221.203.149.119

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Liaoning Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	8080/tcp [2019-11-03]1pkt	2019-11-03 17:32:42

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.203.149.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7083
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.203.149.119.		IN	A

;; AUTHORITY SECTION:
.			584	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110300 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 17:32:39 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 119.149.203.221.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 119.149.203.221.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.23.138.25	attack	KH_APNIC-HM_<177>1581514960 [1:2403498:55307] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 100 [Classification: Misc Attack] [Priority: 2] {TCP} 103.23.138.25:50068	2020-02-13 02:26:04
195.154.45.194	attackbots	[2020-02-12 13:00:25] NOTICE[1148][C-00008757] chan_sip.c: Call from '' (195.154.45.194:56856) to extension '88011972592277524' rejected because extension not found in context 'public'. [2020-02-12 13:00:25] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-12T13:00:25.122-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="88011972592277524",SessionID="0x7fd82c3c1c38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.45.194/56856",ACLName="no_extension_match" [2020-02-12 13:03:26] NOTICE[1148][C-0000875a] chan_sip.c: Call from '' (195.154.45.194:64936) to extension '888011972592277524' rejected because extension not found in context 'public'. [2020-02-12 13:03:26] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-12T13:03:26.524-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="888011972592277524",SessionID="0x7fd82ca239b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddre ...	2020-02-13 02:09:32
123.103.121.2	attackbotsspam	firewall-block, port(s): 1433/tcp	2020-02-13 02:08:47
35.197.52.214	attack	sex	2020-02-13 02:43:37
222.186.42.155	attackbotsspam	Feb 12 18:09:32 work-partkepr sshd\[29560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Feb 12 18:09:34 work-partkepr sshd\[29560\]: Failed password for root from 222.186.42.155 port 29074 ssh2 ...	2020-02-13 02:13:04
113.54.156.52	attack	SSH login attempts brute force.	2020-02-13 02:35:55
154.236.160.130	attack	1581514942 - 02/12/2020 14:42:22 Host: 154.236.160.130/154.236.160.130 Port: 445 TCP Blocked	2020-02-13 02:38:37
124.160.83.138	attackbotsspam	Feb 12 14:35:25 tuxlinux sshd[61074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.83.138 user=root Feb 12 14:35:26 tuxlinux sshd[61074]: Failed password for root from 124.160.83.138 port 34987 ssh2 Feb 12 14:35:25 tuxlinux sshd[61074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.83.138 user=root Feb 12 14:35:26 tuxlinux sshd[61074]: Failed password for root from 124.160.83.138 port 34987 ssh2 Feb 12 14:43:04 tuxlinux sshd[61316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.83.138 user=root ...	2020-02-13 02:06:09
85.105.221.112	attack	Automatic report - Port Scan Attack	2020-02-13 02:53:18
222.209.85.197	attackbots	Feb 12 13:37:25 prox sshd[30527]: Failed password for root from 222.209.85.197 port 58932 ssh2	2020-02-13 02:45:00
89.248.172.85	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 8532 proto: TCP cat: Misc Attack	2020-02-13 02:27:28
115.112.61.221	attack	Invalid user danilete from 115.112.61.221 port 49414	2020-02-13 02:25:32
157.245.40.179	attack	As always with digital ocean	2020-02-13 02:30:56
96.70.55.129	attackbotsspam	tcp 9350	2020-02-13 02:36:25
27.65.252.144	attackspam	Unauthorised access (Feb 12) SRC=27.65.252.144 LEN=44 TTL=42 ID=25387 TCP DPT=23 WINDOW=8577 SYN	2020-02-13 02:46:28

Recently Reported IPs

123.116.200.93	57.40.116.84	9.147.221.175	186.89.126.178
171.225.252.250	221.205.85.96	129.184.99.91	118.25.15.139
116.114.95.98	176.24.53.204	46.104.39.177	108.201.99.162
160.65.88.114	223.221.69.154	115.92.228.44	207.129.205.48
180.183.107.33	168.45.254.230	245.245.67.8	129.35.36.161