110.139.31.149

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 110.139.31.149 on Port 445(SMB)	2020-04-29 23:11:54

Comments on same subnet:

IP	Type	Details	Datetime
110.139.31.77	attackspam	xmlrpc attack	2020-05-25 23:27:02
110.139.31.130	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 07:31:46,064 INFO [amun_request_handler] PortScan Detected on Port: 445 (110.139.31.130)	2019-07-05 17:17:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 110.139.31.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15394
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;110.139.31.149.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042900 1800 900 604800 86400

;; Query time: 79 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 29 23:11:48 CST 2020
;; MSG SIZE  rcvd: 118

Host info

149.31.139.110.in-addr.arpa domain name pointer 149.subnet110-139-31.speedy.telkom.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.31.139.110.in-addr.arpa	name = 149.subnet110-139-31.speedy.telkom.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
169.57.189.76	attackbotsspam	Apr 17 15:04:57 OPSO sshd\[29758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.57.189.76 user=root Apr 17 15:04:59 OPSO sshd\[29758\]: Failed password for root from 169.57.189.76 port 11787 ssh2 Apr 17 15:08:34 OPSO sshd\[30506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.57.189.76 user=admin Apr 17 15:08:36 OPSO sshd\[30506\]: Failed password for admin from 169.57.189.76 port 15347 ssh2 Apr 17 15:11:57 OPSO sshd\[30958\]: Invalid user ep from 169.57.189.76 port 53381 Apr 17 15:11:57 OPSO sshd\[30958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.57.189.76	2020-04-17 22:03:04
70.63.28.34	attackspambots	Invalid user admin from 70.63.28.34 port 25608	2020-04-17 22:06:47
141.98.81.108	attackbotsspam	$f2bV_matches	2020-04-17 22:33:58
88.152.231.197	attackspam	Apr 17 01:08:02 web9 sshd\[3103\]: Invalid user git from 88.152.231.197 Apr 17 01:08:02 web9 sshd\[3103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.152.231.197 Apr 17 01:08:04 web9 sshd\[3103\]: Failed password for invalid user git from 88.152.231.197 port 58253 ssh2 Apr 17 01:11:14 web9 sshd\[3677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.152.231.197 user=root Apr 17 01:11:16 web9 sshd\[3677\]: Failed password for root from 88.152.231.197 port 46094 ssh2	2020-04-17 22:46:21
104.131.221.118	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 22:45:52
45.248.67.212	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 22:16:23
116.105.216.179	attackspambots	Apr 17 16:44:41 pkdns2 sshd\[44484\]: Invalid user user1 from 116.105.216.179Apr 17 16:44:42 pkdns2 sshd\[44484\]: Failed password for invalid user user1 from 116.105.216.179 port 49800 ssh2Apr 17 16:46:17 pkdns2 sshd\[44596\]: Invalid user admin from 116.105.216.179Apr 17 16:46:20 pkdns2 sshd\[44596\]: Failed password for invalid user admin from 116.105.216.179 port 27032 ssh2Apr 17 16:46:22 pkdns2 sshd\[44598\]: Invalid user default from 116.105.216.179Apr 17 16:46:24 pkdns2 sshd\[44598\]: Failed password for invalid user default from 116.105.216.179 port 43070 ssh2 ...	2020-04-17 22:37:48
118.32.49.49	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 22:00:45
176.205.15.8	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 22:02:37
94.191.20.125	attackbotsspam	Apr 17 14:27:58 dev0-dcde-rnet sshd[4719]: Failed password for root from 94.191.20.125 port 37478 ssh2 Apr 17 14:41:14 dev0-dcde-rnet sshd[5010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.20.125 Apr 17 14:41:16 dev0-dcde-rnet sshd[5010]: Failed password for invalid user vf from 94.191.20.125 port 36138 ssh2	2020-04-17 22:30:17
40.77.167.210	attack	saw-Joomla User : try to access forms...	2020-04-17 22:16:38
222.186.175.215	attack	04/17/2020-10:33:51.968726 222.186.175.215 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-17 22:42:29
185.176.27.246	attackspambots	04/17/2020-10:10:05.014237 185.176.27.246 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-17 22:17:33
189.68.151.62	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 22:08:04
114.88.154.153	attack	k+ssh-bruteforce	2020-04-17 22:08:56

Recently Reported IPs

60.209.205.87	140.112.145.162	108.219.221.166	80.81.93.156
63.145.122.241	152.243.66.255	65.184.76.251	236.227.134.224
63.161.28.145	48.9.234.63	178.66.163.181	204.157.77.27
137.220.227.44	0.168.11.184	14.120.132.118	114.88.174.243
181.0.196.122	171.21.199.246	190.163.0.87	136.210.152.130