116.1.149.196 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts.	2020-09-29 07:04:51
attack	Sep 27 02:13:28 serwer sshd\[6064\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 user=root Sep 27 02:13:30 serwer sshd\[6064\]: Failed password for root from 116.1.149.196 port 32960 ssh2 Sep 27 02:19:20 serwer sshd\[6894\]: Invalid user hadoop from 116.1.149.196 port 36166 Sep 27 02:19:20 serwer sshd\[6894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Sep 27 02:19:22 serwer sshd\[6894\]: Failed password for invalid user hadoop from 116.1.149.196 port 36166 ssh2 Sep 27 02:21:56 serwer sshd\[7284\]: Invalid user uploader from 116.1.149.196 port 52046 Sep 27 02:21:56 serwer sshd\[7284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Sep 27 02:21:58 serwer sshd\[7284\]: Failed password for invalid user uploader from 116.1.149.196 port 52046 ssh2 Sep 27 02:24:16 serwer sshd\[7514\]: Invalid user invoices from ...	2020-09-28 23:34:49
attack	2020-09-27T21:54:47.304042abusebot-2.cloudsearch.cf sshd[4911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 user=root 2020-09-27T21:54:49.529562abusebot-2.cloudsearch.cf sshd[4911]: Failed password for root from 116.1.149.196 port 47872 ssh2 2020-09-27T22:00:25.225173abusebot-2.cloudsearch.cf sshd[5020]: Invalid user wangqi from 116.1.149.196 port 58737 2020-09-27T22:00:25.230664abusebot-2.cloudsearch.cf sshd[5020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 2020-09-27T22:00:25.225173abusebot-2.cloudsearch.cf sshd[5020]: Invalid user wangqi from 116.1.149.196 port 58737 2020-09-27T22:00:27.190175abusebot-2.cloudsearch.cf sshd[5020]: Failed password for invalid user wangqi from 116.1.149.196 port 58737 ssh2 2020-09-27T22:04:13.010538abusebot-2.cloudsearch.cf sshd[5043]: Invalid user spring from 116.1.149.196 port 60964 ...	2020-09-28 15:38:07
attackbots	Aug 19 14:23:51 inter-technics sshd[3588]: Invalid user kte from 116.1.149.196 port 54131 Aug 19 14:23:51 inter-technics sshd[3588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Aug 19 14:23:51 inter-technics sshd[3588]: Invalid user kte from 116.1.149.196 port 54131 Aug 19 14:23:52 inter-technics sshd[3588]: Failed password for invalid user kte from 116.1.149.196 port 54131 ssh2 Aug 19 14:26:21 inter-technics sshd[3721]: Invalid user git from 116.1.149.196 port 37794 ...	2020-08-20 03:24:12
attackbotsspam	Jul 23 14:04:09 ns3164893 sshd[7333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Jul 23 14:04:12 ns3164893 sshd[7333]: Failed password for invalid user wingate from 116.1.149.196 port 40570 ssh2 ...	2020-07-23 20:12:30
attack	Jul 11 07:34:31 server1 sshd\[11755\]: Invalid user karolina from 116.1.149.196 Jul 11 07:34:31 server1 sshd\[11755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Jul 11 07:34:33 server1 sshd\[11755\]: Failed password for invalid user karolina from 116.1.149.196 port 59796 ssh2 Jul 11 07:36:53 server1 sshd\[12449\]: Invalid user jesus from 116.1.149.196 Jul 11 07:36:53 server1 sshd\[12449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 ...	2020-07-11 21:40:19
attackbotsspam	...	2020-07-09 04:21:26
attack	Jun 20 18:21:53 124388 sshd[24834]: Invalid user rdy from 116.1.149.196 port 57703 Jun 20 18:21:53 124388 sshd[24834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Jun 20 18:21:53 124388 sshd[24834]: Invalid user rdy from 116.1.149.196 port 57703 Jun 20 18:21:54 124388 sshd[24834]: Failed password for invalid user rdy from 116.1.149.196 port 57703 ssh2 Jun 20 18:23:03 124388 sshd[24837]: Invalid user loyal from 116.1.149.196 port 36140	2020-06-21 04:01:43
attack	Jun 9 07:15:47 nextcloud sshd\[20903\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 user=root Jun 9 07:15:48 nextcloud sshd\[20903\]: Failed password for root from 116.1.149.196 port 55184 ssh2 Jun 9 07:20:00 nextcloud sshd\[25291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 user=root	2020-06-09 15:47:52
