3.38.149.164 - IPInfo

Basic Info

City: Incheon

Region: Incheon Metropolitan City

Country: South Korea

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.38.149.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 948
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3.38.149.164.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024111700 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 17 19:15:48 CST 2024
;; MSG SIZE  rcvd: 105

Host info

164.149.38.3.in-addr.arpa domain name pointer ec2-3-38-149-164.ap-northeast-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.149.38.3.in-addr.arpa	name = ec2-3-38-149-164.ap-northeast-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.213.217.91	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-16 18:42:25
112.85.42.174	attack	Mar 16 10:05:05 combo sshd[11136]: Failed password for root from 112.85.42.174 port 15554 ssh2 Mar 16 10:05:09 combo sshd[11136]: Failed password for root from 112.85.42.174 port 15554 ssh2 Mar 16 10:05:13 combo sshd[11136]: Failed password for root from 112.85.42.174 port 15554 ssh2 ...	2020-03-16 18:23:21
45.133.99.2	attackbots	2020-03-15 dovecot_login authenticator failed for \(\[45.133.99.2\]\) \[45.133.99.2\]: 535 Incorrect authentication data 2020-03-15 dovecot_login authenticator failed for \(\[45.133.99.2\]\) \[45.133.99.2\]: 535 Incorrect authentication data 2020-03-16 dovecot_login authenticator failed for \(\[45.133.99.2\]\) \[45.133.99.2\]: 535 Incorrect authentication data \(set_id=lp@REMOVED.de\)	2020-03-16 18:20:50
103.229.199.254	attackspambots	Mar 15 19:02:09 php1 sshd\[5754\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.229.199.254 user=root Mar 15 19:02:11 php1 sshd\[5754\]: Failed password for root from 103.229.199.254 port 41208 ssh2 Mar 15 19:10:46 php1 sshd\[6564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.229.199.254 user=root Mar 15 19:10:48 php1 sshd\[6564\]: Failed password for root from 103.229.199.254 port 48354 ssh2 Mar 15 19:12:03 php1 sshd\[6692\]: Invalid user rstudio from 103.229.199.254 Mar 15 19:12:03 php1 sshd\[6692\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.229.199.254	2020-03-16 18:49:02
201.116.46.11	attackspam	Unauthorized connection attempt detected from IP address 201.116.46.11 to port 22	2020-03-16 18:16:00
138.197.5.191	attackspam	Mar 16 09:52:07 tuxlinux sshd[1684]: Invalid user lms from 138.197.5.191 port 38556 Mar 16 09:52:07 tuxlinux sshd[1684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191 Mar 16 09:52:07 tuxlinux sshd[1684]: Invalid user lms from 138.197.5.191 port 38556 Mar 16 09:52:07 tuxlinux sshd[1684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191 Mar 16 09:52:07 tuxlinux sshd[1684]: Invalid user lms from 138.197.5.191 port 38556 Mar 16 09:52:07 tuxlinux sshd[1684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191 Mar 16 09:52:10 tuxlinux sshd[1684]: Failed password for invalid user lms from 138.197.5.191 port 38556 ssh2 ...	2020-03-16 18:34:18
178.63.172.4	attackspam	Lines containing failures of 178.63.172.4 Mar 16 03:39:18 shared12 sshd[31293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.63.172.4 user=r.r Mar 16 03:39:19 shared12 sshd[31293]: Failed password for r.r from 178.63.172.4 port 52128 ssh2 Mar 16 03:39:20 shared12 sshd[31293]: Received disconnect from 178.63.172.4 port 52128:11: Bye Bye [preauth] Mar 16 03:39:20 shared12 sshd[31293]: Disconnected from authenticating user r.r 178.63.172.4 port 52128 [preauth] Mar 16 04:06:16 shared12 sshd[7721]: Invalid user koeso from 178.63.172.4 port 41182 Mar 16 04:06:16 shared12 sshd[7721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.63.172.4 Mar 16 04:06:19 shared12 sshd[7721]: Failed password for invalid user koeso from 178.63.172.4 port 41182 ssh2 Mar 16 04:06:19 shared12 sshd[7721]: Received disconnect from 178.63.172.4 port 41182:11: Bye Bye [preauth] Mar 16 04:06:19 shared12 sshd[7721........ ------------------------------	2020-03-16 18:43:49
197.35.47.113	attack	Honeypot attack, port: 445, PTR: host-197.35.47.113.tedata.net.	2020-03-16 18:20:09
88.99.222.59	attackbots	88.99.222.59 - - \[16/Mar/2020:06:11:58 +0100\] "POST /wp-login.php HTTP/1.0" 200 6997 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 88.99.222.59 - - \[16/Mar/2020:06:12:08 +0100\] "POST /wp-login.php HTTP/1.0" 200 6864 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 88.99.222.59 - - \[16/Mar/2020:06:12:19 +0100\] "POST /wp-login.php HTTP/1.0" 200 6860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-03-16 18:30:06
193.112.180.173	attackbots	Mar 16 07:00:46 sd-53420 sshd\[4601\]: User root from 193.112.180.173 not allowed because none of user's groups are listed in AllowGroups Mar 16 07:00:46 sd-53420 sshd\[4601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.180.173 user=root Mar 16 07:00:49 sd-53420 sshd\[4601\]: Failed password for invalid user root from 193.112.180.173 port 57056 ssh2 Mar 16 07:04:06 sd-53420 sshd\[4912\]: User root from 193.112.180.173 not allowed because none of user's groups are listed in AllowGroups Mar 16 07:04:06 sd-53420 sshd\[4912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.180.173 user=root ...	2020-03-16 18:45:46
125.164.124.88	attack	1584335552 - 03/16/2020 06:12:32 Host: 125.164.124.88/125.164.124.88 Port: 445 TCP Blocked	2020-03-16 18:19:47
189.186.165.22	attackbots	Honeypot attack, port: 445, PTR: dsl-189-186-165-22-dyn.prod-infinitum.com.mx.	2020-03-16 18:26:08
47.101.193.3	attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-16 18:46:49
64.225.9.221	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-16 18:32:01
87.92.230.174	attackspam	" "	2020-03-16 18:28:50

Recently Reported IPs

213.8.86.234	23.69.194.138	220.225.6.21	80.166.43.211
200.224.50.208	117.52.138.189	242.39.151.15	85.37.210.115
103.15.216.137	198.225.212.25	203.158.229.203	98.189.150.24
185.169.39.66	154.168.10.212	26.143.215.250	224.98.226.139
156.136.232.173	79.216.129.124	126.121.106.188	6.101.104.62