110.138.149.1 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Telkom Indonesia

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	1580446649 - 01/31/2020 05:57:29 Host: 110.138.149.1/110.138.149.1 Port: 445 TCP Blocked	2020-01-31 14:43:14

相同子网IP讨论:

IP	类型	评论内容	时间
110.138.149.29	attack	SMB Server BruteForce Attack	2020-05-08 18:16:48
110.138.149.130	attackspam	[Aegis] @ 2019-07-03 05:17:10 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-04-29 18:45:11
110.138.149.232	attackspambots	Brute force SMTP login attempted. ...	2020-04-01 09:28:35
110.138.149.241	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 28-03-2020 03:55:08.	2020-03-28 12:31:48
110.138.149.68	attackspam	Honeypot attack, port: 445, PTR: 68.subnet110-138-149.speedy.telkom.net.id.	2020-03-23 06:02:09
110.138.149.222	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 24-02-2020 04:55:14.	2020-02-24 15:09:44
110.138.149.182	attackspambots	firewall-block, port(s): 8291/tcp	2020-02-11 16:15:55
110.138.149.79	attackspambots	Dec 16 09:28:01 amit sshd\[1262\]: Invalid user user from 110.138.149.79 Dec 16 09:28:02 amit sshd\[1262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.138.149.79 Dec 16 09:28:03 amit sshd\[1262\]: Failed password for invalid user user from 110.138.149.79 port 6833 ssh2 ...	2019-12-16 20:55:33
110.138.149.204	attackspambots	Unauthorized connection attempt from IP address 110.138.149.204 on Port 445(SMB)	2019-11-17 05:47:41
110.138.149.176	attackbotsspam	Unauthorized connection attempt from IP address 110.138.149.176 on Port 445(SMB)	2019-11-16 22:54:33
110.138.149.76	attackbotsspam	Unauthorized connection attempt from IP address 110.138.149.76 on Port 445(SMB)	2019-11-09 06:17:58
110.138.149.34	attack	Honeypot attack, port: 445, PTR: 34.subnet110-138-149.speedy.telkom.net.id.	2019-11-08 17:30:31
110.138.149.182	attackbotsspam	Honeypot attack, port: 445, PTR: 182.subnet110-138-149.speedy.telkom.net.id.	2019-10-17 17:05:10
110.138.149.108	attack	Port Scan: TCP/34567	2019-09-20 23:05:12
110.138.149.172	attackspambots	2019-09-07T00:42:53.957712abusebot-7.cloudsearch.cf sshd\[16761\]: Invalid user server from 110.138.149.172 port 12379	2019-09-07 11:13:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 110.138.149.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61495
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;110.138.149.1.			IN	A

;; AUTHORITY SECTION:
.			408	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013003 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 14:43:10 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

1.149.138.110.in-addr.arpa domain name pointer 1.subnet110-138-149.speedy.telkom.net.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.149.138.110.in-addr.arpa	name = 1.subnet110-138-149.speedy.telkom.net.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
77.243.191.124	attack	\[2019-10-21 12:19:01\] NOTICE\[2038\] chan_sip.c: Registration from '\' failed for '77.243.191.124:57198' - Wrong password \[2019-10-21 12:19:01\] SECURITY\[2046\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-21T12:19:01.738-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1282",SessionID="0x7f6130477218",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.243.191.124/57198",Challenge="1320f15f",ReceivedChallenge="1320f15f",ReceivedHash="c5c8c8e6728b621b1d84f34be36e7e02" \[2019-10-21 12:19:55\] NOTICE\[2038\] chan_sip.c: Registration from '\' failed for '77.243.191.124:59802' - Wrong password \[2019-10-21 12:19:55\] SECURITY\[2046\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-21T12:19:55.309-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2165",SessionID="0x7f6130477218",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.243	2019-10-22 00:22:07
185.209.0.58	attack	firewall-block, port(s): 17144/tcp	2019-10-22 00:26:29
171.7.67.225	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/171.7.67.225/ TH - 1H : (30) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TH NAME ASN : ASN45758 IP : 171.7.67.225 CIDR : 171.7.0.0/16 PREFIX COUNT : 64 UNIQUE IP COUNT : 1069568 ATTACKS DETECTED ASN45758 : 1H - 1 3H - 2 6H - 3 12H - 5 24H - 9 DateTime : 2019-10-21 13:41:11 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-22 00:00:18
45.228.137.6	attackspambots	ssh failed login	2019-10-22 00:30:19
62.210.84.26	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-22 00:01:08
120.132.6.27	attackspam	Repeated brute force against a port	2019-10-21 23:54:04
72.173.117.130	attack	SSH Scan	2019-10-22 00:12:43
31.179.183.30	attack	2019-10-21T13:58:03.754346abusebot-4.cloudsearch.cf sshd\[21925\]: Invalid user Admin123 from 31.179.183.30 port 60240	2019-10-22 00:33:34
185.209.0.51	attack	10/21/2019-17:46:27.253440 185.209.0.51 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-22 00:20:10
51.68.189.69	attackbotsspam	Oct 21 11:40:36 *** sshd[12295]: User root from 51.68.189.69 not allowed because not listed in AllowUsers	2019-10-22 00:33:10
192.169.139.6	attack	WordPress login brute force attempt	2019-10-22 00:31:06
91.197.174.16	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2019-10-22 00:32:41
24.252.172.90	spam	Take my email	2019-10-21 23:53:02
202.5.18.84	attackspambots	Oct 21 13:53:57 vps691689 sshd[29527]: Failed password for root from 202.5.18.84 port 58117 ssh2 Oct 21 13:57:15 vps691689 sshd[29548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.18.84 ...	2019-10-22 00:21:04
92.62.139.103	attackspambots	Oct 21 05:37:26 eddieflores sshd\[17268\]: Invalid user 1 from 92.62.139.103 Oct 21 05:37:26 eddieflores sshd\[17268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.62.139.103 Oct 21 05:37:29 eddieflores sshd\[17268\]: Failed password for invalid user 1 from 92.62.139.103 port 49914 ssh2 Oct 21 05:37:32 eddieflores sshd\[17275\]: Invalid user 1111 from 92.62.139.103 Oct 21 05:37:32 eddieflores sshd\[17275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.62.139.103	2019-10-21 23:57:15

最近上报的IP列表

202.151.214.251	136.133.71.225	153.249.44.115	68.13.40.242
70.77.8.219	183.92.249.27	14.102.92.72	170.130.205.108
36.90.130.168	171.119.99.68	188.169.142.196	42.218.251.107
146.45.202.191	187.62.191.3	157.230.249.58	93.170.135.79
36.89.106.69	14.29.247.69	94.74.162.48	240.138.158.227

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表