149.126.19.138

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OBIT Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 149.126.19.138 to port 8000 [T]	2020-01-23 00:51:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.126.19.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7916
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.126.19.138.			IN	A

;; AUTHORITY SECTION:
.			419	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012200 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 00:51:20 CST 2020
;; MSG SIZE  rcvd: 118

Host info

138.19.126.149.in-addr.arpa domain name pointer 149-126-19-138.obit.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.19.126.149.in-addr.arpa	name = 149-126-19-138.obit.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.72.75.43	attackbotsspam	SQL Injection attack	2019-09-30 18:55:29
223.25.62.220	attackbotsspam	C1,WP GET /nelson/wp-login.php	2019-09-30 19:10:41
164.132.225.151	attack	Sep 30 11:41:22 heissa sshd\[11915\]: Invalid user yue from 164.132.225.151 port 49132 Sep 30 11:41:22 heissa sshd\[11915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.ip-164-132-225.eu Sep 30 11:41:23 heissa sshd\[11915\]: Failed password for invalid user yue from 164.132.225.151 port 49132 ssh2 Sep 30 11:44:55 heissa sshd\[12469\]: Invalid user nr from 164.132.225.151 port 41128 Sep 30 11:44:55 heissa sshd\[12469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.ip-164-132-225.eu	2019-09-30 19:11:44
103.218.242.190	attackspam	Sep 30 12:14:15 vpn01 sshd[4426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.218.242.190 Sep 30 12:14:17 vpn01 sshd[4426]: Failed password for invalid user sunny from 103.218.242.190 port 52470 ssh2 ...	2019-09-30 18:58:49
203.192.231.218	attackspam	Sep 29 18:36:29 wbs sshd\[18559\]: Invalid user do from 203.192.231.218 Sep 29 18:36:29 wbs sshd\[18559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.192.231.218 Sep 29 18:36:31 wbs sshd\[18559\]: Failed password for invalid user do from 203.192.231.218 port 34356 ssh2 Sep 29 18:40:43 wbs sshd\[19055\]: Invalid user iony from 203.192.231.218 Sep 29 18:40:43 wbs sshd\[19055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.192.231.218	2019-09-30 19:12:56
36.68.6.134	attack	B: Magento admin pass /admin/ test (wrong country)	2019-09-30 19:23:01
51.75.120.244	attackbotsspam	Sep 30 07:45:48 OPSO sshd\[15648\]: Invalid user liidia from 51.75.120.244 port 60816 Sep 30 07:45:48 OPSO sshd\[15648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.120.244 Sep 30 07:45:50 OPSO sshd\[15648\]: Failed password for invalid user liidia from 51.75.120.244 port 60816 ssh2 Sep 30 07:49:22 OPSO sshd\[16432\]: Invalid user youtube from 51.75.120.244 port 43808 Sep 30 07:49:22 OPSO sshd\[16432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.120.244	2019-09-30 19:13:45
151.217.75.89	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-30 19:03:19
185.164.72.122	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-30 19:28:03
62.173.149.19	attackbots	\[2019-09-30 01:58:47\] NOTICE\[1948\] chan_sip.c: Registration from '"236"\' failed for '62.173.149.19:25043' - Wrong password \[2019-09-30 01:58:47\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-30T01:58:47.037-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="236",SessionID="0x7f1e1c528f28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173.149.19/25043",Challenge="0ca7ca94",ReceivedChallenge="0ca7ca94",ReceivedHash="bfe9055faf3463cfbf7288a63fa237d0" \[2019-09-30 02:01:07\] NOTICE\[1948\] chan_sip.c: Registration from '"85"\' failed for '62.173.149.19:25027' - Wrong password \[2019-09-30 02:01:07\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-30T02:01:07.825-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="85",SessionID="0x7f1e1c667f98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.173	2019-09-30 19:07:29
37.59.37.69	attackbots	detected by Fail2Ban	2019-09-30 19:33:19
62.219.227.9	attackspambots	Automatic report - Port Scan Attack	2019-09-30 19:37:24
104.236.28.167	attack	Sep 30 11:15:36 DAAP sshd[13697]: Invalid user deploy from 104.236.28.167 port 60412 Sep 30 11:15:36 DAAP sshd[13697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.28.167 Sep 30 11:15:36 DAAP sshd[13697]: Invalid user deploy from 104.236.28.167 port 60412 Sep 30 11:15:38 DAAP sshd[13697]: Failed password for invalid user deploy from 104.236.28.167 port 60412 ssh2 Sep 30 11:19:09 DAAP sshd[13726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.28.167 user=root Sep 30 11:19:11 DAAP sshd[13726]: Failed password for root from 104.236.28.167 port 44748 ssh2 ...	2019-09-30 19:15:56
49.88.112.85	attackspam	2019-09-30T17:59:51.859989enmeeting.mahidol.ac.th sshd\[5656\]: User root from 49.88.112.85 not allowed because not listed in AllowUsers 2019-09-30T17:59:52.278996enmeeting.mahidol.ac.th sshd\[5656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.85 user=root 2019-09-30T17:59:54.203509enmeeting.mahidol.ac.th sshd\[5656\]: Failed password for invalid user root from 49.88.112.85 port 28737 ssh2 ...	2019-09-30 19:01:00
80.211.255.113	attackbotsspam	Sep 29 21:08:06 auw2 sshd\[27896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.255.113 user=www-data Sep 29 21:08:09 auw2 sshd\[27896\]: Failed password for www-data from 80.211.255.113 port 41610 ssh2 Sep 29 21:11:47 auw2 sshd\[28338\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.255.113 user=root Sep 29 21:11:49 auw2 sshd\[28338\]: Failed password for root from 80.211.255.113 port 53546 ssh2 Sep 29 21:15:40 auw2 sshd\[28657\]: Invalid user www from 80.211.255.113	2019-09-30 19:00:33

Recently Reported IPs

58.153.220.42	51.178.30.50	46.63.105.27	42.117.156.75
41.75.123.17	41.60.237.195	39.97.181.40	14.23.50.218
213.81.178.155	212.237.124.142	211.232.228.50	210.178.72.63
201.246.203.185	194.243.54.127	192.241.235.11	190.157.205.253
190.39.199.223	189.131.20.232	186.250.178.190	185.71.69.198