110.138.3.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	firewall-block, port(s): 445/tcp	2019-08-19 17:41:20

Comments on same subnet:

IP	Type	Details	Datetime
110.138.3.16	attackbotsspam	Automatic report - Port Scan Attack	2020-07-31 02:02:34
110.138.3.203	attackbots	Automatic report - Port Scan Attack	2020-06-27 18:49:48
110.138.38.157	attackspam	1588670055 - 05/05/2020 11:14:15 Host: 110.138.38.157/110.138.38.157 Port: 445 TCP Blocked	2020-05-06 01:53:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 110.138.3.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25378
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;110.138.3.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081900 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 19 17:41:14 CST 2019
;; MSG SIZE  rcvd: 116

Host info

94.3.138.110.in-addr.arpa domain name pointer 94.subnet110-138-3.speedy.telkom.net.id.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
94.3.138.110.in-addr.arpa	name = 94.subnet110-138-3.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.115.153.200	attack	firewall-block, port(s): 23/tcp	2019-07-07 15:43:06
51.255.26.166	attackspambots	Jul 7 07:56:30 ArkNodeAT sshd\[18854\]: Invalid user zarko from 51.255.26.166 Jul 7 07:56:30 ArkNodeAT sshd\[18854\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.26.166 Jul 7 07:56:32 ArkNodeAT sshd\[18854\]: Failed password for invalid user zarko from 51.255.26.166 port 34368 ssh2	2019-07-07 15:56:06
140.143.242.197	attackbots	$f2bV_matches	2019-07-07 15:53:00
188.131.235.77	attackspam	07.07.2019 05:49:22 SSH access blocked by firewall	2019-07-07 15:58:30
46.33.52.19	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-07 00:10:45,310 INFO [shellcode_manager] (46.33.52.19) no match, writing hexdump (eabaaae5c87ca988e3fbc6e17dc3cb80 :2128157) - MS17010 (EternalBlue)	2019-07-07 16:14:20
117.34.104.11	attackspam	445/tcp 445/tcp 445/tcp... [2019-06-04/07-07]7pkt,1pt.(tcp)	2019-07-07 16:16:17
172.105.217.71	attackbots	808/tcp 808/tcp 808/tcp... [2019-05-07/07-07]76pkt,1pt.(tcp)	2019-07-07 16:18:56
120.132.31.120	attackspambots	Jul 1 20:17:50 hal sshd[1636]: Invalid user iceuser from 120.132.31.120 port 33136 Jul 1 20:17:50 hal sshd[1636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.31.120 Jul 1 20:17:51 hal sshd[1636]: Failed password for invalid user iceuser from 120.132.31.120 port 33136 ssh2 Jul 1 20:17:52 hal sshd[1636]: Received disconnect from 120.132.31.120 port 33136:11: Normal Shutdown, Thank you for playing [preauth] Jul 1 20:17:52 hal sshd[1636]: Disconnected from 120.132.31.120 port 33136 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=120.132.31.120	2019-07-07 16:07:00
176.53.193.27	attackbots	[portscan] Port scan	2019-07-07 15:41:51
80.19.136.122	attackbots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(07070954)	2019-07-07 16:30:59
103.60.137.111	attack	445/tcp 445/tcp 445/tcp... [2019-05-16/07-07]8pkt,1pt.(tcp)	2019-07-07 16:18:15
118.244.196.123	attackspam	Jul 7 07:03:58 cp sshd[14821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.244.196.123 Jul 7 07:04:00 cp sshd[14821]: Failed password for invalid user ym from 118.244.196.123 port 60924 ssh2 Jul 7 07:04:36 cp sshd[15136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.244.196.123	2019-07-07 16:24:33
149.202.56.194	attackspam	Jul 7 08:49:01 vserver sshd\[11255\]: Failed password for root from 149.202.56.194 port 40550 ssh2Jul 7 08:51:10 vserver sshd\[11266\]: Invalid user testuser from 149.202.56.194Jul 7 08:51:12 vserver sshd\[11266\]: Failed password for invalid user testuser from 149.202.56.194 port 37522 ssh2Jul 7 08:53:13 vserver sshd\[11287\]: Invalid user jamal from 149.202.56.194 ...	2019-07-07 16:35:44
198.177.126.198	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-05-29/07-07]12pkt,1pt.(tcp)	2019-07-07 16:32:37
185.234.219.66	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-07 06:11:13,891 INFO [amun_request_handler] PortScan Detected on Port: 25 (185.234.219.66)	2019-07-07 15:50:35

Recently Reported IPs

106.12.147.195	148.200.72.182	140.167.241.17	31.241.138.171
42.217.235.156	225.2.235.162	226.180.178.219	136.203.144.143
107.175.56.203	157.212.239.50	224.39.160.11	184.176.88.214
200.17.239.237	16.99.44.242	52.163.85.65	18.232.130.213
180.105.76.150	162.235.238.163	117.53.1.125	66.23.193.76