202.200.144.150

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Xi'an University of Architecture & Technology

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	firewall-block, port(s): 445/tcp	2020-08-16 17:14:38
attackbots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60	2020-07-21 15:03:37
attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-09 01:51:51
attack	" "	2019-11-30 20:26:44
attackbots	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(11190859)	2019-11-19 18:07:06
attackbots	firewall-block, port(s): 445/tcp	2019-08-29 07:15:12

Comments on same subnet:

IP	Type	Details	Datetime
202.200.144.69	attack	firewall-block, port(s): 1433/tcp	2020-07-11 18:09:41
202.200.144.113	attack	Unauthorized connection attempt from IP address 202.200.144.113 on Port 445(SMB)	2020-02-10 02:44:33
202.200.144.113	attack	Unauthorized connection attempt from IP address 202.200.144.113 on Port 445(SMB)	2019-11-29 21:59:37
202.200.144.68	attackbotsspam	firewall-block, port(s): 1433/tcp	2019-10-19 16:48:08
202.200.144.112	attack	Unauthorised access (Oct 12) SRC=202.200.144.112 LEN=44 PREC=0x20 TTL=231 ID=26797 TCP DPT=1433 WINDOW=1024 SYN	2019-10-12 23:25:08
202.200.144.161	attackbots	Port Scan: TCP/445	2019-09-20 19:03:52
202.200.144.161	attack	Port Scan: TCP/445	2019-09-16 06:39:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.200.144.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14027
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.200.144.150.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082802 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 29 07:15:05 CST 2019
;; MSG SIZE  rcvd: 119

Host info

150.144.200.202.in-addr.arpa domain name pointer 150.144.200.202.in-addr.arpa.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
150.144.200.202.in-addr.arpa	name = 150.144.200.202.in-addr.arpa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.59.139.99	attackbots	2020-09-04T18:10:20+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-09-05 03:23:50
165.227.72.166	attackspam	TCP (SYN) 165.227.72.166:55658 -> port 27507, len 44	2020-09-05 03:40:10
93.64.5.34	attack	(sshd) Failed SSH login from 93.64.5.34 (IT/Italy/net-93-64-5-34.cust.vodafonedsl.it): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 4 15:14:06 amsweb01 sshd[1158]: Invalid user angel from 93.64.5.34 port 4730 Sep 4 15:14:08 amsweb01 sshd[1158]: Failed password for invalid user angel from 93.64.5.34 port 4730 ssh2 Sep 4 15:22:59 amsweb01 sshd[2432]: Invalid user yang from 93.64.5.34 port 11198 Sep 4 15:23:01 amsweb01 sshd[2432]: Failed password for invalid user yang from 93.64.5.34 port 11198 ssh2 Sep 4 15:26:29 amsweb01 sshd[3144]: Invalid user zz from 93.64.5.34 port 37844	2020-09-05 03:32:23
193.33.240.91	attack	Sep 3 19:53:10 h2646465 sshd[6830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.33.240.91 user=root Sep 3 19:53:12 h2646465 sshd[6830]: Failed password for root from 193.33.240.91 port 46452 ssh2 Sep 3 20:05:19 h2646465 sshd[9079]: Invalid user user3 from 193.33.240.91 Sep 3 20:05:19 h2646465 sshd[9079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.33.240.91 Sep 3 20:05:19 h2646465 sshd[9079]: Invalid user user3 from 193.33.240.91 Sep 3 20:05:21 h2646465 sshd[9079]: Failed password for invalid user user3 from 193.33.240.91 port 55803 ssh2 Sep 3 20:12:21 h2646465 sshd[9873]: Invalid user mona from 193.33.240.91 Sep 3 20:12:21 h2646465 sshd[9873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.33.240.91 Sep 3 20:12:21 h2646465 sshd[9873]: Invalid user mona from 193.33.240.91 Sep 3 20:12:23 h2646465 sshd[9873]: Failed password for invalid user mona from 193.33.240	2020-09-05 03:28:19
45.95.168.190	attackbotsspam	2020-09-04T19:30:13.410494shield sshd\[25536\]: Invalid user ftpuser from 45.95.168.190 port 39638 2020-09-04T19:30:13.421941shield sshd\[25536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.95.168.190 2020-09-04T19:30:15.907470shield sshd\[25536\]: Failed password for invalid user ftpuser from 45.95.168.190 port 39638 ssh2 2020-09-04T19:31:15.525093shield sshd\[25613\]: Invalid user postgres from 45.95.168.190 port 59968 2020-09-04T19:31:15.544048shield sshd\[25613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.95.168.190	2020-09-05 03:31:41
165.90.239.203	attackspam	Automatic report - Port Scan Attack	2020-09-05 03:27:00
194.67.210.77	attackspam	Automated report (2020-09-04T13:25:33+08:00). Faked user agent detected.	2020-09-05 03:30:12
195.54.167.151	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-04T14:59:08Z and 2020-09-04T16:43:51Z	2020-09-05 03:44:28
112.85.42.74	attackspam	"fail2ban match"	2020-09-05 03:15:50
13.76.212.215	attackspambots	TCP ports : 13772 / 31765	2020-09-05 03:39:33
84.228.99.16	attackbots	Brute forcing RDP port 3389	2020-09-05 03:47:24
43.224.130.146	attack	Invalid user barry from 43.224.130.146 port 40584	2020-09-05 03:32:35
181.20.123.11	attack	Honeypot attack, port: 445, PTR: 181-20-123-11.speedy.com.ar.	2020-09-05 03:28:37
192.210.163.18	attackbots	2020-09-04T12:49:45.041468devel sshd[18074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.210.163.18 2020-09-04T12:49:45.036802devel sshd[18074]: Invalid user oracle from 192.210.163.18 port 36242 2020-09-04T12:49:47.439701devel sshd[18074]: Failed password for invalid user oracle from 192.210.163.18 port 36242 ssh2	2020-09-05 03:25:48
111.225.153.179	attackspambots	spam (f2b h2)	2020-09-05 03:50:51

Recently Reported IPs

197.245.184.123	26.65.26.38	187.133.64.181	9.225.103.242
101.48.130.42	163.208.122.217	30.17.126.82	88.26.231.204
153.12.38.215	123.207.119.150	200.250.58.36	45.78.139.93
81.254.88.254	191.116.138.214	69.194.30.184	27.106.79.107
222.39.27.185	160.133.54.176	226.58.206.169	103.167.119.194