49.158.1.249 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Republic of China (ROC)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.158.137.139	attackspam	Unauthorized connection attempt from IP address 49.158.137.139 on Port 445(SMB)	2020-06-09 02:50:59
49.158.1.165	attackspam	Unauthorized connection attempt detected from IP address 49.158.1.165 to port 82 [T]	2020-05-20 10:30:59
49.158.186.203	attackbotsspam	TCP (SYN) 49.158.186.203:26406 -> port 23, len 40	2020-05-20 05:28:18
49.158.138.86	attack	Unauthorized connection attempt detected from IP address 49.158.138.86 to port 445 [T]	2020-04-15 02:19:37
49.158.159.146	attackspam	Unauthorized connection attempt from IP address 49.158.159.146 on Port 445(SMB)	2020-03-22 23:51:43
49.158.123.16	attack	Honeypot attack, port: 81, PTR: 49-158-123-16.dynamic.elinx.com.tw.	2020-02-10 17:25:12
49.158.139.164	attackbotsspam	Unauthorized connection attempt detected from IP address 49.158.139.164 to port 5555 [J]	2020-01-29 09:28:55
49.158.169.30	attackbotsspam	Aug 29 23:15:48 localhost sshd\[18866\]: Invalid user all from 49.158.169.30 port 45552 Aug 29 23:15:48 localhost sshd\[18866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.158.169.30 Aug 29 23:15:50 localhost sshd\[18866\]: Failed password for invalid user all from 49.158.169.30 port 45552 ssh2	2019-08-30 05:17:03
49.158.169.30	attackbots	Aug 29 14:32:58 localhost sshd\[25802\]: Invalid user fdl from 49.158.169.30 port 56842 Aug 29 14:32:58 localhost sshd\[25802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.158.169.30 Aug 29 14:33:00 localhost sshd\[25802\]: Failed password for invalid user fdl from 49.158.169.30 port 56842 ssh2	2019-08-29 20:43:54
49.158.112.109	attackbots	445/tcp [2019-08-02]1pkt	2019-08-03 11:50:04
49.158.128.120	attack	5555/tcp [2019-06-30]1pkt	2019-06-30 13:55:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.158.1.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21795
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.158.1.249.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 23:48:21 CST 2022
;; MSG SIZE  rcvd: 105

Host info

249.1.158.49.in-addr.arpa domain name pointer 49-158-1-249.dynamic.elinx.com.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.1.158.49.in-addr.arpa	name = 49-158-1-249.dynamic.elinx.com.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.254.63.52	attackspam	Detected by Fail2Ban	2020-02-25 11:20:37
136.232.192.214	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-25 11:13:47
150.223.13.40	attack	Feb 25 00:22:24 localhost sshd\[12143\]: Invalid user mother from 150.223.13.40 port 44811 Feb 25 00:22:24 localhost sshd\[12143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.13.40 Feb 25 00:22:27 localhost sshd\[12143\]: Failed password for invalid user mother from 150.223.13.40 port 44811 ssh2	2020-02-25 10:58:15
41.242.102.66	attack	Feb 25 00:43:52 webmail sshd[2214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.242.102.66 Feb 25 00:43:54 webmail sshd[2214]: Failed password for invalid user www from 41.242.102.66 port 52553 ssh2	2020-02-25 11:34:05
103.9.114.194	attackspambots	suspicious action Mon, 24 Feb 2020 20:22:16 -0300	2020-02-25 11:08:41
194.243.132.91	attackbots	Feb 24 23:10:52 XXX sshd[40795]: Invalid user user from 194.243.132.91 port 39555	2020-02-25 11:33:15
89.134.126.89	attackbots	Feb 25 04:40:15 pkdns2 sshd\[59444\]: Address 89.134.126.89 maps to business-89-134-126-88.business.broadband.hu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Feb 25 04:40:15 pkdns2 sshd\[59444\]: Invalid user default from 89.134.126.89Feb 25 04:40:17 pkdns2 sshd\[59444\]: Failed password for invalid user default from 89.134.126.89 port 57834 ssh2Feb 25 04:48:46 pkdns2 sshd\[59822\]: Address 89.134.126.89 maps to business-89-134-126-88.business.broadband.hu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Feb 25 04:48:46 pkdns2 sshd\[59822\]: Invalid user kigwasshoi from 89.134.126.89Feb 25 04:48:48 pkdns2 sshd\[59822\]: Failed password for invalid user kigwasshoi from 89.134.126.89 port 40658 ssh2 ...	2020-02-25 10:59:05
189.112.101.106	attackspambots	Honeypot attack, port: 81, PTR: 189-112-101-106.static.ctbctelecom.com.br.	2020-02-25 11:16:13
103.122.45.156	attackbots	Telnet Server BruteForce Attack	2020-02-25 11:29:12
51.68.192.106	attackbotsspam	Feb 25 03:59:17 * sshd[18912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.192.106 Feb 25 03:59:19 * sshd[18912]: Failed password for invalid user speech from 51.68.192.106 port 47460 ssh2	2020-02-25 11:00:13
5.135.165.51	attackspam	Feb 24 13:37:50 hanapaa sshd\[2508\]: Invalid user wangmeng from 5.135.165.51 Feb 24 13:37:50 hanapaa sshd\[2508\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3317937.ip-5-135-165.eu Feb 24 13:37:52 hanapaa sshd\[2508\]: Failed password for invalid user wangmeng from 5.135.165.51 port 41756 ssh2 Feb 24 13:45:47 hanapaa sshd\[3311\]: Invalid user kristof from 5.135.165.51 Feb 24 13:45:47 hanapaa sshd\[3311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3317937.ip-5-135-165.eu	2020-02-25 11:21:59
190.85.108.186	attack	Feb 25 04:08:14 webmail sshd[13532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.108.186 Feb 25 04:08:16 webmail sshd[13532]: Failed password for invalid user HTTP from 190.85.108.186 port 37774 ssh2	2020-02-25 11:23:20
51.83.42.3	attackbots	(sshd) Failed SSH login from 51.83.42.3 (FR/France/3.ip-51-83-42.eu): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 25 00:21:54 ubnt-55d23 sshd[32003]: Invalid user wpyan from 51.83.42.3 port 54586 Feb 25 00:21:56 ubnt-55d23 sshd[32003]: Failed password for invalid user wpyan from 51.83.42.3 port 54586 ssh2	2020-02-25 11:24:25
103.75.238.1	attackbotsspam	2020-01-11T18:12:41.041943suse-nuc sshd[14176]: Invalid user office from 103.75.238.1 port 48944 ...	2020-02-25 11:27:54
59.6.137.47	attackbots	Telnet Server BruteForce Attack	2020-02-25 11:15:51

Recently Reported IPs

41.36.22.167	180.114.212.66	177.190.75.164	200.194.41.232
115.43.47.47	117.194.164.56	186.95.62.203	39.79.76.12
52.146.32.213	103.126.240.163	20.206.104.10	41.57.97.20
200.38.229.95	125.235.10.90	197.58.80.74	181.214.250.170
103.31.45.173	192.241.206.210	189.112.17.142	212.115.236.19