Go
125.64.94.220
is an
Open Proxy
used by
Hackers
100 %
China
Report Abuse
957attacks reported
667Port Scan
117Port ScanHacking
70Port ScanHackingExploited Host
14Brute-Force
11Web App Attack
10HackingBad Web BotWeb App Attack
8uncategorized
5Brute-ForceSSH
4Port ScanSSH
4Port ScanWeb App Attack
...
65abuse reported
33Web SpamPort ScanBrute-ForceSSHIoT Targeted
14Email SpamHacking
5Email SpamHackingBrute-Force
4Email SpamPort ScanHacking
3Web SpamBrute-ForceWeb App Attack
2Email Spam
2uncategorized
1Email SpamHackingBrute-ForceSSH
1Email SpamBrute-Force
5reputation reported
5uncategorized
2spam reported
2Email Spam
1malware reported
1Exploited Host
1anonymizers reported
1Open Proxy
from 63 distinct reporters
and 9 distinct sources : BadIPs.com, Blocklist.de, GreenSnow.co, NormShield.com, blocklist.net.ua, FireHOL, Taichung Education Center, DShield.org, AbuseIPDB
125.64.94.220 was first signaled at 2019-03-29 18:23 and last record was at 2019-07-17 01:59.
IP

125.64.94.220

Organization
CHINANET SiChuan Telecom Internet Data Center
Localisation
China
Sichuan, Chengdu
NetRange : First & Last IP
125.64.94.0 - 125.64.94.3
Network CIDR
125.64.94.0/30

