125.160.64.172

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	445/tcp 445/tcp [2020-10-01/07]2pkt	2020-10-09 03:43:28
attackbotsspam	445/tcp 445/tcp [2020-10-01/07]2pkt	2020-10-08 19:49:49

Comments on same subnet:

IP	Type	Details	Datetime
125.160.64.240	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-02 03:20:14
125.160.64.229	attack	20/6/25@23:56:37: FAIL: Alarm-Intrusion address from=125.160.64.229 ...	2020-06-26 12:27:27
125.160.64.99	attackbotsspam	Unauthorized connection attempt from IP address 125.160.64.99 on Port 445(SMB)	2020-05-23 07:41:57
125.160.64.195	attackspambots	Apr 30 20:48:46 plex sshd[27184]: Invalid user zhangx from 125.160.64.195 port 33833	2020-05-01 02:56:40
125.160.64.182	attackbotsspam	Apr 26 20:28:11 ns382633 sshd\[30126\]: Invalid user sha from 125.160.64.182 port 53199 Apr 26 20:28:11 ns382633 sshd\[30126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.160.64.182 Apr 26 20:28:12 ns382633 sshd\[30126\]: Failed password for invalid user sha from 125.160.64.182 port 53199 ssh2 Apr 26 20:35:22 ns382633 sshd\[31538\]: Invalid user evangeline from 125.160.64.182 port 21036 Apr 26 20:35:22 ns382633 sshd\[31538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.160.64.182	2020-04-27 03:43:32
125.160.64.134	attackspam	1584762627 - 03/21/2020 04:50:27 Host: 125.160.64.134/125.160.64.134 Port: 445 TCP Blocked	2020-03-21 16:22:37
125.160.64.145	attackspambots	port scan and connect, tcp 22 (ssh)	2020-03-12 02:19:24
125.160.64.160	attack	Unauthorized connection attempt from IP address 125.160.64.160 on Port 445(SMB)	2020-02-25 23:07:40
125.160.64.125	attackbotsspam	1581556749 - 02/13/2020 02:19:09 Host: 125.160.64.125/125.160.64.125 Port: 445 TCP Blocked	2020-02-13 10:28:24
125.160.64.207	attackspam	Honeypot attack, port: 445, PTR: 207.subnet125-160-64.speedy.telkom.net.id.	2020-02-01 22:50:48
125.160.64.116	attackbots	Invalid user suman from 125.160.64.116 port 32341	2020-01-15 03:07:35
125.160.64.129	attackbots	Honeypot attack, port: 445, PTR: 129.subnet125-160-64.speedy.telkom.net.id.	2020-01-13 23:32:56
125.160.64.14	attackspambots	Unauthorized connection attempt from IP address 125.160.64.14 on Port 445(SMB)	2020-01-03 18:08:36
125.160.64.117	attackspambots	1578026839 - 01/03/2020 05:47:19 Host: 125.160.64.117/125.160.64.117 Port: 445 TCP Blocked	2020-01-03 17:44:56
125.160.64.144	attackspam	Invalid user ubnt from 125.160.64.144 port 27311	2019-07-28 03:50:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.160.64.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58867
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.160.64.172.			IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100800 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 08 19:49:45 CST 2020
;; MSG SIZE  rcvd: 118

Host info

172.64.160.125.in-addr.arpa domain name pointer 172.subnet125-160-64.speedy.telkom.net.id.

