116.149.247.148

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	DATE:2020-03-09 04:50:08, IP:116.149.247.148, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-03-09 15:34:03

Comments on same subnet:

IP	Type	Details	Datetime
116.149.247.194	attack	Unauthorized connection attempt detected from IP address 116.149.247.194 to port 8080	2020-05-30 01:22:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.149.247.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58811
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.149.247.148.		IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030900 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 15:34:00 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 148.247.149.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.247.149.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
151.60.77.179	attackbots	wget call in url	2019-08-14 15:21:13
118.89.197.212	attackbots	Invalid user samp from 118.89.197.212 port 36822	2019-08-14 15:58:23
51.68.97.191	attackspam	Aug 14 08:24:57 srv206 sshd[8925]: Invalid user qhsupport from 51.68.97.191 ...	2019-08-14 15:19:08
103.206.245.90	attack	Aug 14 06:15:01 MK-Soft-VM6 sshd\[8109\]: Invalid user test from 103.206.245.90 port 46672 Aug 14 06:15:01 MK-Soft-VM6 sshd\[8109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.206.245.90 Aug 14 06:15:03 MK-Soft-VM6 sshd\[8109\]: Failed password for invalid user test from 103.206.245.90 port 46672 ssh2 ...	2019-08-14 15:53:09
177.124.65.134	attack	Automatic report - Port Scan Attack	2019-08-14 15:52:36
192.241.213.168	attackspam	Aug 14 09:24:12 tux-35-217 sshd\[23148\]: Invalid user ahavi from 192.241.213.168 port 36392 Aug 14 09:24:12 tux-35-217 sshd\[23148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.213.168 Aug 14 09:24:13 tux-35-217 sshd\[23148\]: Failed password for invalid user ahavi from 192.241.213.168 port 36392 ssh2 Aug 14 09:29:21 tux-35-217 sshd\[23172\]: Invalid user testsite from 192.241.213.168 port 56228 Aug 14 09:29:21 tux-35-217 sshd\[23172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.213.168 ...	2019-08-14 15:45:14
182.61.44.136	attackbots	Aug 14 02:02:46 XXXXXX sshd[36900]: Invalid user ahmad from 182.61.44.136 port 36238	2019-08-14 15:22:13
184.105.139.114	attackbots	Automatic report - Port Scan Attack	2019-08-14 15:56:49
218.92.0.134	attackbots	Aug 14 08:26:50 ubuntu-2gb-nbg1-dc3-1 sshd[26499]: Failed password for root from 218.92.0.134 port 28477 ssh2 Aug 14 08:26:56 ubuntu-2gb-nbg1-dc3-1 sshd[26499]: error: maximum authentication attempts exceeded for root from 218.92.0.134 port 28477 ssh2 [preauth] ...	2019-08-14 15:25:29
51.83.40.213	attackbots	Aug 14 08:52:57 www sshd\[31112\]: Invalid user tfc from 51.83.40.213 port 34112 ...	2019-08-14 15:34:17
203.186.158.178	attack	Aug 14 09:22:08 vserver sshd\[5001\]: Invalid user bing from 203.186.158.178Aug 14 09:22:11 vserver sshd\[5001\]: Failed password for invalid user bing from 203.186.158.178 port 20769 ssh2Aug 14 09:27:00 vserver sshd\[5020\]: Invalid user rat from 203.186.158.178Aug 14 09:27:02 vserver sshd\[5020\]: Failed password for invalid user rat from 203.186.158.178 port 44673 ssh2 ...	2019-08-14 15:30:00
129.204.96.184	attackbots	Aug 14 07:16:14 sshgateway sshd\[20810\]: Invalid user zelda from 129.204.96.184 Aug 14 07:16:14 sshgateway sshd\[20810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.96.184 Aug 14 07:16:16 sshgateway sshd\[20810\]: Failed password for invalid user zelda from 129.204.96.184 port 55910 ssh2	2019-08-14 15:31:30
191.184.12.198	attack	Aug 14 09:00:17 XXX sshd[52966]: Invalid user oraprod from 191.184.12.198 port 53100	2019-08-14 16:01:47
59.49.99.124	attackspam	Aug 14 08:06:59 icinga sshd[28364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.49.99.124 Aug 14 08:07:01 icinga sshd[28364]: Failed password for invalid user admin from 59.49.99.124 port 51335 ssh2 ...	2019-08-14 15:21:42
112.85.42.88	attackspambots	Aug 14 09:18:18 ubuntu-2gb-nbg1-dc3-1 sshd[29989]: Failed password for root from 112.85.42.88 port 59572 ssh2 Aug 14 09:18:23 ubuntu-2gb-nbg1-dc3-1 sshd[29989]: error: maximum authentication attempts exceeded for root from 112.85.42.88 port 59572 ssh2 [preauth] ...	2019-08-14 15:19:31

Recently Reported IPs

51.144.142.12	133.155.243.12	233.72.161.167	9.144.41.52
141.217.219.164	47.207.117.32	79.35.66.251	37.49.226.149
111.171.214.117	112.99.155.134	114.237.156.184	220.71.134.165
113.22.191.111	222.139.205.72	5.133.66.188	5.22.205.35
46.102.92.40	36.68.53.152	192.184.46.241	110.44.93.71