城市(city): Banyuwangi
省份(region): Jawa Timur
国家(country): Indonesia
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 125.166.119.28 | normal | Test |
2021-02-01 12:55:42 |
| 125.166.119.252 | attackbotsspam | 1590810906 - 05/30/2020 05:55:06 Host: 125.166.119.252/125.166.119.252 Port: 445 TCP Blocked |
2020-05-30 12:05:01 |
| 125.166.119.213 | attack | Unauthorized connection attempt from IP address 125.166.119.213 on Port 445(SMB) |
2020-04-03 20:11:50 |
| 125.166.119.30 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-03 18:39:32 |
| 125.166.119.156 | attackspam | Feb 27 23:46:06 h2177944 kernel: \[6041313.244224\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.166.119.156 DST=85.214.117.9 LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=27179 PROTO=TCP SPT=22391 DPT=23 WINDOW=59870 RES=0x00 SYN URGP=0 Feb 27 23:46:06 h2177944 kernel: \[6041313.244241\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.166.119.156 DST=85.214.117.9 LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=27179 PROTO=TCP SPT=22391 DPT=23 WINDOW=59870 RES=0x00 SYN URGP=0 Feb 27 23:46:22 h2177944 kernel: \[6041329.215531\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.166.119.156 DST=85.214.117.9 LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=27179 PROTO=TCP SPT=22391 DPT=23 WINDOW=59870 RES=0x00 SYN URGP=0 Feb 27 23:46:22 h2177944 kernel: \[6041329.215546\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.166.119.156 DST=85.214.117.9 LEN=44 TOS=0x00 PREC=0x00 TTL=54 ID=27179 PROTO=TCP SPT=22391 DPT=23 WINDOW=59870 RES=0x00 SYN URGP=0 Feb 27 23:46:23 h2177944 kernel: \[6041329.928379\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=125.166.119.156 DST=85.214.117 |
2020-02-28 08:16:42 |
| 125.166.119.214 | attackbotsspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-02-02 05:02:30 |
| 125.166.119.192 | attackspam | Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 12:55:17. |
2019-10-10 23:22:58 |
| 125.166.119.92 | attackbots | Unauthorized connection attempt from IP address 125.166.119.92 on Port 445(SMB) |
2019-07-22 18:11:34 |
| 125.166.119.28 | attackbots | 445/tcp [2019-06-22]1pkt |
2019-06-22 12:49:14 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '125.166.64.0 - 125.166.127.255'
% Abuse contact for '125.166.64.0 - 125.166.127.255' is 'abuse@telkom.co.id'
inetnum: 125.166.64.0 - 125.166.127.255
netname: TLKM_D2_BB_SPEEDY_JKT
country: ID
descr: PT TELKOM INDONESIA
descr: Menara Multimedia Lt. 7
descr: Jl. Kebonsirih No.12
descr: JAKARTA
admin-c: AR165-AP
tech-c: HM444-AP
remarks: -----------------------------------------------------------
remarks: Broadband Service for Jakarta Area.
remarks: ** These IP was used dinamically for end user. **
remarks: Send ABUSE and SPAM reports with plain ASCII text only to
remarks: to abuse@telkom.net.id.
remarks: The netname enclosed in square bracket is included in the subject.
remarks: -----------------------------------------------------------
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-TELKOMNET
last-modified: 2009-02-13T10:21:22Z
source: APNIC
mnt-by: MAINT-TELKOMNET
role: PT Telkom Indonesia APNIC Resources Management
address: PT. TELKOM INDONESIA
address: Menara Multimedia Lt. 7
address: Jl. Kebonsirih No.12
address: JAKARTA
country: ID
phone: +62-21-3860500
fax-no: +62-21-3861215
e-mail: ip-admin@telkom.net.id
admin-c: HM444-AP
tech-c: HM444-AP
nic-hdl: AR165-AP
notify: hostmaster@telkom.net.id
mnt-by: MAINT-TELKOMNET
last-modified: 2008-09-04T07:54:16Z
source: APNIC
person: PT Telkom Indonesia Hostmaster
nic-hdl: HM444-AP
e-mail: hostmaster@telkom.net.id
address: PT. TELKOM INDONESIA
address: Menara Multimedia Lt. 7
address: Jl. Kebonsirih No.12
address: JAKARTA
phone: +62-21-3860500
fax-no: +62-21-3861215
country: ID
notify: hostmaster@telkom.net.id
mnt-by: MAINT-TELKOMNET
last-modified: 2008-09-04T07:29:40Z
source: APNIC
% Information related to '125.166.116.0/22AS17974'
route: 125.166.116.0/22
descr: PT. TELKOM INDONESIA
descr: JAKARTA
country: ID
origin: AS17974
mnt-by: MAINT-TELKOMNET
last-modified: 2015-05-27T03:33:24Z
source: APNIC
% Information related to '125.166.116.0/22AS7713'
route: 125.166.116.0/22
origin: AS7713
descr: Telekomunikasi Indonesia (PT)
PT Telkom - Divisi Infratel
Gedung STO Gambir LT 3
Sub Divisi Resource Management & Operation
Jalan Merdeka Selatan No .12
mnt-by: MAINT-TELKOMNET
last-modified: 2021-07-16T02:47:32Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.166.119.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15843
