211.116.234.149

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: HiLine Internet Service Inc.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 7 07:50:00 journals sshd\[29983\]: Invalid user dev from 211.116.234.149 Jul 7 07:50:00 journals sshd\[29983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.116.234.149 Jul 7 07:50:02 journals sshd\[29983\]: Failed password for invalid user dev from 211.116.234.149 port 53430 ssh2 Jul 7 07:53:24 journals sshd\[30269\]: Invalid user newuser1 from 211.116.234.149 Jul 7 07:53:24 journals sshd\[30269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.116.234.149 ...	2020-07-07 13:06:38
attack	2020-06-30T12:24:56.827896server.espacesoutien.com sshd[5593]: Invalid user idea from 211.116.234.149 port 57540 2020-06-30T12:24:56.841864server.espacesoutien.com sshd[5593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.116.234.149 2020-06-30T12:24:56.827896server.espacesoutien.com sshd[5593]: Invalid user idea from 211.116.234.149 port 57540 2020-06-30T12:24:58.749817server.espacesoutien.com sshd[5593]: Failed password for invalid user idea from 211.116.234.149 port 57540 ssh2 ...	2020-06-30 20:54:31
attack	$f2bV_matches	2020-06-22 19:50:01
attack	Jun 13 13:27:06 ms-srv sshd[60228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.116.234.149 Jun 13 13:27:08 ms-srv sshd[60228]: Failed password for invalid user uftp from 211.116.234.149 port 42532 ssh2	2020-06-13 22:04:37
attackbotsspam	DATE:2020-06-03 11:35:58, IP:211.116.234.149, PORT:ssh SSH brute force auth (docker-dc)	2020-06-03 18:24:28
attackbots	Jun 2 14:34:36 vps647732 sshd[28437]: Failed password for root from 211.116.234.149 port 51306 ssh2 ...	2020-06-02 23:48:40
attackspambots	May 22 19:57:19 ncomp sshd[27707]: Invalid user zcw from 211.116.234.149 May 22 19:57:19 ncomp sshd[27707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.116.234.149 May 22 19:57:19 ncomp sshd[27707]: Invalid user zcw from 211.116.234.149 May 22 19:57:21 ncomp sshd[27707]: Failed password for invalid user zcw from 211.116.234.149 port 42756 ssh2	2020-05-23 02:50:47
attackspambots	May 10 00:36:21 vps639187 sshd\[7248\]: Invalid user olivier from 211.116.234.149 port 56242 May 10 00:36:21 vps639187 sshd\[7248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.116.234.149 May 10 00:36:24 vps639187 sshd\[7248\]: Failed password for invalid user olivier from 211.116.234.149 port 56242 ssh2 ...	2020-05-10 08:06:51
attackspam	(sshd) Failed SSH login from 211.116.234.149 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 7 13:40:50 amsweb01 sshd[20353]: Invalid user hadoop from 211.116.234.149 port 36322 May 7 13:40:52 amsweb01 sshd[20353]: Failed password for invalid user hadoop from 211.116.234.149 port 36322 ssh2 May 7 13:56:14 amsweb01 sshd[22225]: Invalid user odin from 211.116.234.149 port 57940 May 7 13:56:16 amsweb01 sshd[22225]: Failed password for invalid user odin from 211.116.234.149 port 57940 ssh2 May 7 14:00:47 amsweb01 sshd[22660]: Invalid user hadoop from 211.116.234.149 port 38954	2020-05-07 22:24:20
attackbotsspam	(sshd) Failed SSH login from 211.116.234.149 (KR/South Korea/-): 5 in the last 3600 secs	2020-05-07 19:15:35
attackspambots	$f2bV_matches	2020-05-06 16:52:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.116.234.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42317
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.116.234.149.		IN	A

