119.45.147.142

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 22 14:10:32 eventyay sshd[21089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.147.142 Aug 22 14:10:34 eventyay sshd[21089]: Failed password for invalid user ts3 from 119.45.147.142 port 39360 ssh2 Aug 22 14:16:18 eventyay sshd[21279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.147.142 ...	2020-08-22 20:20:43
attackspambots	prod8 ...	2020-07-30 16:27:34
attackbots	Jul 13 20:47:28 propaganda sshd[36353]: Connection from 119.45.147.142 port 53366 on 10.0.0.160 port 22 rdomain "" Jul 13 20:47:29 propaganda sshd[36353]: Connection closed by 119.45.147.142 port 53366 [preauth]	2020-07-14 19:32:23

Type

Details

Datetime

attackbots

Aug 22 14:10:32 eventyay sshd[21089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.147.142
Aug 22 14:10:34 eventyay sshd[21089]: Failed password for invalid user ts3 from 119.45.147.142 port 39360 ssh2
Aug 22 14:16:18 eventyay sshd[21279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.147.142
...

2020-08-22 20:20:43

attackspambots

prod8
...

2020-07-30 16:27:34

attackbots

Jul 13 20:47:28 propaganda sshd[36353]: Connection from 119.45.147.142 port 53366 on 10.0.0.160 port 22 rdomain ""
Jul 13 20:47:29 propaganda sshd[36353]: Connection closed by 119.45.147.142 port 53366 [preauth]

2020-07-14 19:32:23

Comments on same subnet:

IP	Type	Details	Datetime
119.45.147.139	attackspambots	20/8/21@00:40:57: FAIL: Alarm-Intrusion address from=119.45.147.139 ...	2020-08-21 13:04:35
119.45.147.139	attackspambots	TCP (SYN) 119.45.147.139:44593 -> port 1433, len 40	2020-08-01 18:52:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.45.147.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15494
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.45.147.142.			IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 14 19:32:17 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 142.147.45.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.147.45.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.54.71.14	attackbotsspam	Auto Detect Rule! proto TCP (SYN), 123.54.71.14:3126->gjan.info:1433, len 40	2020-07-11 04:26:49
45.227.254.30	attackspambots	TCP (SYN) 45.227.254.30:58003 -> port 3392, len 44	2020-07-11 04:52:26
51.75.29.61	attackbotsspam	Jul 10 19:14:05 dev0-dcde-rnet sshd[13605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.29.61 Jul 10 19:14:07 dev0-dcde-rnet sshd[13605]: Failed password for invalid user laleh from 51.75.29.61 port 46586 ssh2 Jul 10 19:17:12 dev0-dcde-rnet sshd[13652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.29.61	2020-07-11 04:25:35
37.49.224.138	attack	2020-07-10T12:29:56.244175randservbullet-proofcloud-66.localdomain sshd[3585]: Invalid user ubnt from 37.49.224.138 port 58274 2020-07-10T12:29:56.248313randservbullet-proofcloud-66.localdomain sshd[3585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.49.224.138 2020-07-10T12:29:56.244175randservbullet-proofcloud-66.localdomain sshd[3585]: Invalid user ubnt from 37.49.224.138 port 58274 2020-07-10T12:29:58.159656randservbullet-proofcloud-66.localdomain sshd[3585]: Failed password for invalid user ubnt from 37.49.224.138 port 58274 ssh2 ...	2020-07-11 05:00:22
222.186.52.78	attack	Jul 10 22:56:18 * sshd[13740]: Failed password for root from 222.186.52.78 port 36622 ssh2	2020-07-11 05:01:04
198.12.225.100	attack	[Fri Jul 10 07:31:37.055445 2020] [php7:error] [pid 22592] [client 198.12.225.100:49551] script /Library/Server/Web/Data/Sites/interfaithministryservices.com/wp-login.php not found or unable to stat, referer: http://interfaithministryservices.com/wp-login.php	2020-07-11 05:01:53
165.227.39.151	attackspam	Automatic report - Banned IP Access	2020-07-11 04:57:55
110.153.77.131	attackbotsspam	Triggered: repeated knocking on closed ports.	2020-07-11 04:40:32
46.181.3.75	attack	TCP (SYN) 46.181.3.75:31818 -> port 23, len 40	2020-07-11 04:25:57
114.32.12.64	attack	Auto Detect Rule! proto TCP (SYN), 114.32.12.64:6487->gjan.info:23, len 40	2020-07-11 04:37:44
36.133.39.73	attack	Jul 10 15:52:13 george sshd[4456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.133.39.73 Jul 10 15:52:14 george sshd[4456]: Failed password for invalid user myrhodesiaiscom from 36.133.39.73 port 44402 ssh2 Jul 10 15:55:51 george sshd[6200]: Invalid user helene from 36.133.39.73 port 54764 Jul 10 15:55:51 george sshd[6200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.133.39.73 Jul 10 15:55:53 george sshd[6200]: Failed password for invalid user helene from 36.133.39.73 port 54764 ssh2 ...	2020-07-11 04:35:02
185.101.107.197	attack	Jul 10 22:25:36 debian-2gb-nbg1-2 kernel: \[16671324.178084\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.101.107.197 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=36887 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0	2020-07-11 04:37:12
166.175.56.184	attackspambots	Brute forcing email accounts	2020-07-11 04:48:19
175.98.155.94	attack	Unauthorized connection attempt from IP address 175.98.155.94 on Port 445(SMB)	2020-07-11 04:39:32
159.89.123.66	attackbotsspam	IP 159.89.123.66 attacked honeypot on port: 80 at 7/10/2020 5:29:42 AM	2020-07-11 04:51:23

Recently Reported IPs

177.116.42.209	45.143.222.245	179.226.109.113	115.80.156.224
97.197.45.108	45.161.100.241	210.155.156.249	210.211.116.80
234.57.99.230	119.135.160.145	251.167.97.48	138.247.109.250
225.171.216.72	217.92.210.164	116.18.208.143	239.41.65.162
60.237.159.129	124.125.133.237	109.179.121.79	82.148.98.215