223.149.2.107 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
223.149.2.128	attack	Mirai and Reaper Exploitation Traffic	2020-08-18 03:52:14
223.149.255.58	attackbots	Honeypot hit.	2020-08-10 12:09:07
223.149.241.39	attackspam	GPON Home Routers Remote Code Execution Vulnerability	2020-08-09 20:31:12
223.149.202.132	attackspambots	Port probing on unauthorized port 23	2020-07-30 23:17:58
223.149.228.207	attackbots	Unauthorized connection attempt detected from IP address 223.149.228.207 to port 23	2020-07-25 23:11:01
223.149.202.193	attackbots	Jul 25 05:51:17 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11710 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0 Jul 25 05:51:20 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11711 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0 Jul 25 05:51:26 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11712 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0	2020-07-25 16:34:08
223.149.248.115	attackspam	Port probing on unauthorized port 5555	2020-07-20 05:13:12
223.149.254.12	attack	Auto Detect Rule! proto TCP (SYN), 223.149.254.12:2707->gjan.info:23, len 60	2020-07-18 08:05:27
223.149.207.157	attack	Fail2Ban Ban Triggered	2020-07-10 01:58:34
223.149.203.80	attackspambots	Automatic report - Port Scan Attack	2020-06-30 23:23:13
223.149.200.169	attackbotsspam	Unauthorized connection attempt detected from IP address 223.149.200.169 to port 23	2020-06-29 03:10:07
223.149.252.92	attack	Automatic report - Port Scan Attack	2020-06-25 17:42:48
223.149.245.224	attack	Honeypot hit.	2020-06-23 18:20:07
223.149.201.4	attackbotsspam	"SERVER-WEBAPP GPON Router authentication bypass and command injection attempt"	2020-06-16 17:50:28
223.149.21.135	attackspambots	scan r	2020-06-02 22:43:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 223.149.2.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7338
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;223.149.2.107.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021801 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 19 02:18:04 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 107.2.149.223.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.2.149.223.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.50.224.226	attackbotsspam	2020-05-02T04:10:53.069372mail.thespaminator.com sshd[9247]: Invalid user postgres from 116.50.224.226 port 41648 2020-05-02T04:10:55.034796mail.thespaminator.com sshd[9247]: Failed password for invalid user postgres from 116.50.224.226 port 41648 ssh2 ...	2020-05-02 16:47:44
212.129.17.32	attackbots	Port scan(s) denied	2020-05-02 16:10:37
220.166.78.12	attackbots	2020-05-0205:49:431jUj9q-0000AM-QY\<=info@whatsup2013.chH=\(localhost\)[113.172.217.220]:46174P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3134id=8ed187faf1da0ffcdf21d7848f5b624e6d87159f60@whatsup2013.chT="Youmakemysoulwarm"forandyworkman0404@gmail.comdonniehicks26@gmail.com2020-05-0205:51:501jUjBt-0000KD-HL\<=info@whatsup2013.chH=202-171-73-124.h10.canl.nc\(localhost\)[202.171.73.124]:33385P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3022id=a05ee8bbb09bb1b92520963add29031f40c4af@whatsup2013.chT="You'reaslovelyasasunlight"formattplucker@gmail.comwaynenettles825@gmail.com2020-05-0205:49:251jUj9Y-00006c-Qo\<=info@whatsup2013.chH=\(localhost\)[14.231.192.2]:41472P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3076id=2208beede6cde7ef7376c06c8b7f55496d431b@whatsup2013.chT="RecentlikefromAngel"forcconner877@gmail.comforgetit@gmail.com2020-05-0205:51:361jUjBf-0000JJ-N4\<=info@	2020-05-02 16:35:26
165.22.193.235	attackspam	Invalid user wayne from 165.22.193.235 port 54756	2020-05-02 16:13:04
118.141.98.179	attackbotsspam	1588391560 - 05/02/2020 05:52:40 Host: 118.141.98.179/118.141.98.179 Port: 445 TCP Blocked	2020-05-02 16:22:41
122.51.176.111	attack	Invalid user temp from 122.51.176.111 port 60336	2020-05-02 16:27:07
138.118.241.40	attackbots	DATE:2020-05-02 05:52:58, IP:138.118.241.40, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-05-02 16:14:24
5.8.10.202	attackspam	F2B blocked SSH BF	2020-05-02 16:44:25
61.160.245.87	attackspam	May 2 09:47:43 prox sshd[20880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.245.87 May 2 09:47:45 prox sshd[20880]: Failed password for invalid user postgres from 61.160.245.87 port 43500 ssh2	2020-05-02 16:38:23
77.34.4.2	attack	1588391537 - 05/02/2020 05:52:17 Host: 77.34.4.2/77.34.4.2 Port: 445 TCP Blocked	2020-05-02 16:34:13
195.29.105.125	attackbotsspam	May 2 05:45:52 sip sshd[18581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.29.105.125 May 2 05:45:53 sip sshd[18581]: Failed password for invalid user al from 195.29.105.125 port 36276 ssh2 May 2 05:52:55 sip sshd[21166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.29.105.125	2020-05-02 16:16:01
180.251.175.20	attackspam	20/5/1@23:52:12: FAIL: Alarm-Network address from=180.251.175.20 ...	2020-05-02 16:40:56
5.39.93.158	attack	May 2 06:52:33 hosting sshd[8063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3280070.ip-5-39-93.eu user=root May 2 06:52:34 hosting sshd[8063]: Failed password for root from 5.39.93.158 port 39484 ssh2 ...	2020-05-02 16:26:41
222.73.62.184	attackbots	May 2 05:45:43 localhost sshd\[6099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.73.62.184 user=root May 2 05:45:45 localhost sshd\[6099\]: Failed password for root from 222.73.62.184 port 43000 ssh2 May 2 05:49:14 localhost sshd\[6119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.73.62.184 user=root May 2 05:49:16 localhost sshd\[6119\]: Failed password for root from 222.73.62.184 port 39052 ssh2 May 2 05:52:45 localhost sshd\[6297\]: Invalid user admin from 222.73.62.184 ...	2020-05-02 16:19:08
125.161.128.69	attack	Automatic report - Port Scan Attack	2020-05-02 16:28:49

Recently Reported IPs

223.149.2.37	223.149.20.70	223.149.202.73	223.149.200.144
223.149.21.121	223.149.181.233	223.149.201.156	223.149.21.141
223.149.22.97	223.149.201.169	223.149.22.83	223.149.228.96
223.149.21.112	223.149.229.25	223.149.228.158	223.149.230.205
223.149.236.63	223.149.23.129	223.149.239.214	223.149.230.52