JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 125.164.17.65

125.164.17.65 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 0%: ?

ISP	PT TELKOM INDONESIA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Bandung, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 125.164.17.65

Whois 125.164.17.65

IP Abuse Reports for 125.164.17.65:

This IP address has been reported a total of 37 times from 25 distinct sources. 125.164.17.65 was first reported on March 10th 2022, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 diego	2025-02-10 04:24:07 (1 year ago)	[rede-164-29] 02/10/2025-01:24:07.230681, 125.164.17.65, Protocol: 6, ET SCAN Suspicious inbound to ... show more [rede-164-29] 02/10/2025-01:24:07.230681, 125.164.17.65, Protocol: 6, ET SCAN Suspicious inbound to mySQL port 3306 show less	Hacking
🇮🇪 RoboSOC	2024-10-29 04:42:28 (1 year ago)	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	Port Scan
🇧🇷 diego	2024-08-31 02:11:31 (1 year ago)	[rede-164-29] 08/30/2024-23:11:31.286987, 125.164.17.65, Protocol: 6, ET SCAN Suspicious inbound to ... show more [rede-164-29] 08/30/2024-23:11:31.286987, 125.164.17.65, Protocol: 6, ET SCAN Suspicious inbound to MSSQL port 1433 show less	Hacking
Anonymous	2024-05-07 18:37:05 (2 years ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇧🇷 diego	2024-03-06 02:36:36 (2 years ago)	[rede-arem1] 03/05/2024-23:36:36.061061, 125.164.17.65, Protocol: 6, ET SCAN Suspicious inbound to M ... show more [rede-arem1] 03/05/2024-23:36:36.061061, 125.164.17.65, Protocol: 6, ET SCAN Suspicious inbound to MSSQL port 1433 show less	Hacking
🇲🇹 Malta	2023-09-27 06:53:27 (2 years ago)	125.164.17.65 - - [27/Sep/2023:08:53:27 +0200] "GET /wp-json/wp/v2/users/1 HTTP/1.1" "Mozilla/5.0 (W ... show more 125.164.17.65 - - [27/Sep/2023:08:53:27 +0200] "GET /wp-json/wp/v2/users/1 HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" show less	Hacking Web App Attack
🇮🇩 Burayot	2023-07-21 02:43:48 (2 years ago)	LF_DISTATTACK: 125.164.17.65 (ID/Indonesia/-), 10 distributed cpanel attacks on account [redacted] i ... show more LF_DISTATTACK: 125.164.17.65 (ID/Indonesia/-), 10 distributed cpanel attacks on account [redacted] in the last 3600 secs show less	DDoS Attack
🇨🇼 ATV	2023-03-31 04:41:09 (3 years ago)	Unsolicited connection attempts to port 3306	Port Scan
🇮🇩 hermawan	2023-03-13 22:28:11 (3 years ago)	[Tue Mar 14 05:28:09.561177 2023] [security2:error] [pid 69850:tid 139913232078400] [client 125.164. ... show more [Tue Mar 14 05:28:09.561177 2023] [security2:error] [pid 69850:tid 139913232078400] [client 125.164.17.65:15143] [client 125.164.17.65] ModSecurity: Access denied with code 403 (phase 1). Match of "pm www.google.com myactivity.google.com applebot iPhone bingbot https://yandex.com/ https://www.google.com.tw sih3.dpuair.jatimprov.go.id duckduckgo.com neeva.com mail.google.com dpuair.jatimprov.go.id facebookbot https://www.ecosia.org/ https://duckduck ..." against "REQUEST_HEADERS:Referer" required. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "59"] [id "440067"] [msg "BAD Referer"] [data "Matched Data: karangploso.jatim.bmkg.go.id found within REQUEST_HEADERS:Referer: https://app.smojo.org/ request_line = GET /images/favicon.ico HTTP/2.0"] [severity "NOTICE"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/favicon.ico"] [unique_id "ZA-jeUxEuNOwtWKoHuObXgAA2go"], referer https://app.smojo.org/ [karangploso.jatim.bmkg.go.id] [karang ... show less	Hacking Web App Attack
