125.161.137.11

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	445/tcp 445/tcp [2019-08-16]2pkt	2019-08-16 14:53:16

Comments on same subnet:

IP	Type	Details	Datetime
125.161.137.65	attackspambots	Honeypot attack, port: 445, PTR: 65.subnet125-161-137.speedy.telkom.net.id.	2020-09-26 01:53:51
125.161.137.65	attackbotsspam	Honeypot attack, port: 445, PTR: 65.subnet125-161-137.speedy.telkom.net.id.	2020-09-25 17:33:06
125.161.137.234	attackbotsspam	"SSH brute force auth login attempt."	2020-09-09 01:30:30
125.161.137.234	attackspambots	"SSH brute force auth login attempt."	2020-09-08 16:56:47
125.161.137.73	attack	1594439536 - 07/11/2020 05:52:16 Host: 125.161.137.73/125.161.137.73 Port: 445 TCP Blocked	2020-07-11 16:48:25
125.161.137.171	attack	Unauthorized connection attempt from IP address 125.161.137.171 on Port 445(SMB)	2020-05-06 19:57:57
125.161.137.41	attackspambots	Unauthorized connection attempt detected from IP address 125.161.137.41 to port 445	2020-03-17 16:16:46
125.161.137.112	attackbotsspam	Unauthorized connection attempt from IP address 125.161.137.112 on Port 445(SMB)	2020-03-13 20:44:33
125.161.137.116	attack	Unauthorized connection attempt from IP address 125.161.137.116 on Port 445(SMB)	2020-03-13 19:52:39
125.161.137.42	attack	1583892734 - 03/11/2020 03:12:14 Host: 125.161.137.42/125.161.137.42 Port: 445 TCP Blocked	2020-03-11 14:34:21
125.161.137.192	attack	1583383753 - 03/05/2020 05:49:13 Host: 125.161.137.192/125.161.137.192 Port: 445 TCP Blocked	2020-03-05 17:25:54
125.161.137.48	attackspam	Invalid user pi from 125.161.137.48 port 38401	2020-02-12 16:50:45
125.161.137.190	attackbotsspam	1579496238 - 01/20/2020 05:57:18 Host: 125.161.137.190/125.161.137.190 Port: 445 TCP Blocked	2020-01-20 14:49:57
125.161.137.130	attackspam	Unauthorized connection attempt from IP address 125.161.137.130 on Port 445(SMB)	2019-12-10 08:23:27
125.161.137.41	attack	Unauthorized connection attempt from IP address 125.161.137.41 on Port 445(SMB)	2019-11-06 06:00:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.137.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44316
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.137.11.			IN	A

;; AUTHORITY SECTION:
.			2425	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081600 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 16 14:53:07 CST 2019
;; MSG SIZE  rcvd: 118

