125.161.106.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	WordPress wp-login brute force :: 125.161.106.1 0.196 BYPASS [08/Aug/2019:12:11:31 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-08 18:53:10

Type

Details

Datetime

attackbots

WordPress wp-login brute force :: 125.161.106.1 0.196 BYPASS [08/Aug/2019:12:11:31  1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2019-08-08 18:53:10

Comments on same subnet:

IP	Type	Details	Datetime
125.161.106.95	attackspambots	Unauthorized connection attempt from IP address 125.161.106.95 on Port 445(SMB)	2020-04-11 19:23:03
125.161.106.44	attack	Honeypot attack, port: 445, PTR: 44.subnet125-161-106.speedy.telkom.net.id.	2020-03-27 02:46:19
125.161.106.215	attack	IP blocked	2020-03-21 00:05:50
125.161.106.13	attackbots	Unauthorized connection attempt from IP address 125.161.106.13 on Port 445(SMB)	2020-03-09 20:40:23
125.161.106.216	attack	Lines containing failures of 125.161.106.216 Feb 25 00:20:03 shared11 sshd[17061]: Invalid user admin from 125.161.106.216 port 25502 Feb 25 00:20:03 shared11 sshd[17061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.106.216 Feb 25 00:20:05 shared11 sshd[17061]: Failed password for invalid user admin from 125.161.106.216 port 25502 ssh2 Feb 25 00:20:06 shared11 sshd[17061]: Connection closed by invalid user admin 125.161.106.216 port 25502 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.161.106.216	2020-02-25 10:35:14
125.161.106.84	attackbots	Unauthorized connection attempt from IP address 125.161.106.84 on Port 445(SMB)	2020-02-14 02:19:09
125.161.106.91	attackbotsspam	unauthorized connection attempt	2020-01-28 18:34:54
125.161.106.7	attackbots	Unauthorized connection attempt detected from IP address 125.161.106.7 to port 445	2020-01-15 17:10:15
125.161.106.112	attack	20/1/11@08:07:04: FAIL: Alarm-Network address from=125.161.106.112 ...	2020-01-12 04:03:36
125.161.106.22	attackspambots	Unauthorized connection attempt from IP address 125.161.106.22 on Port 445(SMB)	2019-12-23 05:08:54
125.161.106.101	attackbots	Unauthorized connection attempt from IP address 125.161.106.101 on Port 445(SMB)	2019-11-09 05:03:53
125.161.106.198	attackspambots	Unauthorized connection attempt from IP address 125.161.106.198 on Port 445(SMB)	2019-10-27 00:24:37
125.161.106.243	attackspam	Looking for /woocommerce.zip, Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0	2019-10-19 16:29:06
125.161.106.228	attackspambots	Unauthorized connection attempt from IP address 125.161.106.228 on Port 445(SMB)	2019-08-30 20:18:12
125.161.106.130	attack	Unauthorized connection attempt from IP address 125.161.106.130 on Port 445(SMB)	2019-08-27 04:43:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.106.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6022
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.106.1.			IN	A

;; AUTHORITY SECTION:
.			3418	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080800 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 18:53:03 CST 2019
;; MSG SIZE  rcvd: 117

