116.249.91.149

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.249.91.253	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54328cb5f995eb29 \| WAF_Rule_ID: 1122843 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:19:49

Type

Details

Datetime

116.249.91.253

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54328cb5f995eb29 | WAF_Rule_ID: 1122843 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 02:19:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.249.91.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24184
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.249.91.149.			IN	A

;; AUTHORITY SECTION:
.			211	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030400 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 19:20:25 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 149.91.249.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 116.249.91.149.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.64.58.58	attackbotsspam	$f2bV_matches	2020-05-05 21:56:13
49.228.57.62	attackspambots	1588670194 - 05/05/2020 11:16:34 Host: 49.228.57.62/49.228.57.62 Port: 445 TCP Blocked	2020-05-05 22:35:11
144.48.39.44	attack	Scanning	2020-05-05 22:07:44
181.126.83.125	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "mysql1" at 2020-05-05T14:01:40Z	2020-05-05 22:15:12
206.189.147.137	attack	SSH brute-force: detected 11 distinct usernames within a 24-hour window.	2020-05-05 22:24:32
64.225.114.44	attack	firewall-block, port(s): 1092/tcp	2020-05-05 22:21:02
64.225.124.118	attack	5030/tcp 3052/tcp 1863/tcp... [2020-04-19/05-05]41pkt,41pt.(tcp)	2020-05-05 22:26:14
138.197.213.233	attackspambots	Port Scan detected from 138.197.213.233 (US/United States/California/Santa Clara/-). 4 hits in the last 215 seconds	2020-05-05 21:52:55
60.10.163.87	attack	May 5 11:10:51 master sshd[24982]: Failed password for invalid user martin from 60.10.163.87 port 31240 ssh2 May 5 12:42:36 master sshd[28386]: Failed password for invalid user hdfs from 60.10.163.87 port 31240 ssh2	2020-05-05 22:09:59
176.31.105.136	attackspambots	May 5 14:24:12 ip-172-31-61-156 sshd[30929]: Invalid user elias from 176.31.105.136 May 5 14:24:15 ip-172-31-61-156 sshd[30929]: Failed password for invalid user elias from 176.31.105.136 port 59164 ssh2 May 5 14:24:12 ip-172-31-61-156 sshd[30929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.105.136 May 5 14:24:12 ip-172-31-61-156 sshd[30929]: Invalid user elias from 176.31.105.136 May 5 14:24:15 ip-172-31-61-156 sshd[30929]: Failed password for invalid user elias from 176.31.105.136 port 59164 ssh2 ...	2020-05-05 22:30:36
164.132.73.220	attackspam	Unauthorized connection attempt detected from IP address 164.132.73.220 to port 8818 [T]	2020-05-05 22:23:19
172.93.38.238	attackbotsspam	May 5 13:40:34 roki-contabo sshd\[4025\]: Invalid user paradigm from 172.93.38.238 May 5 13:40:34 roki-contabo sshd\[4025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.93.38.238 May 5 13:40:36 roki-contabo sshd\[4025\]: Failed password for invalid user paradigm from 172.93.38.238 port 45844 ssh2 May 5 14:09:23 roki-contabo sshd\[4403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.93.38.238 user=root May 5 14:09:25 roki-contabo sshd\[4403\]: Failed password for root from 172.93.38.238 port 43892 ssh2 ...	2020-05-05 22:03:09
39.152.161.65	attackspambots	2020-05-0511:15:571jVtgC-0003Re-8j\<=info@whatsup2013.chH=$localhost$[221.229.121.226]:44918P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3090id=2541683b301bcec2e5a01645b1767c7043f5086e@whatsup2013.chT="Youaresocharming"forhzhyness1@gmail.comnivaxxx26@gmail.com2020-05-0511:17:041jVthG-0003Wu-7M\<=info@whatsup2013.chH=$localhost$[212.113.234.114]:39343P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3160id=0286306368436961fdf84ee205f1dbc7af6c54@whatsup2013.chT="Youignitemyheart."forrondelogeorge9@gmail.comscottyboy118@gmail.com2020-05-0511:16:301jVtgj-0003V3-FB\<=info@whatsup2013.chH=$localhost$[113.172.53.153]:52483P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3071id=288533606b406a62fefb4de106f2d8c48f7633@whatsup2013.chT="Youareaslovelyasasunlight"formarcko0122@gmail.comusmcl1218@gmail.com2020-05-0511:16:051jVtgK-0003Se-MM\<=info@whatsup2013.chH=$localhost$[197.248.	2020-05-05 22:04:52
185.143.74.133	attackspam	May 5 16:10:18 vmanager6029 postfix/smtpd\[31950\]: warning: unknown\[185.143.74.133\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 5 16:11:42 vmanager6029 postfix/smtpd\[31950\]: warning: unknown\[185.143.74.133\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-05 22:14:01
113.172.53.153	attack	2020-05-0511:15:571jVtgC-0003Re-8j\<=info@whatsup2013.chH=$localhost$[221.229.121.226]:44918P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3090id=2541683b301bcec2e5a01645b1767c7043f5086e@whatsup2013.chT="Youaresocharming"forhzhyness1@gmail.comnivaxxx26@gmail.com2020-05-0511:17:041jVthG-0003Wu-7M\<=info@whatsup2013.chH=$localhost$[212.113.234.114]:39343P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3160id=0286306368436961fdf84ee205f1dbc7af6c54@whatsup2013.chT="Youignitemyheart."forrondelogeorge9@gmail.comscottyboy118@gmail.com2020-05-0511:16:301jVtgj-0003V3-FB\<=info@whatsup2013.chH=$localhost$[113.172.53.153]:52483P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3071id=288533606b406a62fefb4de106f2d8c48f7633@whatsup2013.chT="Youareaslovelyasasunlight"formarcko0122@gmail.comusmcl1218@gmail.com2020-05-0511:16:051jVtgK-0003Se-MM\<=info@whatsup2013.chH=$localhost$[197.248.	2020-05-05 22:04:13

Recently Reported IPs

116.249.91.124	116.249.91.126	116.249.91.112	116.249.91.127
116.249.91.115	116.249.91.135	116.249.91.144	114.106.156.40
116.249.91.187	116.249.91.191	116.249.91.155	116.249.91.193
116.249.91.216	116.249.91.219	116.249.91.220	114.106.157.4
116.249.91.235	116.249.91.248	116.249.91.222	116.249.91.94