attackspam	Apr 14 05:00:58 scw-6657dc sshd[25813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Apr 14 05:00:58 scw-6657dc sshd[25813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Apr 14 05:01:01 scw-6657dc sshd[25813]: Failed password for invalid user eil from 116.1.149.196 port 57407 ssh2 ...	2020-04-14 13:51:36
attackbotsspam	$f2bV_matches	2020-04-14 05:21:49
attackspam	Apr 12 09:32:58 *** sshd[31582]: User root from 116.1.149.196 not allowed because not listed in AllowUsers	2020-04-12 18:19:05
attackspam	Feb 3 05:43:41 v22018076622670303 sshd\[28638\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 user=root Feb 3 05:43:43 v22018076622670303 sshd\[28638\]: Failed password for root from 116.1.149.196 port 60598 ssh2 Feb 3 05:52:50 v22018076622670303 sshd\[28722\]: Invalid user test from 116.1.149.196 port 55310 Feb 3 05:52:50 v22018076622670303 sshd\[28722\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 ...	2020-02-03 14:53:32
attackbotsspam	Unauthorized connection attempt detected from IP address 116.1.149.196 to port 2220 [J]	2020-01-15 03:31:57
attackbots	Automatic report - Banned IP Access	2020-01-10 06:08:33
attack	$f2bV_matches	2019-12-22 20:14:35
attack	Dec 18 04:48:29 zx01vmsma01 sshd[170132]: Failed password for root from 116.1.149.196 port 33287 ssh2 ...	2019-12-18 13:47:54
attack	F2B jail: sshd. Time: 2019-12-10 08:01:40, Reported by: VKReport	2019-12-10 15:02:17
attackspambots	Nov 3 06:37:23 MK-Soft-VM4 sshd[31726]: Failed password for root from 116.1.149.196 port 41958 ssh2 ...	2019-11-03 22:31:08
attack	Oct 18 03:48:44 *** sshd[8835]: User root from 116.1.149.196 not allowed because not listed in AllowUsers	2019-10-18 16:55:51
attackbots	Oct 9 15:52:20 v22019058497090703 sshd[30639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Oct 9 15:52:22 v22019058497090703 sshd[30639]: Failed password for invalid user Carolina123 from 116.1.149.196 port 51333 ssh2 Oct 9 15:57:45 v22019058497090703 sshd[31035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 ...	2019-10-10 01:57:01
attack	Oct 7 10:07:50 vpn01 sshd[9568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Oct 7 10:07:51 vpn01 sshd[9568]: Failed password for invalid user Spain@123 from 116.1.149.196 port 49742 ssh2 ...	2019-10-07 16:22:52
attackbotsspam	Sep 28 13:27:51 gw1 sshd[25600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Sep 28 13:27:53 gw1 sshd[25600]: Failed password for invalid user sinusbot from 116.1.149.196 port 37369 ssh2 ...	2019-09-28 16:36:39
attackspambots	Sep 25 06:58:11 MK-Soft-Root2 sshd[22147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Sep 25 06:58:14 MK-Soft-Root2 sshd[22147]: Failed password for invalid user den from 116.1.149.196 port 46218 ssh2 ...	2019-09-25 13:01:08
attack	Sep 6 05:39:23 hiderm sshd\[2821\]: Invalid user 123 from 116.1.149.196 Sep 6 05:39:23 hiderm sshd\[2821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Sep 6 05:39:24 hiderm sshd\[2821\]: Failed password for invalid user 123 from 116.1.149.196 port 46430 ssh2 Sep 6 05:45:43 hiderm sshd\[3366\]: Invalid user password321 from 116.1.149.196 Sep 6 05:45:43 hiderm sshd\[3366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196	2019-09-07 00:18:15
attack	Aug 15 01:59:22 vps647732 sshd[12473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Aug 15 01:59:24 vps647732 sshd[12473]: Failed password for invalid user np from 116.1.149.196 port 60012 ssh2 ...	2019-08-15 08:05:05
attackspambots	Aug 2 05:05:07 ny01 sshd[17815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Aug 2 05:05:10 ny01 sshd[17815]: Failed password for invalid user joe from 116.1.149.196 port 55516 ssh2 Aug 2 05:09:32 ny01 sshd[18146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196	2019-08-02 17:16:42
attack	Jul 26 14:58:06 meumeu sshd[30503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 Jul 26 14:58:08 meumeu sshd[30503]: Failed password for invalid user george from 116.1.149.196 port 42810 ssh2 Jul 26 14:59:58 meumeu sshd[30725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.1.149.196 ...	2019-07-27 00:07:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.1.149.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52281
