Go
125.64.94.211
is an
Open Proxy
used by
Hackers
100 %
China
Report Abuse
982attacks reported
687Port Scan
111Port ScanHacking
72Port ScanHackingExploited Host
17Hacking
14Brute-Force
13uncategorized
8Web App Attack
7HackingWeb App Attack
6Port ScanSSH
4SSH
...
45abuse reported
18Web SpamPort ScanBrute-ForceSSHIoT Targeted
9Email Spam
5Web SpamBrute-ForceWeb App Attack
4Email SpamPort ScanHacking
2Email SpamBrute-Force
2Email SpamHacking
2uncategorized
1Email SpamSpoofing
1Email SpamPort ScanBrute-Force
1Email SpamHackingWeb App Attack
5reputation reported
5uncategorized
2spam reported
2Email Spam
1malware reported
1Exploited Host
from 74 distinct reporters
and 9 distinct sources : blocklist.net.ua, DShield.org, GreenSnow.co, NormShield.com, Taichung Education Center, BadIPs.com, Blocklist.de, FireHOL, AbuseIPDB
125.64.94.211 was first signaled at 2019-03-29 18:23 and last record was at 2019-08-21 16:24.
IP

125.64.94.211

Organization
CHINANET SiChuan Telecom Internet Data Center
Localisation
China
Sichuan, Chengdu
NetRange : First & Last IP
125.64.94.0 - 125.64.94.3
Network CIDR
125.64.94.0/30

