125.161.136.106

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 125.161.136.106 on Port 445(SMB)	2019-07-22 19:20:04

Comments on same subnet:

IP	Type	Details	Datetime
125.161.136.235	attackspambots	Unauthorized connection attempt from IP address 125.161.136.235 on Port 445(SMB)	2020-09-09 04:06:55
125.161.136.235	attackspambots	Unauthorized connection attempt from IP address 125.161.136.235 on Port 445(SMB)	2020-09-08 19:49:11
125.161.136.142	attackspam	Unauthorized connection attempt detected from IP address 125.161.136.142 to port 445	2020-07-25 20:32:44
125.161.136.11	attack	1591358574 - 06/05/2020 14:02:54 Host: 125.161.136.11/125.161.136.11 Port: 445 TCP Blocked	2020-06-05 21:15:37
125.161.136.30	attack	$f2bV_matches	2020-02-12 09:36:47
125.161.136.227	attack	Unauthorized connection attempt from IP address 125.161.136.227 on Port 445(SMB)	2020-02-12 01:02:57
125.161.136.160	attack	Unauthorized connection attempt from IP address 125.161.136.160 on Port 445(SMB)	2020-01-31 16:19:44
125.161.136.114	attack	Honeypot attack, port: 445, PTR: 114.subnet125-161-136.speedy.telkom.net.id.	2020-01-26 21:31:04
125.161.136.47	attackbots	unauthorized connection attempt	2020-01-22 19:55:21
125.161.136.78	attackbots	Jan 15 06:19:15 raspberrypi sshd\[24637\]: Invalid user guest from 125.161.136.78 ...	2020-01-15 14:55:39
125.161.136.153	attackspam	Jan 2 08:55:11 MK-Soft-VM5 sshd[12558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.136.153 Jan 2 08:55:13 MK-Soft-VM5 sshd[12558]: Failed password for invalid user administrator from 125.161.136.153 port 2328 ssh2 ...	2020-01-02 18:02:06
125.161.136.112	attack	Dec 30 07:29:18 herz-der-gamer sshd[25521]: Invalid user msfadmin from 125.161.136.112 port 39739 Dec 30 07:29:18 herz-der-gamer sshd[25521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.136.112 Dec 30 07:29:18 herz-der-gamer sshd[25521]: Invalid user msfadmin from 125.161.136.112 port 39739 Dec 30 07:29:20 herz-der-gamer sshd[25521]: Failed password for invalid user msfadmin from 125.161.136.112 port 39739 ssh2 ...	2019-12-30 16:00:47
125.161.136.26	attackbots	Unauthorized connection attempt detected from IP address 125.161.136.26 to port 445	2019-12-18 07:15:58
125.161.136.4	attack	445/tcp [2019-10-26]1pkt	2019-10-26 15:26:53
125.161.136.17	attackbots	Unauthorized connection attempt from IP address 125.161.136.17 on Port 445(SMB)	2019-10-21 00:34:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.136.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32124
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.136.106.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 22 19:19:54 CST 2019
;; MSG SIZE  rcvd: 119

