149.129.248.95

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Alibaba.com Singapore E-Commerce Private Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 14 06:48:21 lukav-desktop sshd\[9306\]: Invalid user install from 149.129.248.95 Jun 14 06:48:21 lukav-desktop sshd\[9306\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.95 Jun 14 06:48:23 lukav-desktop sshd\[9306\]: Failed password for invalid user install from 149.129.248.95 port 44758 ssh2 Jun 14 06:52:55 lukav-desktop sshd\[9421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.95 user=root Jun 14 06:52:57 lukav-desktop sshd\[9421\]: Failed password for root from 149.129.248.95 port 38228 ssh2	2020-06-14 15:01:43

Type

Details

Datetime

attack

Jun 14 06:48:21 lukav-desktop sshd\[9306\]: Invalid user install from 149.129.248.95
Jun 14 06:48:21 lukav-desktop sshd\[9306\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.95
Jun 14 06:48:23 lukav-desktop sshd\[9306\]: Failed password for invalid user install from 149.129.248.95 port 44758 ssh2
Jun 14 06:52:55 lukav-desktop sshd\[9421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.95  user=root
Jun 14 06:52:57 lukav-desktop sshd\[9421\]: Failed password for root from 149.129.248.95 port 38228 ssh2

2020-06-14 15:01:43

Comments on same subnet:

IP	Type	Details	Datetime
149.129.248.170	attackbots	$f2bV_matches	2019-08-17 07:04:42
149.129.248.170	attack	Jul 26 02:23:33 OPSO sshd\[22878\]: Invalid user tuo from 149.129.248.170 port 45196 Jul 26 02:23:33 OPSO sshd\[22878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 26 02:23:35 OPSO sshd\[22878\]: Failed password for invalid user tuo from 149.129.248.170 port 45196 ssh2 Jul 26 02:28:55 OPSO sshd\[24141\]: Invalid user ftpuser from 149.129.248.170 port 42106 Jul 26 02:28:55 OPSO sshd\[24141\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170	2019-07-26 08:29:54
149.129.248.170	attackbotsspam	Jul 14 04:17:25 vtv3 sshd\[4916\]: Invalid user neptun from 149.129.248.170 port 42728 Jul 14 04:17:25 vtv3 sshd\[4916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 14 04:17:28 vtv3 sshd\[4916\]: Failed password for invalid user neptun from 149.129.248.170 port 42728 ssh2 Jul 14 04:23:49 vtv3 sshd\[8131\]: Invalid user alvin from 149.129.248.170 port 57414 Jul 14 04:23:49 vtv3 sshd\[8131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 14 04:34:34 vtv3 sshd\[13782\]: Invalid user vnc from 149.129.248.170 port 37634 Jul 14 04:34:34 vtv3 sshd\[13782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 14 04:34:36 vtv3 sshd\[13782\]: Failed password for invalid user vnc from 149.129.248.170 port 37634 ssh2 Jul 14 04:40:07 vtv3 sshd\[16788\]: Invalid user nadim from 149.129.248.170 port 42018 Jul 14 04:40:07 vtv3 sshd\[167	2019-07-15 01:16:10
149.129.248.170	attackbotsspam	Jul 6 21:35:53 server sshd\[21455\]: Invalid user finn from 149.129.248.170 Jul 6 21:35:53 server sshd\[21455\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 6 21:35:54 server sshd\[21455\]: Failed password for invalid user finn from 149.129.248.170 port 43344 ssh2 ...	2019-07-12 03:21:13
149.129.248.170	attackbots	Jul 2 06:25:24 martinbaileyphotography sshd\[24718\]: Invalid user wpyan from 149.129.248.170 port 48552 Jul 2 06:25:25 martinbaileyphotography sshd\[24718\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 Jul 2 06:25:27 martinbaileyphotography sshd\[24718\]: Failed password for invalid user wpyan from 149.129.248.170 port 48552 ssh2 Jul 2 06:29:04 martinbaileyphotography sshd\[24892\]: Invalid user next from 149.129.248.170 port 59608 Jul 2 06:29:04 martinbaileyphotography sshd\[24892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.248.170 ...	2019-07-02 06:07:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.129.248.95
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 671
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.129.248.95.			IN	A

;; AUTHORITY SECTION:
.			169	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061400 1800 900 604800 86400

;; Query time: 129 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 14 15:01:38 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 95.248.129.149.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 95.248.129.149.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.232.43.17	attack	firewall-block, port(s): 8545/tcp	2020-10-05 15:12:01
114.40.49.6	attackbots	445/tcp [2020-10-04]1pkt	2020-10-05 15:15:53
178.254.200.51	attackbotsspam	5555/tcp [2020-10-04]1pkt	2020-10-05 15:01:58
151.236.33.74	attack	SSH Scan	2020-10-05 15:07:22
94.107.1.247	attackspambots	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=64091 . dstport=445 SMB . (3534)	2020-10-05 15:39:45
223.171.61.4	attackbots	Hits on port : 5555	2020-10-05 15:29:52
202.164.208.19	attackbotsspam	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=58885 . dstport=445 SMB . (3545)	2020-10-05 14:59:39
222.104.38.206	attackbots	Oct 5 08:11:03 Ubuntu-1404-trusty-64-minimal sshd\[10034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.104.38.206 user=root Oct 5 08:11:05 Ubuntu-1404-trusty-64-minimal sshd\[10034\]: Failed password for root from 222.104.38.206 port 40500 ssh2 Oct 5 08:17:07 Ubuntu-1404-trusty-64-minimal sshd\[12693\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.104.38.206 user=root Oct 5 08:17:09 Ubuntu-1404-trusty-64-minimal sshd\[12693\]: Failed password for root from 222.104.38.206 port 33456 ssh2 Oct 5 08:20:08 Ubuntu-1404-trusty-64-minimal sshd\[14498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.104.38.206 user=root	2020-10-05 15:38:21
192.241.239.182	attackspambots	Port scan denied	2020-10-05 15:35:44
198.23.236.113	attack	Port 22 Scan, PTR: None	2020-10-05 15:06:11
115.77.240.69	attackspambots	23/tcp [2020-10-04]1pkt	2020-10-05 15:20:51
64.227.67.106	attackspambots	SSH login attempts.	2020-10-05 15:00:45
201.160.220.59	attack	Automatic report - Port Scan Attack	2020-10-05 15:38:48
124.193.142.2	attack	$f2bV_matches	2020-10-05 15:14:30
195.54.167.167	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-05T05:10:47Z and 2020-10-05T06:56:53Z	2020-10-05 15:11:30

Recently Reported IPs

202.105.98.210	192.254.66.210	178.134.41.222	183.89.214.193
183.16.102.218	217.218.246.7	117.67.1.70	103.105.42.23
118.187.185.147	100.253.97.12	222.133.137.8	190.9.249.221
103.134.73.2	90.8.119.23	182.50.160.236	163.171.138.33
31.192.208.186	181.39.160.26	193.27.228.148	217.182.206.211