🇨🇳 ThreatBook.io	2023-01-06 00:40:59 (3 years ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/125.164.17.65	SSH
Anonymous	2023-01-05 03:06:40 (3 years ago)	Jan 5 03:49:09 xxx sshd[3004002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= ... show more Jan 5 03:49:09 xxx sshd[3004002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.17.65 user=root Jan 5 03:49:11 xxx sshd[3004002]: Invalid user root from 125.164.17.65 port 18463 ssh2 Jan 5 04:06:38 xxx sshd[3422004]: Invalid user aa from 125.164.17.65 port 19964 Jan 5 04:06:38 xxx sshd[3422004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.17.65 Jan 5 04:06:40 xxx sshd[3422004]: Invalid user invalid user aa from 125.164.17.65 port 19964 ssh2 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2023-01-05 02:58:26 (3 years ago)	125.164.17.65 (ID/Indonesia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; ... show more 125.164.17.65 (ID/Indonesia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jan 4 20:56:13 15409 sshd[29195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.22.231 user=root Jan 4 20:56:15 15409 sshd[29195]: Failed password for root from 125.164.22.231 port 2263 ssh2 Jan 4 20:58:12 15409 sshd[29369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.22.231 user=root Jan 4 20:50:26 15409 sshd[28834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.17.65 user=root Jan 4 20:50:29 15409 sshd[28834]: Failed password for root from 125.164.17.65 port 19795 ssh2 IP Addresses Blocked: 125.164.22.231 (ID/Indonesia/-) show less	Brute-Force SSH
🇺🇸 LotusDragon	2023-01-05 02:50:39 (3 years ago)	Jan 4 18:50:36 ds13592 sshd[31542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 eui ... show more Jan 4 18:50:36 ds13592 sshd[31542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.17.65 user=root Jan 4 18:50:36 ds13592 sshd[31542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.17.65 user=root Jan 4 18:50:37 ds13592 sshd[31542]: Failed password for root from 125.164.17.65 port 15446 ssh2 Jan 4 18:50:37 ds13592 sshd[31542]: Failed password for root from 125.164.17.65 port 15446 ssh2 show less	Brute-Force SSH
Anonymous	2023-01-05 02:24:40 (3 years ago)	Hacking Approach from [125.164.17.65] ...	Brute-Force SSH
🇺🇸 bigscoots.com	2023-01-05 02:07:10 (3 years ago)	125.164.17.65 (ID/Indonesia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; ... show more 125.164.17.65 (ID/Indonesia/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jan 5 02:06:54 23955 sshd[16643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.81.97.181 user=root Jan 5 02:06:20 23955 sshd[16638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.17.65 user=root Jan 5 02:06:22 23955 sshd[16638]: Failed password for root from 125.164.17.65 port 10581 ssh2 Jan 5 02:02:30 23955 sshd[16466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.164.21.109 user=root Jan 5 02:02:33 23955 sshd[16466]: Failed password for root from 125.164.21.109 port 23406 ssh2 IP Addresses Blocked: 185.81.97.181 (IR/Iran/-) show less	Brute-Force SSH

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇮🇳 182.95.126.42

🇺🇸 173.254.213.217

🇨🇳 129.211.94.80

🇺🇸 104.197.117.105

🇦🇹 85.124.219.6

🇬🇧 78.153.140.149

🇮🇳 49.200.158.226

🇸🇬 43.156.60.15

🇰🇪 41.60.239.226

🇷🇴 193.32.162.13

🇷🇺 185.10.63.235

🇭🇰 152.32.239.122

🇨🇳 116.172.201.64

🇧🇩 103.147.107.219

🇻🇳 103.60.242.169

🇮🇹 82.56.57.50

🇳🇱 77.83.39.241

🇧🇩 45.120.115.150

🇧🇪 198.235.24.201