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-07-06 07:01 attacks Port Scan AbuseIPDB firewall-block, port(s): 2000/tcp
2019-07-06 07:01 attacks Port ScanHacking AbuseIPDB  
2019-07-06 06:22 attacks Port ScanHacking AbuseIPDB Portscan or hack attempt detected by psad/fwsnort
2019-07-06 05:09 attacks Port Scan AbuseIPDB 06.07.2019 14:09:17 Connection to port 69 blocked by firewall
2019-07-06 04:43 attacks Port Scan AbuseIPDB 06.07.2019 13:43:32 Connection to port 9801 blocked by firewall
2019-07-06 04:01 attacks Port Scan AbuseIPDB 06.07.2019 13:02:28 Connection to port 280 blocked by firewall
2019-07-06 03:55 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-07-06 03:14 attacks Port Scan AbuseIPDB 06.07.2019 12:14:09 Connection to port 7778 blocked by firewall
2019-07-06 02:34 attacks Port Scan AbuseIPDB 06.07.2019 11:34:17 Connection to port 3872 blocked by firewall
2019-07-06 01:33 attacks Port Scan AbuseIPDB Multiport scan : 8 ports scanned 548 2121 2379 3000 5800 7402 8182 32791
2019-07-06 00:00 attacks Web App Attack AbuseIPDB Automatic report - Web App Attack
2019-07-05 23:57 attacks Port ScanSSH AbuseIPDB Unauthorized access to SSH at 6/Jul/2019:08:57:56 +0000.
2019-07-05 23:36 attacks Port Scan AbuseIPDB 06.07.2019 08:36:37 Connection to port 9870 blocked by firewall
2019-07-05 22:00 attacks Port Scan AbuseIPDB " "
2019-07-05 20:42 attacks Port ScanHacking AbuseIPDB Portscan or hack attempt detected by psad/fwsnort
2019-07-05 20:40 attacks Port Scan AbuseIPDB 06.07.2019 05:42:16 Connection to port 6782 blocked by firewall
2019-07-05 20:13 attacks Port Scan AbuseIPDB 06.07.2019 05:13:02 Connection to port 444 blocked by firewall
2019-07-05 19:02 attacks Port ScanHackingExploited HostBrute-Force AbuseIPDB scan z
2019-07-05 12:18 attacks Port ScanHacking AbuseIPDB Portscan or hack attempt detected by psad/fwsnort
2019-07-05 12:10 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-07-05 11:26 attacks Port Scan AbuseIPDB 05.07.2019 20:28:11 Connection to port 20547 blocked by firewall
2019-07-05 11:14 attacks Hacking AbuseIPDB Honeypot attack, port: 2000, PTR: PTR record not found
2019-07-05 11:10 attacks Port Scan AbuseIPDB 05.07.2019 20:11:36 Connection to port 32798 blocked by firewall
2019-07-05 10:55 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-07-05 10:50 attacks Port Scan AbuseIPDB firewall-block, port(s): 37/tcp, 636/tcp, 1200/tcp, 5357/tcp, 32794/udp
2019-07-05 10:17 attacks Port Scan AbuseIPDB 05.07.2019 19:18:26 Connection to port 11965 blocked by firewall
2019-07-05 10:02 attacks Port ScanHacking AbuseIPDB  
2019-07-05 09:44 attacks Port Scan AbuseIPDB 8667/tcp 11211/udp 9080/tcp... [2019-05-05/07-05]1374pkt,463pt.(tcp),94pt.(udp)
2019-07-05 08:41 attacks Port ScanHacking AbuseIPDB Portscan or hack attempt detected by psad/fwsnort
2019-07-05 08:31 attacks Port Scan AbuseIPDB 05.07.2019 17:29:02 Connection to port 8025 blocked by firewall
2019-07-05 07:30 attacks Port Scan AbuseIPDB " "
2019-07-05 07:17 attacks Port Scan AbuseIPDB 05.07.2019 16:17:32 Connection to port 32771 blocked by firewall
2019-07-05 07:01 attacks Port ScanHacking AbuseIPDB  
2019-07-05 06:55 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-07-05 06:25 attacks Port Scan AbuseIPDB 05.07.2019 15:25:52 Connection to port 4040 blocked by firewall
2019-07-05 06:05 attacks Port Scan AbuseIPDB 05.07.2019 15:05:57 Connection to port 2000 blocked by firewall
2019-07-05 04:10 attacks Port Scan AbuseIPDB 05.07.2019 13:11:36 Connection to port 31337 blocked by firewall
2019-07-05 01:15 attacks Port Scan AbuseIPDB 05.07.2019 10:17:01 Connection to port 3940 blocked by firewall
2019-07-05 00:50 attacks Port Scan AbuseIPDB firewall-block, port(s): 8082/tcp
2019-07-05 00:48 attacks Port Scan AbuseIPDB Multiport scan : 17 ports scanned 515 1521 1688 1900 2376 3260 3312 3527 3872 6697 7777 8086 9151 16992 32763 32770 32805
2019-07-05 00:20 attacks Port Scan AbuseIPDB 05.07.2019 09:22:11 Connection to port 13666 blocked by firewall
2019-07-05 00:12 malware Exploited Host AbuseIPDB  
2019-07-04 23:47 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2019-07-04 22:02 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-07-04 21:41 attacks Web App Attack AbuseIPDB Automatic report - Web App Attack
2019-07-04 21:10 attacks Port Scan AbuseIPDB Port scan attempt detected by AWS-CCS, CTS, India
2019-07-04 20:25 attacks HackingWeb App Attack AbuseIPDB Web application attack detected by fail2ban
2019-07-04 20:13 attacks Port Scan AbuseIPDB 05.07.2019 05:13:48 Connection to port 37215 blocked by firewall
