117.149.2.142 - IPInfo

Basic Info

City: Hangzhou

Region: Zhejiang

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: China Mobile communications corporation

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - Banned IP Access	2019-08-30 14:55:44
attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 03:07:29

Comments on same subnet:

IP	Type	Details	Datetime
117.149.21.145	attackspambots	Sep 18 10:53:14 localhost sshd[1231116]: Failed password for root from 117.149.21.145 port 41729 ssh2 Sep 18 10:56:19 localhost sshd[1238323]: Invalid user test from 117.149.21.145 port 48065 Sep 18 10:56:19 localhost sshd[1238323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 Sep 18 10:56:19 localhost sshd[1238323]: Invalid user test from 117.149.21.145 port 48065 Sep 18 10:56:22 localhost sshd[1238323]: Failed password for invalid user test from 117.149.21.145 port 48065 ssh2 ...	2020-09-19 00:34:26
117.149.21.145	attackspam	Automatic report - Banned IP Access	2020-09-18 16:38:01
117.149.21.145	attackspam	Invalid user kuantic from 117.149.21.145 port 41185	2020-09-18 06:52:25
117.149.21.145	attackbotsspam	Aug 3 06:53:56 home sshd[1736881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 Aug 3 06:53:56 home sshd[1736881]: Invalid user = from 117.149.21.145 port 32865 Aug 3 06:53:59 home sshd[1736881]: Failed password for invalid user = from 117.149.21.145 port 32865 ssh2 Aug 3 06:58:35 home sshd[1738633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 user=root Aug 3 06:58:37 home sshd[1738633]: Failed password for root from 117.149.21.145 port 48705 ssh2 ...	2020-08-03 16:48:19
117.149.21.145	attackbotsspam	Jul 31 16:08:25 serwer sshd\[8069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 user=root Jul 31 16:08:26 serwer sshd\[8069\]: Failed password for root from 117.149.21.145 port 41697 ssh2 Jul 31 16:12:57 serwer sshd\[8663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 user=root ...	2020-07-31 22:59:18
117.149.21.145	attack	2020-07-25T05:52:05.815360+02:00 sshd[11504]: Failed password for invalid user opt from 117.149.21.145 port 11329 ssh2	2020-07-25 15:19:59
117.149.21.145	attackspambots	Jul 7 07:55:53 lnxmysql61 sshd[6122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145	2020-07-07 15:39:17
117.149.21.145	attack	Jul 4 10:17:19 buvik sshd[21078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 Jul 4 10:17:20 buvik sshd[21078]: Failed password for invalid user hr from 117.149.21.145 port 20481 ssh2 Jul 4 10:21:43 buvik sshd[21658]: Invalid user yxc from 117.149.21.145 ...	2020-07-04 18:21:10
117.149.21.145	attack	Feb 28 19:23:53 NPSTNNYC01T sshd[2764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 Feb 28 19:23:55 NPSTNNYC01T sshd[2764]: Failed password for invalid user radio from 117.149.21.145 port 3713 ssh2 Feb 28 19:28:49 NPSTNNYC01T sshd[3107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 ...	2020-02-29 08:32:33
117.149.21.145	attack	2020-01-29T17:54:06.121086luisaranguren sshd[2627796]: Invalid user cupka from 117.149.21.145 port 62593 2020-01-29T17:54:08.049926luisaranguren sshd[2627796]: Failed password for invalid user cupka from 117.149.21.145 port 62593 ssh2 ...	2020-01-29 15:38:44
117.149.21.145	attackbotsspam	Jan 20 23:13:50 ns41 sshd[7532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 Jan 20 23:13:50 ns41 sshd[7532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145	2020-01-21 06:30:45
117.149.21.145	attack	Unauthorized connection attempt detected from IP address 117.149.21.145 to port 2220 [J]	2020-01-08 13:41:40
117.149.21.145	attack	Oct 29 14:56:12 venus sshd\[839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 user=root Oct 29 14:56:14 venus sshd\[839\]: Failed password for root from 117.149.21.145 port 52193 ssh2 Oct 29 15:02:55 venus sshd\[885\]: Invalid user thomas from 117.149.21.145 port 50465 ...	2019-10-29 23:20:46
117.149.21.145	attackbotsspam	Oct 5 04:04:33 www_kotimaassa_fi sshd[29750]: Failed password for root from 117.149.21.145 port 21473 ssh2 ...	2019-10-05 16:54:05