Host info

11.137.161.125.in-addr.arpa domain name pointer 11.subnet125-161-137.speedy.telkom.net.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
11.137.161.125.in-addr.arpa	name = 11.subnet125-161-137.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.61.11.3	attack	Invalid user wordpress from 182.61.11.3 port 33714 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.11.3 Failed password for invalid user wordpress from 182.61.11.3 port 33714 ssh2 Invalid user nd from 182.61.11.3 port 48736 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.11.3	2019-08-26 12:31:57
94.20.200.122	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-26 12:21:49
35.177.197.114	attackbotsspam	Fail2Ban Ban Triggered HTTP Exploit Attempt	2019-08-26 12:52:07
116.255.149.226	attack	Aug 25 18:49:16 php1 sshd\[10220\]: Invalid user factorio from 116.255.149.226 Aug 25 18:49:16 php1 sshd\[10220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.149.226 Aug 25 18:49:18 php1 sshd\[10220\]: Failed password for invalid user factorio from 116.255.149.226 port 48076 ssh2 Aug 25 18:54:49 php1 sshd\[10747\]: Invalid user mandy from 116.255.149.226 Aug 25 18:54:49 php1 sshd\[10747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.149.226	2019-08-26 13:03:35
123.206.13.46	attackbots	Aug 26 05:40:48 lnxweb62 sshd[30223]: Failed password for root from 123.206.13.46 port 52832 ssh2 Aug 26 05:40:48 lnxweb62 sshd[30223]: Failed password for root from 123.206.13.46 port 52832 ssh2	2019-08-26 12:47:44
104.236.239.60	attackbots	Aug 26 07:29:40 srv-4 sshd\[31419\]: Invalid user bob from 104.236.239.60 Aug 26 07:29:40 srv-4 sshd\[31419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.239.60 Aug 26 07:29:42 srv-4 sshd\[31419\]: Failed password for invalid user bob from 104.236.239.60 port 57193 ssh2 ...	2019-08-26 12:39:59
45.76.237.54	attackspam	Aug 25 18:28:25 tdfoods sshd\[14292\]: Invalid user alphonse from 45.76.237.54 Aug 25 18:28:25 tdfoods sshd\[14292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.76.237.54 Aug 25 18:28:27 tdfoods sshd\[14292\]: Failed password for invalid user alphonse from 45.76.237.54 port 58117 ssh2 Aug 25 18:32:27 tdfoods sshd\[14657\]: Invalid user sakura from 45.76.237.54 Aug 25 18:32:27 tdfoods sshd\[14657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.76.237.54	2019-08-26 12:41:22
168.232.165.67	attackbotsspam	Aug 26 00:25:11 vps200512 sshd\[19096\]: Invalid user abu-xu from 168.232.165.67 Aug 26 00:25:11 vps200512 sshd\[19096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.232.165.67 Aug 26 00:25:13 vps200512 sshd\[19096\]: Failed password for invalid user abu-xu from 168.232.165.67 port 58350 ssh2 Aug 26 00:30:26 vps200512 sshd\[19150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.232.165.67 user=root Aug 26 00:30:28 vps200512 sshd\[19150\]: Failed password for root from 168.232.165.67 port 48554 ssh2	2019-08-26 12:34:49
91.148.141.188	attackspambots	91.148.141.188 - - \[26/Aug/2019:05:28:42 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 91.148.141.188 - - \[26/Aug/2019:05:28:43 +0200\] "POST /wp-login.php HTTP/1.1" 200 2113 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-08-26 12:32:39
68.48.240.245	attackspam	Aug 25 18:32:01 php2 sshd\[30127\]: Invalid user abhijit from 68.48.240.245 Aug 25 18:32:01 php2 sshd\[30127\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-68-48-240-245.hsd1.mi.comcast.net Aug 25 18:32:03 php2 sshd\[30127\]: Failed password for invalid user abhijit from 68.48.240.245 port 60656 ssh2 Aug 25 18:36:15 php2 sshd\[30476\]: Invalid user sk from 68.48.240.245 Aug 25 18:36:15 php2 sshd\[30476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-68-48-240-245.hsd1.mi.comcast.net	2019-08-26 12:40:55
34.201.87.192	attack	Automatic report - Banned IP Access	2019-08-26 13:09:36
67.55.92.88	attackbots	Aug 26 03:28:41 marvibiene sshd[45481]: Invalid user lian from 67.55.92.88 port 44976 Aug 26 03:28:41 marvibiene sshd[45481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.55.92.88 Aug 26 03:28:41 marvibiene sshd[45481]: Invalid user lian from 67.55.92.88 port 44976 Aug 26 03:28:43 marvibiene sshd[45481]: Failed password for invalid user lian from 67.55.92.88 port 44976 ssh2 ...	2019-08-26 12:31:18
207.154.227.200	attack	Aug 26 00:12:54 ny01 sshd[9957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.227.200 Aug 26 00:12:56 ny01 sshd[9957]: Failed password for invalid user mc from 207.154.227.200 port 52112 ssh2 Aug 26 00:16:59 ny01 sshd[10581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.227.200	2019-08-26 12:22:05
46.100.54.2	attack	Automatic report - Port Scan Attack	2019-08-26 12:19:31
52.227.166.139	attackbots	Aug 26 03:28:14 MK-Soft-VM5 sshd\[22220\]: Invalid user guest from 52.227.166.139 port 59408 Aug 26 03:28:14 MK-Soft-VM5 sshd\[22220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.227.166.139 Aug 26 03:28:16 MK-Soft-VM5 sshd\[22220\]: Failed password for invalid user guest from 52.227.166.139 port 59408 ssh2 ...	2019-08-26 12:55:07

Recently Reported IPs

178.130.150.59	79.119.142.154	38.77.14.237	5.196.156.38
218.17.56.50	182.14.100.48	178.93.57.105	113.141.66.255
34.38.107.112	171.217.162.178	148.70.169.228	132.232.131.30
42.117.55.220	35.200.216.12	202.90.199.197	177.53.241.131
200.66.123.10	190.146.171.179	240.51.67.5	251.77.49.206