111.231.120.149

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Faster Internet Technology Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SSH bruteforce (Triggered fail2ban)	2019-12-04 22:35:04

Comments on same subnet:

IP	Type	Details	Datetime
111.231.120.22	attackspam	Oct 6 17:41:24 gitlab sshd[3493051]: Failed password for root from 111.231.120.22 port 57473 ssh2 Oct 6 17:43:45 gitlab sshd[3493392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.120.22 user=root Oct 6 17:43:47 gitlab sshd[3493392]: Failed password for root from 111.231.120.22 port 47802 ssh2 Oct 6 17:46:03 gitlab sshd[3493725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.120.22 user=root Oct 6 17:46:06 gitlab sshd[3493725]: Failed password for root from 111.231.120.22 port 37957 ssh2 ...	2020-10-07 02:17:52
111.231.120.22	attackspambots	Oct 6 04:12:25 shivevps sshd[1608]: Failed password for root from 111.231.120.22 port 51586 ssh2 Oct 6 04:16:30 shivevps sshd[1759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.120.22 user=root Oct 6 04:16:32 shivevps sshd[1759]: Failed password for root from 111.231.120.22 port 53240 ssh2 ...	2020-10-06 18:13:21
111.231.120.22	attack	Sep 3 06:13:00 game-panel sshd[20468]: Failed password for root from 111.231.120.22 port 41277 ssh2 Sep 3 06:18:04 game-panel sshd[20626]: Failed password for root from 111.231.120.22 port 46446 ssh2	2020-09-03 14:26:54
111.231.120.22	attackbots	Sep 2 18:44:53 abendstille sshd\[14949\]: Invalid user wade from 111.231.120.22 Sep 2 18:44:53 abendstille sshd\[14949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.120.22 Sep 2 18:44:55 abendstille sshd\[14949\]: Failed password for invalid user wade from 111.231.120.22 port 39294 ssh2 Sep 2 18:47:00 abendstille sshd\[17137\]: Invalid user gt from 111.231.120.22 Sep 2 18:47:00 abendstille sshd\[17137\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.120.22 ...	2020-09-03 06:39:43
111.231.120.22	attackspam	Aug 31 05:48:45 sip sshd[1473771]: Failed password for invalid user pi from 111.231.120.22 port 54848 ssh2 Aug 31 05:51:53 sip sshd[1473791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.120.22 user=root Aug 31 05:51:54 sip sshd[1473791]: Failed password for root from 111.231.120.22 port 51960 ssh2 ...	2020-08-31 17:06:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.231.120.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17221
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.231.120.149.		IN	A

;; AUTHORITY SECTION:
.			568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 22:34:59 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 149.120.231.111.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.120.231.111.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
163.172.9.31	attackspam	SIP Server BruteForce Attack	2020-04-23 04:41:18
86.57.234.172	attackbotsspam	Apr 22 22:28:21 srv01 sshd[9084]: Invalid user ubuntu from 86.57.234.172 port 51974 Apr 22 22:28:21 srv01 sshd[9084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.57.234.172 Apr 22 22:28:21 srv01 sshd[9084]: Invalid user ubuntu from 86.57.234.172 port 51974 Apr 22 22:28:23 srv01 sshd[9084]: Failed password for invalid user ubuntu from 86.57.234.172 port 51974 ssh2 Apr 22 22:34:52 srv01 sshd[9585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.57.234.172 user=root Apr 22 22:34:54 srv01 sshd[9585]: Failed password for root from 86.57.234.172 port 37926 ssh2 ...	2020-04-23 04:38:32
40.73.102.25	attack	Invalid user tb from 40.73.102.25 port 44066	2020-04-23 04:18:24
60.10.193.68	attackbots	$f2bV_matches	2020-04-23 04:33:46
116.63.190.138	attackbots	Apr 21 15:36:10 liveconfig01 sshd[13808]: Invalid user lb from 116.63.190.138 Apr 21 15:36:10 liveconfig01 sshd[13808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.63.190.138 Apr 21 15:36:13 liveconfig01 sshd[13808]: Failed password for invalid user lb from 116.63.190.138 port 50054 ssh2 Apr 21 15:36:13 liveconfig01 sshd[13808]: Received disconnect from 116.63.190.138 port 50054:11: Bye Bye [preauth] Apr 21 15:36:13 liveconfig01 sshd[13808]: Disconnected from 116.63.190.138 port 50054 [preauth] Apr 21 15:46:42 liveconfig01 sshd[14366]: Invalid user mc from 116.63.190.138 Apr 21 15:46:42 liveconfig01 sshd[14366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.63.190.138 Apr 21 15:46:44 liveconfig01 sshd[14366]: Failed password for invalid user mc from 116.63.190.138 port 58874 ssh2 Apr 21 15:46:45 liveconfig01 sshd[14366]: Received disconnect from 116.63.190.138 port 58874:11: By........ -------------------------------	2020-04-23 04:07:19
123.143.3.45	attackbotsspam	Invalid user pl from 123.143.3.45 port 39246	2020-04-23 04:05:02
69.162.98.67	attackspambots	Unauthorized connection attempt from IP address 69.162.98.67 on Port 445(SMB)	2020-04-23 04:32:32
86.127.207.147	attack	Port probing on unauthorized port 23	2020-04-23 04:38:09
91.236.143.112	attackspam	Unauthorized connection attempt from IP address 91.236.143.112 on Port 445(SMB)	2020-04-23 04:27:23
104.131.138.126	attack	Port Scan detected from 104.131.138.126 (US/United States/California/San Francisco/-). 4 hits in the last 105 seconds	2020-04-23 04:11:49
134.255.252.153	attackbotsspam	Invalid user am from 134.255.252.153 port 54556	2020-04-23 04:04:23
181.52.172.107	attackbots	Apr 22 20:11:27 game-panel sshd[15216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.52.172.107 Apr 22 20:11:29 game-panel sshd[15216]: Failed password for invalid user test11 from 181.52.172.107 port 37996 ssh2 Apr 22 20:15:49 game-panel sshd[15413]: Failed password for root from 181.52.172.107 port 52252 ssh2	2020-04-23 04:33:01
187.29.250.218	attackspambots	Unauthorized connection attempt from IP address 187.29.250.218 on Port 445(SMB)	2020-04-23 04:39:18
106.51.73.204	attackspambots	Apr 22 19:44:07 santamaria sshd\[15515\]: Invalid user admin from 106.51.73.204 Apr 22 19:44:07 santamaria sshd\[15515\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.73.204 Apr 22 19:44:09 santamaria sshd\[15515\]: Failed password for invalid user admin from 106.51.73.204 port 50951 ssh2 ...	2020-04-23 04:09:21
106.75.28.38	attackspam	Invalid user va from 106.75.28.38 port 52089	2020-04-23 04:08:52

Recently Reported IPs

174.212.52.38	158.69.242.94	47.172.251.14	129.80.129.110
60.13.154.12	70.99.224.248	48.43.151.90	212.129.155.15
252.253.199.239	32.42.43.171	27.71.129.251	139.236.22.57
235.40.51.133	113.160.218.91	255.253.63.173	104.51.117.12
45.101.106.139	153.119.255.78	124.72.241.185	51.20.74.141