116.254.112.149

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Media Sarana Data

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sat, 20 Jul 2019 21:54:04 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 14:20:57

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.254.112.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16218
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.254.112.149.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 21 14:20:37 CST 2019
;; MSG SIZE  rcvd: 119

Host info

149.112.254.116.in-addr.arpa domain name pointer ipv4-149-112.254.116.as55666.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
149.112.254.116.in-addr.arpa	name = ipv4-149-112.254.116.as55666.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.5.192.201	attackbotsspam	Unauthorized connection attempt from IP address 114.5.192.201 on Port 445(SMB)	2020-08-08 01:59:33
112.85.42.227	attackbots	Aug 7 14:19:29 NPSTNNYC01T sshd[27651]: Failed password for root from 112.85.42.227 port 60953 ssh2 Aug 7 14:20:34 NPSTNNYC01T sshd[27729]: Failed password for root from 112.85.42.227 port 46367 ssh2 Aug 7 14:20:37 NPSTNNYC01T sshd[27729]: Failed password for root from 112.85.42.227 port 46367 ssh2 ...	2020-08-08 02:32:24
162.14.22.99	attackspam	2020-08-07T15:06:44.341701shield sshd\[17249\]: Invalid user qlyyweb from 162.14.22.99 port 39490 2020-08-07T15:06:44.350389shield sshd\[17249\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.14.22.99 2020-08-07T15:06:46.176077shield sshd\[17249\]: Failed password for invalid user qlyyweb from 162.14.22.99 port 39490 ssh2 2020-08-07T15:13:17.032321shield sshd\[19285\]: Invalid user xlcidc from 162.14.22.99 port 10389 2020-08-07T15:13:17.042443shield sshd\[19285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.14.22.99	2020-08-08 02:20:47
210.245.34.243	attackbotsspam	"Unauthorized connection attempt on SSHD detected"	2020-08-08 02:30:45
139.59.25.246	attackbotsspam	Automatic report - XMLRPC Attack	2020-08-08 02:26:06
219.249.62.179	attackbotsspam	Aug 7 13:47:11 ovpn sshd\[13100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.249.62.179 user=root Aug 7 13:47:13 ovpn sshd\[13100\]: Failed password for root from 219.249.62.179 port 35110 ssh2 Aug 7 13:55:26 ovpn sshd\[16537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.249.62.179 user=root Aug 7 13:55:29 ovpn sshd\[16537\]: Failed password for root from 219.249.62.179 port 38572 ssh2 Aug 7 14:02:00 ovpn sshd\[19147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.249.62.179 user=root	2020-08-08 02:07:02
76.79.221.130	attackbotsspam	Unauthorized connection attempt from IP address 76.79.221.130 on Port 445(SMB)	2020-08-08 02:19:23
49.232.9.198	attack	SSH Brute Force	2020-08-08 02:00:51
106.12.106.221	attackbots	Aug 7 13:36:29 ovpn sshd\[9032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root Aug 7 13:36:31 ovpn sshd\[9032\]: Failed password for root from 106.12.106.221 port 59460 ssh2 Aug 7 13:59:17 ovpn sshd\[18037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root Aug 7 13:59:19 ovpn sshd\[18037\]: Failed password for root from 106.12.106.221 port 50648 ssh2 Aug 7 14:01:28 ovpn sshd\[18973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.106.221 user=root	2020-08-08 02:13:50
178.128.52.226	attackspam	SSH Brute Force	2020-08-08 02:08:31
138.68.245.152	attack	Aug 8 01:03:19 webhost01 sshd[1644]: Failed password for root from 138.68.245.152 port 34402 ssh2 ...	2020-08-08 02:23:17
163.44.197.189	attackspambots	Lines containing failures of 163.44.197.189 Aug 5 14:04:55 nemesis sshd[31570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.44.197.189 user=r.r Aug 5 14:04:57 nemesis sshd[31570]: Failed password for r.r from 163.44.197.189 port 34656 ssh2 Aug 5 14:04:57 nemesis sshd[31570]: Received disconnect from 163.44.197.189 port 34656:11: Bye Bye [preauth] Aug 5 14:04:57 nemesis sshd[31570]: Disconnected from authenticating user r.r 163.44.197.189 port 34656 [preauth] Aug 5 14:38:22 nemesis sshd[11310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.44.197.189 user=r.r Aug 5 14:38:24 nemesis sshd[11310]: Failed password for r.r from 163.44.197.189 port 36142 ssh2 Aug 5 14:38:25 nemesis sshd[11310]: Received disconnect from 163.44.197.189 port 36142:11: Bye Bye [preauth] Aug 5 14:38:25 nemesis sshd[11310]: Disconnected from authenticating user r.r 163.44.197.189 port 36142 [preaut........ ------------------------------	2020-08-08 02:20:35
187.85.145.204	attack	(smtpauth) Failed SMTP AUTH login from 187.85.145.204 (BR/Brazil/187-85-145-204.gegnet.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-07 16:31:59 plain authenticator failed for 187-85-145-204.gegnet.com.br [187.85.145.204]: 535 Incorrect authentication data (set_id=info)	2020-08-08 02:28:46
106.12.28.152	attackspambots	Aug 7 10:31:05 firewall sshd[3877]: Failed password for root from 106.12.28.152 port 46646 ssh2 Aug 7 10:35:59 firewall sshd[4021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.152 user=root Aug 7 10:36:01 firewall sshd[4021]: Failed password for root from 106.12.28.152 port 43316 ssh2 ...	2020-08-08 02:18:38
91.134.167.236	attackspam	Aug 7 04:54:10 pixelmemory sshd[3608593]: Failed password for root from 91.134.167.236 port 2080 ssh2 Aug 7 04:58:12 pixelmemory sshd[3617871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.167.236 user=root Aug 7 04:58:14 pixelmemory sshd[3617871]: Failed password for root from 91.134.167.236 port 25055 ssh2 Aug 7 05:02:05 pixelmemory sshd[3632585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.167.236 user=root Aug 7 05:02:07 pixelmemory sshd[3632585]: Failed password for root from 91.134.167.236 port 52485 ssh2 ...	2020-08-08 02:25:14

Recently Reported IPs

125.214.48.156	105.108.72.117	41.80.83.60	201.164.69.218
190.219.107.28	176.156.188.35	5.62.145.121	186.249.211.187
167.56.248.42	113.181.217.113	14.241.136.102	186.96.69.206
182.73.45.158	103.57.70.238	90.217.108.193	41.93.47.69
36.75.155.1	128.172.173.239	122.164.222.169	95.107.57.90