180.254.47.149

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 180.254.47.149 on Port 445(SMB)	2020-08-08 23:07:55

Comments on same subnet:

IP	Type	Details	Datetime
180.254.47.77	attackbotsspam	Unauthorized connection attempt from IP address 180.254.47.77 on Port 445(SMB)	2019-08-13 21:32:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.254.47.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58194
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.254.47.149.			IN	A

;; AUTHORITY SECTION:
.			389	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080800 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 23:07:48 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 149.47.254.180.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 149.47.254.180.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.136.110.27	attackbots	Nov 3 16:56:57 h2177944 kernel: \[5672295.718505\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.27 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=57052 PROTO=TCP SPT=48297 DPT=13133 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 3 16:57:13 h2177944 kernel: \[5672311.849269\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.27 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=5282 PROTO=TCP SPT=48297 DPT=40333 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 3 17:00:10 h2177944 kernel: \[5672489.263002\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.27 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=60707 PROTO=TCP SPT=48297 DPT=21533 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 3 17:00:46 h2177944 kernel: \[5672525.158095\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.27 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=42588 PROTO=TCP SPT=48297 DPT=20733 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 3 17:20:02 h2177944 kernel: \[5673681.207572\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.27 DST=85.214.11	2019-11-04 00:32:14
185.9.3.48	attackbotsspam	Nov 3 16:53:43 legacy sshd[5599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.9.3.48 Nov 3 16:53:45 legacy sshd[5599]: Failed password for invalid user user from 185.9.3.48 port 49146 ssh2 Nov 3 16:57:35 legacy sshd[5701]: Failed password for root from 185.9.3.48 port 60184 ssh2 ...	2019-11-04 00:07:58
71.6.158.166	attack	3389BruteforceFW23	2019-11-03 23:54:23
60.209.191.146	attackbotsspam	Nov 3 11:22:22 ws24vmsma01 sshd[219468]: Failed password for root from 60.209.191.146 port 32842 ssh2 Nov 3 11:36:01 ws24vmsma01 sshd[228549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.209.191.146 ...	2019-11-04 00:27:43
222.186.175.161	attackspambots	Nov 3 17:02:07 meumeu sshd[11455]: Failed password for root from 222.186.175.161 port 21226 ssh2 Nov 3 17:02:27 meumeu sshd[11455]: error: maximum authentication attempts exceeded for root from 222.186.175.161 port 21226 ssh2 [preauth] Nov 3 17:02:39 meumeu sshd[11565]: Failed password for root from 222.186.175.161 port 47918 ssh2 ...	2019-11-04 00:07:32
212.83.138.75	attackbots	Nov 3 04:39:46 eddieflores sshd\[18098\]: Invalid user 123456 from 212.83.138.75 Nov 3 04:39:46 eddieflores sshd\[18098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=demo.myorigine.com Nov 3 04:39:48 eddieflores sshd\[18098\]: Failed password for invalid user 123456 from 212.83.138.75 port 46774 ssh2 Nov 3 04:44:00 eddieflores sshd\[18481\]: Invalid user opensayzme from 212.83.138.75 Nov 3 04:44:00 eddieflores sshd\[18481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=demo.myorigine.com	2019-11-04 00:30:22
142.44.184.79	attackspambots	Nov 3 16:08:37 unicornsoft sshd\[20034\]: User root from 142.44.184.79 not allowed because not listed in AllowUsers Nov 3 16:08:37 unicornsoft sshd\[20034\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.184.79 user=root Nov 3 16:08:40 unicornsoft sshd\[20034\]: Failed password for invalid user root from 142.44.184.79 port 47490 ssh2	2019-11-04 00:09:49
95.85.60.251	attack	Nov 3 05:31:15 php1 sshd\[29604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 user=root Nov 3 05:31:17 php1 sshd\[29604\]: Failed password for root from 95.85.60.251 port 52636 ssh2 Nov 3 05:36:15 php1 sshd\[30218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 user=root Nov 3 05:36:18 php1 sshd\[30218\]: Failed password for root from 95.85.60.251 port 34810 ssh2 Nov 3 05:41:11 php1 sshd\[30957\]: Invalid user radvd from 95.85.60.251	2019-11-03 23:53:31
213.191.117.1	attackspambots	5x Failed Password	2019-11-04 00:12:16
115.236.190.75	attackspam	Bruteforce on smtp	2019-11-04 00:33:20
185.173.35.17	attackbots	TELNET bruteforce	2019-11-04 00:22:39
140.143.200.251	attackbots	Nov 3 17:38:10 server sshd\[782\]: Invalid user ts3srv from 140.143.200.251 port 52454 Nov 3 17:38:10 server sshd\[782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.200.251 Nov 3 17:38:12 server sshd\[782\]: Failed password for invalid user ts3srv from 140.143.200.251 port 52454 ssh2 Nov 3 17:43:52 server sshd\[17415\]: User root from 140.143.200.251 not allowed because listed in DenyUsers Nov 3 17:43:52 server sshd\[17415\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.200.251 user=root	2019-11-04 00:15:25
185.232.67.6	attackbotsspam	Nov 3 16:29:20 dedicated sshd[4072]: Invalid user admin from 185.232.67.6 port 38694	2019-11-04 00:23:47
185.153.45.174	attackspam	Automatic report - Banned IP Access	2019-11-04 00:01:37
178.61.146.90	attack	Fail2Ban Ban Triggered	2019-11-04 00:05:14

Recently Reported IPs

59.116.17.194	168.189.192.194	78.17.166.244	60.174.172.141
113.160.183.29	189.232.98.233	77.204.146.180	220.133.252.23
182.148.112.4	114.99.130.196	123.57.209.85	113.21.114.242
217.182.36.107	2a01:4f8:192:734b::2	154.117.99.252	34.91.189.40
120.84.133.98	188.84.64.244	70.98.78.168	64.40.126.26