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-07-02 06:50 attacks Port Scan AbuseIPDB 02.07.2019 15:51:42 Connection to port 20333 blocked by firewall
2019-07-02 06:40 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-07-02 05:59 attacks Port Scan AbuseIPDB 02.07.2019 15:01:07 Connection to port 1040 blocked by firewall
2019-07-02 05:40 attacks Port Scan AbuseIPDB 02.07.2019 14:42:12 Connection to port 2087 blocked by firewall
2019-07-02 05:07 attacks Port Scan AbuseIPDB 02.07.2019 14:07:57 Connection to port 3280 blocked by firewall
2019-07-02 04:41 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2019-07-02 04:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 1880/tcp, 3389/tcp, 5001/tcp, 7200/tcp
2019-07-02 02:59 attacks Port Scan AbuseIPDB " "
2019-07-02 01:30 attacks Port Scan AbuseIPDB 02.07.2019 10:30:54 Connection to port 3526 blocked by firewall
2019-07-01 23:39 attacks Port Scan AbuseIPDB 02.07.2019 08:40:52 Connection to port 5800 blocked by firewall
2019-07-01 22:39 attacks Port ScanHackingBrute-ForceSSH AbuseIPDB [portscan] tcp/119 [NNTP] *(RWIN=65535)(07021037)
2019-07-01 21:30 attacks Port Scan AbuseIPDB 02.07.2019 06:31:37 Connection to port 5801 blocked by firewall
2019-07-01 21:02 attacks Port ScanHacking AbuseIPDB 1562047336 - 07/02/2019 13:02:16 Host: 125.64.94.220/125.64.94.220 Port: 13 TCP Blocked
2019-07-01 17:40 attacks Port Scan AbuseIPDB firewall-block, port(s): 1911/tcp
2019-07-01 13:52 abuse Web SpamBrute-ForceWeb App Attack AbuseIPDB Brute force attack stopped by firewall
2019-07-01 12:06 attacks Port Scan AbuseIPDB 01.07.2019 21:06:22 Connection to port 1880 blocked by firewall
2019-07-01 10:44 attacks Port ScanHacking AbuseIPDB Portscan or hack attempt detected by psad/fwsnort
2019-07-01 09:56 attacks Port Scan AbuseIPDB " "
2019-07-01 09:22 attacks Port Scan AbuseIPDB 01.07.2019 18:22:47 Connection to port 100 blocked by firewall
2019-07-01 09:01 attacks Port Scan AbuseIPDB 01.07.2019 18:03:02 Connection to port 32779 blocked by firewall
2019-07-01 08:36 attacks Port Scan AbuseIPDB 01.07.2019 17:37:52 Connection to port 5051 blocked by firewall
2019-07-01 08:09 attacks Port Scan AbuseIPDB 01.07.2019 17:09:37 Connection to port 10080 blocked by firewall
2019-07-01 07:03 attacks Port Scan AbuseIPDB 01.07.2019 16:04:42 Connection to port 5601 blocked by firewall
2019-07-01 06:18 attacks Brute-Force AbuseIPDB ...
2019-07-01 06:17 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2019-07-01 06:04 attacks Port Scan AbuseIPDB 01.07.2019 15:05:47 Connection to port 1967 blocked by firewall
2019-07-01 06:00 attacks Port Scan AbuseIPDB firewall-block, port(s): 2376/tcp
2019-07-01 05:55 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-07-01 03:08 attacks Port Scan AbuseIPDB 01.07.2019 12:08:52 Connection to port 4000 blocked by firewall
2019-07-01 02:15 attacks Port Scan AbuseIPDB Multiport scan : 11 ports scanned 554 992 2024 3526 4567 4911 8001 8030 9443 11371 16923
2019-07-01 01:26 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-07-01 01:11 attacks Port Scan AbuseIPDB Port scan attempt detected by AWS-CCS, CTS, India
2019-07-01 00:11 attacks Port Scan AbuseIPDB 01.07.2019 09:11:22 Connection to port 2002 blocked by firewall
2019-06-30 23:53 attacks Port Scan AbuseIPDB 01.07.2019 08:54:42 Connection to port 731 blocked by firewall
2019-06-30 23:34 attacks Port Scan AbuseIPDB 01.07.2019 08:34:27 Connection to port 513 blocked by firewall
2019-06-30 23:17 attacks Port Scan AbuseIPDB 01.07.2019 08:17:17 Connection to port 179 blocked by firewall
2019-06-29 12:35 attacks Port ScanHacking AbuseIPDB Portscan or hack attempt detected by psad/fwsnort
2019-06-29 12:21 attacks Port ScanHackingExploited Host AbuseIPDB Honeypot hit: misc
2019-06-29 11:19 attacks Port Scan AbuseIPDB " "
2019-06-29 10:52 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2019-06-29 10:50 attacks Port Scan AbuseIPDB 29.06.2019 19:51:14 Connection to port 55553 blocked by firewall
2019-06-29 10:40 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-06-29 09:27 attacks Port Scan AbuseIPDB 29.06.2019 18:28:49 Connection to port 1080 blocked by firewall
2019-06-29 08:56 attacks Port Scan AbuseIPDB 29.06.2019 17:57:49 Connection to port 32789 blocked by firewall
2019-06-29 07:52 attacks Port Scan AbuseIPDB 29.06.2019 16:54:09 Connection to port 4848 blocked by firewall
2019-06-29 06:39 attacks Port Scan AbuseIPDB 29.06.2019 15:40:34 Connection to port 81 blocked by firewall
