91.140.42.125 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Greece

Internet Service Provider: Wind Hellas Telecommunications SA

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port scan detected on ports: 43589[TCP], 43589[TCP], 43589[TCP]	2020-01-27 18:08:58

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.140.42.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23504
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.140.42.125.			IN	A

;; AUTHORITY SECTION:
.			475	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012700 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 18:08:55 CST 2020
;; MSG SIZE  rcvd: 117

Host info

125.42.140.91.in-addr.arpa domain name pointer adsl-125.91.140.42.tellas.gr.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
125.42.140.91.in-addr.arpa	name = adsl-125.91.140.42.tellas.gr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.251.180.190	attackbotsspam	$f2bV_matches	2020-02-27 03:38:52
121.178.212.67	attackspam	2020-02-26T19:17:35.442558ns386461 sshd\[24882\]: Invalid user moodle from 121.178.212.67 port 52850 2020-02-26T19:17:35.447430ns386461 sshd\[24882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.178.212.67 2020-02-26T19:17:37.220746ns386461 sshd\[24882\]: Failed password for invalid user moodle from 121.178.212.67 port 52850 ssh2 2020-02-26T19:59:42.051452ns386461 sshd\[30494\]: Invalid user bliu from 121.178.212.67 port 53139 2020-02-26T19:59:42.056183ns386461 sshd\[30494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.178.212.67 ...	2020-02-27 03:01:12
183.134.66.112	attackspambots	Feb 26 18:18:37 163-172-32-151 sshd[1458]: Invalid user nagios from 183.134.66.112 port 55178 ...	2020-02-27 03:18:02
203.150.153.91	attack	Automatic report - Port Scan Attack	2020-02-27 03:23:51
210.196.153.9	attackbotsspam	$f2bV_matches	2020-02-27 03:19:57
149.202.206.206	attackbotsspam	Feb 26 20:17:53 localhost sshd\[27309\]: Invalid user debian from 149.202.206.206 port 46471 Feb 26 20:17:53 localhost sshd\[27309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.206.206 Feb 26 20:17:54 localhost sshd\[27309\]: Failed password for invalid user debian from 149.202.206.206 port 46471 ssh2	2020-02-27 03:19:26
210.212.249.228	attackspambots	$f2bV_matches	2020-02-27 03:07:37
178.20.231.114	attackbotsspam	suspicious action Wed, 26 Feb 2020 10:35:02 -0300	2020-02-27 03:13:49
103.69.91.89	attack	Unauthorized connection attempt detected from IP address 103.69.91.89 to port 445	2020-02-27 03:38:26
82.146.57.79	attackbotsspam	2020-02-26T20:11:34.230244vps751288.ovh.net sshd\[6705\]: Invalid user user01 from 82.146.57.79 port 55144 2020-02-26T20:11:34.237973vps751288.ovh.net sshd\[6705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.146.57.79 2020-02-26T20:11:35.333860vps751288.ovh.net sshd\[6705\]: Failed password for invalid user user01 from 82.146.57.79 port 55144 ssh2 2020-02-26T20:13:52.834704vps751288.ovh.net sshd\[6719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.146.57.79 user=root 2020-02-26T20:13:54.542727vps751288.ovh.net sshd\[6719\]: Failed password for root from 82.146.57.79 port 48560 ssh2	2020-02-27 03:14:31
201.184.43.35	attackbotsspam	Feb 27 01:59:55 webhost01 sshd[23453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.184.43.35 Feb 27 01:59:58 webhost01 sshd[23453]: Failed password for invalid user alan from 201.184.43.35 port 3684 ssh2 ...	2020-02-27 03:10:23
93.39.187.184	attackspambots	DATE:2020-02-26 14:35:02, IP:93.39.187.184, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-27 03:14:09
2.180.21.179	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-02-27 03:36:48
129.28.35.148	attackbots	Lines containing failures of 129.28.35.148 Feb 26 17:37:57 shared02 sshd[2093]: Invalid user qq from 129.28.35.148 port 49130 Feb 26 17:37:57 shared02 sshd[2093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.35.148 Feb 26 17:37:59 shared02 sshd[2093]: Failed password for invalid user qq from 129.28.35.148 port 49130 ssh2 Feb 26 17:38:00 shared02 sshd[2093]: Received disconnect from 129.28.35.148 port 49130:11: Bye Bye [preauth] Feb 26 17:38:00 shared02 sshd[2093]: Disconnected from invalid user qq 129.28.35.148 port 49130 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=129.28.35.148	2020-02-27 03:36:17
210.212.203.67	attackspam	$f2bV_matches	2020-02-27 03:09:10

Recently Reported IPs

36.72.217.117	125.200.84.128	37.129.236.121	80.54.197.27
9.78.12.199	147.122.243.183	33.107.96.67	214.210.54.17
11.32.242.192	3.96.102.237	58.253.54.147	28.73.19.244
190.160.96.97	169.123.231.165	58.141.25.64	200.222.207.211
15.206.75.73	5.156.132.27	112.124.23.165	112.119.236.7