125.161.139.16

基本信息:

城市(city): Jakarta

省份(region): Jakarta

国家(country): Indonesia

运营商(isp): Esia

主机名(hostname): unknown

机构(organization): PT Telekomunikasi Indonesia

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
125.161.139.27	attack	Icarus honeypot on github	2020-09-01 06:54:06
125.161.139.88	attackbotsspam	Aug 15 07:12:11 cdc sshd[29247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.139.88 user=pi Aug 15 07:12:13 cdc sshd[29247]: Failed password for invalid user pi from 125.161.139.88 port 2779 ssh2	2020-08-15 15:30:28
125.161.139.28	attack	Unauthorized connection attempt from IP address 125.161.139.28 on Port 445(SMB)	2020-08-11 02:58:14
125.161.139.239	attackspam	1593740866 - 07/03/2020 03:47:46 Host: 125.161.139.239/125.161.139.239 Port: 445 TCP Blocked	2020-07-04 01:59:32
125.161.139.52	attackbots	125.161.139.52 - - \[26/Apr/2020:05:00:00 -0700\] "POST /index.php/admin/ HTTP/1.1" 404 20411125.161.139.52 - - \[26/Apr/2020:05:00:00 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 20435125.161.139.52 - - \[26/Apr/2020:05:00:01 -0700\] "POST /index.php/admin/sales_order/ HTTP/1.1" 404 20459 ...	2020-04-27 02:08:51
125.161.139.30	attack	Honeypot attack, port: 445, PTR: 30.subnet125-161-139.speedy.telkom.net.id.	2020-02-27 22:06:28
125.161.139.90	attackspam	1581396504 - 02/11/2020 05:48:24 Host: 125.161.139.90/125.161.139.90 Port: 445 TCP Blocked	2020-02-11 20:55:44
125.161.139.52	attackspambots	1579868924 - 01/24/2020 13:28:44 Host: 125.161.139.52/125.161.139.52 Port: 445 TCP Blocked	2020-01-25 04:52:34
125.161.139.148	attackbotsspam	Invalid user pi from 125.161.139.148 port 50862	2019-11-20 02:43:52
125.161.139.42	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 18-10-2019 12:45:23.	2019-10-18 19:55:10
125.161.139.248	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 12-10-2019 15:15:18.	2019-10-13 00:17:17
125.161.139.2	attackspambots	Unauthorized connection attempt from IP address 125.161.139.2 on Port 445(SMB)	2019-10-06 01:35:11
125.161.139.240	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-12 03:50:48,625 INFO [amun_request_handler] PortScan Detected on Port: 445 (125.161.139.240)	2019-09-12 13:48:54
125.161.139.215	attackbots	Sep 9 22:32:53 srv206 sshd[13747]: Invalid user tomcat from 125.161.139.215 ...	2019-09-10 05:18:01
125.161.139.58	attackspam	Unauthorized connection attempt from IP address 125.161.139.58 on Port 445(SMB)	2019-09-09 18:57:15

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.161.139.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3413
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.161.139.16.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 03 14:10:16 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