Host info

1.106.161.125.in-addr.arpa domain name pointer 1.subnet125-161-106.speedy.telkom.net.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
1.106.161.125.in-addr.arpa	name = 1.subnet125-161-106.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.75.31.140	attackspam	Aug 25 13:59:00 xb3 sshd[13554]: Failed password for invalid user aronne from 106.75.31.140 port 46282 ssh2 Aug 25 13:59:01 xb3 sshd[13554]: Received disconnect from 106.75.31.140: 11: Bye Bye [preauth] Aug 25 14:13:16 xb3 sshd[13266]: Failed password for invalid user sandra from 106.75.31.140 port 60914 ssh2 Aug 25 14:13:17 xb3 sshd[13266]: Received disconnect from 106.75.31.140: 11: Bye Bye [preauth] Aug 25 14:16:56 xb3 sshd[10552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.31.140 user=r.r Aug 25 14:16:58 xb3 sshd[10552]: Failed password for r.r from 106.75.31.140 port 47731 ssh2 Aug 25 14:16:58 xb3 sshd[10552]: Received disconnect from 106.75.31.140: 11: Bye Bye [preauth] Aug 25 14:20:31 xb3 sshd[6620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.31.140 user=r.r Aug 25 14:20:33 xb3 sshd[6620]: Failed password for r.r from 106.75.31.140 port 34516 ssh2 Aug 25 14:2........ -------------------------------	2019-08-26 01:54:26
45.82.153.34	attack	firewall-block, port(s): 16800/tcp	2019-08-26 01:50:28
85.222.123.94	attackbotsspam	Aug 25 13:39:32 hcbbdb sshd\[32393\]: Invalid user cacti from 85.222.123.94 Aug 25 13:39:32 hcbbdb sshd\[32393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85-222-123-94.dynamic.chello.pl Aug 25 13:39:35 hcbbdb sshd\[32393\]: Failed password for invalid user cacti from 85.222.123.94 port 32780 ssh2 Aug 25 13:44:14 hcbbdb sshd\[488\]: Invalid user wilford from 85.222.123.94 Aug 25 13:44:14 hcbbdb sshd\[488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85-222-123-94.dynamic.chello.pl	2019-08-26 01:52:34
83.48.89.147	attackbotsspam	Aug 25 18:15:56 ArkNodeAT sshd\[31279\]: Invalid user cheryl from 83.48.89.147 Aug 25 18:15:56 ArkNodeAT sshd\[31279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.48.89.147 Aug 25 18:15:58 ArkNodeAT sshd\[31279\]: Failed password for invalid user cheryl from 83.48.89.147 port 40333 ssh2	2019-08-26 01:10:09
139.99.67.111	attack	Aug 25 16:24:42 MK-Soft-VM3 sshd\[13993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.67.111 user=root Aug 25 16:24:45 MK-Soft-VM3 sshd\[13993\]: Failed password for root from 139.99.67.111 port 34746 ssh2 Aug 25 16:29:25 MK-Soft-VM3 sshd\[14185\]: Invalid user awt from 139.99.67.111 port 52914 Aug 25 16:29:25 MK-Soft-VM3 sshd\[14185\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.67.111 ...	2019-08-26 01:19:43
114.237.109.192	attackspambots	$f2bV_matches	2019-08-26 01:31:58
110.164.198.244	attackbotsspam	Aug 25 06:52:56 sachi sshd\[22942\]: Invalid user vagner from 110.164.198.244 Aug 25 06:52:56 sachi sshd\[22942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.164.198.244 Aug 25 06:52:58 sachi sshd\[22942\]: Failed password for invalid user vagner from 110.164.198.244 port 60082 ssh2 Aug 25 06:57:57 sachi sshd\[23404\]: Invalid user web-admin from 110.164.198.244 Aug 25 06:57:57 sachi sshd\[23404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.164.198.244	2019-08-26 01:13:56
54.36.182.244	attack	Aug 25 17:20:24 web8 sshd\[9000\]: Invalid user fk from 54.36.182.244 Aug 25 17:20:24 web8 sshd\[9000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.182.244 Aug 25 17:20:26 web8 sshd\[9000\]: Failed password for invalid user fk from 54.36.182.244 port 33968 ssh2 Aug 25 17:24:06 web8 sshd\[10779\]: Invalid user brad from 54.36.182.244 Aug 25 17:24:06 web8 sshd\[10779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.182.244	2019-08-26 01:24:50
51.83.33.156	attackbots	Aug 25 13:45:21 SilenceServices sshd[7805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.33.156 Aug 25 13:45:22 SilenceServices sshd[7805]: Failed password for invalid user juan from 51.83.33.156 port 46902 ssh2 Aug 25 13:49:17 SilenceServices sshd[9355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.33.156	2019-08-26 01:12:31
138.197.162.28	attack	Automatic report - Banned IP Access	2019-08-26 01:36:34
209.97.187.108	attack	Aug 25 13:01:20 xtremcommunity sshd\[2881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.187.108 user=root Aug 25 13:01:22 xtremcommunity sshd\[2881\]: Failed password for root from 209.97.187.108 port 36498 ssh2 Aug 25 13:06:10 xtremcommunity sshd\[3050\]: Invalid user notice from 209.97.187.108 port 53266 Aug 25 13:06:10 xtremcommunity sshd\[3050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.187.108 Aug 25 13:06:12 xtremcommunity sshd\[3050\]: Failed password for invalid user notice from 209.97.187.108 port 53266 ssh2 ...	2019-08-26 01:11:53
159.89.165.127	attackbotsspam	...	2019-08-26 01:35:12
123.206.30.76	attackbots	Aug 25 20:07:51 srv-4 sshd\[23401\]: Invalid user test from 123.206.30.76 Aug 25 20:07:51 srv-4 sshd\[23401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.30.76 Aug 25 20:07:53 srv-4 sshd\[23401\]: Failed password for invalid user test from 123.206.30.76 port 42634 ssh2 ...	2019-08-26 01:44:57
149.202.59.85	attack	Aug 25 12:30:41 aat-srv002 sshd[21045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.59.85 Aug 25 12:30:44 aat-srv002 sshd[21045]: Failed password for invalid user alumni from 149.202.59.85 port 36931 ssh2 Aug 25 12:34:44 aat-srv002 sshd[21147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.59.85 Aug 25 12:34:46 aat-srv002 sshd[21147]: Failed password for invalid user sshtester from 149.202.59.85 port 60009 ssh2 ...	2019-08-26 01:44:25
159.148.4.227	attackbots	Aug 25 19:19:36 vps647732 sshd[17379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.148.4.227 Aug 25 19:19:38 vps647732 sshd[17379]: Failed password for invalid user sxf from 159.148.4.227 port 39304 ssh2 ...	2019-08-26 01:27:38

Recently Reported IPs

42.115.249.6	115.220.10.65	165.22.242.162	19.241.185.47
45.234.77.155	108.128.142.44	8.108.194.198	189.202.57.123
194.226.169.44	74.117.86.103	70.222.62.195	177.94.139.14
167.44.30.183	113.220.84.207	94.108.230.229	58.75.60.196
186.109.249.93	248.167.67.121	46.93.156.38	191.111.108.108