125.163.92.213

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	1586145392 - 04/06/2020 05:56:32 Host: 125.163.92.213/125.163.92.213 Port: 445 TCP Blocked	2020-04-06 12:10:55

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.163.92.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37968
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.163.92.213.			IN	A

;; AUTHORITY SECTION:
.			234	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040501 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 06 12:10:52 CST 2020
;; MSG SIZE  rcvd: 118

Host info

213.92.163.125.in-addr.arpa domain name pointer 213.subnet125-163-92.speedy.telkom.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
213.92.163.125.in-addr.arpa	name = 213.subnet125-163-92.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.208.228.253	attack	Port Scan	2020-02-21 06:17:55
218.75.38.212	attack	port scan and connect, tcp 80 (http)	2020-02-21 05:47:10
60.168.128.2	attackbotsspam	Feb 20 16:48:54 Tower sshd[25025]: Connection from 60.168.128.2 port 54728 on 192.168.10.220 port 22 rdomain "" Feb 20 16:48:56 Tower sshd[25025]: Invalid user qichen from 60.168.128.2 port 54728 Feb 20 16:48:56 Tower sshd[25025]: error: Could not get shadow information for NOUSER Feb 20 16:48:56 Tower sshd[25025]: Failed password for invalid user qichen from 60.168.128.2 port 54728 ssh2 Feb 20 16:48:56 Tower sshd[25025]: Received disconnect from 60.168.128.2 port 54728:11: Bye Bye [preauth] Feb 20 16:48:56 Tower sshd[25025]: Disconnected from invalid user qichen 60.168.128.2 port 54728 [preauth]	2020-02-21 06:02:50
222.186.173.215	attackspambots	Feb 20 23:11:18 vps647732 sshd[24376]: Failed password for root from 222.186.173.215 port 9586 ssh2 Feb 20 23:11:30 vps647732 sshd[24376]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 9586 ssh2 [preauth] ...	2020-02-21 06:14:12
222.186.175.154	attackspam	2020-02-20T23:18:12.780505vps751288.ovh.net sshd\[25135\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root 2020-02-20T23:18:14.209531vps751288.ovh.net sshd\[25135\]: Failed password for root from 222.186.175.154 port 23326 ssh2 2020-02-20T23:18:17.643250vps751288.ovh.net sshd\[25135\]: Failed password for root from 222.186.175.154 port 23326 ssh2 2020-02-20T23:18:20.819980vps751288.ovh.net sshd\[25135\]: Failed password for root from 222.186.175.154 port 23326 ssh2 2020-02-20T23:18:23.545607vps751288.ovh.net sshd\[25135\]: Failed password for root from 222.186.175.154 port 23326 ssh2	2020-02-21 06:26:33
211.34.122.156	attack	Port Scan	2020-02-21 06:24:27
37.139.2.218	attackspambots	Feb 20 22:48:55 dedicated sshd[11017]: Invalid user ftp from 37.139.2.218 port 54716	2020-02-21 06:10:59
218.92.0.202	attackspambots	Feb 20 22:49:00 MK-Soft-Root1 sshd[29742]: Failed password for root from 218.92.0.202 port 60119 ssh2 Feb 20 22:49:02 MK-Soft-Root1 sshd[29742]: Failed password for root from 218.92.0.202 port 60119 ssh2 ...	2020-02-21 06:06:46
109.195.139.29	attackspambots	Port Scan	2020-02-21 05:51:06
77.40.42.122	attackbots	failed_logins	2020-02-21 06:16:50
162.158.103.180	attack	Magento Bruteforce	2020-02-21 06:26:07
222.186.42.155	attackspam	...	2020-02-21 06:10:37
138.0.60.6	attackbots	Feb 20 14:19:48 prox sshd[19439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.0.60.6 Feb 20 14:19:50 prox sshd[19439]: Failed password for invalid user guest from 138.0.60.6 port 37424 ssh2	2020-02-21 05:48:12
125.212.159.200	attack	Feb 20 22:48:53 grey postfix/smtpd\[19000\]: NOQUEUE: reject: RCPT from unknown\[125.212.159.200\]: 554 5.7.1 Service unavailable\; Client host \[125.212.159.200\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?125.212.159.200\; from=\ to=\ proto=SMTP helo=\ ...	2020-02-21 06:12:36
211.23.241.101	attack	Thu Feb 20 14:48:42 2020 - Child process 97325 handling connection Thu Feb 20 14:48:42 2020 - New connection from: 211.23.241.101:55997 Thu Feb 20 14:48:42 2020 - Sending data to client: [Login: ] Thu Feb 20 14:49:13 2020 - Child aborting Thu Feb 20 14:49:13 2020 - Reporting IP address: 211.23.241.101 - mflag: 0	2020-02-21 06:25:44

Recently Reported IPs

155.3.80.171	51.89.238.198	3.101.226.61	8.205.125.59
195.224.32.213	61.72.44.197	210.107.177.214	248.98.40.46
84.164.165.151	178.171.65.191	195.202.255.65	222.199.136.60
122.149.95.192	75.119.216.13	103.76.24.119	202.137.18.40
156.217.145.102	82.148.18.26	77.64.242.232	198.71.224.14