159.138.91.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.91.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56153
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.138.91.48.			IN	A

;; AUTHORITY SECTION:
.			183	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022010801 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 09 09:50:04 CST 2022
;; MSG SIZE  rcvd: 106

Host info

48.91.138.159.in-addr.arpa domain name pointer ecs-159-138-91-48.compute.hwclouds-dns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.91.138.159.in-addr.arpa	name = ecs-159-138-91-48.compute.hwclouds-dns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.80	attackbotsspam	$f2bV_matches	2019-10-10 15:54:36
49.232.41.123	attackspam	Oct 6 12:02:06 pi01 sshd[25240]: Connection from 49.232.41.123 port 51402 on 192.168.1.10 port 22 Oct 6 12:02:08 pi01 sshd[25240]: User r.r from 49.232.41.123 not allowed because not listed in AllowUsers Oct 6 12:02:08 pi01 sshd[25240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.41.123 user=r.r Oct 6 12:02:10 pi01 sshd[25240]: Failed password for invalid user r.r from 49.232.41.123 port 51402 ssh2 Oct 6 12:02:11 pi01 sshd[25240]: Received disconnect from 49.232.41.123 port 51402:11: Bye Bye [preauth] Oct 6 12:02:11 pi01 sshd[25240]: Disconnected from 49.232.41.123 port 51402 [preauth] Oct 6 12:14:23 pi01 sshd[25454]: Connection from 49.232.41.123 port 46738 on 192.168.1.10 port 22 Oct 6 12:14:40 pi01 sshd[25454]: Connection closed by 49.232.41.123 port 46738 [preauth] Oct 6 12:18:36 pi01 sshd[25490]: Connection from 49.232.41.123 port 42484 on 192.168.1.10 port 22 Oct 6 12:18:38 pi01 sshd[25490]: User r.r fr........ -------------------------------	2019-10-10 15:41:11
111.92.240.170	attack	Oct 9 20:53:55 eddieflores sshd\[16504\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.92.240.170 user=root Oct 9 20:53:57 eddieflores sshd\[16504\]: Failed password for root from 111.92.240.170 port 49612 ssh2 Oct 9 20:58:20 eddieflores sshd\[16846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.92.240.170 user=root Oct 9 20:58:21 eddieflores sshd\[16846\]: Failed password for root from 111.92.240.170 port 32984 ssh2 Oct 9 21:02:41 eddieflores sshd\[17208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.92.240.170 user=root	2019-10-10 15:17:04
82.117.190.170	attackbots	Oct 10 09:04:37 jane sshd[21675]: Failed password for root from 82.117.190.170 port 43935 ssh2 ...	2019-10-10 15:41:43
193.112.27.92	attack	Oct 9 19:46:14 php1 sshd\[11015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.27.92 user=root Oct 9 19:46:16 php1 sshd\[11015\]: Failed password for root from 193.112.27.92 port 48912 ssh2 Oct 9 19:51:02 php1 sshd\[11559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.27.92 user=root Oct 9 19:51:04 php1 sshd\[11559\]: Failed password for root from 193.112.27.92 port 55018 ssh2 Oct 9 19:55:49 php1 sshd\[12125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.27.92 user=root	2019-10-10 15:48:34
148.70.11.143	attackspambots	2019-10-10T06:54:42.178002abusebot-5.cloudsearch.cf sshd\[26409\]: Invalid user robert from 148.70.11.143 port 58862	2019-10-10 15:26:47
195.168.236.254	attackbotsspam	firewall-block, port(s): 1433/tcp	2019-10-10 15:39:41
141.98.80.224	attackbotsspam	10/10/2019-08:02:33.242639 141.98.80.224 Protocol: 6 SURICATA SMTP tls rejected	2019-10-10 15:18:54
