218.245.2.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
218.245.2.231	attackbotsspam	Unauthorized connection attempt detected from IP address 218.245.2.231 to port 1433 [J]	2020-01-28 10:11:12
218.245.2.231	attackbots	Unauthorized connection attempt detected from IP address 218.245.2.231 to port 1433 [J]	2020-01-18 13:20:10
218.245.2.231	attackspam	Unauthorised access (Jan 3) SRC=218.245.2.231 LEN=40 TTL=243 ID=54563 TCP DPT=1433 WINDOW=1024 SYN	2020-01-03 15:44:55

Type

Details

Datetime

218.245.2.231

attackbotsspam

Unauthorized connection attempt detected from IP address 218.245.2.231 to port 1433 [J]

2020-01-28 10:11:12

218.245.2.231

attackbots

Unauthorized connection attempt detected from IP address 218.245.2.231 to port 1433 [J]

2020-01-18 13:20:10

218.245.2.231

attackspam

Unauthorised access (Jan  3) SRC=218.245.2.231 LEN=40 TTL=243 ID=54563 TCP DPT=1433 WINDOW=1024 SYN

2020-01-03 15:44:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.245.2.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31157
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;218.245.2.149.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020800 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 16:39:24 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 149.2.245.218.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.2.245.218.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.138.109.68	attackspam	Jul 6 03:05:07 main sshd[12946]: Failed password for invalid user alerm from 103.138.109.68 port 61607 ssh2 Jul 6 03:05:18 main sshd[12965]: Failed password for invalid user admin from 103.138.109.68 port 54785 ssh2 Jul 6 03:05:31 main sshd[12967]: Failed password for invalid user pi from 103.138.109.68 port 55292 ssh2 Jul 10 09:26:00 main sshd[12121]: Failed password for invalid user alerm from 103.138.109.68 port 63786 ssh2 Jul 10 09:27:41 main sshd[12186]: Failed password for invalid user admin from 103.138.109.68 port 63273 ssh2 Jul 10 09:27:48 main sshd[12190]: Failed password for invalid user pi from 103.138.109.68 port 63853 ssh2	2020-07-11 04:05:25
27.128.168.225	attackspam	Jul 10 21:16:08 santamaria sshd\[12233\]: Invalid user www from 27.128.168.225 Jul 10 21:16:08 santamaria sshd\[12233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.168.225 Jul 10 21:16:10 santamaria sshd\[12233\]: Failed password for invalid user www from 27.128.168.225 port 34203 ssh2 ...	2020-07-11 04:30:57
213.169.39.218	attack	Jul 10 13:33:34 Tower sshd[13172]: Connection from 213.169.39.218 port 38964 on 192.168.10.220 port 22 rdomain "" Jul 10 13:33:35 Tower sshd[13172]: Invalid user nxroot from 213.169.39.218 port 38964 Jul 10 13:33:35 Tower sshd[13172]: error: Could not get shadow information for NOUSER Jul 10 13:33:35 Tower sshd[13172]: Failed password for invalid user nxroot from 213.169.39.218 port 38964 ssh2 Jul 10 13:33:35 Tower sshd[13172]: Received disconnect from 213.169.39.218 port 38964:11: Bye Bye [preauth] Jul 10 13:33:35 Tower sshd[13172]: Disconnected from invalid user nxroot 213.169.39.218 port 38964 [preauth]	2020-07-11 04:04:38
169.0.62.224	attack	Unauthorized connection attempt from IP address 169.0.62.224 on Port 445(SMB)	2020-07-11 04:17:25
95.85.26.23	attackbots	Jul 10 18:43:11 powerpi2 sshd[28185]: Invalid user lila from 95.85.26.23 port 33022 Jul 10 18:43:13 powerpi2 sshd[28185]: Failed password for invalid user lila from 95.85.26.23 port 33022 ssh2 Jul 10 18:49:44 powerpi2 sshd[28440]: Invalid user ute from 95.85.26.23 port 38612 ...	2020-07-11 04:25:19
103.83.129.216	attackspambots	1594384231 - 07/10/2020 14:30:31 Host: 103.83.129.216/103.83.129.216 Port: 445 TCP Blocked	2020-07-11 04:03:52
217.76.194.222	attackspam	firewall-block, port(s): 445/tcp	2020-07-11 04:13:55
103.66.79.214	attackspambots	Unauthorized connection attempt from IP address 103.66.79.214 on Port 445(SMB)	2020-07-11 04:22:33
95.216.56.15	attack	RDP Brute-Force (honeypot 5)	2020-07-11 04:19:20
114.32.12.64	attack	Auto Detect Rule! proto TCP (SYN), 114.32.12.64:6487->gjan.info:23, len 40	2020-07-11 04:37:44
79.6.218.136	attackbots	20/7/10@08:50:26: FAIL: Alarm-Network address from=79.6.218.136 20/7/10@08:50:27: FAIL: Alarm-Network address from=79.6.218.136 ...	2020-07-11 04:11:40
142.93.179.2	attack	Jul 10 21:35:46 mailserver sshd\[27968\]: Invalid user asaeda from 142.93.179.2 ...	2020-07-11 04:29:39
112.133.209.218	attackspambots	Auto Detect Rule! proto TCP (SYN), 112.133.209.218:22594->gjan.info:23, len 40	2020-07-11 04:34:30
218.93.225.154	attack	Icarus honeypot on github	2020-07-11 04:26:15
185.234.219.226	attackbotsspam	2020-07-10T12:50:13.340002linuxbox-skyline auth[822322]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=setup rhost=185.234.219.226 ...	2020-07-11 04:05:14

Recently Reported IPs

218.38.155.83	218.161.15.66	218.145.204.57	218.89.155.33
218.52.92.219	219.155.7.145	220.133.132.19	219.94.129.37
219.144.19.137	220.244.184.194	221.10.71.7	220.135.153.154
221.142.70.248	220.165.78.71	221.181.132.122	221.224.21.26
221.8.107.142	222.116.80.130	221.4.57.84	222.117.22.169