119.252.166.10

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: PT Indonesia Comnets Plus

Hostname: unknown

Organization: PT INDONESIA COMNETS PLUS

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 119.252.166.10 on Port 445(SMB)	2020-09-30 03:28:32
attackspambots	Unauthorized connection attempt from IP address 119.252.166.10 on Port 445(SMB)	2020-09-29 19:32:40
attackspambots	Honeypot attack, port: 445, PTR: 10.166.iconpln.net.id.	2020-05-05 03:53:04
attackbots	Unauthorised access (Apr 28) SRC=119.252.166.10 LEN=52 TTL=111 ID=7991 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-29 05:29:41
attackbotsspam	Unauthorized connection attempt from IP address 119.252.166.10 on Port 445(SMB)	2020-04-13 17:39:33
attackbotsspam	Unauthorized connection attempt from IP address 119.252.166.10 on Port 445(SMB)	2019-12-21 06:51:46
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-11 18:48:48,013 INFO [amun_request_handler] PortScan Detected on Port: 445 (119.252.166.10)	2019-09-12 05:32:54

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.252.166.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63049
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.252.166.10.			IN	A

;; AUTHORITY SECTION:
.			2591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042500 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 26 01:01:09 +08 2019
;; MSG SIZE  rcvd: 118

Host info

10.166.252.119.in-addr.arpa domain name pointer 10.166.iconpln.net.id.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
10.166.252.119.in-addr.arpa	name = 10.166.iconpln.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.231.226.68	attack	Sep 18 13:19:35 vps333114 sshd[6635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.226.68 user=root Sep 18 13:19:38 vps333114 sshd[6635]: Failed password for root from 111.231.226.68 port 34906 ssh2 ...	2020-09-18 20:30:09
113.111.48.150	attackspam	Lines containing failures of 113.111.48.150 Sep 15 21:10:45 kmh-vmh-001-fsn03 sshd[1336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.111.48.150 user=r.r Sep 15 21:10:48 kmh-vmh-001-fsn03 sshd[1336]: Failed password for r.r from 113.111.48.150 port 52171 ssh2 Sep 15 21:10:48 kmh-vmh-001-fsn03 sshd[1336]: Received disconnect from 113.111.48.150 port 52171:11: Bye Bye [preauth] Sep 15 21:10:48 kmh-vmh-001-fsn03 sshd[1336]: Disconnected from authenticating user r.r 113.111.48.150 port 52171 [preauth] Sep 15 21:21:41 kmh-vmh-001-fsn03 sshd[26495]: Invalid user ervisor from 113.111.48.150 port 56197 Sep 15 21:21:41 kmh-vmh-001-fsn03 sshd[26495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.111.48.150 Sep 15 21:21:43 kmh-vmh-001-fsn03 sshd[26495]: Failed password for invalid user ervisor from 113.111.48.150 port 56197 ssh2 Sep 15 21:21:43 kmh-vmh-001-fsn03 sshd[26495]: Received dis........ ------------------------------	2020-09-18 20:40:11
98.146.212.146	attackspambots	(sshd) Failed SSH login from 98.146.212.146 (US/United States/cpe-98-146-212-146.natnow.res.rr.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 18 08:00:14 server sshd[1699]: Failed password for root from 98.146.212.146 port 36414 ssh2 Sep 18 08:06:49 server sshd[3819]: Failed password for root from 98.146.212.146 port 47924 ssh2 Sep 18 08:13:18 server sshd[5972]: Failed password for root from 98.146.212.146 port 59434 ssh2 Sep 18 08:19:44 server sshd[8637]: Invalid user dan from 98.146.212.146 port 42710 Sep 18 08:19:47 server sshd[8637]: Failed password for invalid user dan from 98.146.212.146 port 42710 ssh2	2020-09-18 21:00:55
