \[134.73.87.133\]:62349 I=\[193.107.88.166\]:25 AUTH command used when not advertised 2019-11-11 16:14:59 SMTP protocol error in "AUTH LOGIN" H=$VTwFlT$ \[134.73.87.133\]:52976 I=\[193.107.88.166\]:587 AUTH command used when not advertised 2019-11-11 16:15:00 SMTP protocol error in "AUTH LOGIN" H=$JxkCEio$ \[134.73.87.133\]:63086 I=\[193.107.88.166\]:587 AUTH command used when not advertised 2019-11-11 16:15:01 SMTP protocol error in "AUTH LOGIN" H ...	2020-02-05 01:34:49
85.109.190.165	attackspam	Automatic report - Port Scan Attack	2020-02-05 01:18:59
103.89.252.123	attack	$f2bV_matches	2020-02-05 01:48:46
134.73.7.250	attackbotsspam	2019-05-07 13:24:19 1hNyCo-0002sR-OX SMTP connection from bag.sandyfadadu.com $bag.ifineinteriors.icu$ \[134.73.7.250\]:46382 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-07 13:24:50 1hNyDJ-0002sz-Rj SMTP connection from bag.sandyfadadu.com $bag.ifineinteriors.icu$ \[134.73.7.250\]:56772 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-07 13:27:34 1hNyFy-0002xp-9b SMTP connection from bag.sandyfadadu.com $bag.ifineinteriors.icu$ \[134.73.7.250\]:52997 I=\[193.107.90.29\]:25 closed by DROP in ACL ...	2020-02-05 01:41:56
138.68.131.109	attackspambots	2019-05-08 07:11:56 H=sack.bridgecoaa.com $pinnacle.ghslegislation.icu$ \[138.68.131.109\]:50306 I=\[193.107.88.166\]:25 sender verify fail for \: Unrouteable address 2019-05-08 07:11:56 H=sack.bridgecoaa.com $pinnacle.ghslegislation.icu$ \[138.68.131.109\]:50306 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-05-08 07:13:33 H=sack.bridgecoaa.com $division.ghslegislation.icu$ \[138.68.131.109\]:56836 I=\[193.107.90.29\]:25 sender verify fail for \: Unrouteable address 2019-05-08 07:13:33 H=sack.bridgecoaa.com $division.ghslegislation.icu$ \[138.68.131.109\]:56836 I=\[193.107.90.29\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-05 01:16:06

Recently Reported IPs

161.132.122.60	114.35.53.128	120.77.29.210	106.242.101.130
125.41.79.79	164.52.24.190	45.190.158.214	41.190.16.26
41.36.67.140	73.215.148.165	5.190.235.245	218.144.241.138
39.86.64.46	114.119.133.26	201.1.72.126	125.43.95.138
116.27.232.62	122.192.64.222	186.225.40.58	103.209.143.244