115.239.1.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
115.239.194.82	attack	Unauthorized connection attempt detected from IP address 115.239.194.82 to port 445	2020-07-09 05:40:06
115.239.1.91	attackspambots	Unauthorized connection attempt detected from IP address 115.239.1.91 to port 445 [T]	2020-02-01 19:00:53
115.239.180.202	attackspam	Unauthorized connection attempt from IP address 115.239.180.202 on Port 445(SMB)	2020-01-10 04:10:17
115.239.108.63	attack	Port Scan: TCP/445	2019-09-25 07:39:47
115.239.173.170	attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 03:45:21
115.239.173.170	attack	failed_logins	2019-07-17 01:34:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 115.239.1.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44669
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;115.239.1.149.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012102 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 22 10:12:38 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 149.1.239.115.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.1.239.115.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.12.204	attackspambots	Nov 7 20:37:41 vps647732 sshd[5855]: Failed password for root from 159.65.12.204 port 42938 ssh2 ...	2019-11-08 04:11:44
201.213.22.216	attackspam	Nov 4 20:58:07 server6 sshd[32321]: reveeclipse mapping checking getaddrinfo for 201.213.22.216.fibercorp.com.ar [201.213.22.216] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 4 20:58:07 server6 sshd[32321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.213.22.216 user=r.r Nov 4 20:58:09 server6 sshd[32321]: Failed password for r.r from 201.213.22.216 port 41159 ssh2 Nov 4 20:58:10 server6 sshd[32321]: Received disconnect from 201.213.22.216: 11: Bye Bye [preauth] Nov 4 21:06:47 server6 sshd[7236]: reveeclipse mapping checking getaddrinfo for 201.213.22.216.fibercorp.com.ar [201.213.22.216] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 4 21:06:48 server6 sshd[7236]: Failed password for invalid user kei from 201.213.22.216 port 52643 ssh2 Nov 4 21:06:51 server6 sshd[7236]: Received disconnect from 201.213.22.216: 11: Bye Bye [preauth] Nov 4 21:18:14 server6 sshd[15267]: reveeclipse mapping checking getaddrinfo for 201.213.22.216........ -------------------------------	2019-11-08 03:39:14
45.55.37.100	attackbots	Nov 7 17:42:05 master sshd[28475]: Failed password for invalid user support from 45.55.37.100 port 49426 ssh2	2019-11-08 04:10:01
71.6.146.185	attack	Connection by 71.6.146.185 on port: 10443 got caught by honeypot at 11/7/2019 6:56:41 PM	2019-11-08 04:04:33
186.243.82.82	attackbots	Port 1433 Scan	2019-11-08 03:59:21
78.161.96.90	attackspam	Nov 7 14:35:39 sanyalnet-cloud-vps4 sshd[19691]: Connection from 78.161.96.90 port 35956 on 64.137.160.124 port 22 Nov 7 14:35:55 sanyalnet-cloud-vps4 sshd[19693]: Connection from 78.161.96.90 port 35972 on 64.137.160.124 port 22 Nov 7 14:36:05 sanyalnet-cloud-vps4 sshd[19691]: Address 78.161.96.90 maps to 78.161.96.90.dynamic.ttnet.com.tr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 7 14:36:05 sanyalnet-cloud-vps4 sshd[19691]: User r.r from 78.161.96.90 not allowed because not listed in AllowUsers Nov 7 14:36:05 sanyalnet-cloud-vps4 sshd[19691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.161.96.90 user=r.r Nov 7 14:36:06 sanyalnet-cloud-vps4 sshd[19691]: Failed password for invalid user r.r from 78.161.96.90 port 35956 ssh2 Nov 7 14:36:06 sanyalnet-cloud-vps4 sshd[19691]: Received disconnect from 78.161.96.90: 11: disconnected by user [preauth] Nov 7 14:36:10 sanyalnet-cloud-vps4 ss........ -------------------------------	2019-11-08 03:46:56
51.38.57.78	attackspambots	$f2bV_matches	2019-11-08 04:14:24
187.12.181.106	attack	$f2bV_matches	2019-11-08 03:57:15
189.3.253.34	attack	Automatic report - Port Scan Attack	2019-11-08 03:40:34
222.188.109.227	attackspam	[Aegis] @ 2019-11-07 19:30:21 0000 -> Multiple authentication failures.	2019-11-08 04:19:19
51.75.147.100	attackspambots	ssh failed login	2019-11-08 03:42:02
213.97.62.3	attackspambots	2019-11-07T17:21:21.192438abusebot-2.cloudsearch.cf sshd\[3386\]: Invalid user aamra from 213.97.62.3 port 14856	2019-11-08 03:45:14
142.93.225.20	attackspam	2019-11-07T20:02:33.599195homeassistant sshd[22710]: Invalid user admin from 142.93.225.20 port 13576 2019-11-07T20:02:33.608987homeassistant sshd[22710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.225.20 ...	2019-11-08 04:03:47
79.175.0.152	attackspambots	Nov 4 01:59:29 rb06 sshd[19893]: reveeclipse mapping checking getaddrinfo for 152.0.175.79spb.ptl.ru [79.175.0.152] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 4 01:59:31 rb06 sshd[19893]: Failed password for invalid user albertha from 79.175.0.152 port 44314 ssh2 Nov 4 01:59:31 rb06 sshd[19893]: Received disconnect from 79.175.0.152: 11: Bye Bye [preauth] Nov 4 02:23:03 rb06 sshd[3256]: reveeclipse mapping checking getaddrinfo for 152.0.175.79spb.ptl.ru [79.175.0.152] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 4 02:23:03 rb06 sshd[3256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.175.0.152 user=r.r Nov 4 02:23:05 rb06 sshd[3256]: Failed password for r.r from 79.175.0.152 port 46292 ssh2 Nov 4 02:23:05 rb06 sshd[3256]: Received disconnect from 79.175.0.152: 11: Bye Bye [preauth] Nov 4 02:26:40 rb06 sshd[3671]: reveeclipse mapping checking getaddrinfo for 152.0.175.79spb.ptl.ru [79.175.0.152] failed - POSSIBLE BREAK-IN AT........ -------------------------------	2019-11-08 03:51:43
217.112.128.41	attack	Postfix DNSBL listed. Trying to send SPAM.	2019-11-08 04:09:49

Recently Reported IPs

77.163.55.144	143.175.240.180	200.170.77.241	83.203.188.53
242.206.113.146	231.207.213.130	248.59.243.226	132.98.186.125
12.202.51.33	243.2.170.193	204.254.223.141	75.92.102.22
28.102.90.229	139.118.205.248	236.78.155.107	157.92.78.76
172.142.172.170	45.12.161.99	32.198.95.176	146.156.4.209