158.69.149.142

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
158.69.149.107	attack	Port Scan: TCP/445	2019-09-25 08:38:50
158.69.149.194	attackbotsspam	Postfix SMTP rejection ...	2019-09-05 02:09:01
158.69.149.103	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-16 19:52:26,554 INFO [amun_request_handler] unknown vuln (Attacker: 158.69.149.103 Port: 25, Mess: ['ehlo WIN-34OPKJT4Q78 '] (22) Stages: ['IMAIL_STAGE1'])	2019-08-17 06:10:46

Type

Details

Datetime

158.69.149.107

attack

Port Scan: TCP/445

2019-09-25 08:38:50

158.69.149.194

attackbotsspam

Postfix SMTP rejection
...

2019-09-05 02:09:01

158.69.149.103

attackspam

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-16 19:52:26,554 INFO [amun_request_handler] unknown vuln (Attacker: 158.69.149.103 Port: 25, Mess: ['ehlo WIN-34OPKJT4Q78
'] (22) Stages: ['IMAIL_STAGE1'])

2019-08-17 06:10:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.69.149.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;158.69.149.142.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 13:35:18 CST 2022
;; MSG SIZE  rcvd: 107

Host info

142.149.69.158.in-addr.arpa domain name pointer whc.ca.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.149.69.158.in-addr.arpa	name = whc.ca.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.86.166.93	attackbots	SSH-bruteforce attempts	2019-10-08 04:00:43
217.243.172.58	attackbots	Oct 7 14:47:41 OPSO sshd\[6540\]: Invalid user Nature@2017 from 217.243.172.58 port 37486 Oct 7 14:47:41 OPSO sshd\[6540\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.243.172.58 Oct 7 14:47:42 OPSO sshd\[6540\]: Failed password for invalid user Nature@2017 from 217.243.172.58 port 37486 ssh2 Oct 7 14:51:43 OPSO sshd\[7078\]: Invalid user Experiment123 from 217.243.172.58 port 49852 Oct 7 14:51:43 OPSO sshd\[7078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.243.172.58	2019-10-08 03:49:45
112.216.39.29	attack	Oct 7 14:10:52 mail sshd[25056]: Failed password for root from 112.216.39.29 port 49668 ssh2 Oct 7 14:15:23 mail sshd[25744]: Failed password for root from 112.216.39.29 port 60396 ssh2	2019-10-08 03:15:29
177.21.14.151	attackbots	Registration form abuse	2019-10-08 03:32:15
118.24.121.72	attackbotsspam	Oct 7 06:16:50 DNS-2 sshd[12209]: User r.r from 118.24.121.72 not allowed because not listed in AllowUsers Oct 7 06:16:50 DNS-2 sshd[12209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.121.72 user=r.r Oct 7 06:16:52 DNS-2 sshd[12209]: Failed password for invalid user r.r from 118.24.121.72 port 35548 ssh2 Oct 7 06:16:52 DNS-2 sshd[12209]: Received disconnect from 118.24.121.72 port 35548:11: Bye Bye [preauth] Oct 7 06:16:52 DNS-2 sshd[12209]: Disconnected from 118.24.121.72 port 35548 [preauth] Oct 7 06:37:58 DNS-2 sshd[13717]: User r.r from 118.24.121.72 not allowed because not listed in AllowUsers Oct 7 06:37:58 DNS-2 sshd[13717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.121.72 user=r.r Oct 7 06:38:00 DNS-2 sshd[13717]: Failed password for invalid user r.r from 118.24.121.72 port 46276 ssh2 Oct 7 06:38:01 DNS-2 sshd[13717]: Received disconnect from 118.2........ -------------------------------	2019-10-08 03:44:00
177.69.237.49	attackbotsspam	Oct 7 21:09:01 bouncer sshd\[24620\]: Invalid user 321 from 177.69.237.49 port 46886 Oct 7 21:09:01 bouncer sshd\[24620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.237.49 Oct 7 21:09:03 bouncer sshd\[24620\]: Failed password for invalid user 321 from 177.69.237.49 port 46886 ssh2 ...	2019-10-08 03:36:49
46.166.151.47	attack	\[2019-10-07 15:01:14\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T15:01:14.913-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="71046462607509",SessionID="0x7fc3ac686538",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/59922",ACLName="no_extension_match" \[2019-10-07 15:03:20\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T15:03:20.632-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="781046462607509",SessionID="0x7fc3aceeda08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/50910",ACLName="no_extension_match" \[2019-10-07 15:05:26\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-07T15:05:26.616-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0071046462607509",SessionID="0x7fc3ac1ef8e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/53307",ACLName="no_ext	2019-10-08 03:20:10
