1.199.158.147 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Henan Telecom Corporation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 1.199.158.147 to port 139 [T]	2020-05-20 09:04:23

Comments on same subnet:

IP	Type	Details	Datetime
1.199.158.31	attack	Unauthorized connection attempt detected from IP address 1.199.158.31 to port 139 [T]	2020-05-20 09:05:26
1.199.158.90	attackspam	Unauthorized connection attempt detected from IP address 1.199.158.90 to port 139 [T]	2020-05-20 09:04:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.199.158.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38617
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.199.158.147.			IN	A

;; AUTHORITY SECTION:
.			487	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051901 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 20 09:04:17 CST 2020
;; MSG SIZE  rcvd: 117

Host info

;; connection timed out; no servers could be reached

Nslookup info:

;; Got SERVFAIL reply from 183.60.82.98, trying next server
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 147.158.199.1.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.215.111.113	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-11-14 22:03:30
111.251.29.196	attackspambots	Port scan	2019-11-14 22:06:35
81.171.85.101	attackspambots	\[2019-11-14 09:08:10\] NOTICE\[2601\] chan_sip.c: Registration from '\' failed for '81.171.85.101:52829' - Wrong password \[2019-11-14 09:08:10\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-14T09:08:10.414-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="8094",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.85.101/52829",Challenge="3230f28c",ReceivedChallenge="3230f28c",ReceivedHash="c20022828317b8e8b6cc70516377cc73" \[2019-11-14 09:08:21\] NOTICE\[2601\] chan_sip.c: Registration from '\' failed for '81.171.85.101:56934' - Wrong password \[2019-11-14 09:08:21\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-14T09:08:21.472-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="8274",SessionID="0x7fdf2c09e0a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.85	2019-11-14 22:10:42
171.34.173.49	attackspambots	Nov 14 14:01:10 server sshd\[22162\]: Invalid user alanis from 171.34.173.49 Nov 14 14:01:10 server sshd\[22162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.34.173.49 Nov 14 14:01:12 server sshd\[22162\]: Failed password for invalid user alanis from 171.34.173.49 port 37393 ssh2 Nov 14 14:25:34 server sshd\[28458\]: Invalid user service from 171.34.173.49 Nov 14 14:25:34 server sshd\[28458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.34.173.49 ...	2019-11-14 22:04:09
89.216.56.67	attackspambots	firewall-block, port(s): 1433/tcp	2019-11-14 21:37:13
222.140.159.180	attackspam	Telnet/23 MH Probe, BF, Hack -	2019-11-14 22:13:07
51.255.35.41	attack	Nov 14 09:45:06 SilenceServices sshd[30925]: Failed password for root from 51.255.35.41 port 36123 ssh2 Nov 14 09:48:38 SilenceServices sshd[31956]: Failed password for lp from 51.255.35.41 port 54828 ssh2	2019-11-14 21:48:36
220.134.144.96	attack	Nov 14 10:46:10 ns382633 sshd\[31405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.144.96 user=root Nov 14 10:46:13 ns382633 sshd\[31405\]: Failed password for root from 220.134.144.96 port 37332 ssh2 Nov 14 10:59:20 ns382633 sshd\[1126\]: Invalid user rpc from 220.134.144.96 port 56292 Nov 14 10:59:20 ns382633 sshd\[1126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.144.96 Nov 14 10:59:22 ns382633 sshd\[1126\]: Failed password for invalid user rpc from 220.134.144.96 port 56292 ssh2	2019-11-14 21:49:01
94.23.13.147	attackspambots	Nov 14 14:19:42 mail1 sshd\[16259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.13.147 user=root Nov 14 14:19:44 mail1 sshd\[16259\]: Failed password for root from 94.23.13.147 port 44510 ssh2 Nov 14 14:23:46 mail1 sshd\[18042\]: Invalid user kwasita from 94.23.13.147 port 58624 Nov 14 14:23:46 mail1 sshd\[18042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.13.147 Nov 14 14:23:48 mail1 sshd\[18042\]: Failed password for invalid user kwasita from 94.23.13.147 port 58624 ssh2 ...	2019-11-14 21:51:54
101.207.113.73	attackbotsspam	Nov 14 08:55:59 game-panel sshd[10037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.207.113.73 Nov 14 08:56:02 game-panel sshd[10037]: Failed password for invalid user language from 101.207.113.73 port 46182 ssh2 Nov 14 09:01:01 game-panel sshd[10225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.207.113.73	2019-11-14 21:44:00
183.238.233.110	attackbotsspam	Nov 14 06:36:44 firewall sshd[20926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.238.233.110 Nov 14 06:36:44 firewall sshd[20926]: Invalid user ftp from 183.238.233.110 Nov 14 06:36:46 firewall sshd[20926]: Failed password for invalid user ftp from 183.238.233.110 port 30048 ssh2 ...	2019-11-14 22:11:05
121.131.36.92	attack	UTC: 2019-11-13 port: 123/udp	2019-11-14 21:47:13
160.153.154.129	attack	Automatic report - XMLRPC Attack	2019-11-14 21:55:08
110.246.8.43	attackbots	UTC: 2019-11-13 port: 23/tcp	2019-11-14 21:49:25
86.129.198.13	attackbotsspam	Automatic report - Port Scan Attack	2019-11-14 21:49:40

Recently Reported IPs

1.196.141.79	1.196.140.103	1.196.140.54	1.192.103.151
1.192.103.52	1.192.103.13	1.192.103.11	1.192.101.179
178.162.216.70	1.192.101.58	1.192.101.8	223.205.223.37
223.165.131.97	221.225.111.149	220.248.34.206	183.157.175.50
180.176.176.21	171.12.138.59	171.4.70.26	162.243.144.19