116.55.140.149

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Banned IP Access	2020-03-14 01:26:09

Comments on same subnet:

IP	Type	Details	Datetime
116.55.140.245	attack	badbot	2019-11-20 19:11:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.55.140.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26117
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.55.140.149.			IN	A

;; AUTHORITY SECTION:
.			247	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031300 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 14 01:26:05 CST 2020
;; MSG SIZE  rcvd: 118

Host info

149.140.55.116.in-addr.arpa domain name pointer 149.140.55.116.broad.km.yn.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.140.55.116.in-addr.arpa	name = 149.140.55.116.broad.km.yn.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.149.228.147	attackbotsspam	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	2019-10-29 05:16:08
42.119.75.72	attackbots	port scan and connect, tcp 23 (telnet)	2019-10-29 05:09:28
167.86.99.118	attack	Automatic report - XMLRPC Attack	2019-10-29 04:56:07
46.143.120.153	attackbotsspam	[portscan] Port scan	2019-10-29 04:44:10
96.9.208.189	attack	(pop3d) Failed POP3 login from 96.9.208.189 (US/United States/-): 1 in the last 3600 secs	2019-10-29 04:42:11
37.187.0.20	attackbots	Oct 28 21:27:37 SilenceServices sshd[15118]: Failed password for root from 37.187.0.20 port 43550 ssh2 Oct 28 21:31:41 SilenceServices sshd[17729]: Failed password for root from 37.187.0.20 port 53612 ssh2	2019-10-29 04:49:41
222.186.190.2	attackbots	Oct 29 00:04:00 server sshd\[22400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Oct 29 00:04:01 server sshd\[22400\]: Failed password for root from 222.186.190.2 port 49602 ssh2 Oct 29 00:04:06 server sshd\[22400\]: Failed password for root from 222.186.190.2 port 49602 ssh2 Oct 29 00:04:10 server sshd\[22400\]: Failed password for root from 222.186.190.2 port 49602 ssh2 Oct 29 00:04:15 server sshd\[22400\]: Failed password for root from 222.186.190.2 port 49602 ssh2 ...	2019-10-29 05:09:50
222.186.175.148	attackspam	Oct 27 11:41:49 heissa sshd\[23118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Oct 27 11:41:51 heissa sshd\[23118\]: Failed password for root from 222.186.175.148 port 19314 ssh2 Oct 27 11:41:55 heissa sshd\[23118\]: Failed password for root from 222.186.175.148 port 19314 ssh2 Oct 27 11:41:58 heissa sshd\[23118\]: Failed password for root from 222.186.175.148 port 19314 ssh2 Oct 27 11:42:03 heissa sshd\[23118\]: Failed password for root from 222.186.175.148 port 19314 ssh2	2019-10-29 04:50:06
43.248.20.105	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-10-29 05:04:19
69.85.70.44	attackbots	2019-10-28T20:50:20.952744abusebot.cloudsearch.cf sshd\[24997\]: Invalid user jenifer from 69.85.70.44 port 47024	2019-10-29 04:51:15
45.118.61.5	attackspambots	TCP src-port=43160 dst-port=25 Listed on abuseat-org barracuda zen-spamhaus (Project Honey Pot rated Suspicious) (595)	2019-10-29 04:47:08
75.68.93.189	attack	75.68.93.189 - admin [28/Oct/2019:20:07:40 +0100] "POST /editBlackAndWhiteList HTTP/1.1" 404 161 "-" "ApiTool"	2019-10-29 04:43:25
165.22.144.206	attack	Oct 28 20:11:06 venus sshd\[11690\]: Invalid user qwe1 from 165.22.144.206 port 34378 Oct 28 20:11:06 venus sshd\[11690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.144.206 Oct 28 20:11:08 venus sshd\[11690\]: Failed password for invalid user qwe1 from 165.22.144.206 port 34378 ssh2 ...	2019-10-29 04:57:26
139.59.82.78	attack	Triggered by Fail2Ban at Vostok web server	2019-10-29 04:57:09
201.208.233.175	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/201.208.233.175/ VE - 1H : (32) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : VE NAME ASN : ASN8048 IP : 201.208.233.175 CIDR : 201.208.224.0/19 PREFIX COUNT : 467 UNIQUE IP COUNT : 2731520 ATTACKS DETECTED ASN8048 : 1H - 4 3H - 8 6H - 11 12H - 19 24H - 31 DateTime : 2019-10-28 21:11:01 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-29 05:02:17

Recently Reported IPs

103.30.17.33	150.222.242.90	186.212.117.61	150.222.241.183
218.156.216.84	167.114.92.57	118.25.88.204	103.116.105.118
195.20.28.192	179.104.235.117	110.184.199.244	192.249.115.24
159.138.22.170	78.8.249.81	157.245.228.155	128.14.20.142
46.153.105.244	220.191.255.72	196.190.7.27	115.73.14.213