49.118.162.136

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Xinjiang Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	FTP Brute Force	2019-12-29 21:52:21
attack	Dec 24 08:20:16 163-172-32-151 proftpd[16816]: 0.0.0.0 (49.118.162.136[49.118.162.136]) - USER anonymous: no such user found from 49.118.162.136 [49.118.162.136] to 163.172.32.151:21 ...	2019-12-24 15:59:12

Type

Details

Datetime

attack

FTP Brute Force

2019-12-29 21:52:21

attack

Dec 24 08:20:16 163-172-32-151 proftpd[16816]: 0.0.0.0 (49.118.162.136[49.118.162.136]) - USER anonymous: no such user found from 49.118.162.136 [49.118.162.136] to 163.172.32.151:21
...

2019-12-24 15:59:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.118.162.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48214
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.118.162.136.			IN	A

;; AUTHORITY SECTION:
.			145	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122400 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 24 15:59:08 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 136.162.118.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 136.162.118.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
158.69.222.121	attack	Jun 27 15:44:29 server sshd\[230481\]: Invalid user sublink from 158.69.222.121 Jun 27 15:44:29 server sshd\[230481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.222.121 Jun 27 15:44:32 server sshd\[230481\]: Failed password for invalid user sublink from 158.69.222.121 port 60096 ssh2 ...	2019-10-09 18:13:48
159.203.82.104	attackspambots	Oct 9 09:24:40 ns341937 sshd[1472]: Failed password for root from 159.203.82.104 port 52042 ssh2 Oct 9 09:30:51 ns341937 sshd[3931]: Failed password for root from 159.203.82.104 port 50421 ssh2 ...	2019-10-09 17:50:34
158.69.213.0	attackbots	Aug 16 20:14:40 server sshd\[112810\]: Invalid user oracle from 158.69.213.0 Aug 16 20:14:40 server sshd\[112810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.213.0 Aug 16 20:14:42 server sshd\[112810\]: Failed password for invalid user oracle from 158.69.213.0 port 58508 ssh2 ...	2019-10-09 18:16:25
139.162.218.162	attackspambots	Received: from 10.197.32.140 (EHLO contato15.atendimentosexclusivos.online) (139.162.218.162) linode.com	2019-10-09 18:07:35
120.27.93.253	attackbotsspam	port scan and connect, tcp 8080 (http-proxy)	2019-10-09 18:19:42
158.69.193.32	attack	Oct 9 11:41:22 rotator sshd\[5464\]: Failed password for root from 158.69.193.32 port 58038 ssh2Oct 9 11:41:25 rotator sshd\[5464\]: Failed password for root from 158.69.193.32 port 58038 ssh2Oct 9 11:41:28 rotator sshd\[5464\]: Failed password for root from 158.69.193.32 port 58038 ssh2Oct 9 11:41:30 rotator sshd\[5464\]: Failed password for root from 158.69.193.32 port 58038 ssh2Oct 9 11:41:33 rotator sshd\[5464\]: Failed password for root from 158.69.193.32 port 58038 ssh2Oct 9 11:41:36 rotator sshd\[5464\]: Failed password for root from 158.69.193.32 port 58038 ssh2 ...	2019-10-09 18:19:16
159.203.12.135	attackspambots	Jul 4 10:20:29 server sshd\[7064\]: Invalid user gts from 159.203.12.135 Jul 4 10:20:29 server sshd\[7064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.12.135 Jul 4 10:20:31 server sshd\[7064\]: Failed password for invalid user gts from 159.203.12.135 port 58414 ssh2 ...	2019-10-09 18:05:36
159.203.127.137	attack	Jun 28 02:28:02 server sshd\[164754\]: Invalid user cod4 from 159.203.127.137 Jun 28 02:28:02 server sshd\[164754\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.127.137 Jun 28 02:28:04 server sshd\[164754\]: Failed password for invalid user cod4 from 159.203.127.137 port 60726 ssh2 ...	2019-10-09 18:05:14
118.163.181.157	attackbots	Oct 9 11:54:02 meumeu sshd[12423]: Failed password for root from 118.163.181.157 port 47092 ssh2 Oct 9 11:58:08 meumeu sshd[12960]: Failed password for root from 118.163.181.157 port 58076 ssh2 ...	2019-10-09 18:20:07
203.190.154.109	attackspam	Lines containing failures of 203.190.154.109 Oct 6 08:46:15 nxxxxxxx sshd[17073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.190.154.109 user=r.r Oct 6 08:46:17 nxxxxxxx sshd[17073]: Failed password for r.r from 203.190.154.109 port 50084 ssh2 Oct 6 08:46:17 nxxxxxxx sshd[17073]: Received disconnect from 203.190.154.109 port 50084:11: Bye Bye [preauth] Oct 6 08:46:17 nxxxxxxx sshd[17073]: Disconnected from authenticating user r.r 203.190.154.109 port 50084 [preauth] Oct 6 08:55:36 nxxxxxxx sshd[18168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.190.154.109 user=r.r Oct 6 08:55:38 nxxxxxxx sshd[18168]: Failed password for r.r from 203.190.154.109 port 41938 ssh2 Oct 6 08:55:38 nxxxxxxx sshd[18168]: Received disconnect from 203.190.154.109 port 41938:11: Bye Bye [p .... truncated .... Lines containing failures of 203.190.154.109 Oct 6 08:46:15 nxxxxxxx sshd[17073]: ........ ------------------------------	2019-10-09 18:10:10
89.221.89.236	attackspambots	Unauthorised access (Oct 9) SRC=89.221.89.236 LEN=40 PREC=0x20 TTL=238 ID=20421 TCP DPT=1433 WINDOW=1024 SYN	2019-10-09 18:18:08
51.254.211.232	attackspambots	Oct 9 04:20:09 venus sshd\[24877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.211.232 user=root Oct 9 04:20:11 venus sshd\[24877\]: Failed password for root from 51.254.211.232 port 58418 ssh2 Oct 9 04:24:03 venus sshd\[24911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.211.232 user=root ...	2019-10-09 17:44:06
52.32.116.196	attack	10/09/2019-11:46:11.337220 52.32.116.196 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-09 18:14:15
158.69.196.76	attackbots	Aug 3 14:07:32 server sshd\[81633\]: Invalid user fy from 158.69.196.76 Aug 3 14:07:32 server sshd\[81633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.196.76 Aug 3 14:07:34 server sshd\[81633\]: Failed password for invalid user fy from 158.69.196.76 port 56666 ssh2 ...	2019-10-09 18:19:00
159.65.111.89	attackspam	May 21 10:13:20 server sshd\[45030\]: Invalid user jsserver from 159.65.111.89 May 21 10:13:20 server sshd\[45030\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.111.89 May 21 10:13:22 server sshd\[45030\]: Failed password for invalid user jsserver from 159.65.111.89 port 58912 ssh2 ...	2019-10-09 17:45:55

Recently Reported IPs

72.77.59.52	103.44.116.36	143.107.154.55	118.96.221.95
110.36.152.242	88.147.125.131	121.132.223.140	223.207.242.239
218.24.108.178	180.244.232.221	103.129.47.51	5.117.72.229
144.64.12.241	156.213.25.20	5.190.31.104	1.52.250.36
113.186.215.123	58.37.39.52	39.42.16.162	162.159.192.10