125.166.3.85 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-06-27 19:27:04

Comments on same subnet:

IP	Type	Details	Datetime
125.166.35.165	attackbotsspam	Brute-force attempt banned	2019-12-25 13:02:45
125.166.35.153	attackbotsspam	Unauthorized connection attempt from IP address 125.166.35.153 on Port 445(SMB)	2019-11-08 02:16:27
125.166.36.182	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 16-10-2019 04:20:23.	2019-10-16 19:00:02
125.166.37.43	attack	Unauthorized connection attempt from IP address 125.166.37.43 on Port 445(SMB)	2019-07-31 23:03:39
125.166.38.254	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-09 12:59:20,968 INFO [shellcode_manager] (125.166.38.254) no match, writing hexdump (1086f4075bd511de1b916db449e13979 :2049044) - MS17010 (EternalBlue)	2019-07-10 07:28:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.166.3.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28313
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.166.3.85.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062700 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 27 19:26:55 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 85.3.166.125.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 85.3.166.125.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.209.0.18	attackspambots	10/27/2019-23:45:18.309364 185.209.0.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-28 08:09:29
185.176.27.38	attackspambots	Multiport scan : 6 ports scanned 12301 12303 12312 12388 12389 12390	2019-10-28 08:11:25
45.82.153.34	attack	10/27/2019-23:39:46.393377 45.82.153.34 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 44	2019-10-28 08:05:59
77.247.110.216	attackspam	10/27/2019-23:58:06.675153 77.247.110.216 Protocol: 17 ET SCAN Sipvicious User-Agent Detected (friendly-scanner)	2019-10-28 08:02:57
185.175.93.22	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-28 08:13:12
185.175.93.103	attackspam	10/27/2019-23:25:45.278866 185.175.93.103 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-28 08:13:00
162.125.36.1	attackbots	ET POLICY Dropbox.com Offsite File Backup in Use - port: 52214 proto: TCP cat: Potential Corporate Privacy Violation	2019-10-28 08:17:50
185.156.73.45	attack	Portscan or hack attempt detected by psad/fwsnort	2019-10-28 08:13:51
185.156.73.27	attackspambots	Multiport scan : 25 ports scanned 4096 4097 4098 11431 11432 11433 15556 15557 15558 27274 27275 27276 30526 30528 52897 52898 55846 55847 55848 56137 56138 56139 59152 59153 59154	2019-10-28 08:14:46
185.156.73.34	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-10-28 07:52:41
185.175.93.104	attackspam	10/27/2019-19:29:58.704958 185.175.93.104 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-28 08:12:37
185.216.140.252	attackspam	10/27/2019-23:17:21.490780 185.216.140.252 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-28 07:47:40
185.209.0.32	attackbotsspam	Oct 27 22:37:43 h2177944 kernel: \[5088047.858510\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=47306 PROTO=TCP SPT=49607 DPT=3471 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 22:54:07 h2177944 kernel: \[5089031.724111\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40598 PROTO=TCP SPT=49607 DPT=3408 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 23:24:08 h2177944 kernel: \[5090832.722714\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=530 PROTO=TCP SPT=49607 DPT=3449 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 23:28:36 h2177944 kernel: \[5091100.619273\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=51044 PROTO=TCP SPT=49607 DPT=3456 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 27 23:37:44 h2177944 kernel: \[5091648.411065\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.209.0.32 DST=85.214.117.9 LEN=40	2019-10-28 08:09:09
45.136.109.82	attackbots	10/27/2019-19:35:56.593990 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-28 08:05:42
80.82.70.239	attackspam	10/27/2019-19:54:08.642040 80.82.70.239 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-28 08:02:10

Recently Reported IPs

101.51.10.120	104.25.181.42	187.120.133.228	42.237.188.38
118.62.223.252	92.63.194.69	123.3.134.105	216.34.63.183
37.6.185.30	6.80.34.22	16.181.193.254	105.198.195.114
27.13.63.254	215.50.221.137	195.138.76.228	96.252.10.89
47.140.184.134	44.82.241.18	245.254.215.118	218.155.162.71