112.91.149.134

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Zhuhai Dou Men Qu de Chang Fang Chan Co Ltd

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Nov 6 23:15:33 SilenceServices sshd[11591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134 Nov 6 23:15:35 SilenceServices sshd[11591]: Failed password for invalid user 89532E 11 from 112.91.149.134 port 36626 ssh2 Nov 6 23:19:39 SilenceServices sshd[15246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134	2019-11-07 06:32:00
attackbotsspam	Nov 5 08:30:13 MK-Soft-Root2 sshd[9236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134 Nov 5 08:30:15 MK-Soft-Root2 sshd[9236]: Failed password for invalid user magnamawah$27mn from 112.91.149.134 port 46236 ssh2 ...	2019-11-05 15:49:09
attackbotsspam	Nov 2 18:30:03 server sshd\[28003\]: Invalid user ahah from 112.91.149.134 port 46262 Nov 2 18:30:03 server sshd\[28003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134 Nov 2 18:30:05 server sshd\[28003\]: Failed password for invalid user ahah from 112.91.149.134 port 46262 ssh2 Nov 2 18:34:18 server sshd\[7520\]: Invalid user avenir from 112.91.149.134 port 46114 Nov 2 18:34:18 server sshd\[7520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134	2019-11-03 01:13:41
attack	Invalid user gk from 112.91.149.134 port 55924	2019-10-30 07:17:37
attackspambots	sshd jail - ssh hack attempt	2019-10-29 17:25:46
attackspambots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134 user=root Failed password for root from 112.91.149.134 port 50220 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134 user=root Failed password for root from 112.91.149.134 port 54966 ssh2 Invalid user admin from 112.91.149.134 port 59722	2019-10-25 06:05:34
attack	Oct 10 14:58:47 sso sshd[32214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134 Oct 10 14:58:49 sso sshd[32214]: Failed password for invalid user Haslo!23 from 112.91.149.134 port 60074 ssh2 ...	2019-10-10 21:47:03
attack	2019-08-23 06:51:57,914 fail2ban.actions [878]: NOTICE [sshd] Ban 112.91.149.134 2019-08-23 10:06:05,036 fail2ban.actions [878]: NOTICE [sshd] Ban 112.91.149.134 2019-08-23 13:15:02,028 fail2ban.actions [878]: NOTICE [sshd] Ban 112.91.149.134 ...	2019-09-13 16:23:28
attackspambots	Aug 20 22:14:39 localhost sshd\[14970\]: Invalid user webrun from 112.91.149.134 port 45888 Aug 20 22:14:39 localhost sshd\[14970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.91.149.134 Aug 20 22:14:41 localhost sshd\[14970\]: Failed password for invalid user webrun from 112.91.149.134 port 45888 ssh2	2019-08-21 04:26:16

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.91.149.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61719
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.91.149.134.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080702 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 10:30:28 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 134.149.91.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.149.91.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.212.19.191	attackspam	TCP (SYN) 112.212.19.191:58073 -> port 23, len 40	2020-05-20 07:23:22
114.33.36.212	attackbotsspam	TCP (SYN) 114.33.36.212:6503 -> port 23, len 40	2020-05-20 07:07:19
106.13.97.228	attackspambots	Invalid user hpv from 106.13.97.228 port 46636	2020-05-20 07:34:45
45.163.134.197	attack	TCP (SYN) 45.163.134.197:24093 -> port 8080, len 40	2020-05-20 07:08:26
223.16.132.98	attack	TCP (SYN) 223.16.132.98:19587 -> port 23, len 40	2020-05-20 07:43:07
188.253.2.173	attackbots	TCP (SYN) 188.253.2.173:44565 -> port 1433, len 40	2020-05-20 07:15:04
182.253.245.53	attackspambots	TCP (SYN) 182.253.245.53:6969 -> port 22, len 52	2020-05-20 07:36:58
89.133.66.135	attackspambots	TCP (SYN) 89.133.66.135:12399 -> port 23, len 44	2020-05-20 07:42:39
218.240.148.211	attackbots	TCP (SYN) 218.240.148.211:48328 -> port 1433, len 40	2020-05-20 07:16:18
220.132.192.125	attackbots	TCP (SYN) 220.132.192.125:55172 -> port 23, len 40	2020-05-20 07:15:54
77.30.13.157	attackbots	Portscan or hack attempt detected by psad/fwsnort	2020-05-20 07:18:58
83.59.253.138	attack	Invalid user nnc from 83.59.253.138 port 47886	2020-05-20 07:41:18
188.252.13.138	attackspam	TCP (SYN) 188.252.13.138:53173 -> port 25, len 60	2020-05-20 07:06:24
163.177.43.205	attackspambots	TCP (SYN) 163.177.43.205:45238 -> port 22, len 60	2020-05-20 07:11:10
181.143.211.50	attackbots	TCP (SYN) 181.143.211.50:56058 -> port 445, len 40	2020-05-20 07:22:20

Recently Reported IPs

93.174.93.164	209.85.221.50	112.230.212.93	198.46.255.34
49.146.39.250	134.73.161.190	229.13.105.42	210.217.24.246
135.159.128.126	216.71.252.62	118.24.38.53	37.156.71.104
182.117.177.182	45.95.32.220	233.113.137.221	175.140.138.193
84.183.111.120	27.50.161.27	91.230.31.54	103.133.104.133