159.138.150.80

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Huawei International Pte Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	badbot	2020-02-07 03:03:05

Comments on same subnet:

IP	Type	Details	Datetime
159.138.150.123	attack	Automatic report - Banned IP Access	2020-01-27 23:12:12
159.138.150.234	attack	Automatic report - Banned IP Access	2020-01-25 16:41:44
159.138.150.190	attackbotsspam	badbot	2020-01-15 09:22:36
159.138.150.96	attackbotsspam	badbot	2020-01-15 09:20:14
159.138.150.177	attackbots	badbot	2020-01-07 23:13:05
159.138.150.185	attackspambots	Automatic report - Banned IP Access	2019-12-27 02:14:38
159.138.150.123	attackbots	[Fri Dec 20 22:57:56.778126 2019] [ssl:info] [pid 28669:tid 140202510694144] [client 159.138.150.123:48562] AH02033: No hostname was provided via SNI for a name based virtual host ...	2019-12-21 00:51:57
159.138.150.233	attackbotsspam	badbot	2019-11-27 15:18:05
159.138.150.254	attackspam	badbot	2019-11-27 06:36:26
159.138.150.147	attackbotsspam	badbot	2019-11-27 06:18:42
159.138.150.15	attack	badbot	2019-11-27 05:58:07
159.138.150.109	attack	badbot	2019-11-27 05:54:55
159.138.150.119	attackspambots	badbot	2019-11-27 03:41:08
159.138.150.28	attack	badbot	2019-11-25 07:05:02
159.138.150.59	attackbotsspam	/download/file.php?id=177&sid=78413a4c0b7349a3f437813f5ab319dc	2019-11-01 04:08:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.150.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.150.80.			IN	A

;; AUTHORITY SECTION:
.			540	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020600 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 03:03:01 CST 2020
;; MSG SIZE  rcvd: 118

