Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
223.149.2.128 attack
Mirai and Reaper Exploitation Traffic
2020-08-18 03:52:14
223.149.255.58 attackbots
Honeypot hit.
2020-08-10 12:09:07
223.149.241.39 attackspam
GPON Home Routers Remote Code Execution Vulnerability
2020-08-09 20:31:12
223.149.202.132 attackspambots
Port probing on unauthorized port 23
2020-07-30 23:17:58
223.149.228.207 attackbots
Unauthorized connection attempt detected from IP address 223.149.228.207 to port 23
2020-07-25 23:11:01
223.149.202.193 attackbots
Jul 25 05:51:17 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11710 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0 Jul 25 05:51:20 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11711 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0 Jul 25 05:51:26 *hidden* kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11712 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0
2020-07-25 16:34:08
223.149.248.115 attackspam
Port probing on unauthorized port 5555
2020-07-20 05:13:12
223.149.254.12 attack
Auto Detect Rule!
proto TCP (SYN), 223.149.254.12:2707->gjan.info:23, len 60
2020-07-18 08:05:27
223.149.207.157 attack
Fail2Ban Ban Triggered
2020-07-10 01:58:34
223.149.203.80 attackspambots
Automatic report - Port Scan Attack
2020-06-30 23:23:13
223.149.200.169 attackbotsspam
Unauthorized connection attempt detected from IP address 223.149.200.169 to port 23
2020-06-29 03:10:07
223.149.252.92 attack
Automatic report - Port Scan Attack
2020-06-25 17:42:48
223.149.245.224 attack
Honeypot hit.
2020-06-23 18:20:07
223.149.201.4 attackbotsspam
"SERVER-WEBAPP GPON Router authentication bypass and command injection attempt"
2020-06-16 17:50:28
223.149.21.135 attackspambots
scan r
2020-06-02 22:43:17
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 223.149.2.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7338
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;223.149.2.107.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021801 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 19 02:18:04 CST 2022
;; MSG SIZE  rcvd: 106
Host info
Host 107.2.149.223.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.2.149.223.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
52.187.173.180 attack
Unauthorized SSH login attempts
2020-07-01 03:50:50
201.122.212.15 attack
$f2bV_matches
2020-07-01 04:18:12
185.143.72.34 attackbots
2001 times SMTP brute-force
2020-07-01 04:21:48
70.120.158.225 attack
Jun 30 17:51:42 CT721 sshd[19023]: Invalid user pi from 70.120.158.225 port 51974
Jun 30 17:51:42 CT721 sshd[19024]: Invalid user pi from 70.120.158.225 port 51978
Jun 30 17:51:42 CT721 sshd[19023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.120.158.225
Jun 30 17:51:42 CT721 sshd[19024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.120.158.225
Jun 30 17:51:44 CT721 sshd[19023]: Failed password for invalid user pi from 70.120.158.225 port 51974 ssh2
Jun 30 17:51:44 CT721 sshd[19024]: Failed password for invalid user pi from 70.120.158.225 port 51978 ssh2
Jun 30 17:51:44 CT721 sshd[19023]: Connection closed by 70.120.158.225 port 51974 [preauth]
Jun 30 17:51:44 CT721 sshd[19024]: Connection closed by 70.120.158.225 port 51978 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=70.120.158.225
2020-07-01 03:48:37
128.199.180.35 attackspam
Failed password for invalid user pos from 128.199.180.35 port 34666 ssh2
2020-07-01 03:45:51
125.99.173.162 attackspam
Jun 30 18:38:26 vm0 sshd[11904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.99.173.162
Jun 30 18:38:28 vm0 sshd[11904]: Failed password for invalid user helpdesk from 125.99.173.162 port 13100 ssh2
...
2020-07-01 04:23:56
37.49.230.105 attack
" "
2020-07-01 03:47:10
20.188.111.183 attackbots
Invalid user qcluster from 20.188.111.183 port 47900
2020-07-01 04:02:30
24.200.238.146 attack
The following intrusion was observed: "udp_flood".
2020-07-01 03:55:57
79.129.125.242 attackbotsspam
DATE:2020-06-30 14:18:05, IP:79.129.125.242, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)
2020-07-01 04:07:40
217.174.105.16 attackbots
DIS,WP GET /wp-login.php
GET /wp-login.php
2020-07-01 03:47:45
209.17.96.26 attackspam
137/udp 8000/tcp 8080/tcp...
[2020-05-02/06-30]41pkt,12pt.(tcp),1pt.(udp)
2020-07-01 04:04:08
124.156.50.108 attackspambots
" "
2020-07-01 03:39:59
218.104.225.140 attackspam
Jun 30 17:17:56 l03 sshd[9232]: Invalid user aee from 218.104.225.140 port 34221
...
2020-07-01 04:17:53
46.101.183.105 attackspambots
firewall-block, port(s): 11440/tcp
2020-07-01 04:32:23

Recently Reported IPs

223.149.2.37 223.149.20.70 223.149.202.73 223.149.200.144
223.149.21.121 223.149.181.233 223.149.201.156 223.149.21.141
223.149.22.97 223.149.201.169 223.149.22.83 223.149.228.96
223.149.21.112 223.149.229.25 223.149.228.158 223.149.230.205
223.149.236.63 223.149.23.129 223.149.239.214 223.149.230.52