45.112.125.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.112.125.4	attackbotsspam	unauthorized connection attempt	2020-02-07 13:27:31
45.112.125.66	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2019-10-07 03:07:30
45.112.125.66	attackspam	Sep 27 00:28:00 core sshd[12912]: Invalid user tmp from 45.112.125.66 port 39046 Sep 27 00:28:02 core sshd[12912]: Failed password for invalid user tmp from 45.112.125.66 port 39046 ssh2 ...	2019-09-27 06:47:51
45.112.125.98	attack	Honeypot attack, port: 445, PTR: 98-125.fiber.net.id.	2019-06-27 19:32:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.112.125.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41060
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.112.125.2.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 15:40:21 CST 2022
;; MSG SIZE  rcvd: 105

Host info

2.125.112.45.in-addr.arpa domain name pointer 2-125-saranainstrument.fiber.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.125.112.45.in-addr.arpa	name = 2-125-saranainstrument.fiber.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.27.117.136	attackspambots	Sep 22 04:47:23 h1745522 sshd[9552]: Invalid user demo from 217.27.117.136 port 57252 Sep 22 04:47:23 h1745522 sshd[9552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.27.117.136 Sep 22 04:47:23 h1745522 sshd[9552]: Invalid user demo from 217.27.117.136 port 57252 Sep 22 04:47:25 h1745522 sshd[9552]: Failed password for invalid user demo from 217.27.117.136 port 57252 ssh2 Sep 22 04:49:29 h1745522 sshd[9640]: Invalid user vincent from 217.27.117.136 port 54170 Sep 22 04:49:29 h1745522 sshd[9640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.27.117.136 Sep 22 04:49:29 h1745522 sshd[9640]: Invalid user vincent from 217.27.117.136 port 54170 Sep 22 04:49:31 h1745522 sshd[9640]: Failed password for invalid user vincent from 217.27.117.136 port 54170 ssh2 Sep 22 04:50:57 h1745522 sshd[9671]: Invalid user viktor from 217.27.117.136 port 47402 ...	2020-09-22 14:06:16
216.158.233.4	attack	(sshd) Failed SSH login from 216.158.233.4 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 22 00:15:59 server2 sshd[31966]: Invalid user oracle from 216.158.233.4 Sep 22 00:15:59 server2 sshd[31966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.158.233.4 Sep 22 00:16:00 server2 sshd[31966]: Failed password for invalid user oracle from 216.158.233.4 port 33266 ssh2 Sep 22 00:23:46 server2 sshd[8295]: Invalid user admin from 216.158.233.4 Sep 22 00:23:46 server2 sshd[8295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.158.233.4	2020-09-22 13:47:09
51.178.51.152	attack	$f2bV_matches	2020-09-22 14:13:50
190.145.224.18	attackspam	Sep 21 23:51:56 ws19vmsma01 sshd[73854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.224.18 Sep 21 23:51:58 ws19vmsma01 sshd[73854]: Failed password for invalid user test from 190.145.224.18 port 54634 ssh2 ...	2020-09-22 14:14:55
154.221.27.226	attackbots	Sep 22 04:19:25 vlre-nyc-1 sshd\[10574\]: Invalid user admin from 154.221.27.226 Sep 22 04:19:25 vlre-nyc-1 sshd\[10574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.27.226 Sep 22 04:19:26 vlre-nyc-1 sshd\[10574\]: Failed password for invalid user admin from 154.221.27.226 port 53668 ssh2 Sep 22 04:25:38 vlre-nyc-1 sshd\[10751\]: Invalid user ubuntu from 154.221.27.226 Sep 22 04:25:38 vlre-nyc-1 sshd\[10751\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.27.226 ...	2020-09-22 13:41:51
178.34.190.34	attackbotsspam	Sep 22 05:23:32 nextcloud sshd\[28030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.34.190.34 user=root Sep 22 05:23:34 nextcloud sshd\[28030\]: Failed password for root from 178.34.190.34 port 32951 ssh2 Sep 22 05:31:25 nextcloud sshd\[3120\]: Invalid user pedro from 178.34.190.34 Sep 22 05:31:25 nextcloud sshd\[3120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.34.190.34	2020-09-22 13:50:17
218.92.0.249	attack	Brute%20Force%20SSH	2020-09-22 14:07:58
45.189.56.66	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-09-22 14:06:59
198.35.47.13	attackspam	Sep 21 23:05:17 askasleikir sshd[2056]: Failed password for invalid user demouser from 198.35.47.13 port 57458 ssh2 Sep 21 23:10:37 askasleikir sshd[2150]: Failed password for root from 198.35.47.13 port 47226 ssh2 Sep 21 23:12:21 askasleikir sshd[2164]: Failed password for invalid user oracle from 198.35.47.13 port 53852 ssh2	2020-09-22 13:53:23
218.161.86.209	attackspambots	1600727499 - 09/22/2020 00:31:39 Host: 218.161.86.209/218.161.86.209 Port: 23 TCP Blocked ...	2020-09-22 14:19:13
106.75.48.225	attackspam	20 attempts against mh-ssh on road	2020-09-22 14:13:14
212.83.190.22	attackspam	212.83.190.22 - - \[22/Sep/2020:05:17:24 +0200\] "POST /wp-login.php HTTP/1.0" 200 9641 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 212.83.190.22 - - \[22/Sep/2020:05:17:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 9456 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 212.83.190.22 - - \[22/Sep/2020:05:17:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 9453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-22 13:59:24
101.32.77.212	attackspam	Sep 22 02:48:48 mail sshd[5399]: Failed password for root from 101.32.77.212 port 37184 ssh2	2020-09-22 14:13:36
161.35.138.131	attackbotsspam	Sep 22 01:56:12 Tower sshd[41441]: Connection from 161.35.138.131 port 39676 on 192.168.10.220 port 22 rdomain "" Sep 22 01:56:14 Tower sshd[41441]: Failed password for root from 161.35.138.131 port 39676 ssh2 Sep 22 01:56:14 Tower sshd[41441]: Received disconnect from 161.35.138.131 port 39676:11: Bye Bye [preauth] Sep 22 01:56:14 Tower sshd[41441]: Disconnected from authenticating user root 161.35.138.131 port 39676 [preauth]	2020-09-22 14:15:40
110.49.71.143	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-09-22 14:08:13

Recently Reported IPs

181.192.8.237	200.26.233.85	88.27.111.232	121.206.165.71
112.247.253.249	191.53.199.189	102.222.231.73	170.238.126.56
201.175.122.195	176.67.118.10	1.192.40.161	36.77.90.130
79.127.107.226	91.234.102.21	49.51.207.119	117.212.227.150
221.181.181.134	185.165.56.89	114.88.94.22	124.70.132.48