116.0.4.122 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Wifiku Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	445/tcp 445/tcp 445/tcp... [2019-07-05/08-12]4pkt,1pt.(tcp)	2019-08-13 07:45:35
attackspambots	445/tcp 445/tcp 445/tcp [2019-07-05/29]3pkt	2019-07-30 15:42:46
attackspambots	Port scan and direct access per IP instead of hostname	2019-07-28 17:13:53

Comments on same subnet:

IP	Type	Details	Datetime
116.0.40.18	attackspambots	445/tcp [2020-08-06]1pkt	2020-08-06 22:19:04
116.0.45.82	attack	Unauthorized connection attempt from IP address 116.0.45.82 on Port 445(SMB)	2020-02-12 01:32:39
116.0.48.234	attackspam	unauthorized connection attempt	2020-01-12 17:48:40
116.0.49.252	attack	Unauthorized connection attempt from IP address 116.0.49.252 on Port 445(SMB)	2019-11-10 04:51:59
116.0.49.58	attackbotsspam	116.0.49.58 - - [18/Oct/2019:07:43:25 -0400] "GET /?page=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16656 "https://exitdevice.com/?page=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-18 21:13:00
116.0.45.82	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 17:14:52
116.0.45.82	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08050931)	2019-08-05 16:51:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.0.4.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55241
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.0.4.122.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 17:13:42 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 122.4.0.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 122.4.0.116.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.184.249.22	attackspam	445/tcp [2019-11-01]1pkt	2019-11-02 06:33:29
36.81.63.138	attackspambots	445/tcp 445/tcp 445/tcp [2019-11-01]3pkt	2019-11-02 06:30:41
200.89.174.176	attackspambots	Nov 1 12:02:34 php1 sshd\[27135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176-174-89-200.fibertel.com.ar user=root Nov 1 12:02:36 php1 sshd\[27135\]: Failed password for root from 200.89.174.176 port 59332 ssh2 Nov 1 12:08:59 php1 sshd\[27859\]: Invalid user mqm from 200.89.174.176 Nov 1 12:08:59 php1 sshd\[27859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176-174-89-200.fibertel.com.ar Nov 1 12:09:02 php1 sshd\[27859\]: Failed password for invalid user mqm from 200.89.174.176 port 42888 ssh2	2019-11-02 06:21:28
60.182.190.240	attackspam	$f2bV_matches	2019-11-02 06:17:19
90.150.52.45	attackbotsspam	proto=tcp . spt=55392 . dpt=25 . (Found on Blocklist de Nov 01) (669)	2019-11-02 06:22:05
178.62.194.63	attackbots	Nov 1 12:29:04 hanapaa sshd\[1655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.194.63 user=root Nov 1 12:29:06 hanapaa sshd\[1655\]: Failed password for root from 178.62.194.63 port 33212 ssh2 Nov 1 12:32:48 hanapaa sshd\[1948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.194.63 user=root Nov 1 12:32:50 hanapaa sshd\[1948\]: Failed password for root from 178.62.194.63 port 47738 ssh2 Nov 1 12:36:33 hanapaa sshd\[2242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.194.63 user=root	2019-11-02 06:36:52
139.59.13.51	attack	Invalid user 123 from 139.59.13.51 port 16790	2019-11-02 06:41:42
161.22.148.117	attackbots	namecheap spam	2019-11-02 06:23:36
42.6.12.40	attackspambots	60001/tcp [2019-11-01]1pkt	2019-11-02 06:45:28
63.240.240.74	attackbotsspam	Nov 1 15:19:55 mockhub sshd[28110]: Failed password for root from 63.240.240.74 port 38085 ssh2 ...	2019-11-02 06:24:41
165.231.248.59	attackbotsspam	Automatic report - Banned IP Access	2019-11-02 06:11:33
157.245.112.184	attack	157.245.112.184 - - \[01/Nov/2019:21:14:05 +0100\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 $compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com$" ...	2019-11-02 06:14:16
112.85.42.237	attackspambots	2019-11-01T22:09:59.334716abusebot-2.cloudsearch.cf sshd\[10149\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root	2019-11-02 06:16:07
157.230.153.75	attackbots	2019-11-01T22:13:59.114588abusebot-8.cloudsearch.cf sshd\[4240\]: Invalid user 12345f from 157.230.153.75 port 43662	2019-11-02 06:38:58
211.159.159.238	attackbots	3x Failed Password	2019-11-02 06:36:22

Recently Reported IPs

78.36.44.104	202.162.200.67	59.63.208.191	58.87.124.196
194.186.73.30	124.161.8.167	106.12.89.190	106.45.0.111
125.141.139.20	104.222.111.207	60.190.96.234	103.80.210.9
139.155.135.91	103.212.90.62	103.203.227.148	103.203.172.166
103.192.66.141	45.192.182.175	123.209.196.6	86.123.183.62