125.161.137.48

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user pi from 125.161.137.48 port 38401	2020-02-12 16:50:45

Comments on same subnet:

IP	Type	Details	Datetime
125.161.137.65	attackspambots	Honeypot attack, port: 445, PTR: 65.subnet125-161-137.speedy.telkom.net.id.	2020-09-26 01:53:51
125.161.137.65	attackbotsspam	Honeypot attack, port: 445, PTR: 65.subnet125-161-137.speedy.telkom.net.id.	2020-09-25 17:33:06
125.161.137.234	attackbotsspam	"SSH brute force auth login attempt."	2020-09-09 01:30:30
125.161.137.234	attackspambots	"SSH brute force auth login attempt."	2020-09-08 16:56:47
125.161.137.73	attack	1594439536 - 07/11/2020 05:52:16 Host: 125.161.137.73/125.161.137.73 Port: 445 TCP Blocked	2020-07-11 16:48:25
125.161.137.171	attack	Unauthorized connection attempt from IP address 125.161.137.171 on Port 445(SMB)	2020-05-06 19:57:57
125.161.137.41	attackspambots	Unauthorized connection attempt detected from IP address 125.161.137.41 to port 445	2020-03-17 16:16:46
125.161.137.112	attackbotsspam	Unauthorized connection attempt from IP address 125.161.137.112 on Port 445(SMB)	2020-03-13 20:44:33
125.161.137.116	attack	Unauthorized connection attempt from IP address 125.161.137.116 on Port 445(SMB)	2020-03-13 19:52:39
125.161.137.42	attack	1583892734 - 03/11/2020 03:12:14 Host: 125.161.137.42/125.161.137.42 Port: 445 TCP Blocked	2020-03-11 14:34:21
125.161.137.192	attack	1583383753 - 03/05/2020 05:49:13 Host: 125.161.137.192/125.161.137.192 Port: 445 TCP Blocked	2020-03-05 17:25:54
125.161.137.190	attackbotsspam	1579496238 - 01/20/2020 05:57:18 Host: 125.161.137.190/125.161.137.190 Port: 445 TCP Blocked	2020-01-20 14:49:57
125.161.137.130	attackspam	Unauthorized connection attempt from IP address 125.161.137.130 on Port 445(SMB)	2019-12-10 08:23:27
125.161.137.41	attack	Unauthorized connection attempt from IP address 125.161.137.41 on Port 445(SMB)	2019-11-06 06:00:37
125.161.137.95	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 12:55:22.	2019-10-08 21:38:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.137.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49047
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.137.48.			IN	A

;; AUTHORITY SECTION:
.			338	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021200 1800 900 604800 86400

;; Query time: 401 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 16:50:40 CST 2020
;; MSG SIZE  rcvd: 118

Host info

48.137.161.125.in-addr.arpa domain name pointer 48.subnet125-161-137.speedy.telkom.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.137.161.125.in-addr.arpa	name = 48.subnet125-161-137.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.49.230.164	attackspam	Failed password for invalid user from 37.49.230.164 port 59414 ssh2	2020-06-30 05:27:29
148.70.125.42	attack	Jun 29 20:27:47 124388 sshd[2168]: Failed password for invalid user alice from 148.70.125.42 port 32768 ssh2 Jun 29 20:31:33 124388 sshd[2334]: Invalid user oracle from 148.70.125.42 port 60618 Jun 29 20:31:33 124388 sshd[2334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 Jun 29 20:31:33 124388 sshd[2334]: Invalid user oracle from 148.70.125.42 port 60618 Jun 29 20:31:35 124388 sshd[2334]: Failed password for invalid user oracle from 148.70.125.42 port 60618 ssh2	2020-06-30 05:36:57
51.79.100.57	attackbotsspam	[portscan] Port scan	2020-06-30 05:51:40
193.228.109.227	attackbotsspam	Jun 29 23:00:10 OPSO sshd\[4604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228.109.227 user=root Jun 29 23:00:13 OPSO sshd\[4604\]: Failed password for root from 193.228.109.227 port 42140 ssh2 Jun 29 23:04:00 OPSO sshd\[5584\]: Invalid user usuarios from 193.228.109.227 port 60116 Jun 29 23:04:00 OPSO sshd\[5584\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228.109.227 Jun 29 23:04:02 OPSO sshd\[5584\]: Failed password for invalid user usuarios from 193.228.109.227 port 60116 ssh2	2020-06-30 05:31:12
114.154.70.35	attackbotsspam	2020-06-29T22:35:15.654600vt1.awoom.xyz sshd[3817]: Invalid user tommy from 114.154.70.35 port 58907 2020-06-29T22:35:15.659671vt1.awoom.xyz sshd[3817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=p2938035-ipngn201405tokaisakaetozai.aichi.ocn.ne.jp 2020-06-29T22:35:15.654600vt1.awoom.xyz sshd[3817]: Invalid user tommy from 114.154.70.35 port 58907 2020-06-29T22:35:17.425263vt1.awoom.xyz sshd[3817]: Failed password for invalid user tommy from 114.154.70.35 port 58907 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=114.154.70.35	2020-06-30 06:02:28
65.52.71.173	attackspambots	SSH bruteforce	2020-06-30 06:06:00
178.22.123.156	attack	20 attempts against mh-ssh on sun	2020-06-30 05:33:25
49.234.130.91	attackspam	Jun 29 23:36:42 eventyay sshd[21632]: Failed password for root from 49.234.130.91 port 43377 ssh2 Jun 29 23:39:26 eventyay sshd[21719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.130.91 Jun 29 23:39:28 eventyay sshd[21719]: Failed password for invalid user test1 from 49.234.130.91 port 32896 ssh2 ...	2020-06-30 05:54:55
223.24.156.85	spambotsattackproxynormal	223.24.156.158	2020-06-30 05:28:08
222.118.27.107	attackbots	Icarus honeypot on github	2020-06-30 06:00:28
198.27.81.94	attackbots	198.27.81.94 - - [29/Jun/2020:22:50:41 +0100] "POST /wp-login.php HTTP/1.1" 200 5966 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 198.27.81.94 - - [29/Jun/2020:22:52:41 +0100] "POST /wp-login.php HTTP/1.1" 200 5966 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 198.27.81.94 - - [29/Jun/2020:22:54:47 +0100] "POST /wp-login.php HTTP/1.1" 200 5966 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-06-30 06:03:13
79.136.70.159	attack	Jun 29 22:50:25 ArkNodeAT sshd\[7774\]: Invalid user sebastian from 79.136.70.159 Jun 29 22:50:25 ArkNodeAT sshd\[7774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.136.70.159 Jun 29 22:50:27 ArkNodeAT sshd\[7774\]: Failed password for invalid user sebastian from 79.136.70.159 port 49940 ssh2	2020-06-30 05:52:33
118.33.163.190	attackspam	port	2020-06-30 05:52:58
210.22.78.74	attackspambots	odoo8 ...	2020-06-30 05:43:20
134.209.155.213	attackbots	C1,WP GET /suche/wp-login.php	2020-06-30 06:07:32

Recently Reported IPs

116.106.163.139	116.104.9.92	171.231.1.163	1.212.24.35
187.204.49.61	81.218.168.85	27.73.251.210	14.229.111.122
101.108.95.153	14.168.144.123	183.88.240.210	178.62.203.226
36.225.123.167	1.174.95.221	220.134.222.190	112.33.18.9
180.76.149.7	103.232.65.70	42.113.183.151	94.138.99.115