49.158.139.164

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: TFN Media Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt detected from IP address 49.158.139.164 to port 5555 [J]	2020-01-29 09:28:55

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.158.139.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27556
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.158.139.164.			IN	A

;; AUTHORITY SECTION:
.			490	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012802 1800 900 604800 86400

;; Query time: 43 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 09:28:51 CST 2020
;; MSG SIZE  rcvd: 118

Host info

164.139.158.49.in-addr.arpa domain name pointer 49-158-139-164.dynamic.elinx.com.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.139.158.49.in-addr.arpa	name = 49-158-139-164.dynamic.elinx.com.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.160.138.211	attack	failed_logins	2020-07-18 17:08:37
218.92.0.172	attack	Jul 18 10:28:59 santamaria sshd\[26869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root Jul 18 10:29:01 santamaria sshd\[26869\]: Failed password for root from 218.92.0.172 port 9654 ssh2 Jul 18 10:29:20 santamaria sshd\[26871\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root ...	2020-07-18 16:29:34
23.100.34.224	attackspam	Jul 18 10:35:50 hidden sshd[11071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.100.34.224 Jul 18 10:35:51 hidden sshd[11071]: Failed password for invalid user admin from 23.100.34.224 port 35883 ssh2	2020-07-18 17:02:48
43.250.106.33	attackspam	Jul 18 09:46:28 inter-technics sshd[13614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.250.106.33 user=backup Jul 18 09:46:30 inter-technics sshd[13614]: Failed password for backup from 43.250.106.33 port 36714 ssh2 Jul 18 09:55:15 inter-technics sshd[14222]: Invalid user superadmin from 43.250.106.33 port 51410 Jul 18 09:55:16 inter-technics sshd[14222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.250.106.33 Jul 18 09:55:15 inter-technics sshd[14222]: Invalid user superadmin from 43.250.106.33 port 51410 Jul 18 09:55:18 inter-technics sshd[14222]: Failed password for invalid user superadmin from 43.250.106.33 port 51410 ssh2 ...	2020-07-18 16:57:35
211.192.36.99	attackspambots	2020-07-18T05:50:23.691597amanda2.illicoweb.com sshd\[32891\]: Invalid user kubernetes from 211.192.36.99 port 33900 2020-07-18T05:50:23.693818amanda2.illicoweb.com sshd\[32891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.192.36.99 2020-07-18T05:50:25.484800amanda2.illicoweb.com sshd\[32891\]: Failed password for invalid user kubernetes from 211.192.36.99 port 33900 ssh2 2020-07-18T05:52:11.822367amanda2.illicoweb.com sshd\[32936\]: Invalid user wjt from 211.192.36.99 port 45802 2020-07-18T05:52:11.824972amanda2.illicoweb.com sshd\[32936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.192.36.99 ...	2020-07-18 16:55:34
112.33.16.34	attack	2020-07-18T08:04:49.387520vps773228.ovh.net sshd[4439]: Failed password for invalid user proxyuser from 112.33.16.34 port 37792 ssh2 2020-07-18T08:10:25.262367vps773228.ovh.net sshd[4521]: Invalid user tryton from 112.33.16.34 port 44452 2020-07-18T08:10:25.278293vps773228.ovh.net sshd[4521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.33.16.34 2020-07-18T08:10:25.262367vps773228.ovh.net sshd[4521]: Invalid user tryton from 112.33.16.34 port 44452 2020-07-18T08:10:26.848194vps773228.ovh.net sshd[4521]: Failed password for invalid user tryton from 112.33.16.34 port 44452 ssh2 ...	2020-07-18 17:07:05
218.60.41.136	attack	Invalid user liyanyu from 218.60.41.136 port 50006	2020-07-18 17:20:25
222.186.30.76	attack	Jul 18 10:47:12 eventyay sshd[9216]: Failed password for root from 222.186.30.76 port 57252 ssh2 Jul 18 10:47:22 eventyay sshd[9218]: Failed password for root from 222.186.30.76 port 15902 ssh2 ...	2020-07-18 16:49:19
106.52.251.24	attackspambots	Invalid user gmodserver from 106.52.251.24 port 46648	2020-07-18 16:54:17
139.59.153.133	attackspambots	139.59.153.133 - - [18/Jul/2020:04:52:24 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [18/Jul/2020:04:52:25 +0100] "POST /wp-login.php HTTP/1.1" 200 1997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.153.133 - - [18/Jul/2020:04:52:26 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-18 16:27:19
66.169.178.214	attack	Jul 18 06:52:32 site2 sshd\[23499\]: Invalid user admin from 66.169.178.214Jul 18 06:52:34 site2 sshd\[23499\]: Failed password for invalid user admin from 66.169.178.214 port 35604 ssh2Jul 18 06:52:37 site2 sshd\[23501\]: Failed password for root from 66.169.178.214 port 35752 ssh2Jul 18 06:52:39 site2 sshd\[23503\]: Invalid user admin from 66.169.178.214Jul 18 06:52:41 site2 sshd\[23503\]: Failed password for invalid user admin from 66.169.178.214 port 35939 ssh2Jul 18 06:52:42 site2 sshd\[23505\]: Invalid user admin from 66.169.178.214 ...	2020-07-18 16:27:58
185.94.111.1	attackbots	Jul 18 11:09:52 debian-2gb-nbg1-2 kernel: \[17321943.068356\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.94.111.1 DST=195.201.40.59 LEN=28 TOS=0x00 PREC=0x00 TTL=240 ID=54321 PROTO=UDP SPT=40587 DPT=19 LEN=8	2020-07-18 17:22:56
5.3.6.82	attackspam	Jul 17 22:54:22 php1 sshd\[6498\]: Invalid user cassio from 5.3.6.82 Jul 17 22:54:22 php1 sshd\[6498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.3.6.82 Jul 17 22:54:23 php1 sshd\[6498\]: Failed password for invalid user cassio from 5.3.6.82 port 43002 ssh2 Jul 17 22:57:48 php1 sshd\[6734\]: Invalid user bharat from 5.3.6.82 Jul 17 22:57:48 php1 sshd\[6734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.3.6.82	2020-07-18 17:03:23
222.186.175.217	attackspam	2020-07-18T11:53:20.486658afi-git.jinr.ru sshd[18183]: Failed password for root from 222.186.175.217 port 10526 ssh2 2020-07-18T11:53:23.135158afi-git.jinr.ru sshd[18183]: Failed password for root from 222.186.175.217 port 10526 ssh2 2020-07-18T11:53:26.858789afi-git.jinr.ru sshd[18183]: Failed password for root from 222.186.175.217 port 10526 ssh2 2020-07-18T11:53:26.858926afi-git.jinr.ru sshd[18183]: error: maximum authentication attempts exceeded for root from 222.186.175.217 port 10526 ssh2 [preauth] 2020-07-18T11:53:26.858940afi-git.jinr.ru sshd[18183]: Disconnecting: Too many authentication failures [preauth] ...	2020-07-18 16:53:58
140.143.93.31	attackbots	$f2bV_matches	2020-07-18 16:59:09

Recently Reported IPs

119.29.94.177	116.252.0.203	116.252.0.86	116.49.181.105
115.77.140.32	113.128.105.83	106.110.156.166	103.71.236.101
88.42.32.78	58.249.100.193	58.248.202.186	45.83.65.191
1.202.113.209	220.134.254.176	219.140.118.20	218.195.119.200
212.182.154.200	212.45.72.242	203.57.46.120	192.157.231.152