13.77.142.89	attack	Oct 6 12:41:32 mxgate1 sshd[23651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.77.142.89 user=r.r Oct 6 12:41:34 mxgate1 sshd[23651]: Failed password for r.r from 13.77.142.89 port 34568 ssh2 Oct 6 12:41:34 mxgate1 sshd[23651]: Received disconnect from 13.77.142.89 port 34568:11: Bye Bye [preauth] Oct 6 12:41:34 mxgate1 sshd[23651]: Disconnected from 13.77.142.89 port 34568 [preauth] Oct 6 12:54:42 mxgate1 sshd[24000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.77.142.89 user=r.r Oct 6 12:54:44 mxgate1 sshd[24000]: Failed password for r.r from 13.77.142.89 port 40694 ssh2 Oct 6 12:54:44 mxgate1 sshd[24000]: Received disconnect from 13.77.142.89 port 40694:11: Bye Bye [preauth] Oct 6 12:54:44 mxgate1 sshd[24000]: Disconnected from 13.77.142.89 port 40694 [preauth] Oct 6 12:58:26 mxgate1 sshd[24065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ........ -------------------------------	2019-10-10 15:34:56
35.154.103.207	attack	Oct 6 22:34:18 DNS-2 sshd[15279]: User r.r from 35.154.103.207 not allowed because not listed in AllowUsers Oct 6 22:34:18 DNS-2 sshd[15279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.154.103.207 user=r.r Oct 6 22:34:19 DNS-2 sshd[15279]: Failed password for invalid user r.r from 35.154.103.207 port 35219 ssh2 Oct 6 22:34:19 DNS-2 sshd[15279]: Received disconnect from 35.154.103.207 port 35219:11: Bye Bye [preauth] Oct 6 22:34:19 DNS-2 sshd[15279]: Disconnected from 35.154.103.207 port 35219 [preauth] Oct 6 22:40:33 DNS-2 sshd[15649]: User r.r from 35.154.103.207 not allowed because not listed in AllowUsers Oct 6 22:40:33 DNS-2 sshd[15649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.154.103.207 user=r.r Oct 6 22:40:35 DNS-2 ssh .... truncated .... Oct 6 22:34:18 DNS-2 sshd[15279]: User r.r from 35.154.103.207 not allowed because not listed in AllowUsers Oct 6 2........ -------------------------------	2019-10-10 15:47:34
106.13.17.8	attack	Oct 10 06:08:54 microserver sshd[17288]: Failed password for root from 106.13.17.8 port 43704 ssh2 Oct 10 06:13:18 microserver sshd[17941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.17.8 user=root Oct 10 06:13:19 microserver sshd[17941]: Failed password for root from 106.13.17.8 port 50036 ssh2 Oct 10 06:17:46 microserver sshd[18557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.17.8 user=root Oct 10 06:31:09 microserver sshd[20483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.17.8 user=root Oct 10 06:31:11 microserver sshd[20483]: Failed password for root from 106.13.17.8 port 47116 ssh2 Oct 10 06:35:45 microserver sshd[21145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.17.8 user=root Oct 10 06:35:48 microserver sshd[21145]: Failed password for root from 106.13.17.8 port 53450 ssh2 Oct 10 06:40:25 micr	2019-10-10 15:53:31
178.60.38.58	attackspambots	Oct 10 07:39:29 sauna sshd[69905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.60.38.58 Oct 10 07:39:31 sauna sshd[69905]: Failed password for invalid user Gerard_123 from 178.60.38.58 port 47069 ssh2 ...	2019-10-10 15:22:38
165.227.47.36	attack	SSH/22 MH Probe, BF, Hack -	2019-10-10 15:32:52
91.210.59.145	attackspam	xmlrpc attack	2019-10-10 15:27:14
96.57.28.210	attackspambots	Fail2Ban - SSH Bruteforce Attempt	2019-10-10 15:14:06

Recently Reported IPs

46.172.52.188	206.173.44.237	155.123.129.37	102.112.143.167
90.125.115.16	7.79.98.158	78.26.130.118	94.236.75.16
143.10.69.159	98.35.152.221	197.207.144.16	111.172.34.154
120.230.157.249	109.111.155.245	153.212.200.233	232.3.13.106
156.197.168.222	250.101.127.242	94.235.104.193	190.162.130.166