117.149.21.145	attack	Sep 28 18:11:10 www sshd\[4566\]: Invalid user wr from 117.149.21.145 port 56193 ...	2019-09-29 02:06:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.149.2.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34244
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.149.2.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080502 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 03:07:23 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 142.2.149.117.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 142.2.149.117.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.175.217.121	attack	1579064347 - 01/15/2020 05:59:07 Host: 118.175.217.121/118.175.217.121 Port: 445 TCP Blocked	2020-01-15 19:49:55
125.167.85.225	attack	1579063568 - 01/15/2020 05:46:08 Host: 125.167.85.225/125.167.85.225 Port: 445 TCP Blocked	2020-01-15 19:53:10
185.53.88.21	attack	[2020-01-15 06:25:56] NOTICE[2175][C-00002cb6] chan_sip.c: Call from '' (185.53.88.21:5071) to extension '5011972595897084' rejected because extension not found in context 'public'. [2020-01-15 06:25:56] SECURITY[2212] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-15T06:25:56.259-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="5011972595897084",SessionID="0x7f5ac48ee978",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.21/5071",ACLName="no_extension_match" [2020-01-15 06:32:40] NOTICE[2175][C-00002cb7] chan_sip.c: Call from '' (185.53.88.21:5070) to extension '1011972595897084' rejected because extension not found in context 'public'. [2020-01-15 06:32:40] SECURITY[2212] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-15T06:32:40.161-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1011972595897084",SessionID="0x7f5ac48ee978",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/18 ...	2020-01-15 19:51:02
1.173.138.205	attack	Unauthorized connection attempt from IP address 1.173.138.205 on Port 445(SMB)	2020-01-15 19:49:04
113.160.245.194	attackbotsspam	failed_logins	2020-01-15 20:12:36
123.25.21.9	attackbots	1579074296 - 01/15/2020 08:44:56 Host: 123.25.21.9/123.25.21.9 Port: 445 TCP Blocked	2020-01-15 19:59:58
180.76.233.148	attackbotsspam	Unauthorized connection attempt detected from IP address 180.76.233.148 to port 2220 [J]	2020-01-15 19:45:59
66.42.56.59	attackbotsspam	$f2bV_matches	2020-01-15 19:53:55
45.225.216.80	attackspambots	Jan 15 12:12:49 localhost sshd\[21585\]: Invalid user vbox from 45.225.216.80 Jan 15 12:12:49 localhost sshd\[21585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.225.216.80 Jan 15 12:12:51 localhost sshd\[21585\]: Failed password for invalid user vbox from 45.225.216.80 port 60594 ssh2 Jan 15 12:14:07 localhost sshd\[21672\]: Invalid user oracle from 45.225.216.80 Jan 15 12:14:07 localhost sshd\[21672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.225.216.80 ...	2020-01-15 19:47:18
157.245.201.10	attackbotsspam	Jan 15 06:32:08 extapp sshd[2732]: Failed password for r.r from 157.245.201.10 port 53662 ssh2 Jan 15 06:34:54 extapp sshd[4293]: Failed password for r.r from 157.245.201.10 port 37554 ssh2 Jan 15 06:38:23 extapp sshd[6564]: Invalid user jerry from 157.245.201.10 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.245.201.10	2020-01-15 19:56:28
180.76.119.34	attack	Unauthorized connection attempt detected from IP address 180.76.119.34 to port 2220 [J]	2020-01-15 20:17:07
49.234.30.113	attack	Unauthorized connection attempt detected from IP address 49.234.30.113 to port 2220 [J]	2020-01-15 20:16:28
5.112.77.111	attackspambots	Unauthorized connection attempt from IP address 5.112.77.111 on Port 445(SMB)	2020-01-15 19:52:11
103.192.78.178	attack	invalid login attempt	2020-01-15 20:13:23
118.97.147.204	attackbots	unauthorized connection attempt	2020-01-15 20:10:09

Recently Reported IPs

117.107.153.183	201.70.88.59	118.145.122.29	132.137.141.9
58.116.220.45	211.87.224.183	153.229.123.11	117.102.121.178
150.249.170.227	207.167.6.70	117.102.120.122	143.44.60.32
117.102.103.19	146.83.99.217	215.65.86.23	117.102.94.74
81.207.188.226	74.230.10.224	211.95.125.17	117.102.82.42