125.164.234.148

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 125.164.234.148 on Port 445(SMB)	2020-07-20 21:57:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.164.234.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37357
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.164.234.148.		IN	A

;; AUTHORITY SECTION:
.			182	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072000 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 20 21:57:33 CST 2020
;; MSG SIZE  rcvd: 119

Host info

148.234.164.125.in-addr.arpa domain name pointer 148.subnet125-164-234.speedy.telkom.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.234.164.125.in-addr.arpa	name = 148.subnet125-164-234.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.83.42.212	attackbots	Sep 12 14:11:08 NPSTNNYC01T sshd[16260]: Failed password for root from 51.83.42.212 port 46214 ssh2 Sep 12 14:14:54 NPSTNNYC01T sshd[16671]: Failed password for root from 51.83.42.212 port 58972 ssh2 ...	2020-09-13 02:20:08
106.75.210.176	attackspambots	5x Failed Password	2020-09-13 02:12:09
196.52.43.106	attack	TCP (SYN) 196.52.43.106:53846 -> port 808, len 44	2020-09-13 02:24:58
120.92.45.102	attackbots	2020-09-12T22:39:55.405555hostname sshd[24607]: Failed password for invalid user pvkii from 120.92.45.102 port 63956 ssh2 ...	2020-09-13 02:11:25
104.171.172.246	attackbotsspam	Port Scan ...	2020-09-13 02:25:41
36.57.64.184	attack	Sep 11 20:29:44 srv01 postfix/smtpd\[20059\]: warning: unknown\[36.57.64.184\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 11 20:29:56 srv01 postfix/smtpd\[20059\]: warning: unknown\[36.57.64.184\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 11 20:30:12 srv01 postfix/smtpd\[20059\]: warning: unknown\[36.57.64.184\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 11 20:30:30 srv01 postfix/smtpd\[20059\]: warning: unknown\[36.57.64.184\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 11 20:30:42 srv01 postfix/smtpd\[20059\]: warning: unknown\[36.57.64.184\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-13 02:02:16
64.225.35.135	attackbots	firewall-block, port(s): 6510/tcp	2020-09-13 02:11:09
194.26.25.119	attackspam	Sep 12 18:09:24 [host] kernel: [5593444.890454] [U Sep 12 18:11:24 [host] kernel: [5593565.221703] [U Sep 12 18:21:02 [host] kernel: [5594142.441159] [U Sep 12 18:45:15 [host] kernel: [5595595.931552] [U Sep 12 18:50:48 [host] kernel: [5595928.450831] [U Sep 12 18:57:39 [host] kernel: [5596339.410415] [U	2020-09-13 02:25:13
77.247.178.141	attackspambots	[2020-09-12 13:37:39] NOTICE[1239][C-0000255e] chan_sip.c: Call from '' (77.247.178.141:64424) to extension '+442037693520' rejected because extension not found in context 'public'. [2020-09-12 13:37:39] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-12T13:37:39.921-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+442037693520",SessionID="0x7f4d480f08c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.178.141/64424",ACLName="no_extension_match" [2020-09-12 13:40:12] NOTICE[1239][C-00002563] chan_sip.c: Call from '' (77.247.178.141:60323) to extension '9011442037697638' rejected because extension not found in context 'public'. [2020-09-12 13:40:12] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-12T13:40:12.367-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011442037697638",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-09-13 01:54:10
68.183.84.21	attackspam	RDP Bruteforce	2020-09-13 01:52:33
152.32.166.14	attackspam	Sep 12 12:52:57 web8 sshd\[2107\]: Invalid user send from 152.32.166.14 Sep 12 12:52:57 web8 sshd\[2107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.166.14 Sep 12 12:52:59 web8 sshd\[2107\]: Failed password for invalid user send from 152.32.166.14 port 44638 ssh2 Sep 12 12:57:55 web8 sshd\[4571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.166.14 user=root Sep 12 12:57:56 web8 sshd\[4571\]: Failed password for root from 152.32.166.14 port 58990 ssh2	2020-09-13 01:51:31
218.92.0.224	attackspam	Sep 12 20:01:52 jane sshd[23810]: Failed password for root from 218.92.0.224 port 5768 ssh2 Sep 12 20:01:56 jane sshd[23810]: Failed password for root from 218.92.0.224 port 5768 ssh2 ...	2020-09-13 02:03:17
181.126.83.37	attack	(sshd) Failed SSH login from 181.126.83.37 (PY/Paraguay/pool-37-83-126-181.telecel.com.py): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 12 11:09:36 optimus sshd[2447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.126.83.37 user=root Sep 12 11:09:37 optimus sshd[2447]: Failed password for root from 181.126.83.37 port 48942 ssh2 Sep 12 11:20:00 optimus sshd[4948]: Invalid user senaco from 181.126.83.37 Sep 12 11:20:00 optimus sshd[4948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.126.83.37 Sep 12 11:20:03 optimus sshd[4948]: Failed password for invalid user senaco from 181.126.83.37 port 46090 ssh2	2020-09-13 02:16:48
122.117.16.189	attackspam	TCP (SYN) 122.117.16.189:49222 -> port 23, len 44	2020-09-13 02:11:50
94.74.177.6	attackspam	smtp probe/invalid login attempt	2020-09-13 01:55:57

Recently Reported IPs

180.251.177.9	160.90.64.100	120.245.20.172	175.140.188.192
234.64.84.6	43.225.73.156	49.36.140.200	81.16.2.249
120.70.176.24	217.6.79.202	162.243.128.50	186.235.61.116
185.220.101.149	122.177.154.198	149.200.172.232	50.2.214.47
45.163.198.206	42.53.145.144	59.127.3.65	52.183.30.114