JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.249.5.25

20.249.5.25 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.249.5.25

Whois 20.249.5.25

IP Abuse Reports for 20.249.5.25:

This IP address has been reported a total of 15 times from 12 distinct sources. 20.249.5.25 was first reported on June 15th 2022, and the most recent report was 3 years ago.

Old Reports: The most recent abuse report for this IP address is from 3 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ps-center	2022-12-10 10:47:29 (3 years ago)	C1: Brutforce ssh Login	Brute-Force
🇩🇪 www.blocklist.de	2022-12-10 06:01:31 (3 years ago)	Lines containing failures of 20.249.5.25 (max 1000) Dec 10 05:48:32 neweola sshd[10394]: AD user adm ... show more Lines containing failures of 20.249.5.25 (max 1000) Dec 10 05:48:32 neweola sshd[10394]: AD user admin from 20.249.5.25 port 47424 Dec 10 05:48:32 neweola sshd[10394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.249.5.25 Dec 10 05:48:34 neweola sshd[10394]: Failed password for AD user admin from 20.249.5.25 port 47424 ssh2 Dec 10 05:48:35 neweola sshd[10394]: Received disconnect from 20.249.5.25 port 47424:11: Bye Bye [preauth] Dec 10 05:48:35 neweola sshd[10394]: Disconnected from AD user admin 20.249.5.25 port 47424 [preauth] Dec 10 05:52:17 neweola sshd[10835]: AD user testuser from 20.249.5.25 port 47738 Dec 10 05:52:17 neweola sshd[10835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.249.5.25 Dec 10 05:52:20 neweola sshd[10835]: Failed password for AD user testuser from 20.249.5.25 port 47738 ssh2 Dec 10 05:52:21 neweola sshd[10835]: Received disconnect from 20.249.5.25 po........ ------------------------------ show less	FTP Brute-Force Hacking
🇨🇭 Boxis.net NOC	2022-12-10 03:59:22 (3 years ago)	(sshd) Failed SSH login from 20.249.5.25 (US/United States/-): 5 in the last 3600 secs; Ports: ; Di ... show more (sshd) Failed SSH login from 20.249.5.25 (US/United States/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_SSHD; Logs: Dec 10 09:21:42 da057 sshd[983914]: Invalid user jenkins from 20.249.5.25 port 34208 Dec 10 09:38:13 da057 sshd[1001542]: Invalid user ftpuser from 20.249.5.25 port 35498 Dec 10 09:42:08 da057 sshd[1004704]: Invalid user lighthouse from 20.249.5.25 port 35872 Dec 10 09:46:10 da057 sshd[1007153]: Invalid user test from 20.249.5.25 port 36252 Dec 10 09:58:59 da057 sshd[1017151]: Invalid user shiva from 20.249.5.25 port 37416 show less	Port Scan
🇸🇬 tommygod.ddns.net	2022-12-10 03:40:18 (3 years ago)	Dec 10 08:36:22 mailtommygod sshd[337145]: pam_unix(sshd:auth): authentication failure; logname= uid ... show more Dec 10 08:36:22 mailtommygod sshd[337145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.249.5.25 user=root Dec 10 08:36:24 mailtommygod sshd[337145]: Failed password for root from 20.249.5.25 port 57774 ssh2 Dec 10 08:40:16 mailtommygod sshd[337381]: Invalid user ftpuser from 20.249.5.25 port 58364 Dec 10 08:40:16 mailtommygod sshd[337381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.249.5.25 Dec 10 08:40:17 mailtommygod sshd[337381]: Failed password for invalid user ftpuser from 20.249.5.25 port 58364 ssh2 show less	Brute-Force SSH
🇺🇸 Nazgul	2022-12-10 03:28:41 (3 years ago)	SSH brute force attempt (f2)	Brute-Force SSH
Anonymous	2022-12-10 03:19:42 (3 years ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force SSH
🇩🇪 alliance	2022-06-15 15:05:52 (4 years ago)	15.06.2022 19:05:52 Connection to port 23 blocked by firewall	Port Scan
🇩🇪 KPS	2022-06-15 12:15:13 (4 years ago)	PortscanM	Port Scan
🇿🇦 IrisFlower	2022-06-15 10:59:57 (4 years ago)	Unauthorized connection attempt detected from IP address 20.249.5.25 to port 23 [J]	Port Scan Hacking
🇹🇼 kk_it_man	2022-06-15 10:40:03 (4 years ago)	honey catch	Port Scan
🇿🇦 IrisFlower	2022-06-15 09:35:43 (4 years ago)	Unauthorized connection attempt detected from IP address 20.249.5.25 to port 23 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2022-06-15 08:19:21 (4 years ago)	Unauthorized connection attempt detected from IP address 20.249.5.25 to port 23 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2022-06-15 06:58:23 (4 years ago)	Unauthorized connection attempt detected from IP address 20.249.5.25 to port 23 [J]	Port Scan Hacking
🇳🇱 EGP Abuse Dept	2022-06-15 03:44:07 (4 years ago)	Unauthorized connection to Telnet port 23	Port Scan Hacking
🇺🇸 sumnone	2022-06-15 03:17:28 (4 years ago)	Port probing on unauthorized port 23	Port Scan Hacking Exploited Host

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:c84::20

🇨🇳 222.223.62.8

🇨🇳 203.189.219.195

🇹🇳 196.239.48.50

🇲🇽 187.191.48.4

🇧🇷 187.17.224.139

🇳🇱 185.226.197.29

🇺🇸 172.171.241.192

🇳🇱 172.71.182.158

🇳🇱 172.71.103.208

🇳🇱 172.71.95.97

🇳🇱 172.70.47.121

🇨🇦 142.93.153.123

🇰🇷 112.216.129.27

🇳🇱 104.23.170.64

🇷🇴 94.156.152.234

🇵🇰 72.255.18.210

🇮🇶 65.20.211.96

🇺🇸 52.159.229.48

🇳🇱 45.156.128.45