223.149.2.161 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
223.149.2.128	attack	Mirai and Reaper Exploitation Traffic	2020-08-18 03:52:14
223.149.255.58	attackbots	Honeypot hit.	2020-08-10 12:09:07
223.149.241.39	attackspam	GPON Home Routers Remote Code Execution Vulnerability	2020-08-09 20:31:12
223.149.202.132	attackspambots	Port probing on unauthorized port 23	2020-07-30 23:17:58
223.149.228.207	attackbots	Unauthorized connection attempt detected from IP address 223.149.228.207 to port 23	2020-07-25 23:11:01
223.149.202.193	attackbots	Jul 25 05:51:17 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11710 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0 Jul 25 05:51:20 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11711 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0 Jul 25 05:51:26 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3f:fd:58:00:08:e3:ff:fd:90:08:00 SRC=223.149.202.193 DST=79.143.186.54 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=11712 DF PROTO=TCP SPT=7572 DPT=23 WINDOW=5440 RES=0x00 SYN URGP=0	2020-07-25 16:34:08
223.149.248.115	attackspam	Port probing on unauthorized port 5555	2020-07-20 05:13:12
223.149.254.12	attack	Auto Detect Rule! proto TCP (SYN), 223.149.254.12:2707->gjan.info:23, len 60	2020-07-18 08:05:27
223.149.207.157	attack	Fail2Ban Ban Triggered	2020-07-10 01:58:34
223.149.203.80	attackspambots	Automatic report - Port Scan Attack	2020-06-30 23:23:13
223.149.200.169	attackbotsspam	Unauthorized connection attempt detected from IP address 223.149.200.169 to port 23	2020-06-29 03:10:07
223.149.252.92	attack	Automatic report - Port Scan Attack	2020-06-25 17:42:48
223.149.245.224	attack	Honeypot hit.	2020-06-23 18:20:07
223.149.201.4	attackbotsspam	"SERVER-WEBAPP GPON Router authentication bypass and command injection attempt"	2020-06-16 17:50:28
223.149.21.135	attackspambots	scan r	2020-06-02 22:43:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 223.149.2.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35466
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;223.149.2.161.			IN	A

;; AUTHORITY SECTION:
.			383	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 10:35:37 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 161.2.149.223.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 161.2.149.223.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
69.141.235.18	attack	[portscan] tcp/23 [TELNET] *(RWIN=6081)(08041230)	2019-08-05 00:34:01
60.6.150.79	attack	[portscan] tcp/1433 [MsSQL] *(RWIN=8192)(08041230)	2019-08-05 00:34:49
39.77.119.60	attackspam	[portscan] tcp/23 [TELNET] *(RWIN=63927)(08041230)	2019-08-05 00:50:53
103.137.7.170	attackspam	[portscan] tcp/23 [TELNET] *(RWIN=10705)(08041230)	2019-08-05 00:23:09
42.119.75.213	attack	[portscan] tcp/23 [TELNET] *(RWIN=15867)(08041230)	2019-08-05 00:37:29
31.28.107.58	attackspambots	[portscan] tcp/139 [NetBIOS Session Service] *(RWIN=1024)(08041230)	2019-08-04 23:55:09
111.79.107.164	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 00:21:05
58.221.61.165	attack	[MySQL inject/portscan] tcp/3306 *(RWIN=16384)(08041230)	2019-08-04 23:49:17
95.6.77.61	attackspam	[portscan] tcp/139 [NetBIOS Session Service] *(RWIN=1024)(08041230)	2019-08-05 00:27:06
150.107.232.136	attack	[portscan] tcp/139 [NetBIOS Session Service] [SMB remote code execution attempt: port tcp/445] [scan/connect: 2 time(s)] *(RWIN=1024)(08041230)	2019-08-05 00:12:01
188.128.33.242	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-05 00:44:32
116.148.130.154	attack	[portscan] tcp/23 [TELNET] *(RWIN=57577)(08041230)	2019-08-05 00:17:44
112.202.229.187	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 00:19:13
61.180.31.52	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-04 23:48:10
112.197.59.29	attackspambots	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 00:20:00

Recently Reported IPs

151.235.23.136	47.119.122.19	188.166.87.67	125.105.110.206
223.226.129.31	148.205.149.119	81.33.20.149	46.249.123.132
27.208.152.60	101.108.123.195	176.61.143.85	175.182.99.150
162.241.216.119	222.218.107.196	187.163.141.178	197.62.51.119
154.202.103.114	103.59.203.169	223.87.179.36	76.107.18.130