2019-06-29 06:22 attacks Port Scan AbuseIPDB 29.06.2019 15:22:49 Connection to port 5280 blocked by firewall
2019-06-29 05:49 attacks Port Scan AbuseIPDB 29.06.2019 14:50:29 Connection to port 8086 blocked by firewall
2019-06-29 05:40 attacks Port Scan AbuseIPDB firewall-block, port(s): 513/tcp
2019-06-29 03:05 attacks Port Scan AbuseIPDB 29.06.2019 12:06:44 Connection to port 8529 blocked by firewall
2019-05-26 20:12 attacks Port Scan AbuseIPDB 2002/tcp [2019-05-27]1pkt
2019-05-26 20:17 attacks Brute-Force AbuseIPDB 3389BruteforceFW22
2019-05-26 23:50 attacks Port Scan AbuseIPDB firewall-block, port(s): 55555/tcp
2019-05-27 04:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 5050/tcp
2019-05-27 04:36 attacks Port Scan AbuseIPDB 2019-05-26T23:44:49.038091stt-1.[munged] kernel: [2960321.609833] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SR
2019-05-27 05:59 attacks Port Scan AbuseIPDB port scan and connect, tcp 2121 (ccproxy-ftp)
2019-05-27 07:06 attacks Port ScanHacking AbuseIPDB attempting to login to application on specific port
2019-05-27 10:31 attacks Port Scan AbuseIPDB " "
2019-05-27 13:30 attacks Port Scan AbuseIPDB firewall-block, port(s): 1010/tcp
2019-05-27 13:41 attacks Port Scan AbuseIPDB May 27 06:16:46 box kernel: [142801.796906] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:68:c5:28:99:3a:4d:23:91:08:00 SRC=125.64.94.220 DST=[munged] LEN=
2019-05-28 23:17 reputation alienvault_reputation  
2019-05-28 23:18 reputation bds_atif  
2019-05-28 23:18 attacks bi_any_0_1d BadIPs.com  
2019-05-28 23:19 attacks Brute-ForceMailserver Attack bi_mail_0_1d BadIPs.com  
2019-05-28 23:19 attacks Mailserver Attack bi_smtp_0_1d BadIPs.com  
2019-05-28 23:19 attacks blocklist_de Blocklist.de  
2019-05-28 23:20 attacks Brute-ForceMailserver Attack blocklist_de_mail Blocklist.de  
2019-05-28 23:20 reputation ciarmy  
2019-05-28 23:34 attacks greensnow GreenSnow.co  
2019-05-28 23:37 attacks normshield_all_attack NormShield.com  
2019-05-28 23:37 abuse normshield_all_suspicious NormShield.com  
2019-05-28 23:38 attacks normshield_high_attack NormShield.com  
2019-05-28 23:38 abuse normshield_high_suspicious NormShield.com  
2019-05-30 09:43 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-05-30 09:43 attacks Brute-Force normshield_high_bruteforce NormShield.com  
2019-06-03 22:45 abuse Email Spam blocklist_net_ua blocklist.net.ua  
2019-06-03 22:53 attacks firehol_level4 FireHOL  
2019-06-03 23:04 reputation turris_greylist  
2019-06-06 19:27 attacks taichung Taichung Education Center  
2019-06-13 13:36 attacks Brute-ForceMailserver Attack bi_postfix_0_1d BadIPs.com  
2019-06-16 10:28 attacks SSH blocklist_de_ssh Blocklist.de  
2019-06-18 08:29 attacks SSH bi_ssh-ddos_0_1d BadIPs.com  
2019-06-18 08:29 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-06-18 08:39 spam Email Spam normshield_all_spam  
2019-06-18 08:39 spam Email Spam normshield_high_spam  
2019-06-20 06:37 attacks DDoS Attack normshield_all_ddosbot NormShield.com  
2019-06-20 06:37 attacks DDoS Attack normshield_high_ddosbot NormShield.com  
2019-07-17 01:59 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2019-07-17 01:59 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2019-03-29 18:23 attacks dshield DShield.org  
2019-05-28 23:35 reputation iblocklist_ciarmy_malicious  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 125.64.94.0 - 125.64.94.3
netname: SC-CD-DEYANG-TELECOM
descr: SC-CD-DEYANG-TELECOM
descr: Deyang Sichuan
descr: PR China
country: CN
admin-c: CS408-AP
tech-c: CS408-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CHINANET-SC
last-modified: 2008-09-04T07:17:59Z
source: APNIC

role: CHINANET SICHUAN
address: No.72,Wen Miao Qian Str Chengdu SiChuan PR China
country: CN
phone: +86-28-86190657
fax-no: +86-25-86190641
e-mail: scipadmin2013@189.cn
remarks: send anti-spam reports to scipadmin2013@189.cn
remarks: send abuse reports to scipadmin2013@189.cn
remarks: times in GMT+8
remarks: noc.cd.sc.cn
admin-c: YZ43-AP
tech-c: RL357-AP
tech-c: XS16-AP
nic-hdl: CS408-AP
notify: scipadmin2013@189.cn
mnt-by: MAINT-CHINANET-SC
last-modified: 2013-12-26T03:05:02Z
source: APNIC

route: 125.64.94.0/24
origin: AS38283
descr: China Telecom
Data Network Management Division
Network Operation & Maintenance Department
No 19 Chaoyangmen North Street
Dongcheng District
mnt-by: MAINT-CHINANET-SC
last-modified: 2018-12-21T03:31:08Z
source: APNIC
most specific ip range is highlighted
Updated : 2019-01-30