125.161.135.142

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: Esia

Hostname: unknown

Organization: PT Telekomunikasi Indonesia

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
125.161.135.94	attack	1582346679 - 02/22/2020 05:44:39 Host: 125.161.135.94/125.161.135.94 Port: 445 TCP Blocked	2020-02-22 19:46:39
125.161.135.228	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-28 23:19:44,435 INFO [shellcode_manager] (125.161.135.228) no match, writing hexdump (f2c1cc5957d3e56b205ec773de920569 :1862331) - MS17010 (EternalBlue)	2019-08-29 12:22:36

Type

Details

Datetime

125.161.135.94

attack

1582346679 - 02/22/2020 05:44:39 Host: 125.161.135.94/125.161.135.94 Port: 445 TCP Blocked

2020-02-22 19:46:39

125.161.135.228

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-28 23:19:44,435 INFO [shellcode_manager] (125.161.135.228) no match, writing hexdump (f2c1cc5957d3e56b205ec773de920569 :1862331) - MS17010 (EternalBlue)

2019-08-29 12:22:36

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.135.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15249
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.135.142.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue May 28 21:46:16 CST 2019
;; MSG SIZE  rcvd: 119

Host info

142.135.161.125.in-addr.arpa domain name pointer 142.subnet125-161-135.speedy.telkom.net.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.135.161.125.in-addr.arpa	name = 142.subnet125-161-135.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.212	attack	2020-01-03T15:05:50.106747dmca.cloudsearch.cf sshd[2316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root 2020-01-03T15:05:52.488567dmca.cloudsearch.cf sshd[2316]: Failed password for root from 222.186.175.212 port 9934 ssh2 2020-01-03T15:05:55.835701dmca.cloudsearch.cf sshd[2316]: Failed password for root from 222.186.175.212 port 9934 ssh2 2020-01-03T15:05:50.106747dmca.cloudsearch.cf sshd[2316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root 2020-01-03T15:05:52.488567dmca.cloudsearch.cf sshd[2316]: Failed password for root from 222.186.175.212 port 9934 ssh2 2020-01-03T15:05:55.835701dmca.cloudsearch.cf sshd[2316]: Failed password for root from 222.186.175.212 port 9934 ssh2 2020-01-03T15:05:50.106747dmca.cloudsearch.cf sshd[2316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root 2020- ...	2020-01-03 23:18:30
64.20.48.189	attack	Automatic report - XMLRPC Attack	2020-01-03 23:24:32
222.186.30.145	attackspambots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.145 user=root Failed password for root from 222.186.30.145 port 10702 ssh2 Failed password for root from 222.186.30.145 port 10702 ssh2 Failed password for root from 222.186.30.145 port 10702 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.145 user=root	2020-01-03 23:59:11
223.197.175.171	attack	Jan 3 16:19:24 amit sshd\[9362\]: Invalid user cpanel from 223.197.175.171 Jan 3 16:19:24 amit sshd\[9362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.197.175.171 Jan 3 16:19:25 amit sshd\[9362\]: Failed password for invalid user cpanel from 223.197.175.171 port 53900 ssh2 ...	2020-01-03 23:54:35
31.5.166.137	attackbotsspam	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-01-03 23:31:53
185.116.203.59	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 13:05:17.	2020-01-03 23:40:35
201.72.238.179	attack	$f2bV_matches	2020-01-03 23:34:04
193.248.243.40	attack	Automatic report - Port Scan Attack	2020-01-03 23:53:19
77.233.4.133	attackbotsspam	Jan 3 14:08:24 ip-172-31-62-245 sshd\[24791\]: Invalid user pian from 77.233.4.133\ Jan 3 14:08:25 ip-172-31-62-245 sshd\[24791\]: Failed password for invalid user pian from 77.233.4.133 port 59755 ssh2\ Jan 3 14:11:45 ip-172-31-62-245 sshd\[24919\]: Invalid user chaz from 77.233.4.133\ Jan 3 14:11:47 ip-172-31-62-245 sshd\[24919\]: Failed password for invalid user chaz from 77.233.4.133 port 46946 ssh2\ Jan 3 14:15:06 ip-172-31-62-245 sshd\[24985\]: Invalid user bzv from 77.233.4.133\	2020-01-03 23:13:19
45.178.109.140	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 13:05:20.	2020-01-03 23:34:42
194.27.10.20	attackspambots	Honeypot attack, port: 445, PTR: gazi10-20.gazi.edu.tr.	2020-01-03 23:40:17
14.240.254.233	attackspambots	Lines containing failures of 14.240.254.233 Jan 2 09:50:05 nextcloud sshd[16565]: Invalid user lknycz from 14.240.254.233 port 44795 Jan 2 09:50:05 nextcloud sshd[16565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.240.254.233 Jan 2 09:50:07 nextcloud sshd[16565]: Failed password for invalid user lknycz from 14.240.254.233 port 44795 ssh2 Jan 2 09:50:08 nextcloud sshd[16565]: Received disconnect from 14.240.254.233 port 44795:11: Bye Bye [preauth] Jan 2 09:50:08 nextcloud sshd[16565]: Disconnected from invalid user lknycz 14.240.254.233 port 44795 [preauth] Jan 2 09:58:51 nextcloud sshd[18817]: Invalid user admin from 14.240.254.233 port 32945 Jan 2 09:58:51 nextcloud sshd[18817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.240.254.233 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.240.254.233	2020-01-03 23:57:56
222.186.180.6	attackspam	Jan 3 16:53:24 vmd26974 sshd[2127]: Failed password for root from 222.186.180.6 port 26530 ssh2 Jan 3 16:53:36 vmd26974 sshd[2127]: error: maximum authentication attempts exceeded for root from 222.186.180.6 port 26530 ssh2 [preauth] ...	2020-01-03 23:53:53
27.49.64.14	attackspambots	20/1/3@08:05:47: FAIL: Alarm-Intrusion address from=27.49.64.14 ...	2020-01-03 23:15:01
14.177.224.34	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 13:05:14.	2020-01-03 23:44:51

Recently Reported IPs

220.31.166.150	12.210.150.90	89.211.211.243	86.167.175.243
173.237.2.208	59.7.58.183	219.191.40.219	223.111.147.61
192.134.78.75	181.73.161.116	12.154.182.90	120.95.229.171
75.176.116.211	149.217.244.80	78.169.244.45	193.56.29.30
192.173.244.72	196.150.129.122	59.128.23.118	123.125.162.226