119.3.141.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Huawei Public Cloud Service

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-03 14:48:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.3.141.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38641
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.3.141.142.			IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030202 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 03 14:48:18 CST 2020
;; MSG SIZE  rcvd: 117

Host info

142.141.3.119.in-addr.arpa domain name pointer ecs-119-3-141-142.compute.hwclouds-dns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.141.3.119.in-addr.arpa	name = ecs-119-3-141-142.compute.hwclouds-dns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.211.118.249	attackspambots	Unauthorised access (Dec 18) SRC=116.211.118.249 LEN=40 TTL=51 ID=11569 TCP DPT=23 WINDOW=9855 SYN	2019-12-18 14:26:13
218.75.207.11	attackspam	Dec 17 20:24:18 tdfoods sshd\[19769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.207.11 user=root Dec 17 20:24:20 tdfoods sshd\[19769\]: Failed password for root from 218.75.207.11 port 41989 ssh2 Dec 17 20:24:35 tdfoods sshd\[19777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.207.11 user=root Dec 17 20:24:37 tdfoods sshd\[19777\]: Failed password for root from 218.75.207.11 port 46649 ssh2 Dec 17 20:24:47 tdfoods sshd\[19800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.207.11 user=root	2019-12-18 14:25:08
222.186.180.9	attackspambots	2019-12-18T06:07:44.727989abusebot-2.cloudsearch.cf sshd\[17054\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root 2019-12-18T06:07:46.359982abusebot-2.cloudsearch.cf sshd\[17054\]: Failed password for root from 222.186.180.9 port 5934 ssh2 2019-12-18T06:07:49.967529abusebot-2.cloudsearch.cf sshd\[17054\]: Failed password for root from 222.186.180.9 port 5934 ssh2 2019-12-18T06:07:53.123576abusebot-2.cloudsearch.cf sshd\[17054\]: Failed password for root from 222.186.180.9 port 5934 ssh2	2019-12-18 14:15:43
67.173.62.44	attack	Dec 17 21:41:26 mockhub sshd[2857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.173.62.44 Dec 17 21:41:28 mockhub sshd[2857]: Failed password for invalid user squid from 67.173.62.44 port 53632 ssh2 ...	2019-12-18 13:50:23
150.242.85.64	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-12-18 14:19:59
178.128.151.4	attack	Dec 17 08:03:03 server sshd\[6509\]: Invalid user ele from 178.128.151.4 Dec 17 08:03:03 server sshd\[6509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.151.4 Dec 17 08:03:05 server sshd\[6509\]: Failed password for invalid user ele from 178.128.151.4 port 54982 ssh2 Dec 18 07:58:01 server sshd\[26424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.151.4 user=root Dec 18 07:58:03 server sshd\[26424\]: Failed password for root from 178.128.151.4 port 41330 ssh2 ...	2019-12-18 13:57:52
213.14.46.161	attack	REQUESTED PAGE: /shell?busybox	2019-12-18 14:03:42
188.120.36.223	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/188.120.36.223/ TR - 1H : (4) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TR NAME ASN : ASN201411 IP : 188.120.36.223 CIDR : 188.120.36.0/22 PREFIX COUNT : 9 UNIQUE IP COUNT : 6144 ATTACKS DETECTED ASN201411 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-12-18 05:58:08 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-12-18 13:49:05
161.139.102.132	attackbotsspam	Unauthorized connection attempt detected from IP address 161.139.102.132 to port 445	2019-12-18 14:08:23
212.47.250.93	attackbots	Dec 18 07:06:57 localhost sshd\[27032\]: Invalid user login from 212.47.250.93 Dec 18 07:06:57 localhost sshd\[27032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.250.93 Dec 18 07:06:59 localhost sshd\[27032\]: Failed password for invalid user login from 212.47.250.93 port 40948 ssh2 Dec 18 07:11:54 localhost sshd\[27319\]: Invalid user combat from 212.47.250.93 Dec 18 07:11:54 localhost sshd\[27319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.250.93 ...	2019-12-18 14:16:11
70.161.255.146	attackspam	(From 4043 Dunbarton Circle) Greetings Salt Family Chiropractic. Its Will with 4X Marketing Solutions again just following up with you from the previous messages I sent you about our Facebook Posting Service for your business. I know you have probably been busy. Good news is my design team approched me this morning and gave me a interesting proposal for our Beta Test. Add a free video to the mix if they join the Beta Test. We normally sell these for $199 but we will be giving you one for FREE. See below for a sample video. Your Video will have your Branding and Information. Also just a reminder that spots are filling up fast and our Beta Test will end once we have 1 or 2 in each area. I can explain why when we get a chance to talk. Here is the DEMO site as well in case you missed it in the last email. https://vimeo.com/379529507 https://www.facebook.com/magellanchiropractic I look forward to hearing from you. 804-898-5168	2019-12-18 14:29:38
183.82.34.162	attackbots	Dec 18 05:35:14 game-panel sshd[14180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.34.162 Dec 18 05:35:16 game-panel sshd[14180]: Failed password for invalid user tessty from 183.82.34.162 port 42620 ssh2 Dec 18 05:41:52 game-panel sshd[14517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.34.162	2019-12-18 13:54:47
106.241.16.119	attackspambots	Dec 17 19:35:44 php1 sshd\[5334\]: Invalid user boyenger from 106.241.16.119 Dec 17 19:35:44 php1 sshd\[5334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.241.16.119 Dec 17 19:35:46 php1 sshd\[5334\]: Failed password for invalid user boyenger from 106.241.16.119 port 59222 ssh2 Dec 17 19:41:53 php1 sshd\[6347\]: Invalid user estrela from 106.241.16.119 Dec 17 19:41:53 php1 sshd\[6347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.241.16.119	2019-12-18 14:03:14
220.76.107.50	attackspambots	Invalid user host from 220.76.107.50 port 51234	2019-12-18 14:05:34
76.125.54.10	attack	Dec 18 07:05:04 ns381471 sshd[6451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.125.54.10 Dec 18 07:05:06 ns381471 sshd[6451]: Failed password for invalid user simini from 76.125.54.10 port 25618 ssh2	2019-12-18 14:18:35

Recently Reported IPs

205.191.147.110	171.4.38.130	219.122.1.130	117.200.64.245
57.229.145.151	43.227.128.19	199.117.25.197	42.2.186.15
133.215.37.24	143.86.104.225	0.104.145.213	159.4.47.234
25.200.81.241	138.255.33.33	137.191.136.159	190.122.224.247
234.236.65.244	201.141.231.106	223.204.249.53	32.207.95.102