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.1.149.196.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 19 12:29:19 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 196.149.1.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 196.149.1.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.236.189.134	attackbotsspam	Sep 19 18:57:08 sip sshd[16196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.236.189.134 Sep 19 18:57:11 sip sshd[16196]: Failed password for invalid user mysql from 116.236.189.134 port 44382 ssh2 Sep 19 19:03:11 sip sshd[17949]: Failed password for root from 116.236.189.134 port 39932 ssh2	2020-09-20 12:24:00
54.36.163.141	attack	Sep 20 06:17:42 [host] sshd[28137]: pam_unix(sshd: Sep 20 06:17:44 [host] sshd[28137]: Failed passwor Sep 20 06:21:43 [host] sshd[28153]: pam_unix(sshd:	2020-09-20 12:49:23
34.201.153.104	attack	HTTP/80/443/8080 Probe, BF, WP, Hack -	2020-09-20 12:25:01
5.202.177.123	attackbots	Sep 19 21:22:54 h2829583 sshd[28264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.202.177.123	2020-09-20 12:50:11
217.170.205.14	attackbots	(sshd) Failed SSH login from 217.170.205.14 (NO/Norway/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 00:32:10 server5 sshd[7220]: Failed password for root from 217.170.205.14 port 12992 ssh2 Sep 20 00:32:12 server5 sshd[7220]: Failed password for root from 217.170.205.14 port 12992 ssh2 Sep 20 00:32:14 server5 sshd[7220]: Failed password for root from 217.170.205.14 port 12992 ssh2 Sep 20 00:32:17 server5 sshd[7220]: Failed password for root from 217.170.205.14 port 12992 ssh2 Sep 20 00:32:19 server5 sshd[7220]: Failed password for root from 217.170.205.14 port 12992 ssh2	2020-09-20 12:33:23
35.198.41.65	attackspam	35.198.41.65 - - [19/Sep/2020:20:50:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2371 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.198.41.65 - - [19/Sep/2020:20:50:23 +0100] "POST /wp-login.php HTTP/1.1" 200 2342 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.198.41.65 - - [19/Sep/2020:20:50:24 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-20 12:20:07
181.46.68.97	attackbotsspam	2020-09-19 11:55:29.685189-0500 localhost smtpd[24990]: NOQUEUE: reject: RCPT from unknown[181.46.68.97]: 554 5.7.1 Service unavailable; Client host [181.46.68.97] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/181.46.68.97; from= to= proto=ESMTP helo=	2020-09-20 12:34:33
58.69.113.29	attack	1600535000 - 09/19/2020 19:03:20 Host: 58.69.113.29/58.69.113.29 Port: 445 TCP Blocked	2020-09-20 12:17:54
51.159.20.140	attackbots	SIPVicious Scanner Detection , PTR: 51-159-20-140.rev.poneytelecom.eu.	2020-09-20 12:19:14
144.217.75.30	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-20T02:13:49Z and 2020-09-20T03:33:33Z	2020-09-20 12:29:52
213.150.184.62	attackspambots	Sep 20 01:13:30 firewall sshd[27426]: Invalid user znc-admin from 213.150.184.62 Sep 20 01:13:32 firewall sshd[27426]: Failed password for invalid user znc-admin from 213.150.184.62 port 34992 ssh2 Sep 20 01:17:46 firewall sshd[27508]: Invalid user admin from 213.150.184.62 ...	2020-09-20 12:33:38
223.17.161.175	attackbotsspam	IP 223.17.161.175 attacked honeypot on port: 22 at 9/19/2020 5:00:14 PM	2020-09-20 12:52:02
45.138.74.116	attackspambots	E-Mail Spam (RBL) [REJECTED]	2020-09-20 12:39:56
187.55.168.198	attackbotsspam	20/9/19@14:36:01: FAIL: Alarm-Network address from=187.55.168.198 20/9/19@14:36:01: FAIL: Alarm-Network address from=187.55.168.198 ...	2020-09-20 12:26:43
173.44.175.20	attack	173.44.175.20 has been banned for [spam] ...	2020-09-20 12:38:40

Recently Reported IPs

36.70.150.111	16.43.105.103	39.115.133.87	51.15.214.231
210.14.27.220	14.232.208.53	139.199.106.127	201.76.124.13
1.36.204.124	84.164.197.248	217.133.205.220	198.100.102.181
142.4.119.230	219.93.67.113	148.70.253.207	43.255.105.135
180.87.34.81	40.69.56.246	188.39.160.106	218.64.226.40