Host info

106.136.161.125.in-addr.arpa domain name pointer 106.subnet125-161-136.speedy.telkom.net.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
106.136.161.125.in-addr.arpa	name = 106.subnet125-161-136.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.245.118.141	attack	Jul 3 09:31:11 tanzim-HP-Z238-Microtower-Workstation sshd\[15889\]: Invalid user antonio from 78.245.118.141 Jul 3 09:31:11 tanzim-HP-Z238-Microtower-Workstation sshd\[15889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.245.118.141 Jul 3 09:31:13 tanzim-HP-Z238-Microtower-Workstation sshd\[15889\]: Failed password for invalid user antonio from 78.245.118.141 port 34532 ssh2 ...	2019-07-03 19:31:00
183.13.121.192	attack	Jul 3 05:26:36 linuxrulz sshd[6881]: Invalid user eg from 183.13.121.192 port 9506 Jul 3 05:26:36 linuxrulz sshd[6881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.13.121.192 Jul 3 05:26:39 linuxrulz sshd[6881]: Failed password for invalid user eg from 183.13.121.192 port 9506 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=183.13.121.192	2019-07-03 20:02:52
212.235.90.71	attackspambots	23/tcp [2019-07-03]1pkt	2019-07-03 19:58:57
201.86.176.218	attackbots	Jul 2 20:14:57 shadeyouvpn sshd[26014]: Invalid user user1 from 201.86.176.218 Jul 2 20:14:57 shadeyouvpn sshd[26014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.86.176.218.dynamic.adsl.gvt.net.br Jul 2 20:14:58 shadeyouvpn sshd[26014]: Failed password for invalid user user1 from 201.86.176.218 port 38514 ssh2 Jul 2 20:14:59 shadeyouvpn sshd[26014]: Received disconnect from 201.86.176.218: 11: Bye Bye [preauth] Jul 2 20:17:19 shadeyouvpn sshd[28084]: Invalid user test from 201.86.176.218 Jul 2 20:17:19 shadeyouvpn sshd[28084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.86.176.218.dynamic.adsl.gvt.net.br Jul 2 20:17:21 shadeyouvpn sshd[28084]: Failed password for invalid user test from 201.86.176.218 port 55158 ssh2 Jul 2 20:17:21 shadeyouvpn sshd[28084]: Received disconnect from 201.86.176.218: 11: Bye Bye [preauth] Jul 2 20:27:12 shadeyouvpn sshd[1938]: Invalid ........ -------------------------------	2019-07-03 19:31:31
36.224.41.8	attack	37215/tcp [2019-07-03]1pkt	2019-07-03 19:58:00
203.113.66.151	attackbotsspam	Jul 3 03:43:00 localhost sshd\[30331\]: Invalid user jiushop from 203.113.66.151 port 36614 Jul 3 03:43:00 localhost sshd\[30331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.113.66.151 Jul 3 03:43:02 localhost sshd\[30331\]: Failed password for invalid user jiushop from 203.113.66.151 port 36614 ssh2 ...	2019-07-03 20:06:38
209.97.182.100	attack	Jul 3 00:59:57 vps200512 sshd\[5367\]: Invalid user chun from 209.97.182.100 Jul 3 00:59:57 vps200512 sshd\[5367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.182.100 Jul 3 00:59:59 vps200512 sshd\[5367\]: Failed password for invalid user chun from 209.97.182.100 port 39956 ssh2 Jul 3 01:02:17 vps200512 sshd\[5436\]: Invalid user emile from 209.97.182.100 Jul 3 01:02:17 vps200512 sshd\[5436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.182.100	2019-07-03 19:55:29
42.226.78.247	attackbotsspam	23/tcp [2019-07-03]1pkt	2019-07-03 19:48:30
180.249.214.144	attack	Unauthorised access (Jul 3) SRC=180.249.214.144 LEN=52 TTL=52 ID=30781 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-03 19:23:21
37.128.242.165	attack	8080/tcp [2019-07-03]1pkt	2019-07-03 19:50:12
83.209.186.35	attackbotsspam	5555/tcp [2019-07-03]1pkt	2019-07-03 19:22:40
218.94.136.90	attackbotsspam	SSH Brute Force, server-1 sshd[26917]: Failed password for invalid user ftpuser from 218.94.136.90 port 7986 ssh2	2019-07-03 19:33:49
171.221.240.23	attackspam	Jul 2 23:44:09 localhost kernel: [13369642.857073] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=171.221.240.23 DST=[mungedIP2] LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=27751 DF PROTO=TCP SPT=57104 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 2 23:44:09 localhost kernel: [13369642.857101] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=171.221.240.23 DST=[mungedIP2] LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=27751 DF PROTO=TCP SPT=57104 DPT=445 SEQ=3120096458 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) Jul 2 23:44:12 localhost kernel: [13369645.867451] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=171.221.240.23 DST=[mungedIP2] LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=23437 DF PROTO=TCP SPT=57104 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Jul 2 23:44:12 localhost kernel: [13369645.867484] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=171.221.240	2019-07-03 19:32:37
61.94.143.64	attackbotsspam	445/tcp [2019-07-03]1pkt	2019-07-03 19:41:35
79.220.80.248	attack	Jul 3 05:27:40 nxxxxxxx sshd[24344]: refused connect from 79.220.80.248 (79= .220.80.248) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=79.220.80.248	2019-07-03 20:09:54

Recently Reported IPs

219.16.170.123	56.27.133.130	121.81.132.170	35.48.178.128
219.122.225.25	117.2.166.20	211.108.171.42	5.94.48.71
2a0d:d407:ac1e:c020::41	105.172.45.82	206.189.22.108	75.99.96.117
76.41.168.250	250.76.152.75	194.71.254.232	177.126.232.191
236.186.132.108	14.241.244.161	194.113.144.79	93.139.199.152