119.45.34.52	attackspam	2020-09-17 UTC: (29x) - admin,gnats,root(25x),srv,susan	2020-09-18 20:49:17
213.57.46.81	attackbots	(sshd) Failed SSH login from 213.57.46.81 (IL/Israel/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 17 13:01:29 server2 sshd[16688]: Invalid user admin from 213.57.46.81 Sep 17 13:01:29 server2 sshd[16688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.57.46.81 Sep 17 13:01:31 server2 sshd[16688]: Failed password for invalid user admin from 213.57.46.81 port 37498 ssh2 Sep 17 13:01:33 server2 sshd[16704]: Invalid user admin from 213.57.46.81 Sep 17 13:01:33 server2 sshd[16704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.57.46.81	2020-09-18 20:57:23
69.162.124.230	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-18 21:05:07
172.81.248.199	attackspam	Sep 18 04:27:23 pixelmemory sshd[3123261]: Failed password for root from 172.81.248.199 port 38266 ssh2 Sep 18 04:31:26 pixelmemory sshd[3123959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.248.199 user=root Sep 18 04:31:28 pixelmemory sshd[3123959]: Failed password for root from 172.81.248.199 port 51324 ssh2 Sep 18 04:35:28 pixelmemory sshd[3124714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.248.199 user=root Sep 18 04:35:30 pixelmemory sshd[3124714]: Failed password for root from 172.81.248.199 port 36144 ssh2 ...	2020-09-18 20:50:34
112.85.42.176	attackbots	2020-09-18T14:33:24.352601vps773228.ovh.net sshd[12831]: Failed password for root from 112.85.42.176 port 22201 ssh2 2020-09-18T14:33:27.447487vps773228.ovh.net sshd[12831]: Failed password for root from 112.85.42.176 port 22201 ssh2 2020-09-18T14:33:30.933066vps773228.ovh.net sshd[12831]: Failed password for root from 112.85.42.176 port 22201 ssh2 2020-09-18T14:33:33.969356vps773228.ovh.net sshd[12831]: Failed password for root from 112.85.42.176 port 22201 ssh2 2020-09-18T14:33:37.770374vps773228.ovh.net sshd[12831]: Failed password for root from 112.85.42.176 port 22201 ssh2 ...	2020-09-18 20:40:33
142.93.195.157	attackspam	Sep 18 06:28:29 master sshd[1401]: Failed password for root from 142.93.195.157 port 35516 ssh2	2020-09-18 20:26:15
13.85.152.27	attackspam	Dear user, The IP address [13.85.152.27] experienced 2 failed attempts when attempting to log into SSH running on AstroParrotsNAS within 5 minutes, and was blocked at Mon Sep 14 00:04:10 2020. From AstroParrotsNAS	2020-09-18 20:28:56
138.186.32.174	attack	IP 138.186.32.174 attacked honeypot on port: 22 at 9/18/2020 12:00:15 AM	2020-09-18 21:04:44
41.111.138.122	attackbotsspam	Unauthorized connection attempt from IP address 41.111.138.122 on Port 445(SMB)	2020-09-18 20:41:57
52.188.126.55	attackspam	Brute forcing email. Part of botnet.	2020-09-18 20:26:44
92.39.68.139	attack	Unauthorized connection attempt from IP address 92.39.68.139 on Port 445(SMB)	2020-09-18 20:43:08
115.186.188.53	attackbotsspam	2020-09-18T08:55:57.749358upcloud.m0sh1x2.com sshd[22693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115-186-188-53.nayatel.pk user=root 2020-09-18T08:56:00.640216upcloud.m0sh1x2.com sshd[22693]: Failed password for root from 115.186.188.53 port 58060 ssh2	2020-09-18 20:50:59

Recently Reported IPs

51.203.96.250	200.29.173.20	78.192.106.169	73.30.245.78
37.143.226.139	160.177.209.152	174.86.210.30	80.99.251.251
27.64.207.193	79.113.1.83	156.174.4.198	109.104.173.46
124.203.177.203	174.57.207.138	73.15.108.49	205.209.143.194
129.144.7.91	106.106.59.123	37.240.40.174	96.213.129.7