116.0.4.122 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Wifiku Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	445/tcp 445/tcp 445/tcp... [2019-07-05/08-12]4pkt,1pt.(tcp)	2019-08-13 07:45:35
attackspambots	445/tcp 445/tcp 445/tcp [2019-07-05/29]3pkt	2019-07-30 15:42:46
attackspambots	Port scan and direct access per IP instead of hostname	2019-07-28 17:13:53

Comments on same subnet:

IP	Type	Details	Datetime
116.0.40.18	attackspambots	445/tcp [2020-08-06]1pkt	2020-08-06 22:19:04
116.0.45.82	attack	Unauthorized connection attempt from IP address 116.0.45.82 on Port 445(SMB)	2020-02-12 01:32:39
116.0.48.234	attackspam	unauthorized connection attempt	2020-01-12 17:48:40
116.0.49.252	attack	Unauthorized connection attempt from IP address 116.0.49.252 on Port 445(SMB)	2019-11-10 04:51:59
116.0.49.58	attackbotsspam	116.0.49.58 - - [18/Oct/2019:07:43:25 -0400] "GET /?page=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16656 "https://exitdevice.com/?page=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-18 21:13:00
116.0.45.82	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 17:14:52
116.0.45.82	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08050931)	2019-08-05 16:51:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.0.4.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55241
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.0.4.122.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 17:13:42 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 122.4.0.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 122.4.0.116.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.42.163	attackspam	Oct 5 21:51:53 MK-Soft-VM4 sshd[17138]: Failed password for root from 222.186.42.163 port 37488 ssh2 Oct 5 21:51:58 MK-Soft-VM4 sshd[17138]: Failed password for root from 222.186.42.163 port 37488 ssh2 ...	2019-10-06 03:53:09
59.13.176.105	attackspam	IP attempted unauthorised action	2019-10-06 04:06:10
134.209.108.106	attack	Oct 5 10:01:33 web9 sshd\[11967\]: Invalid user brandsma from 134.209.108.106 Oct 5 10:01:33 web9 sshd\[11967\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.108.106 Oct 5 10:01:34 web9 sshd\[11967\]: Failed password for invalid user brandsma from 134.209.108.106 port 38992 ssh2 Oct 5 10:01:55 web9 sshd\[12040\]: Invalid user gary from 134.209.108.106 Oct 5 10:01:55 web9 sshd\[12040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.108.106	2019-10-06 04:07:22
157.55.39.24	attackspambots	Automatic report - Banned IP Access	2019-10-06 04:08:51
190.8.168.252	attack	xmlrpc attack	2019-10-06 04:18:16
59.126.36.74	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-06 04:28:00
222.186.175.6	attackbotsspam	Sep 15 01:45:42 vtv3 sshd\[3374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.6 user=root Sep 15 01:45:44 vtv3 sshd\[3374\]: Failed password for root from 222.186.175.6 port 51912 ssh2 Sep 15 01:45:47 vtv3 sshd\[3374\]: Failed password for root from 222.186.175.6 port 51912 ssh2 Sep 15 01:45:49 vtv3 sshd\[3374\]: Failed password for root from 222.186.175.6 port 51912 ssh2 Sep 15 01:45:52 vtv3 sshd\[3374\]: Failed password for root from 222.186.175.6 port 51912 ssh2 Sep 15 02:42:54 vtv3 sshd\[31241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.6 user=root Sep 15 02:42:57 vtv3 sshd\[31241\]: Failed password for root from 222.186.175.6 port 43158 ssh2 Sep 15 02:42:59 vtv3 sshd\[31241\]: Failed password for root from 222.186.175.6 port 43158 ssh2 Sep 15 02:43:01 vtv3 sshd\[31241\]: Failed password for root from 222.186.175.6 port 43158 ssh2 Sep 15 02:43:04 vtv3 sshd\[31241\]: Failed password f	2019-10-06 04:09:51
185.81.193.40	attackspam	Oct 5 19:58:56 localhost sshd\[26344\]: Invalid user Game2017 from 185.81.193.40 port 7974 Oct 5 19:58:56 localhost sshd\[26344\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.81.193.40 Oct 5 19:58:57 localhost sshd\[26344\]: Failed password for invalid user Game2017 from 185.81.193.40 port 7974 ssh2 Oct 5 20:02:28 localhost sshd\[26432\]: Invalid user q1w2e3e4 from 185.81.193.40 port 20948 Oct 5 20:02:28 localhost sshd\[26432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.81.193.40 ...	2019-10-06 04:10:11
94.231.217.34	attackspambots	B: Magento admin pass test (wrong country)	2019-10-06 04:24:52
51.38.57.78	attackbotsspam	Oct 5 10:14:07 auw2 sshd\[2290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3118043.ip-51-38-57.eu user=root Oct 5 10:14:09 auw2 sshd\[2290\]: Failed password for root from 51.38.57.78 port 50098 ssh2 Oct 5 10:17:25 auw2 sshd\[2619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3118043.ip-51-38-57.eu user=root Oct 5 10:17:27 auw2 sshd\[2619\]: Failed password for root from 51.38.57.78 port 53612 ssh2 Oct 5 10:20:51 auw2 sshd\[2903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3118043.ip-51-38-57.eu user=root	2019-10-06 04:30:26
94.23.208.211	attack	Oct 5 21:41:16 herz-der-gamer sshd[1620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.208.211 user=root Oct 5 21:41:18 herz-der-gamer sshd[1620]: Failed password for root from 94.23.208.211 port 36288 ssh2 ...	2019-10-06 04:25:35
218.241.227.196	attackbots	Oct 5 15:47:49 TORMINT sshd\[7469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.227.196 user=root Oct 5 15:47:51 TORMINT sshd\[7469\]: Failed password for root from 218.241.227.196 port 39130 ssh2 Oct 5 15:51:01 TORMINT sshd\[7657\]: Invalid user 123 from 218.241.227.196 Oct 5 15:51:01 TORMINT sshd\[7657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.227.196 ...	2019-10-06 03:53:58
141.98.81.111	attackbots	SSH scan ::	2019-10-06 03:59:54
144.217.15.161	attack	Oct 5 09:52:36 hanapaa sshd\[19190\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.ip-144-217-15.net user=root Oct 5 09:52:37 hanapaa sshd\[19190\]: Failed password for root from 144.217.15.161 port 39910 ssh2 Oct 5 09:56:23 hanapaa sshd\[19499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.ip-144-217-15.net user=root Oct 5 09:56:25 hanapaa sshd\[19499\]: Failed password for root from 144.217.15.161 port 51558 ssh2 Oct 5 10:00:05 hanapaa sshd\[19832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.ip-144-217-15.net user=root	2019-10-06 04:13:33
200.150.74.114	attackspambots	Oct 5 21:36:45 vmanager6029 sshd\[30803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.150.74.114 user=root Oct 5 21:36:47 vmanager6029 sshd\[30803\]: Failed password for root from 200.150.74.114 port 12286 ssh2 Oct 5 21:41:02 vmanager6029 sshd\[30938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.150.74.114 user=root	2019-10-06 04:34:49

Recently Reported IPs

78.36.44.104	202.162.200.67	59.63.208.191	58.87.124.196
194.186.73.30	124.161.8.167	106.12.89.190	106.45.0.111
125.141.139.20	104.222.111.207	60.190.96.234	103.80.210.9
139.155.135.91	103.212.90.62	103.203.227.148	103.203.172.166
103.192.66.141	45.192.182.175	123.209.196.6	86.123.183.62