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
172.64.160.125.in-addr.arpa	name = 172.subnet125-160-64.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.70.56.123	attackbotsspam	Nov 10 10:59:32 sticky sshd\[20284\]: Invalid user 0 from 148.70.56.123 port 37800 Nov 10 10:59:32 sticky sshd\[20284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.56.123 Nov 10 10:59:34 sticky sshd\[20284\]: Failed password for invalid user 0 from 148.70.56.123 port 37800 ssh2 Nov 10 11:04:28 sticky sshd\[20466\]: Invalid user calculator from 148.70.56.123 port 47004 Nov 10 11:04:28 sticky sshd\[20466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.56.123 ...	2019-11-10 21:46:01
221.217.49.147	attack	Nov 10 13:42:03 h2177944 sshd\[15455\]: Invalid user oracle from 221.217.49.147 port 36344 Nov 10 13:42:03 h2177944 sshd\[15455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.217.49.147 Nov 10 13:42:05 h2177944 sshd\[15455\]: Failed password for invalid user oracle from 221.217.49.147 port 36344 ssh2 Nov 10 14:04:25 h2177944 sshd\[16829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.217.49.147 user=root ...	2019-11-10 21:46:30
178.128.107.61	attackbots	2019-11-10T12:46:28.967053abusebot-5.cloudsearch.cf sshd\[25441\]: Invalid user robert from 178.128.107.61 port 34195	2019-11-10 21:11:10
3.15.68.183	attackbotsspam	2019-11-10T07:12:59.310108WS-Zach sshd[2324150]: Invalid user sara from 3.15.68.183 port 51370 2019-11-10T07:12:59.313807WS-Zach sshd[2324150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.15.68.183 2019-11-10T07:12:59.310108WS-Zach sshd[2324150]: Invalid user sara from 3.15.68.183 port 51370 2019-11-10T07:13:00.982673WS-Zach sshd[2324150]: Failed password for invalid user sara from 3.15.68.183 port 51370 ssh2 2019-11-10T07:30:16.355609WS-Zach sshd[2326123]: Invalid user producao from 3.15.68.183 port 47270 ...	2019-11-10 21:47:42
123.207.231.63	attackspambots	2019-11-10T08:02:18.087139abusebot-5.cloudsearch.cf sshd\[23406\]: Invalid user desmond from 123.207.231.63 port 40200	2019-11-10 21:49:02
123.131.165.10	attackspam	ThinkPHP Remote Code Execution Vulnerability, PTR: PTR record not found	2019-11-10 21:16:28
131.221.80.211	attackbotsspam	Nov 10 17:36:39 itv-usvr-02 sshd[20167]: Invalid user admin from 131.221.80.211 port 37761 Nov 10 17:36:39 itv-usvr-02 sshd[20167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.221.80.211 Nov 10 17:36:39 itv-usvr-02 sshd[20167]: Invalid user admin from 131.221.80.211 port 37761 Nov 10 17:36:41 itv-usvr-02 sshd[20167]: Failed password for invalid user admin from 131.221.80.211 port 37761 ssh2 Nov 10 17:41:00 itv-usvr-02 sshd[20267]: Invalid user magalie from 131.221.80.211 port 13057	2019-11-10 21:44:29
217.76.40.82	attack	2019-11-10T07:18:53.694686centos sshd\[21222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.76.40.82 user=root 2019-11-10T07:18:55.658918centos sshd\[21222\]: Failed password for root from 217.76.40.82 port 37980 ssh2 2019-11-10T07:22:34.905185centos sshd\[21307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.76.40.82 user=root	2019-11-10 21:39:53
185.176.27.250	attackspambots	firewall-block, port(s): 3065/tcp, 3105/tcp, 3239/tcp, 3339/tcp, 3363/tcp, 3369/tcp, 3374/tcp, 3394/tcp, 3437/tcp, 3468/tcp, 3565/tcp, 3642/tcp, 3672/tcp, 3683/tcp, 3812/tcp	2019-11-10 21:35:58
179.106.26.170	attack	11/10/2019-11:22:54.122714 179.106.26.170 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-10 21:32:26
185.220.101.68	attack	marleenrecords.breidenba.ch:80 185.220.101.68 - - \[10/Nov/2019:07:22:02 +0100\] "POST /xmlrpc.php HTTP/1.0" 301 521 "-" "Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/68.0.3440.106 Safari/537.36" marleenrecords.breidenba.ch 185.220.101.68 \[10/Nov/2019:07:22:03 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 3777 "-" "Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/68.0.3440.106 Safari/537.36"	2019-11-10 21:53:38
148.3.113.41	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/148.3.113.41/ ES - 1H : (43) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN12430 IP : 148.3.113.41 CIDR : 148.3.0.0/16 PREFIX COUNT : 131 UNIQUE IP COUNT : 3717120 ATTACKS DETECTED ASN12430 : 1H - 1 3H - 1 6H - 5 12H - 8 24H - 15 DateTime : 2019-11-10 07:23:08 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-10 21:19:19
103.249.100.48	attackbots	Nov 10 02:59:41 php1 sshd\[14271\]: Invalid user trey from 103.249.100.48 Nov 10 02:59:41 php1 sshd\[14271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.249.100.48 Nov 10 02:59:43 php1 sshd\[14271\]: Failed password for invalid user trey from 103.249.100.48 port 53628 ssh2 Nov 10 03:06:13 php1 sshd\[15136\]: Invalid user 123 from 103.249.100.48 Nov 10 03:06:13 php1 sshd\[15136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.249.100.48	2019-11-10 21:42:28
40.73.42.165	attackspam	Nov 10 17:25:26 webhost01 sshd[8634]: Failed password for root from 40.73.42.165 port 52788 ssh2 ...	2019-11-10 21:29:27
62.48.150.175	attackbots	Fail2Ban - SSH Bruteforce Attempt	2019-11-10 21:42:06

Recently Reported IPs

171.232.112.14	4.113.228.254	47.242.181.196	100.75.113.170
76.95.46.41	193.27.228.27	53.149.14.173	187.251.248.110
95.251.185.93	226.27.5.206	181.41.127.4	165.174.15.49
90.172.111.143	114.133.132.81	225.83.2.253	108.117.254.170
188.129.178.90	22.163.123.49	208.215.0.233	174.121.172.175