1.24.149.148 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Innermongolia Province Network

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 1.24.149.148 to port 23 [T]	2020-04-27 00:27:22

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.24.149.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 369
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.24.149.148.			IN	A

;; AUTHORITY SECTION:
.			403	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042600 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 00:27:17 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 148.149.24.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.149.24.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.78.175.175	attackspam	Lines containing failures of 110.78.175.175 Jun 29 01:13:58 mailserver sshd[9036]: Invalid user admin from 110.78.175.175 port 36810 Jun 29 01:13:58 mailserver sshd[9036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.78.175.175 Jun 29 01:14:01 mailserver sshd[9036]: Failed password for invalid user admin from 110.78.175.175 port 36810 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=110.78.175.175	2019-06-29 09:34:05
94.41.109.208	attack	IP: 94.41.109.208 ASN: AS24955 OJSC Ufanet Port: World Wide Web HTTP 80 Found in one or more Blacklists Date: 28/06/2019 11:22:03 PM UTC	2019-06-29 09:40:48
112.85.42.181	attackbots	SSH-bruteforce attempts	2019-06-29 09:24:15
45.125.65.96	attackbotsspam	Rude login attack (13 tries in 1d)	2019-06-29 09:32:23
167.99.13.45	attackbots	Jun 28 23:21:41 sshgateway sshd\[3089\]: Invalid user guohui from 167.99.13.45 Jun 28 23:21:41 sshgateway sshd\[3089\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.13.45 Jun 28 23:21:42 sshgateway sshd\[3089\]: Failed password for invalid user guohui from 167.99.13.45 port 56868 ssh2	2019-06-29 09:46:51
199.249.230.88	attack	Jun 29 01:21:50 vps sshd[28622]: Failed password for root from 199.249.230.88 port 7320 ssh2 Jun 29 01:21:54 vps sshd[28622]: Failed password for root from 199.249.230.88 port 7320 ssh2 Jun 29 01:21:57 vps sshd[28622]: Failed password for root from 199.249.230.88 port 7320 ssh2 Jun 29 01:22:00 vps sshd[28622]: Failed password for root from 199.249.230.88 port 7320 ssh2 ...	2019-06-29 09:41:49
185.53.88.37	attack	IP: 185.53.88.37 ASN: AS209299 Vitox Telecom Port: World Wide Web HTTP 80 Found in one or more Blacklists Date: 29/06/2019 1:48:35 AM UTC	2019-06-29 09:57:55
82.45.67.77	attack	SSH Brute-Forcing (ownc)	2019-06-29 09:54:22
51.68.216.186	attackbotsspam	Port scan on 2 port(s): 139 445	2019-06-29 09:43:02
141.98.10.52	attackspambots	Jun 28 14:04:02 cac1d2 postfix/smtpd\[26445\]: warning: unknown\[141.98.10.52\]: SASL LOGIN authentication failed: authentication failure Jun 28 15:13:24 cac1d2 postfix/smtpd\[2528\]: warning: unknown\[141.98.10.52\]: SASL LOGIN authentication failed: authentication failure Jun 28 16:22:47 cac1d2 postfix/smtpd\[11361\]: warning: unknown\[141.98.10.52\]: SASL LOGIN authentication failed: authentication failure ...	2019-06-29 09:21:06
77.123.248.87	attack	Jun 29 01:13:53 mxgate1 postfix/postscreen[3092]: CONNECT from [77.123.248.87]:1170 to [176.31.12.44]:25 Jun 29 01:13:53 mxgate1 postfix/dnsblog[3093]: addr 77.123.248.87 listed by domain zen.spamhaus.org as 127.0.0.3 Jun 29 01:13:53 mxgate1 postfix/dnsblog[3093]: addr 77.123.248.87 listed by domain zen.spamhaus.org as 127.0.0.4 Jun 29 01:13:53 mxgate1 postfix/dnsblog[3097]: addr 77.123.248.87 listed by domain cbl.abuseat.org as 127.0.0.2 Jun 29 01:13:53 mxgate1 postfix/dnsblog[3096]: addr 77.123.248.87 listed by domain b.barracudacentral.org as 127.0.0.2 Jun 29 01:13:54 mxgate1 postfix/postscreen[3092]: PREGREET 16 after 0.88 from [77.123.248.87]:1170: HELO nzxuw.com Jun 29 01:13:54 mxgate1 postfix/postscreen[3092]: DNSBL rank 4 for [77.123.248.87]:1170 Jun x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=77.123.248.87	2019-06-29 09:33:18
211.159.149.29	attack	Jun 29 02:03:24 localhost sshd\[1233\]: Invalid user postgres from 211.159.149.29 port 50574 Jun 29 02:03:24 localhost sshd\[1233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.149.29 Jun 29 02:03:26 localhost sshd\[1233\]: Failed password for invalid user postgres from 211.159.149.29 port 50574 ssh2	2019-06-29 09:56:28
191.53.52.83	attack	Brute force attempt	2019-06-29 09:37:05
218.26.163.125	attack	Unauthorized connection attempt from IP address 218.26.163.125	2019-06-29 09:30:42
41.35.119.90	attackbotsspam	Jun 29 02:22:53 srv-4 sshd\[8029\]: Invalid user admin from 41.35.119.90 Jun 29 02:22:53 srv-4 sshd\[8029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.35.119.90 Jun 29 02:22:55 srv-4 sshd\[8029\]: Failed password for invalid user admin from 41.35.119.90 port 50854 ssh2 ...	2019-06-29 09:17:59

Recently Reported IPs

85.105.208.128	14.245.17.161	14.187.99.94	1.172.224.193
95.181.2.215	112.78.181.210	5.124.125.111	95.28.76.121
77.222.105.243	167.71.229.132	103.39.214.102	85.95.188.248
77.40.74.78	2.232.250.91	203.119.206.64	147.142.130.181
177.202.187.95	188.235.160.48	202.29.176.81	167.71.232.61