16.139.161.125.in-addr.arpa domain name pointer 16.subnet125-161-139.speedy.telkom.net.id.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
16.139.161.125.in-addr.arpa	name = 16.subnet125-161-139.speedy.telkom.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
52.172.51.139	attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-04-11 04:15:03
152.168.227.154	attack	serveres are UTC Lines containing failures of 152.168.227.154 Apr 9 22:03:52 tux2 sshd[14702]: Invalid user postgres from 152.168.227.154 port 41304 Apr 9 22:03:52 tux2 sshd[14702]: Failed password for invalid user postgres from 152.168.227.154 port 41304 ssh2 Apr 9 22:03:52 tux2 sshd[14702]: Received disconnect from 152.168.227.154 port 41304:11: Bye Bye [preauth] Apr 9 22:03:52 tux2 sshd[14702]: Disconnected from invalid user postgres 152.168.227.154 port 41304 [preauth] Apr 9 22:06:54 tux2 sshd[14920]: Invalid user kubernetes from 152.168.227.154 port 60192 Apr 9 22:06:54 tux2 sshd[14920]: Failed password for invalid user kubernetes from 152.168.227.154 port 60192 ssh2 Apr 9 22:06:54 tux2 sshd[14920]: Received disconnect from 152.168.227.154 port 60192:11: Bye Bye [preauth] Apr 9 22:06:54 tux2 sshd[14920]: Disconnected from invalid user kubernetes 152.168.227.154 port 60192 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=152.168.227.15	2020-04-11 03:41:46
220.133.95.68	attackspam	Apr 10 19:00:26 meumeu sshd[11156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.133.95.68 Apr 10 19:00:27 meumeu sshd[11156]: Failed password for invalid user nick from 220.133.95.68 port 54092 ssh2 Apr 10 19:04:39 meumeu sshd[11941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.133.95.68 ...	2020-04-11 04:15:17
162.210.70.52	attack	Phishing mail send: We recently experience service disruption with our home bank on international transactions ever since the Convid 19 situation started affecting bank operation hours. Please process payment to our below offshore Sweden bank account. Please confirm when payment will be expected and also share the transfer copy once processed for follow up. Received: from us2-ob1-1.mailhostbox.com (162.210.70.52) by AM5EUR03FT041.mail.protection.outlook.com (10.152.17.186) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.20.2856.17 via Frontend Transport; Sat, 28 Mar 2020 14:21:49 +0000	2020-04-11 04:10:45
175.36.162.112	attackspambots	Invalid user whoopsie from 175.36.162.112 port 33050	2020-04-11 03:47:38
87.229.193.106	attack	20/4/10@08:03:59: FAIL: Alarm-Network address from=87.229.193.106 ...	2020-04-11 03:58:54
175.24.105.180	attackspam	Fail2Ban Ban Triggered	2020-04-11 04:19:35
119.41.204.132	attackspam	3389BruteforceStormFW21	2020-04-11 04:11:17
113.184.183.25	attack	1586520214 - 04/10/2020 14:03:34 Host: 113.184.183.25/113.184.183.25 Port: 445 TCP Blocked	2020-04-11 04:16:05
106.51.73.204	attack	2020-04-10T21:39:39.290433amanda2.illicoweb.com sshd\[34803\]: Invalid user http from 106.51.73.204 port 61083 2020-04-10T21:39:39.293309amanda2.illicoweb.com sshd\[34803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.73.204 2020-04-10T21:39:41.513382amanda2.illicoweb.com sshd\[34803\]: Failed password for invalid user http from 106.51.73.204 port 61083 ssh2 2020-04-10T21:42:40.106000amanda2.illicoweb.com sshd\[35217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.73.204 user=root 2020-04-10T21:42:41.839489amanda2.illicoweb.com sshd\[35217\]: Failed password for root from 106.51.73.204 port 45694 ssh2 ...	2020-04-11 04:01:42
195.231.0.27	attackbots	10.04.2020 15:16:23 Connection to port 81 blocked by firewall	2020-04-11 04:05:31
104.211.216.173	attackspam	Apr 10 20:06:24 ewelt sshd[8104]: Invalid user bot from 104.211.216.173 port 53598 Apr 10 20:06:24 ewelt sshd[8104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.216.173 Apr 10 20:06:24 ewelt sshd[8104]: Invalid user bot from 104.211.216.173 port 53598 Apr 10 20:06:26 ewelt sshd[8104]: Failed password for invalid user bot from 104.211.216.173 port 53598 ssh2 ...	2020-04-11 03:45:14
119.57.103.38	attack	2020-04-10T20:12:01.088017shield sshd\[20887\]: Invalid user asdfghjkl from 119.57.103.38 port 53596 2020-04-10T20:12:01.092428shield sshd\[20887\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.103.38 2020-04-10T20:12:03.583174shield sshd\[20887\]: Failed password for invalid user asdfghjkl from 119.57.103.38 port 53596 ssh2 2020-04-10T20:12:49.378648shield sshd\[20991\]: Invalid user halsey from 119.57.103.38 port 57221 2020-04-10T20:12:49.382845shield sshd\[20991\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.103.38	2020-04-11 04:15:38
146.0.209.72	attackspambots	Apr 10 15:22:21 pve sshd[29461]: Failed password for root from 146.0.209.72 port 59226 ssh2 Apr 10 15:26:21 pve sshd[30103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.209.72 Apr 10 15:26:23 pve sshd[30103]: Failed password for invalid user ts3bot3 from 146.0.209.72 port 37182 ssh2	2020-04-11 03:43:17
187.162.225.139	attack	Apr 10 21:46:56 roki sshd[30594]: Invalid user malcom from 187.162.225.139 Apr 10 21:46:56 roki sshd[30594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.162.225.139 Apr 10 21:46:58 roki sshd[30594]: Failed password for invalid user malcom from 187.162.225.139 port 46700 ssh2 Apr 10 21:55:17 roki sshd[31172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.162.225.139 user=root Apr 10 21:55:18 roki sshd[31172]: Failed password for root from 187.162.225.139 port 46552 ssh2 ...	2020-04-11 04:08:16

最近上报的IP列表

139.162.121.165	123.207.186.219	106.12.126.196	106.12.6.74
94.102.52.41	89.46.107.210	88.180.172.50	5.141.73.18
222.252.16.61	218.164.6.183	218.92.0.191	196.52.43.128
195.229.223.114	193.214.41.138	192.168.100.121	190.80.48.253
189.58.98.21	186.151.170.222	185.87.121.19	182.254.147.110