;; AUTHORITY SECTION:
.			356	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050600 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 16:52:30 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 149.234.116.211.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.234.116.211.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.91.26	attack	Invalid user ewg from 128.199.91.26 port 59396	2020-04-30 17:24:51
213.175.204.244	attack	lfd: (smtpauth) Failed SMTP AUTH login from 213.175.204.244 (server.tna.dz): 5 in the last 3600 secs - Sat Jun 9 05:15:08 2018	2020-04-30 17:54:11
58.216.211.62	attackspambots	Brute force blocker - service: proftpd1 - aantal: 67 - Fri Jun 8 21:20:17 2018	2020-04-30 17:49:43
81.218.197.198	attackspam	Automatic report - Port Scan Attack	2020-04-30 17:58:14
59.127.10.102	attackbots	Apr 30 04:23:41 system,error,critical: login failure for user admin from 59.127.10.102 via telnet Apr 30 04:23:42 system,error,critical: login failure for user tech from 59.127.10.102 via telnet Apr 30 04:23:44 system,error,critical: login failure for user root from 59.127.10.102 via telnet Apr 30 04:23:47 system,error,critical: login failure for user admin from 59.127.10.102 via telnet Apr 30 04:23:48 system,error,critical: login failure for user root from 59.127.10.102 via telnet Apr 30 04:23:50 system,error,critical: login failure for user root from 59.127.10.102 via telnet Apr 30 04:23:53 system,error,critical: login failure for user root from 59.127.10.102 via telnet Apr 30 04:23:55 system,error,critical: login failure for user root from 59.127.10.102 via telnet Apr 30 04:23:56 system,error,critical: login failure for user root from 59.127.10.102 via telnet Apr 30 04:23:59 system,error,critical: login failure for user root from 59.127.10.102 via telnet	2020-04-30 17:32:32
27.115.51.162	attackbotsspam	Invalid user laurenz from 27.115.51.162 port 29060	2020-04-30 17:24:13
68.109.224.53	attackbotsspam	RDP Brute-Force (honeypot 11)	2020-04-30 17:55:06
121.235.194.33	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 121.235.194.33 (33.194.235.121.broad.wx.js.dynamic.163data.com.cn): 5 in the last 3600 secs - Sat Jun 9 21:43:38 2018	2020-04-30 17:42:10
111.61.172.116	attackspambots	Brute force blocker - service: proftpd1 - aantal: 25 - Thu Jun 7 07:45:17 2018	2020-04-30 18:02:26
89.40.123.60	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 89.40.123.60 (host60-123-40-89.serverdedicati.aruba.it): 5 in the last 3600 secs - Sat Jun 9 10:16:38 2018	2020-04-30 17:36:40
185.234.216.124	attack	lfd: (smtpauth) Failed SMTP AUTH login from 185.234.216.124 (-): 5 in the last 3600 secs - Sat Jun 9 14:07:04 2018	2020-04-30 17:45:03
152.136.204.232	attack	Apr 29 23:26:59 web1 sshd\[32719\]: Invalid user hyf from 152.136.204.232 Apr 29 23:26:59 web1 sshd\[32719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.204.232 Apr 29 23:27:01 web1 sshd\[32719\]: Failed password for invalid user hyf from 152.136.204.232 port 37888 ssh2 Apr 29 23:32:00 web1 sshd\[677\]: Invalid user david from 152.136.204.232 Apr 29 23:32:00 web1 sshd\[677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.204.232	2020-04-30 17:41:16
182.43.136.178	attackspambots	Apr 29 23:59:51 pixelmemory sshd[19752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.43.136.178 Apr 29 23:59:54 pixelmemory sshd[19752]: Failed password for invalid user mada from 182.43.136.178 port 53724 ssh2 Apr 30 00:20:51 pixelmemory sshd[26017]: Failed password for root from 182.43.136.178 port 50522 ssh2 ...	2020-04-30 17:31:27
183.132.171.73	attack	Brute force blocker - service: proftpd1 - aantal: 70 - Fri Jun 8 10:20:16 2018	2020-04-30 17:50:20
27.207.195.102	attackspambots	Brute force blocker - service: proftpd1 - aantal: 155 - Fri Jun 8 10:25:18 2018	2020-04-30 17:51:57

Recently Reported IPs

49.81.44.125	176.241.187.83	113.77.226.90	51.89.166.250
111.222.228.88	203.81.71.191	182.133.53.102	195.77.92.170
159.89.231.2	81.191.199.98	224.148.216.119	45.83.67.253
178.101.206.245	226.37.250.72	201.92.73.219	129.1.137.26
44.21.132.80	162.213.43.235	162.239.204.192	228.221.241.174