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;125.166.119.82. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025112200 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 22 20:04:49 CST 2025
;; MSG SIZE rcvd: 107b'Host 82.119.166.125.in-addr.arpa not found: 2(SERVFAIL)
'server can't find 125.166.119.82.in-addr.arpa: SERVFAIL| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 66.175.222.12 | attack | email spoofing containing vulgar language |
2019-07-31 10:48:46 |
| 80.14.65.175 | attackspam | Jul 31 06:09:04 server sshd\[14637\]: Invalid user april from 80.14.65.175 port 53284 Jul 31 06:09:04 server sshd\[14637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.14.65.175 Jul 31 06:09:06 server sshd\[14637\]: Failed password for invalid user april from 80.14.65.175 port 53284 ssh2 Jul 31 06:15:33 server sshd\[11558\]: Invalid user visitor from 80.14.65.175 port 45366 Jul 31 06:15:33 server sshd\[11558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.14.65.175 |
2019-07-31 11:16:12 |
| 52.197.233.116 | attackspambots | Jul 31 04:06:54 mail sshd\[7995\]: Invalid user redmin from 52.197.233.116 port 59026 Jul 31 04:06:54 mail sshd\[7995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.197.233.116 ... |
2019-07-31 11:08:43 |
| 217.128.61.137 | attackspambots | Unauthorised access (Jul 31) SRC=217.128.61.137 LEN=44 TTL=244 ID=40055 TCP DPT=445 WINDOW=1024 SYN |
2019-07-31 11:03:04 |
| 153.36.240.126 | attack | Jul 31 05:28:48 vps sshd[22250]: Failed password for root from 153.36.240.126 port 31204 ssh2 Jul 31 05:28:52 vps sshd[22250]: Failed password for root from 153.36.240.126 port 31204 ssh2 Jul 31 05:28:55 vps sshd[22250]: Failed password for root from 153.36.240.126 port 31204 ssh2 ... |
2019-07-31 11:36:44 |
| 200.107.154.47 | attackspam | Jul 31 04:06:10 localhost sshd\[63327\]: Invalid user gs from 200.107.154.47 port 20046 Jul 31 04:06:10 localhost sshd\[63327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.107.154.47 ... |
2019-07-31 11:14:32 |
| 142.93.178.83 | attackbots | Many RDP login attempts detected by IDS script |
2019-07-31 10:58:09 |
| 185.109.80.234 | attackbots | Jul 31 06:41:30 vibhu-HP-Z238-Microtower-Workstation sshd\[21274\]: Invalid user gj from 185.109.80.234 Jul 31 06:41:30 vibhu-HP-Z238-Microtower-Workstation sshd\[21274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.109.80.234 Jul 31 06:41:32 vibhu-HP-Z238-Microtower-Workstation sshd\[21274\]: Failed password for invalid user gj from 185.109.80.234 port 49014 ssh2 Jul 31 06:46:00 vibhu-HP-Z238-Microtower-Workstation sshd\[21397\]: Invalid user test1 from 185.109.80.234 Jul 31 06:46:00 vibhu-HP-Z238-Microtower-Workstation sshd\[21397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.109.80.234 ... |
2019-07-31 11:27:47 |
| 35.233.70.227 | attack | port scan/probe/communication attempt |
2019-07-31 10:47:27 |
| 119.207.126.21 | attackspam | 2019-07-31T03:54:45.695811 sshd[20149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.207.126.21 user=postfix 2019-07-31T03:54:47.723240 sshd[20149]: Failed password for postfix from 119.207.126.21 port 58976 ssh2 2019-07-31T04:00:01.973406 sshd[20175]: Invalid user openstack from 119.207.126.21 port 55858 2019-07-31T04:00:01.983354 sshd[20175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.207.126.21 2019-07-31T04:00:01.973406 sshd[20175]: Invalid user openstack from 119.207.126.21 port 55858 2019-07-31T04:00:04.056149 sshd[20175]: Failed password for invalid user openstack from 119.207.126.21 port 55858 ssh2 ... |
2019-07-31 11:09:30 |
| 210.17.195.138 | attackspam | Jul 31 02:48:49 srv-4 sshd\[13789\]: Invalid user testuser from 210.17.195.138 Jul 31 02:48:49 srv-4 sshd\[13789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.17.195.138 Jul 31 02:48:51 srv-4 sshd\[13789\]: Failed password for invalid user testuser from 210.17.195.138 port 51716 ssh2 ... |
2019-07-31 11:24:27 |
| 137.74.233.90 | attackspambots | Jul 30 23:35:36 ms-srv sshd[50996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.233.90 Jul 30 23:35:38 ms-srv sshd[50996]: Failed password for invalid user testdev from 137.74.233.90 port 52248 ssh2 |
2019-07-31 11:04:50 |
| 177.38.3.87 | attack | failed_logins |
2019-07-31 11:04:25 |
| 201.177.128.220 | attack | port 23 attempt blocked |
2019-07-31 11:25:03 |
| 128.199.226.5 | attackspam | DATE:2019-07-31 00:34:39, IP:128.199.226.5, PORT:ssh SSH brute force auth (thor) |
2019-07-31 11:32:33 |