116.0.4.122 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Wifiku Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	445/tcp 445/tcp 445/tcp... [2019-07-05/08-12]4pkt,1pt.(tcp)	2019-08-13 07:45:35
attackspambots	445/tcp 445/tcp 445/tcp [2019-07-05/29]3pkt	2019-07-30 15:42:46
attackspambots	Port scan and direct access per IP instead of hostname	2019-07-28 17:13:53

Comments on same subnet:

IP	Type	Details	Datetime
116.0.40.18	attackspambots	445/tcp [2020-08-06]1pkt	2020-08-06 22:19:04
116.0.45.82	attack	Unauthorized connection attempt from IP address 116.0.45.82 on Port 445(SMB)	2020-02-12 01:32:39
116.0.48.234	attackspam	unauthorized connection attempt	2020-01-12 17:48:40
116.0.49.252	attack	Unauthorized connection attempt from IP address 116.0.49.252 on Port 445(SMB)	2019-11-10 04:51:59
116.0.49.58	attackbotsspam	116.0.49.58 - - [18/Oct/2019:07:43:25 -0400] "GET /?page=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16656 "https://exitdevice.com/?page=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-18 21:13:00
116.0.45.82	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 17:14:52
116.0.45.82	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08050931)	2019-08-05 16:51:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.0.4.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55241
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.0.4.122.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 17:13:42 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 122.4.0.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 122.4.0.116.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.25.97.250	attackbotsspam	2019-09-28T20:12:50.619748abusebot-3.cloudsearch.cf sshd\[13986\]: Invalid user backup from 223.25.97.250 port 49024	2019-09-29 04:45:38
115.85.213.217	attack	Sep 28 15:34:03 web1 postfix/smtpd[32227]: warning: unknown[115.85.213.217]: SASL LOGIN authentication failed: authentication failure ...	2019-09-29 04:37:21
78.0.23.41	attackbots	Sep 28 13:16:34 *** sshd[25281]: Failed password for invalid user customer from 78.0.23.41 port 42438 ssh2	2019-09-29 04:42:14
185.185.68.66	attack	Sep 28 02:35:41 php1 sshd\[16810\]: Invalid user lv from 185.185.68.66 Sep 28 02:35:41 php1 sshd\[16810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=marlin-aquarium.ru Sep 28 02:35:43 php1 sshd\[16810\]: Failed password for invalid user lv from 185.185.68.66 port 50458 ssh2 Sep 28 02:40:54 php1 sshd\[17528\]: Invalid user redhat from 185.185.68.66 Sep 28 02:40:54 php1 sshd\[17528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=marlin-aquarium.ru	2019-09-29 04:54:27
164.132.196.98	attackspam	2019-09-19T12:27:43.686702suse-nuc sshd[31003]: Invalid user lll from 164.132.196.98 port 54134 ...	2019-09-29 04:49:01
159.65.164.210	attackspambots	Sep 28 20:42:48 markkoudstaal sshd[24669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.164.210 Sep 28 20:42:50 markkoudstaal sshd[24669]: Failed password for invalid user mysql from 159.65.164.210 port 47876 ssh2 Sep 28 20:46:52 markkoudstaal sshd[25077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.164.210	2019-09-29 04:36:03
200.11.219.206	attack	Sep 28 22:41:50 root sshd[6045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.11.219.206 Sep 28 22:41:52 root sshd[6045]: Failed password for invalid user test from 200.11.219.206 port 40083 ssh2 Sep 28 22:45:56 root sshd[6117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.11.219.206 ...	2019-09-29 04:47:24
49.234.48.171	attackspam	2019-09-17T16:52:40.840187suse-nuc sshd[12028]: Invalid user segreteria from 49.234.48.171 port 56226 ...	2019-09-29 04:43:51
222.186.3.249	attackbots	Sep 28 22:06:33 vps691689 sshd[25074]: Failed password for root from 222.186.3.249 port 23421 ssh2 Sep 28 22:09:14 vps691689 sshd[25098]: Failed password for root from 222.186.3.249 port 19204 ssh2 ...	2019-09-29 04:24:22
121.15.7.26	attackbots	Sep 28 10:50:41 wbs sshd\[9540\]: Invalid user caspar from 121.15.7.26 Sep 28 10:50:41 wbs sshd\[9540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.15.7.26 Sep 28 10:50:43 wbs sshd\[9540\]: Failed password for invalid user caspar from 121.15.7.26 port 60142 ssh2 Sep 28 10:54:00 wbs sshd\[9822\]: Invalid user eric from 121.15.7.26 Sep 28 10:54:00 wbs sshd\[9822\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.15.7.26	2019-09-29 05:04:49
165.227.53.241	attackbotsspam	Sep 28 15:29:05 bouncer sshd\[636\]: Invalid user bot from 165.227.53.241 port 53432 Sep 28 15:29:05 bouncer sshd\[636\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.53.241 Sep 28 15:29:06 bouncer sshd\[636\]: Failed password for invalid user bot from 165.227.53.241 port 53432 ssh2 ...	2019-09-29 04:35:34
221.226.8.162	attack	Automated reporting of SSH Vulnerability scanning	2019-09-29 04:46:37
185.221.172.60	attackspam	Unauthorized access detected from banned ip	2019-09-29 04:26:45
119.42.175.200	attack	Sep 28 22:49:27 ns3110291 sshd\[21032\]: Invalid user org from 119.42.175.200 Sep 28 22:49:27 ns3110291 sshd\[21032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.175.200 Sep 28 22:49:28 ns3110291 sshd\[21032\]: Failed password for invalid user org from 119.42.175.200 port 52266 ssh2 Sep 28 22:53:59 ns3110291 sshd\[21199\]: Invalid user ftpuser from 119.42.175.200 Sep 28 22:53:59 ns3110291 sshd\[21199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.175.200 ...	2019-09-29 05:04:22
5.189.142.120	attack	09/28/2019-08:25:30.530383 5.189.142.120 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-29 04:52:44

Recently Reported IPs

78.36.44.104	202.162.200.67	59.63.208.191	58.87.124.196
194.186.73.30	124.161.8.167	106.12.89.190	106.45.0.111
125.141.139.20	104.222.111.207	60.190.96.234	103.80.210.9
139.155.135.91	103.212.90.62	103.203.227.148	103.203.172.166
103.192.66.141	45.192.182.175	123.209.196.6	86.123.183.62