116.255.161.148

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Zhengzhou Gainet Computer Network Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 12 15:10:06 vps639187 sshd\[4567\]: Invalid user ts from 116.255.161.148 port 52800 Oct 12 15:10:06 vps639187 sshd\[4567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.161.148 Oct 12 15:10:08 vps639187 sshd\[4567\]: Failed password for invalid user ts from 116.255.161.148 port 52800 ssh2 ...	2020-10-12 21:17:48
attackbotsspam	fail2ban detected brute force on sshd	2020-10-12 12:48:29
attack	2020-10-08T19:07:49+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-10-09 04:03:14
attack	Oct 8 12:48:57 prod4 sshd\[32613\]: Failed password for root from 116.255.161.148 port 38736 ssh2 Oct 8 12:52:51 prod4 sshd\[2072\]: Failed password for root from 116.255.161.148 port 59050 ssh2 Oct 8 12:56:24 prod4 sshd\[3667\]: Failed password for root from 116.255.161.148 port 51116 ssh2 ...	2020-10-08 20:11:36
attackbots	Oct 7 23:44:15 Server sshd[842871]: Failed password for root from 116.255.161.148 port 34358 ssh2 Oct 7 23:46:25 Server sshd[843057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.161.148 user=root Oct 7 23:46:27 Server sshd[843057]: Failed password for root from 116.255.161.148 port 40136 ssh2 Oct 7 23:48:42 Server sshd[843210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.161.148 user=root Oct 7 23:48:44 Server sshd[843210]: Failed password for root from 116.255.161.148 port 45912 ssh2 ...	2020-10-08 12:08:03
attackspambots	Oct 7 23:44:15 Server sshd[842871]: Failed password for root from 116.255.161.148 port 34358 ssh2 Oct 7 23:46:25 Server sshd[843057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.161.148 user=root Oct 7 23:46:27 Server sshd[843057]: Failed password for root from 116.255.161.148 port 40136 ssh2 Oct 7 23:48:42 Server sshd[843210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.161.148 user=root Oct 7 23:48:44 Server sshd[843210]: Failed password for root from 116.255.161.148 port 45912 ssh2 ...	2020-10-08 07:28:06

Comments on same subnet:

IP	Type	Details	Datetime
116.255.161.41	attack	attempted connection to port 1433	2020-03-05 20:42:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.255.161.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5973
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.255.161.148.		IN	A

;; AUTHORITY SECTION:
.			239	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100702 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 08 07:28:02 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 148.161.255.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.161.255.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
39.109.202.126	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 17 - port: 2323 proto: TCP cat: Misc Attack	2020-07-05 22:25:41
82.221.105.7	attackbotsspam	TCP (SYN) 82.221.105.7:24858 -> port 21025, len 44	2020-07-05 22:42:51
49.234.230.108	attackspam	Unauthorized connection attempt detected from IP address 49.234.230.108 to port 80	2020-07-05 22:22:33
185.39.10.65	attack	firewall-block, port(s): 22202/tcp, 22233/tcp, 22242/tcp, 22260/tcp, 22272/tcp, 22274/tcp, 22299/tcp, 22396/tcp	2020-07-05 22:32:47
185.39.11.47	attackspam	Port scan: Attack repeated for 24 hours	2020-07-05 22:54:45
46.31.79.43	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 29 - port: 22138 proto: TCP cat: Misc Attack	2020-07-05 22:23:03
94.102.51.16	attackspambots	Jul 5 16:15:44 debian-2gb-nbg1-2 kernel: \[16217157.887682\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.16 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=44224 PROTO=TCP SPT=41772 DPT=44417 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-05 22:38:15
12.156.112.9	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 6 - port: 1433 proto: TCP cat: Misc Attack	2020-07-05 22:50:03
92.63.197.70	attack	TCP (SYN) 92.63.197.70:52756 -> port 3495, len 44	2020-07-05 23:02:30
194.180.224.130	attack	TCP (SYN) 194.180.224.130:39427 -> port 80, len 44	2020-07-05 22:51:51
83.97.20.31	attackbotsspam	TCP (SYN) 83.97.20.31:37892 -> port 8080, len 40	2020-07-05 22:42:15
45.145.66.104	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 25 - port: 3395 proto: TCP cat: Misc Attack	2020-07-05 22:47:35
45.148.121.43	attackbotsspam	45.148.121.43 was recorded 5 times by 3 hosts attempting to connect to the following ports: 123,11211. Incident counter (4h, 24h, all-time): 5, 9, 101	2020-07-05 22:23:29
40.73.6.1	attackbots	Jul 5 16:41:15 ArkNodeAT sshd\[1969\]: Invalid user student from 40.73.6.1 Jul 5 16:41:15 ArkNodeAT sshd\[1969\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.6.1 Jul 5 16:41:17 ArkNodeAT sshd\[1969\]: Failed password for invalid user student from 40.73.6.1 port 1172 ssh2	2020-07-05 22:49:10
123.31.43.117	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-07-05 22:58:24

Recently Reported IPs

232.225.4.62	214.229.88.147	144.135.149.146	68.87.241.123
43.225.158.124	45.12.13.138	123.237.152.143	246.183.85.243
10.97.189.150	27.66.72.56	30.146.235.214	179.115.50.220
129.226.170.141	118.173.63.64	95.79.91.76	195.154.105.228
152.136.133.145	120.85.61.98	14.205.201.231	171.224.191.120