112.115.138.149

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2019-05-22T16:56:07.527Z CLOSE host=112.115.138.149 port=33538 fd=4 time=2963.314 bytes=5185 ...	2019-09-11 06:04:57

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.115.138.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1066
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.115.138.149.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091003 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 06:04:52 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 149.138.115.112.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 149.138.115.112.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.49.226.180	attack	Apr 26 00:12:20 deb10 sshd[29457]: User root from 37.49.226.180 not allowed because not listed in AllowUsers Apr 26 00:12:39 deb10 sshd[29464]: User root from 37.49.226.180 not allowed because not listed in AllowUsers	2020-04-26 06:48:01
40.113.199.183	attackbots	2020-04-26 01:05:40 dovecot_login authenticator failed for \(ADMIN\) \[40.113.199.183\]: 535 Incorrect authentication data \(set_id=support@opso.it\) 2020-04-26 01:06:59 dovecot_login authenticator failed for \(ADMIN\) \[40.113.199.183\]: 535 Incorrect authentication data \(set_id=support@opso.it\) 2020-04-26 01:08:27 dovecot_login authenticator failed for \(ADMIN\) \[40.113.199.183\]: 535 Incorrect authentication data \(set_id=support@opso.it\) 2020-04-26 01:11:21 dovecot_login authenticator failed for \(ADMIN\) \[40.113.199.183\]: 535 Incorrect authentication data \(set_id=support@opso.it\) 2020-04-26 01:12:47 dovecot_login authenticator failed for \(ADMIN\) \[40.113.199.183\]: 535 Incorrect authentication data \(set_id=support@opso.it\)	2020-04-26 07:17:48
122.51.242.122	attackspam	SSH Invalid Login	2020-04-26 06:48:31
103.221.223.136	attack	103.221.223.136 - - [25/Apr/2020:23:24:44 +0300] "POST /wp-login.php HTTP/1.1" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-26 07:18:15
175.192.9.232	attackbots	IP reached maximum auth failures	2020-04-26 07:13:23
49.235.69.80	attack	Apr 26 00:37:39 eventyay sshd[2120]: Failed password for root from 49.235.69.80 port 40956 ssh2 Apr 26 00:42:51 eventyay sshd[2363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.69.80 Apr 26 00:42:53 eventyay sshd[2363]: Failed password for invalid user hanna from 49.235.69.80 port 45948 ssh2 ...	2020-04-26 06:51:23
123.206.14.58	attackbotsspam	Invalid user ubuntu from 123.206.14.58 port 48355	2020-04-26 07:07:18
59.36.18.195	attackspam	SSH brute-force attempt	2020-04-26 07:19:03
34.231.130.6	attackbots	Automatic report - WordPress Brute Force	2020-04-26 07:12:04
222.84.254.88	attackspambots	Apr 26 00:30:20 sso sshd[1109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.84.254.88 Apr 26 00:30:22 sso sshd[1109]: Failed password for invalid user horus from 222.84.254.88 port 56644 ssh2 ...	2020-04-26 06:42:15
183.57.72.2	attack	Apr 25 22:28:18 ip-172-31-61-156 sshd[32308]: Invalid user admin from 183.57.72.2 Apr 25 22:28:18 ip-172-31-61-156 sshd[32308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.57.72.2 Apr 25 22:28:18 ip-172-31-61-156 sshd[32308]: Invalid user admin from 183.57.72.2 Apr 25 22:28:20 ip-172-31-61-156 sshd[32308]: Failed password for invalid user admin from 183.57.72.2 port 59395 ssh2 Apr 25 22:30:51 ip-172-31-61-156 sshd[32456]: Invalid user ns from 183.57.72.2 ...	2020-04-26 07:12:59
218.201.62.71	attackbots	WordPress login Brute force / Web App Attack on client site.	2020-04-26 07:12:29
24.72.212.241	attackbotsspam	Invalid user user from 24.72.212.241 port 38200	2020-04-26 07:20:11
141.98.11.113	attackbotsspam	[ER hit] Tried to deliver spam. Already well known.	2020-04-26 06:58:32
125.124.40.19	attackspam	Invalid user zg from 125.124.40.19 port 51792	2020-04-26 07:11:45

Recently Reported IPs

119.205.112.50	141.108.203.4	14.235.249.174	119.155.146.101
89.236.85.143	165.120.161.135	12.65.54.147	60.178.44.34
5.146.85.56	106.52.68.33	91.185.10.229	118.170.210.198
217.67.88.60	139.68.202.48	68.38.194.104	185.193.22.187
14.187.94.133	182.86.86.254	68.183.175.237	51.249.129.32