115.239.2.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
115.239.242.86	attack	" "	2020-08-14 00:59:29
115.239.208.165	attackspambots	Aug 3 10:47:21 host sshd[3814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.239.208.165 user=root Aug 3 10:47:23 host sshd[3814]: Failed password for root from 115.239.208.165 port 54056 ssh2 ...	2020-08-03 20:06:32
115.239.208.165	attackspambots	Aug 2 14:02:48 xeon sshd[31134]: Failed password for root from 115.239.208.165 port 50802 ssh2	2020-08-02 23:47:00
115.239.208.165	attackspam	Jul 22 16:44:39 dev0-dcde-rnet sshd[7785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.239.208.165 Jul 22 16:44:41 dev0-dcde-rnet sshd[7785]: Failed password for invalid user john from 115.239.208.165 port 36154 ssh2 Jul 22 16:50:27 dev0-dcde-rnet sshd[7920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.239.208.165	2020-07-23 01:23:24
115.239.208.165	attack	Invalid user celery from 115.239.208.165 port 34258	2020-07-16 13:42:07
115.239.208.165	attack	"Unauthorized connection attempt on SSHD detected"	2020-06-26 14:14:56
115.239.208.165	attackspam	SSH login attempts.	2020-06-19 14:09:41
115.239.209.182	attackbots	Unauthorized connection attempt detected from IP address 115.239.209.182 to port 445	2020-06-13 05:51:25
115.239.200.18	attackbots	Unauthorized connection attempt from IP address 115.239.200.18 on Port 445(SMB)	2020-05-23 23:32:37
115.239.244.198	attackbotsspam	暴力破解	2020-05-03 17:38:10
115.239.253.241	attackspambots	2020-05-02T12:10:44.734569abusebot-8.cloudsearch.cf sshd[10662]: Invalid user 123 from 115.239.253.241 port 46405 2020-05-02T12:10:44.743603abusebot-8.cloudsearch.cf sshd[10662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.239.253.241 2020-05-02T12:10:44.734569abusebot-8.cloudsearch.cf sshd[10662]: Invalid user 123 from 115.239.253.241 port 46405 2020-05-02T12:10:46.323052abusebot-8.cloudsearch.cf sshd[10662]: Failed password for invalid user 123 from 115.239.253.241 port 46405 ssh2 2020-05-02T12:12:44.916901abusebot-8.cloudsearch.cf sshd[10771]: Invalid user frank from 115.239.253.241 port 53053 2020-05-02T12:12:44.927591abusebot-8.cloudsearch.cf sshd[10771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.239.253.241 2020-05-02T12:12:44.916901abusebot-8.cloudsearch.cf sshd[10771]: Invalid user frank from 115.239.253.241 port 53053 2020-05-02T12:12:46.647520abusebot-8.cloudsearch.cf sshd[10771] ...	2020-05-02 23:09:39
115.239.231.142	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-04-29 14:43:49
115.239.231.138	attackbots	Unauthorized connection attempt detected from IP address 115.239.231.138 to port 23 [T]	2020-04-29 14:27:03
115.239.231.140	attackspambots	Unauthorized connection attempt detected from IP address 115.239.231.140 to port 23 [T]	2020-04-29 13:17:16
115.239.253.241	attackspambots	Invalid user tx from 115.239.253.241 port 60686	2020-04-24 19:30:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 115.239.2.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20542
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;115.239.2.149.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 06:07:26 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 149.2.239.115.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.2.239.115.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
101.65.243.166	attack	101.65.243.166 - - [02/Jan/2020:00:57:09 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 101.65.243.166 - - [02/Jan/2020:00:57:10 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2020-03-04 03:24:56
160.153.147.35	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-04 03:33:49
101.53.144.150	attack	Feb 25 03:35:04 mercury smtpd[1148]: 43d2bef86a933dd8 smtp event=failed-command address=101.53.144.150 host=e2e-41-150.e2enetworks.net.in command="RCPT to:" result="550 Invalid recipient" ...	2020-03-04 03:45:28
34.92.230.129	attack	Lines containing failures of 34.92.230.129 Mar 3 14:01:58 mx-in-01 sshd[17950]: Invalid user act from 34.92.230.129 port 58436 Mar 3 14:01:58 mx-in-01 sshd[17950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.92.230.129 Mar 3 14:02:00 mx-in-01 sshd[17950]: Failed password for invalid user act from 34.92.230.129 port 58436 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=34.92.230.129	2020-03-04 03:52:49
162.219.26.130	attackbotsspam	suspicious action Tue, 03 Mar 2020 10:21:55 -0300	2020-03-04 03:56:14
162.221.190.146	attackspam	suspicious action Tue, 03 Mar 2020 10:22:22 -0300	2020-03-04 03:25:39
167.172.211.201	attackspambots	Mar 4 00:47:45 areeb-Workstation sshd[18494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.211.201 Mar 4 00:47:47 areeb-Workstation sshd[18494]: Failed password for invalid user lisha from 167.172.211.201 port 35060 ssh2 ...	2020-03-04 03:42:09
1.1.184.121	attackspambots	2020-02-14T04:56:00.345Z CLOSE host=1.1.184.121 port=58905 fd=4 time=20.015 bytes=3 ...	2020-03-04 03:37:52
1.20.196.91	attackspam	Dec 31 22:09:58 mercury wordpress(www.learnargentinianspanish.com)[8593]: XML-RPC authentication attempt for unknown user chris from 1.20.196.91 ...	2020-03-04 03:37:30
185.24.117.42	attackbotsspam	Fail2Ban Ban Triggered	2020-03-04 03:38:21
103.27.237.152	attackbotsspam	xmlrpc attack	2020-03-04 03:16:30
115.207.105.153	attackbots	115.207.105.153 - - [28/Nov/2019:23:49:22 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 115.207.105.153 - - [28/Nov/2019:23:49:23 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2020-03-04 03:18:54
47.103.109.224	attack	REQUESTED PAGE: /wp-admin/edit.php?post_type=wd_ads_ads&export=export_csv&path=../wp-config.php	2020-03-04 03:54:55
36.79.38.16	attackspambots	REQUESTED PAGE: /wp-admin/admin.php?page=miwoftp&option=com_miwoftp&action=download&dir=/&item=wp-config.php&order=name&srt=yes	2020-03-04 03:34:36
93.174.93.216	attackbots	Port scan: Attack repeated for 24 hours	2020-03-04 03:47:06

Recently Reported IPs

115.239.209.159	115.239.209.174	115.239.30.146	115.241.3.50
115.242.134.34	115.242.131.162	115.243.203.98	115.242.207.94
115.243.63.170	115.247.106.154	115.248.214.176	115.240.102.161
115.248.78.76	115.28.133.65	115.249.96.3	115.28.142.111
115.254.82.230	115.28.165.191	115.28.170.132	115.28.190.3