125.160.207.129

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	445/tcp 445/tcp 445/tcp... [2019-09-08]6pkt,1pt.(tcp)	2019-09-08 22:12:32

Comments on same subnet:

IP	Type	Details	Datetime
125.160.207.154	attack	Unauthorized connection attempt from IP address 125.160.207.154 on Port 445(SMB)	2019-12-07 06:01:33
125.160.207.186	attackspambots	Unauthorized connection attempt from IP address 125.160.207.186 on Port 445(SMB)	2019-11-20 22:51:27
125.160.207.249	attack	Unauthorized connection attempt from IP address 125.160.207.249 on Port 445(SMB)	2019-11-02 17:57:23
125.160.207.157	attackbotsspam	Honeypot attack, port: 445, PTR: 157.subnet125-160-207.speedy.telkom.net.id.	2019-10-31 16:00:55
125.160.207.36	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 28-10-2019 11:50:22.	2019-10-29 00:29:58
125.160.207.82	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=14600)(09161116)	2019-09-17 02:52:19
125.160.207.158	attackbotsspam	Automatic report - Port Scan Attack	2019-08-04 21:12:59
125.160.207.11	attackbots	Invalid user UBNT from 125.160.207.11 port 60541	2019-07-27 23:34:57
125.160.207.31	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 09:06:36,963 INFO [amun_request_handler] PortScan Detected on Port: 445 (125.160.207.31)	2019-07-18 23:19:59
125.160.207.213	attackspam	Jun 30 16:22:52 lnxmail61 sshd[853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.160.207.213 Jun 30 16:22:54 lnxmail61 sshd[853]: Failed password for invalid user oracle from 125.160.207.213 port 18551 ssh2 Jun 30 16:29:33 lnxmail61 sshd[1475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.160.207.213	2019-06-30 23:46:23
125.160.207.203	attack	Jun 26 04:10:43 gitlab-ci sshd\[22141\]: Invalid user ts3user from 125.160.207.203Jun 26 04:14:29 gitlab-ci sshd\[22146\]: Invalid user ts3sleep from 125.160.207.203 ...	2019-06-26 19:07:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.160.207.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37565
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.160.207.129.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090800 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 08 22:12:24 CST 2019
;; MSG SIZE  rcvd: 119

Host info

129.207.160.125.in-addr.arpa domain name pointer 129.subnet125-160-207.speedy.telkom.net.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
129.207.160.125.in-addr.arpa	name = 129.subnet125-160-207.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.110.78	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-06-30 08:08:19
106.13.107.106	attackspambots	Invalid user emeraude from 106.13.107.106 port 44050 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 Failed password for invalid user emeraude from 106.13.107.106 port 44050 ssh2 Invalid user stream from 106.13.107.106 port 38178 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106	2019-06-30 08:23:56
36.65.10.120	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:32:36,615 INFO [amun_request_handler] PortScan Detected on Port: 445 (36.65.10.120)	2019-06-30 08:36:01
202.137.154.62	attack	Automatic report - Web App Attack	2019-06-30 08:23:31
114.232.194.40	attackbotsspam	2019-06-29T20:39:05.334320 X postfix/smtpd[29426]: warning: unknown[114.232.194.40]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-29T20:54:46.310196 X postfix/smtpd[30852]: warning: unknown[114.232.194.40]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-29T20:55:27.045643 X postfix/smtpd[29428]: warning: unknown[114.232.194.40]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-30 08:18:57
180.120.198.189	attackspambots	2019-06-29T20:44:33.054469 X postfix/smtpd[29428]: warning: unknown[180.120.198.189]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-29T20:55:33.022958 X postfix/smtpd[29428]: warning: unknown[180.120.198.189]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-29T20:55:41.466363 X postfix/smtpd[29428]: warning: unknown[180.120.198.189]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-30 08:12:25
94.102.56.143	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:38:03,834 INFO [amun_request_handler] unknown vuln (Attacker: 94.102.56.143 Port: 3389, Mess: ['\x03\x00\x00*%\xe0\x00\x00\x00\x00\x00Cookie: mstshash=Test \x01\x00\x08\x00\x03\x00\x00\x00\x03\x00\x00%\x02\xf0\x80d\x00\x00\x03\xebp\x80\x16\x16\x00\x17\x00\xe9\x03\x00\x00\x00\x00\x00\x01\x08\x00$\x00\x00\x00\x01\x00\xea\x03\x03\x00\x00\t\x02\xf0\x80 \x03'] (88) Stages: ['RDP_STAGE1'])	2019-06-30 08:22:32
58.247.132.58	attack	Jun 29 23:44:54 ns37 sshd[25565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.247.132.58 Jun 29 23:44:54 ns37 sshd[25565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.247.132.58	2019-06-30 08:24:33
143.208.249.87	attack	SMTP-sasl brute force ...	2019-06-30 08:39:28
66.249.64.153	attack	Automatic report - Web App Attack	2019-06-30 08:08:38
193.112.213.48	attack	Jun 29 18:55:52 sshgateway sshd\[8835\]: Invalid user tomberli from 193.112.213.48 Jun 29 18:55:52 sshgateway sshd\[8835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.213.48 Jun 29 18:55:54 sshgateway sshd\[8835\]: Failed password for invalid user tomberli from 193.112.213.48 port 45010 ssh2	2019-06-30 08:03:08
41.130.135.225	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:40:45,500 INFO [amun_request_handler] PortScan Detected on Port: 445 (41.130.135.225)	2019-06-30 08:12:52
54.36.84.241	attack	54.36.84.241 - - [30/Jun/2019:01:22:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.36.84.241 - - [30/Jun/2019:01:22:24 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.36.84.241 - - [30/Jun/2019:01:22:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.36.84.241 - - [30/Jun/2019:01:22:24 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.36.84.241 - - [30/Jun/2019:01:22:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.36.84.241 - - [30/Jun/2019:01:22:25 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-06-30 08:25:46
142.93.208.158	attackspam	Invalid user test6 from 142.93.208.158 port 34658	2019-06-30 08:00:45
138.197.72.48	attackspam	Jun 29 16:48:20 Ubuntu-1404-trusty-64-minimal sshd\[6791\]: Invalid user ubuntu from 138.197.72.48 Jun 29 16:48:20 Ubuntu-1404-trusty-64-minimal sshd\[6791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48 Jun 29 16:48:22 Ubuntu-1404-trusty-64-minimal sshd\[6791\]: Failed password for invalid user ubuntu from 138.197.72.48 port 47342 ssh2 Jun 30 02:01:44 Ubuntu-1404-trusty-64-minimal sshd\[20556\]: Invalid user mysql from 138.197.72.48 Jun 30 02:01:44 Ubuntu-1404-trusty-64-minimal sshd\[20556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48	2019-06-30 08:05:20

Recently Reported IPs

212.160.247.90	152.249.141.234	146.241.19.147	197.221.17.218
121.167.213.172	220.86.34.210	185.39.183.66	110.50.86.8
69.57.234.138	119.200.178.24	84.254.53.174	190.43.79.10
1.145.60.183	219.213.94.62	171.72.141.234	169.127.184.77
2.152.36.212	178.151.196.94	155.143.86.10	31.163.129.109