159.138.149.107

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Huawei International Pte Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[Fri Dec 20 21:47:05.500811 2019] [ssl:info] [pid 23331:tid 140202395809536] [client 159.138.149.107:41419] AH02033: No hostname was provided via SNI for a name based virtual host ...	2019-12-21 06:23:57

Comments on same subnet:

IP	Type	Details	Datetime
159.138.149.210	attackspam	do not respect robot.txt	2020-02-29 03:33:45
159.138.149.47	attackbotsspam	Looking for resource vulnerabilities	2020-01-15 09:23:48
159.138.149.148	attackspambots	badbot	2020-01-07 22:29:13
159.138.149.42	attack	Unauthorized access detected from banned ip	2020-01-01 13:13:04
159.138.149.214	attackbots	Unauthorized access detected from banned ip	2019-12-28 16:06:13
159.138.149.62	attack	badbot	2019-11-27 06:21:04
159.138.149.52	attack	badbot	2019-11-27 03:31:07
159.138.149.34	attackspam	badbot	2019-11-25 14:44:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.149.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37177
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.149.107.		IN	A

;; AUTHORITY SECTION:
.			302	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122002 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 06:23:54 CST 2019
;; MSG SIZE  rcvd: 119

Host info

107.149.138.159.in-addr.arpa domain name pointer ecs-159-138-149-107.compute.hwclouds-dns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
107.149.138.159.in-addr.arpa	name = ecs-159-138-149-107.compute.hwclouds-dns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
172.81.250.132	attack	Oct 16 11:15:07 vpn01 sshd[3203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.250.132 Oct 16 11:15:08 vpn01 sshd[3203]: Failed password for invalid user sharon from 172.81.250.132 port 57372 ssh2 ...	2019-10-16 17:43:46
73.252.161.153	attack	web-1 [ssh_2] SSH Attack	2019-10-16 17:29:38
178.128.218.56	attackspam	Invalid user brgs from 178.128.218.56 port 50012	2019-10-16 17:32:03
106.12.201.101	attack	2019-10-16T05:12:40.800289 sshd[23158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.201.101 user=root 2019-10-16T05:12:42.860036 sshd[23158]: Failed password for root from 106.12.201.101 port 47992 ssh2 2019-10-16T05:17:40.237078 sshd[23245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.201.101 user=root 2019-10-16T05:17:41.814902 sshd[23245]: Failed password for root from 106.12.201.101 port 57912 ssh2 2019-10-16T05:22:35.698768 sshd[23274]: Invalid user mirror01 from 106.12.201.101 port 39598 ...	2019-10-16 17:49:48
150.95.199.179	attackbots	SSH Brute Force, server-1 sshd[29431]: Failed password for root from 150.95.199.179 port 58288 ssh2	2019-10-16 18:09:38
27.18.144.66	attack	Oct 16 09:38:00 raspberrypi sshd\[7519\]: Invalid user josephine from 27.18.144.66Oct 16 09:38:02 raspberrypi sshd\[7519\]: Failed password for invalid user josephine from 27.18.144.66 port 24013 ssh2Oct 16 09:43:38 raspberrypi sshd\[7752\]: Invalid user saxon from 27.18.144.66 ...	2019-10-16 18:08:35
46.0.203.166	attackbots	Oct 16 02:41:41 TORMINT sshd\[10705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.0.203.166 user=root Oct 16 02:41:43 TORMINT sshd\[10705\]: Failed password for root from 46.0.203.166 port 33764 ssh2 Oct 16 02:45:44 TORMINT sshd\[10906\]: Invalid user abeu from 46.0.203.166 Oct 16 02:45:44 TORMINT sshd\[10906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.0.203.166 ...	2019-10-16 17:35:21
88.105.131.24	attackspambots	$f2bV_matches	2019-10-16 17:53:06
222.186.175.155	attack	SSH Brute Force, server-1 sshd[29999]: Failed password for root from 222.186.175.155 port 39896 ssh2	2019-10-16 17:42:17
123.206.18.14	attack	Oct 16 11:33:39 vpn01 sshd[3452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.18.14 Oct 16 11:33:41 vpn01 sshd[3452]: Failed password for invalid user tiny from 123.206.18.14 port 39706 ssh2 ...	2019-10-16 17:53:28
183.111.125.172	attackbots	$f2bV_matches	2019-10-16 17:59:08
113.125.60.208	attackbotsspam	Oct 16 07:46:52 v22019058497090703 sshd[18961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.60.208 Oct 16 07:46:55 v22019058497090703 sshd[18961]: Failed password for invalid user hunt5759 from 113.125.60.208 port 36282 ssh2 Oct 16 07:52:06 v22019058497090703 sshd[19364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.60.208 ...	2019-10-16 17:45:54
106.12.27.46	attackspambots	2019-10-16T05:31:10.455467abusebot-7.cloudsearch.cf sshd\[1579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.27.46 user=root	2019-10-16 17:55:55
112.6.230.247	attackspambots	Oct 16 05:13:11 h2177944 kernel: \[4071560.274207\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.6.230.247 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=16440 PROTO=TCP SPT=41360 DPT=23 WINDOW=34224 RES=0x00 SYN URGP=0 Oct 16 05:16:00 h2177944 kernel: \[4071729.777504\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.6.230.247 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=16440 PROTO=TCP SPT=41360 DPT=23 WINDOW=34224 RES=0x00 SYN URGP=0 Oct 16 05:18:21 h2177944 kernel: \[4071870.553607\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.6.230.247 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=16440 PROTO=TCP SPT=41360 DPT=23 WINDOW=34224 RES=0x00 SYN URGP=0 Oct 16 05:20:55 h2177944 kernel: \[4072024.669023\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.6.230.247 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=16440 PROTO=TCP SPT=41360 DPT=23 WINDOW=34224 RES=0x00 SYN URGP=0 Oct 16 05:22:29 h2177944 kernel: \[4072118.380780\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.6.230.247 DST=85.214.117.9 LEN=40	2019-10-16 17:52:40
1.179.197.106	attackspam	Oct 16 06:44:11 lnxmysql61 sshd[12950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.197.106	2019-10-16 17:39:19

Recently Reported IPs

213.45.4.230	68.189.113.213	6.156.128.229	224.165.215.59
88.22.158.187	86.143.249.228	191.32.158.240	201.39.41.226
40.92.18.33	175.176.91.150	201.1.128.20	42.119.212.224
42.113.108.101	201.208.20.9	159.20.106.234	23.227.38.65
157.26.70.77	223.230.153.139	218.64.91.95	193.34.145.203