2019-07-04 18:31 attacks Port Scan AbuseIPDB 05.07.2019 03:32:42 Connection to port 32759 blocked by firewall
2019-07-04 17:01 attacks Port ScanHackingExploited Host AbuseIPDB scan r
2019-04-11 00:09 attacks Port Scan AbuseIPDB firewall-block, port(s): 1880/tcp
2019-04-11 01:10 attacks Port Scan AbuseIPDB 8667/tcp 1962/tcp [2019-04-11]2pkt
2019-04-11 02:50 attacks Port Scan AbuseIPDB firewall-block, port(s): 540/tcp, 11211/tcp
2019-04-11 03:39 attacks Brute-ForceSSH AbuseIPDB Bruteforce on SSH Honeypot
2019-04-11 03:46 attacks Port ScanHackingExploited Host AbuseIPDB Honeypot hit.
2019-04-11 03:54 attacks FTP Brute-ForceHacking AbuseIPDB Apr 11 14:40:25 h2034429 sshd[21360]: Did not receive identification string from 125.64.94.211 Apr 11 14:40:34 h2034429 sshd[21362]: Did not receive i
2019-04-11 07:51 attacks Port Scan AbuseIPDB 2019-04-11T05:44:04.395135stt-1.[munged] kernel: [730508.770998] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC
2019-04-11 15:50 attacks Port Scan AbuseIPDB firewall-block, port(s): 10333/tcp
2019-04-11 20:16 attacks HackingBrute-Force AbuseIPDB Try access to SMTP/POP/IMAP server.
2019-04-11 21:50 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-05-28 23:17 reputation alienvault_reputation  
2019-05-28 23:18 reputation bds_atif  
2019-05-28 23:20 abuse Email Spam blocklist_net_ua blocklist.net.ua  
2019-05-28 23:20 reputation ciarmy  
2019-05-28 23:27 attacks dshield_top_1000 DShield.org  
2019-05-28 23:34 attacks greensnow GreenSnow.co  
2019-05-28 23:37 attacks normshield_all_attack NormShield.com  
2019-05-28 23:37 abuse normshield_all_suspicious NormShield.com  
2019-05-28 23:38 attacks normshield_high_attack NormShield.com  
2019-05-28 23:38 abuse normshield_high_suspicious NormShield.com  
2019-05-28 23:45 attacks taichung Taichung Education Center  
2019-05-28 23:46 reputation turris_greylist  
2019-05-30 09:29 attacks bi_any_0_1d BadIPs.com  
2019-05-30 09:30 attacks SSH bi_ssh-ddos_0_1d BadIPs.com  
2019-05-30 09:30 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-05-30 09:30 attacks blocklist_de Blocklist.de  
2019-05-30 09:30 attacks Brute-ForceMailserver Attack blocklist_de_mail Blocklist.de  
2019-05-30 09:43 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-05-30 09:43 attacks Brute-Force normshield_high_bruteforce NormShield.com  
2019-06-03 22:43 attacks bi_assp_0_1d BadIPs.com  
2019-06-03 22:44 attacks Brute-ForceMailserver Attack bi_mail_0_1d BadIPs.com  
2019-06-03 22:58 reputation iblocklist_ciarmy_malicious  
2019-06-27 22:28 attacks normshield_all_webscan NormShield.com  
2019-06-27 22:28 attacks normshield_high_webscan NormShield.com  
2019-07-01 18:30 attacks Brute-ForceMailserver Attack bi_postfix_0_1d BadIPs.com  
2019-07-13 06:06 attacks Mailserver Attack bi_smtp_0_1d BadIPs.com  
2019-07-16 03:01 spam Email Spam normshield_all_spam  
2019-07-16 03:01 spam Email Spam normshield_high_spam  
2019-07-17 02:00 attacks SSH bi_sshd_0_1d BadIPs.com  
2019-07-19 00:33 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2019-07-19 00:33 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2019-07-19 00:33 attacks SSH blocklist_de_ssh Blocklist.de  
2019-08-21 16:24 attacks firehol_level2 FireHOL  
2019-03-29 18:23 attacks dshield DShield.org  
2019-05-28 23:31 attacks firehol_level4 FireHOL  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 125.64.94.0 - 125.64.94.3
netname: SC-CD-DEYANG-TELECOM
descr: SC-CD-DEYANG-TELECOM
descr: Deyang Sichuan
descr: PR China
country: CN
admin-c: CS408-AP
tech-c: CS408-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CHINANET-SC
last-modified: 2008-09-04T07:17:59Z
source: APNIC

role: CHINANET SICHUAN
address: No.72,Wen Miao Qian Str Chengdu SiChuan PR China
country: CN
phone: +86-28-86190657
fax-no: +86-25-86190641
e-mail: scipadmin2013@189.cn
remarks: send anti-spam reports to scipadmin2013@189.cn
remarks: send abuse reports to scipadmin2013@189.cn
remarks: times in GMT+8
remarks: noc.cd.sc.cn
admin-c: YZ43-AP
tech-c: RL357-AP
tech-c: XS16-AP
nic-hdl: CS408-AP
notify: scipadmin2013@189.cn
mnt-by: MAINT-CHINANET-SC
last-modified: 2013-12-26T03:05:02Z
source: APNIC

route: 125.64.94.0/24
origin: AS38283
descr: China Telecom
Data Network Management Division
Network Operation & Maintenance Department
No 19 Chaoyangmen North Street
Dongcheng District
mnt-by: MAINT-CHINANET-SC
last-modified: 2018-12-21T03:31:08Z
source: APNIC
most specific ip range is highlighted
Updated : 2019-01-30