159.138.152.49

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Huawei International Pte Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	badbot	2019-11-27 06:30:59

Comments on same subnet:

IP	Type	Details	Datetime
159.138.152.247	attack	Automatic report - Banned IP Access	2020-01-29 13:12:47
159.138.152.36	attack	badbot	2020-01-15 09:21:29
159.138.152.163	attackspam	badbot	2020-01-15 06:48:55
159.138.152.85	attack	badbot	2020-01-15 06:44:44
159.138.152.14	attackbotsspam	badbot	2019-12-23 02:57:31
159.138.152.98	attack	badbot	2019-11-25 07:02:35
159.138.152.234	attackspam	/download/file.php?id=219&sid=92d3ffe10bd9005a31f4db93a21c1445	2019-10-20 20:12:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.152.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55084
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.138.152.49.			IN	A

;; AUTHORITY SECTION:
.			192	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112602 1800 900 604800 86400

;; Query time: 488 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 06:30:56 CST 2019
;; MSG SIZE  rcvd: 118

Host info

49.152.138.159.in-addr.arpa domain name pointer ecs-159-138-152-49.compute.hwclouds-dns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
49.152.138.159.in-addr.arpa	name = ecs-159-138-152-49.compute.hwclouds-dns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
88.202.190.152	attack	Port 22 Scan, PTR: None	2019-12-27 07:05:15
59.153.74.71	attackspambots	Unauthorized connection attempt detected from IP address 59.153.74.71 to port 80	2019-12-27 07:28:09
200.122.249.203	attack	Dec 26 23:45:35 v22018076622670303 sshd\[12182\]: Invalid user larue from 200.122.249.203 port 60085 Dec 26 23:45:35 v22018076622670303 sshd\[12182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.122.249.203 Dec 26 23:45:37 v22018076622670303 sshd\[12182\]: Failed password for invalid user larue from 200.122.249.203 port 60085 ssh2 ...	2019-12-27 07:36:28
193.228.162.197	attack	Unauthorized connection attempt from IP address 193.228.162.197 on Port 445(SMB)	2019-12-27 07:29:51
45.82.153.142	attack	Dec 26 23:54:10 srv01 postfix/smtpd\[22256\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 26 23:54:29 srv01 postfix/smtpd\[28973\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 26 23:56:34 srv01 postfix/smtpd\[22256\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 26 23:56:53 srv01 postfix/smtpd\[28973\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 26 23:57:49 srv01 postfix/smtpd\[22256\]: warning: unknown\[45.82.153.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-27 06:58:32
84.253.98.49	attack	Unauthorized connection attempt from IP address 84.253.98.49 on Port 445(SMB)	2019-12-27 07:34:01
223.171.48.208	attackspam	Unauthorized connection attempt from IP address 223.171.48.208 on Port 445(SMB)	2019-12-27 07:32:33
49.88.112.63	attackspam	Dec 26 19:56:54 firewall sshd[21213]: Failed password for root from 49.88.112.63 port 44049 ssh2 Dec 26 19:56:57 firewall sshd[21213]: Failed password for root from 49.88.112.63 port 44049 ssh2 Dec 26 19:57:00 firewall sshd[21213]: Failed password for root from 49.88.112.63 port 44049 ssh2 ...	2019-12-27 07:13:07
51.79.28.149	attack	Dec 27 00:16:32 srv-ubuntu-dev3 sshd[41063]: Invalid user il from 51.79.28.149 Dec 27 00:16:32 srv-ubuntu-dev3 sshd[41063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.28.149 Dec 27 00:16:32 srv-ubuntu-dev3 sshd[41063]: Invalid user il from 51.79.28.149 Dec 27 00:16:34 srv-ubuntu-dev3 sshd[41063]: Failed password for invalid user il from 51.79.28.149 port 44922 ssh2 Dec 27 00:19:30 srv-ubuntu-dev3 sshd[41300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.28.149 user=mysql Dec 27 00:19:32 srv-ubuntu-dev3 sshd[41300]: Failed password for mysql from 51.79.28.149 port 49940 ssh2 Dec 27 00:22:29 srv-ubuntu-dev3 sshd[41588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.28.149 user=root Dec 27 00:22:30 srv-ubuntu-dev3 sshd[41588]: Failed password for root from 51.79.28.149 port 55248 ssh2 Dec 27 00:26:29 srv-ubuntu-dev3 sshd[41870]: Invalid user ...	2019-12-27 07:29:08
46.61.152.187	attackspambots	Unauthorized connection attempt from IP address 46.61.152.187 on Port 445(SMB)	2019-12-27 07:34:47
189.112.228.153	attackspambots	Dec 26 23:36:05 sd-53420 sshd\[29956\]: Invalid user server from 189.112.228.153 Dec 26 23:36:05 sd-53420 sshd\[29956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.228.153 Dec 26 23:36:07 sd-53420 sshd\[29956\]: Failed password for invalid user server from 189.112.228.153 port 57710 ssh2 Dec 26 23:46:01 sd-53420 sshd\[1832\]: User root from 189.112.228.153 not allowed because none of user's groups are listed in AllowGroups Dec 26 23:46:01 sd-53420 sshd\[1832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.228.153 user=root ...	2019-12-27 07:17:51
210.65.138.4	attack	Unauthorized connection attempt from IP address 210.65.138.4 on Port 445(SMB)	2019-12-27 07:24:40
49.234.25.49	attackspam	Dec 26 09:33:22 server sshd\[32511\]: Invalid user uglow from 49.234.25.49 Dec 26 09:33:22 server sshd\[32511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.25.49 Dec 26 09:33:24 server sshd\[32511\]: Failed password for invalid user uglow from 49.234.25.49 port 56194 ssh2 Dec 27 01:46:29 server sshd\[6482\]: Invalid user www-data from 49.234.25.49 Dec 27 01:46:29 server sshd\[6482\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.25.49 ...	2019-12-27 07:04:40
106.13.98.217	attackbotsspam	Dec 26 22:33:35 : SSH login attempts with invalid user	2019-12-27 07:29:28
67.252.252.12	attackspam	Unauthorized connection attempt from IP address 67.252.252.12 on Port 445(SMB)	2019-12-27 07:25:47

Recently Reported IPs

197.245.103.209	201.42.152.124	188.213.212.60	185.104.126.26
218.102.62.197	199.247.2.74	188.127.164.96	91.107.123.127
185.199.96.78	123.26.156.16	187.163.188.253	183.208.133.147
218.216.175.69	186.54.83.211	151.237.207.10	104.9.134.164
65.52.31.68	59.112.252.241	60.199.223.81	94.130.92.61