218.92.0.135	attackbots	vps1:ssh	2019-10-08 03:26:59
222.186.175.8	attackspam	Oct 7 21:43:24 h2177944 sshd\[876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.8 user=root Oct 7 21:43:26 h2177944 sshd\[876\]: Failed password for root from 222.186.175.8 port 37622 ssh2 Oct 7 21:43:31 h2177944 sshd\[876\]: Failed password for root from 222.186.175.8 port 37622 ssh2 Oct 7 21:43:35 h2177944 sshd\[876\]: Failed password for root from 222.186.175.8 port 37622 ssh2 ...	2019-10-08 03:44:27
172.81.237.242	attackbotsspam	Oct 7 09:28:35 friendsofhawaii sshd\[18619\]: Invalid user Talent@2017 from 172.81.237.242 Oct 7 09:28:35 friendsofhawaii sshd\[18619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.237.242 Oct 7 09:28:37 friendsofhawaii sshd\[18619\]: Failed password for invalid user Talent@2017 from 172.81.237.242 port 57382 ssh2 Oct 7 09:32:38 friendsofhawaii sshd\[18915\]: Invalid user Admin12345\^ from 172.81.237.242 Oct 7 09:32:38 friendsofhawaii sshd\[18915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.237.242	2019-10-08 03:43:03
124.251.44.18	attackspambots	[Mon Oct 07 19:09:50.948718 2019] [authz_core:error] [pid 8429] [client 124.251.44.18:10032] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/TP [Mon Oct 07 19:09:51.393524 2019] [authz_core:error] [pid 8661] [client 124.251.44.18:15584] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/TP [Mon Oct 07 19:09:51.833938 2019] [authz_core:error] [pid 4560] [client 124.251.44.18:20664] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/thinkphp ...	2019-10-08 03:52:59
203.95.223.15	attackbots	Automatic report - Port Scan Attack	2019-10-08 03:28:18
37.187.79.117	attackspam	Oct 7 15:18:57 Tower sshd[37212]: Connection from 37.187.79.117 port 56195 on 192.168.10.220 port 22 Oct 7 15:18:58 Tower sshd[37212]: Failed password for root from 37.187.79.117 port 56195 ssh2 Oct 7 15:18:58 Tower sshd[37212]: Received disconnect from 37.187.79.117 port 56195:11: Bye Bye [preauth] Oct 7 15:18:58 Tower sshd[37212]: Disconnected from authenticating user root 37.187.79.117 port 56195 [preauth]	2019-10-08 03:34:05
109.202.117.28	attackspambots	Oct 7 16:45:50 h2177944 kernel: \[3335652.798176\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=109.202.117.28 DST=85.214.117.9 LEN=40 TOS=0x08 PREC=0x20 TTL=56 ID=27530 DF PROTO=TCP SPT=55240 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 7 16:51:05 h2177944 kernel: \[3335968.367191\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=109.202.117.28 DST=85.214.117.9 LEN=40 TOS=0x08 PREC=0x20 TTL=57 ID=60064 DF PROTO=TCP SPT=60203 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 7 16:52:43 h2177944 kernel: \[3336065.427156\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=109.202.117.28 DST=85.214.117.9 LEN=40 TOS=0x08 PREC=0x20 TTL=81 ID=54035 DF PROTO=TCP SPT=50512 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 7 17:01:37 h2177944 kernel: \[3336599.668163\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=109.202.117.28 DST=85.214.117.9 LEN=40 TOS=0x08 PREC=0x20 TTL=81 ID=29143 DF PROTO=TCP SPT=53082 DPT=53 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 7 17:11:25 h2177944 kernel: \[3337188.044508\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=109.202.117.28 DST=8	2019-10-08 03:35:28
172.222.136.6	attackbotsspam	Automatic report - Port Scan Attack	2019-10-08 03:30:41

Recently Reported IPs

158.69.128.44	158.69.152.225	158.69.133.131	158.69.142.51
158.69.155.77	158.69.158.186	158.69.168.192	158.69.151.15
158.69.162.48	158.69.185.137	158.69.182.5	158.69.19.220
158.69.175.128	158.69.175.129	158.69.185.3	158.69.194.90
158.69.192.220	158.69.197.191	158.69.20.157	158.69.201.47