Host info

80.150.138.159.in-addr.arpa domain name pointer ecs-159-138-150-80.compute.hwclouds-dns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
80.150.138.159.in-addr.arpa	name = ecs-159-138-150-80.compute.hwclouds-dns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.92.149.58	attack	Nov 25 06:55:51 server sshd\[27008\]: Invalid user iyad from 81.92.149.58 port 55969 Nov 25 06:55:51 server sshd\[27008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.92.149.58 Nov 25 06:55:52 server sshd\[27008\]: Failed password for invalid user iyad from 81.92.149.58 port 55969 ssh2 Nov 25 06:59:42 server sshd\[19900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.92.149.58 user=news Nov 25 06:59:44 server sshd\[19900\]: Failed password for news from 81.92.149.58 port 45662 ssh2	2019-11-25 13:03:39
106.124.131.70	attackbots	Nov 25 04:46:35 raspberrypi sshd\[22712\]: Invalid user casserly from 106.124.131.70Nov 25 04:46:37 raspberrypi sshd\[22712\]: Failed password for invalid user casserly from 106.124.131.70 port 41568 ssh2Nov 25 04:59:28 raspberrypi sshd\[22948\]: Invalid user o from 106.124.131.70 ...	2019-11-25 13:10:25
192.99.14.164	attackbotsspam	192.99.14.164 was recorded 5 times by 1 hosts attempting to connect to the following ports: 51413. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-25 13:11:24
221.4.146.171	attack	Nov 25 05:58:49 server1 postfix/smtpd\[5324\]: warning: unknown\[221.4.146.171\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Nov 25 05:59:03 server1 postfix/smtpd\[5324\]: warning: unknown\[221.4.146.171\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Nov 25 05:59:18 server1 postfix/smtpd\[5324\]: warning: unknown\[221.4.146.171\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-11-25 13:02:33
45.236.244.130	attack	Nov 25 01:28:56 vps647732 sshd[10754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.236.244.130 Nov 25 01:28:59 vps647732 sshd[10754]: Failed password for invalid user server from 45.236.244.130 port 43552 ssh2 ...	2019-11-25 09:21:53
112.85.42.173	attack	Nov 24 19:10:25 sachi sshd\[19626\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Nov 24 19:10:27 sachi sshd\[19626\]: Failed password for root from 112.85.42.173 port 63654 ssh2 Nov 24 19:10:30 sachi sshd\[19626\]: Failed password for root from 112.85.42.173 port 63654 ssh2 Nov 24 19:10:33 sachi sshd\[19626\]: Failed password for root from 112.85.42.173 port 63654 ssh2 Nov 24 19:10:37 sachi sshd\[19626\]: Failed password for root from 112.85.42.173 port 63654 ssh2	2019-11-25 13:13:50
27.69.242.187	attackbotsspam	Nov 24 23:59:50 plusreed sshd[31706]: Invalid user demo from 27.69.242.187 ...	2019-11-25 13:01:42
1.213.195.154	attackbots	Nov 25 06:59:41 ncomp sshd[6784]: Invalid user david from 1.213.195.154 Nov 25 06:59:41 ncomp sshd[6784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.213.195.154 Nov 25 06:59:41 ncomp sshd[6784]: Invalid user david from 1.213.195.154 Nov 25 06:59:43 ncomp sshd[6784]: Failed password for invalid user david from 1.213.195.154 port 60137 ssh2	2019-11-25 13:05:22
218.92.0.171	attackbots	Nov 25 06:10:31 mail sshd[4460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Nov 25 06:10:33 mail sshd[4460]: Failed password for root from 218.92.0.171 port 37829 ssh2 Nov 25 06:10:46 mail sshd[4460]: error: maximum authentication attempts exceeded for root from 218.92.0.171 port 37829 ssh2 [preauth] Nov 25 06:10:31 mail sshd[4460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Nov 25 06:10:33 mail sshd[4460]: Failed password for root from 218.92.0.171 port 37829 ssh2 Nov 25 06:10:46 mail sshd[4460]: error: maximum authentication attempts exceeded for root from 218.92.0.171 port 37829 ssh2 [preauth] Nov 25 06:10:31 mail sshd[4460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Nov 25 06:10:33 mail sshd[4460]: Failed password for root from 218.92.0.171 port 37829 ssh2 Nov 25 06:10:46 mail sshd[4460]: error: maxim	2019-11-25 13:15:32
192.166.218.25	attackbotsspam	Nov 24 23:49:15 sd-53420 sshd\[10884\]: Invalid user afoster from 192.166.218.25 Nov 24 23:49:15 sd-53420 sshd\[10884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.166.218.25 Nov 24 23:49:17 sd-53420 sshd\[10884\]: Failed password for invalid user afoster from 192.166.218.25 port 38306 ssh2 Nov 24 23:55:29 sd-53420 sshd\[11853\]: User root from 192.166.218.25 not allowed because none of user's groups are listed in AllowGroups Nov 24 23:55:29 sd-53420 sshd\[11853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.166.218.25 user=root ...	2019-11-25 09:17:30
87.239.85.169	attackspam	Nov 25 05:48:57 gw1 sshd[30033]: Failed password for root from 87.239.85.169 port 54872 ssh2 Nov 25 05:55:23 gw1 sshd[30122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.239.85.169 ...	2019-11-25 09:14:27
159.138.155.235	attackspam	badbot	2019-11-25 09:24:01
95.174.67.83	attack	95.174.67.83 was recorded 5 times by 1 hosts attempting to connect to the following ports: 51413. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-25 13:17:41
103.74.120.201	attackbotsspam	xmlrpc attack	2019-11-25 13:06:44
100.35.197.249	attack	Nov 25 01:26:51 site2 sshd\[36562\]: Invalid user user from 100.35.197.249Nov 25 01:26:52 site2 sshd\[36562\]: Failed password for invalid user user from 100.35.197.249 port 35008 ssh2Nov 25 01:27:23 site2 sshd\[36566\]: Invalid user ftpuser1 from 100.35.197.249Nov 25 01:27:25 site2 sshd\[36566\]: Failed password for invalid user ftpuser1 from 100.35.197.249 port 37276 ssh2Nov 25 01:27:54 site2 sshd\[36575\]: Invalid user tomcat2 from 100.35.197.249 ...	2019-11-25 09:21:40

Recently Reported IPs

5.185.95.70	187.177.85.161	5.249.155.183	1.61.74.52
14.174.62.104	80.211.135.211	103.242.47.66	187.202.178.134
167.71.67.238	162.243.131.92	177.131.108.161	191.8.111.241
185.230.125.83	106.0.36.66	125.213.216.180	195.154.23.106
94.217.195.197	113.183.99.128	59.44.149.52	61.149.194.91