213.168.49.158

Basic Info

City: unknown

Region: unknown

Country: Russia

Internet Service Provider: PJSC MegaFon

Hostname: unknown

Organization: PJSC MegaFon

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Honeypot attack, port: 445, PTR: 158-49.szkti.ru.	2020-04-17 20:47:22
attackspam	unauthorized connection attempt	2020-02-07 17:16:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.168.49.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64512
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.168.49.158.			IN	A

;; AUTHORITY SECTION:
.			2764	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041500 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 22:27:49 +08 2019
;; MSG SIZE  rcvd: 118

Host info

158.49.168.213.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 158.49.168.213.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.90.244.154	attack	Oct 13 08:27:49 marvibiene sshd[1715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.90.244.154 user=root Oct 13 08:27:51 marvibiene sshd[1715]: Failed password for root from 115.90.244.154 port 54596 ssh2 Oct 13 08:32:43 marvibiene sshd[1775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.90.244.154 user=root Oct 13 08:32:46 marvibiene sshd[1775]: Failed password for root from 115.90.244.154 port 37594 ssh2 ...	2019-10-13 16:34:01
42.51.13.102	attack	Oct 10 10:50:01 myhostname sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 10:50:03 myhostname sshd[20963]: Failed password for r.r from 42.51.13.102 port 57284 ssh2 Oct 10 10:50:03 myhostname sshd[20963]: Received disconnect from 42.51.13.102 port 57284:11: Bye Bye [preauth] Oct 10 10:50:03 myhostname sshd[20963]: Disconnected from 42.51.13.102 port 57284 [preauth] Oct 10 11:14:57 myhostname sshd[21029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.51.13.102 user=r.r Oct 10 11:14:59 myhostname sshd[21029]: Failed password for r.r from 42.51.13.102 port 43249 ssh2 Oct 10 11:14:59 myhostname sshd[21029]: Received disconnect from 42.51.13.102 port 43249:11: Bye Bye [preauth] Oct 10 11:14:59 myhostname sshd[21029]: Disconnected from 42.51.13.102 port 43249 [preauth] Oct 10 11:19:42 myhostname sshd[21038]: pam_unix(sshd:auth): authentication fail........ -------------------------------	2019-10-13 16:57:43
75.50.59.234	attackbots	Oct 13 08:04:14 sauna sshd[151648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.50.59.234 Oct 13 08:04:15 sauna sshd[151648]: Failed password for invalid user Paris2017 from 75.50.59.234 port 36024 ssh2 ...	2019-10-13 16:51:09
112.85.42.94	attackbotsspam	2019-10-13T08:29:04.103542abusebot-8.cloudsearch.cf sshd\[14995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.94 user=root	2019-10-13 16:38:18
138.197.89.186	attack	2019-10-13T05:06:04.766487mizuno.rwx.ovh sshd[798850]: Connection from 138.197.89.186 port 56590 on 78.46.61.178 port 22 2019-10-13T05:06:05.282300mizuno.rwx.ovh sshd[798850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.89.186 user=root 2019-10-13T05:06:07.555434mizuno.rwx.ovh sshd[798850]: Failed password for root from 138.197.89.186 port 56590 ssh2 2019-10-13T05:13:23.603036mizuno.rwx.ovh sshd[799853]: Connection from 138.197.89.186 port 59866 on 78.46.61.178 port 22 2019-10-13T05:13:24.213313mizuno.rwx.ovh sshd[799853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.89.186 user=root 2019-10-13T05:13:26.753618mizuno.rwx.ovh sshd[799853]: Failed password for root from 138.197.89.186 port 59866 ssh2 ...	2019-10-13 16:56:52
217.30.75.78	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-10-13 16:44:44
69.131.84.33	attack	Oct 13 10:17:37 meumeu sshd[11557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.131.84.33 Oct 13 10:17:39 meumeu sshd[11557]: Failed password for invalid user 123 from 69.131.84.33 port 50454 ssh2 Oct 13 10:21:34 meumeu sshd[12055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.131.84.33 ...	2019-10-13 16:32:41
129.204.109.127	attackbots	Oct 12 22:04:57 auw2 sshd\[15001\]: Invalid user 123@wsxqaz from 129.204.109.127 Oct 12 22:04:57 auw2 sshd\[15001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.109.127 Oct 12 22:04:59 auw2 sshd\[15001\]: Failed password for invalid user 123@wsxqaz from 129.204.109.127 port 46066 ssh2 Oct 12 22:10:24 auw2 sshd\[15660\]: Invalid user 123@wsxqaz from 129.204.109.127 Oct 12 22:10:24 auw2 sshd\[15660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.109.127	2019-10-13 16:21:44
148.66.142.161	attackbotsspam	WordPress wp-login brute force :: 148.66.142.161 0.128 BYPASS [13/Oct/2019:14:49:36 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-13 16:50:31
165.227.195.95	attackbotsspam	Oct 13 03:49:56 thevastnessof sshd[2035]: Failed password for root from 165.227.195.95 port 53226 ssh2 ...	2019-10-13 16:42:15
45.55.224.209	attackbotsspam	Oct 13 05:39:09 server sshd[51114]: Failed password for root from 45.55.224.209 port 46882 ssh2 Oct 13 05:46:07 server sshd[52639]: Failed password for root from 45.55.224.209 port 47586 ssh2 Oct 13 05:49:50 server sshd[53421]: Failed password for root from 45.55.224.209 port 39016 ssh2	2019-10-13 16:45:54
37.192.194.50	attackspam	Sending SPAM email	2019-10-13 16:33:03
45.55.15.134	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/45.55.15.134/ NL - 1H : (25) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NL NAME ASN : ASN14061 IP : 45.55.15.134 CIDR : 45.55.0.0/19 PREFIX COUNT : 490 UNIQUE IP COUNT : 1963008 WYKRYTE ATAKI Z ASN14061 : 1H - 1 3H - 1 6H - 4 12H - 5 24H - 11 DateTime : 2019-10-13 06:03:25 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-13 16:59:38
114.221.138.187	attackspambots	Triggered by Fail2Ban at Vostok web server	2019-10-13 16:50:51
46.101.26.63	attackspambots	Oct 13 07:11:43 www5 sshd\[12728\]: Invalid user C3nt0s123 from 46.101.26.63 Oct 13 07:11:43 www5 sshd\[12728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.26.63 Oct 13 07:11:45 www5 sshd\[12728\]: Failed password for invalid user C3nt0s123 from 46.101.26.63 port 35256 ssh2 ...	2019-10-13 16:54:22

Recently Reported IPs

23.108.254.98	187.51.177.165	94.176.141.47	200.27.50.85
128.0.120.190	117.5.33.170	116.102.58.60	211.40.198.242
152.136.76.144	51.68.140.75	58.187.161.182	172.105.210.107
92.51.75.246	89.109.64.184	66.11.154.25	77.222.97.11
178.44.237.56	182.72.139.202	199.38.183.107	212.83.137.50