49.158.20.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Republic of China (ROC)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.158.205.209	attackspambots	Unauthorized connection attempt detected from IP address 49.158.205.209 to port 83 [T]	2020-05-20 13:51:16
49.158.201.99	attack	Unauthorized connection attempt detected from IP address 49.158.201.99 to port 9000 [T]	2020-05-20 12:34:40
49.158.201.242	attackspambots	Unauthorized connection attempt detected from IP address 49.158.201.242 to port 8000 [T]	2020-05-20 09:33:03
49.158.200.241	attackbots	TCP (SYN) 49.158.200.241:31772 -> port 81, len 40	2020-05-20 06:32:40
49.158.201.218	attack	Unauthorized connection attempt detected from IP address 49.158.201.218 to port 81 [T]	2020-03-27 05:06:05
49.158.207.100	attackbotsspam	Unauthorized connection attempt from IP address 49.158.207.100 on Port 445(SMB)	2020-02-19 07:21:29
49.158.202.44	attackbots	...	2020-02-06 18:15:43
49.158.201.200	attackbotsspam	Unauthorized connection attempt detected from IP address 49.158.201.200 to port 23 [T]	2020-02-01 21:31:36
49.158.202.44	attack	Unauthorized connection attempt detected from IP address 49.158.202.44 to port 22 [J]	2020-01-29 10:37:15
49.158.205.82	attack	Unauthorized connection attempt detected from IP address 49.158.205.82 to port 8080 [T]	2020-01-16 02:12:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.158.20.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55801
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.158.20.94.			IN	A

;; AUTHORITY SECTION:
.			195	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 21:24:46 CST 2022
;; MSG SIZE  rcvd: 105

Host info

94.20.158.49.in-addr.arpa domain name pointer 49-158-20-94.dynamic.elinx.com.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.20.158.49.in-addr.arpa	name = 49-158-20-94.dynamic.elinx.com.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.51.85.16	attackspambots	Port scan(s) denied	2020-04-26 17:57:15
128.199.158.182	attackbots	128.199.158.182 - - [26/Apr/2020:10:53:27 +0200] "GET /wp-login.php HTTP/1.1" 200 5863 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.158.182 - - [26/Apr/2020:10:53:30 +0200] "POST /wp-login.php HTTP/1.1" 200 6114 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.158.182 - - [26/Apr/2020:10:53:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-26 17:45:51
87.248.183.165	attackspambots	(imapd) Failed IMAP login from 87.248.183.165 (MD/Republic of Moldova/87-248-183-165.starnet.md): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 26 08:58:29 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=87.248.183.165, lip=5.63.12.44, session=	2020-04-26 17:40:49
115.159.214.247	attackbotsspam	Nov 30 21:50:30 ms-srv sshd[46419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.214.247 user=root Nov 30 21:50:32 ms-srv sshd[46419]: Failed password for invalid user root from 115.159.214.247 port 49000 ssh2	2020-04-26 17:38:29
178.32.163.249	attackbots	Apr 26 07:34:41 vmd48417 sshd[1819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.163.249	2020-04-26 17:32:19
104.248.242.175	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-26 17:53:31
180.166.141.58	attack	Apr 26 11:46:48 debian-2gb-nbg1-2 kernel: \[10153344.762927\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=180.166.141.58 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=237 ID=4991 PROTO=TCP SPT=50029 DPT=58794 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-26 17:51:24
185.80.128.154	attack	DATE:2020-04-26 05:49:15, IP:185.80.128.154, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-04-26 17:59:45
36.65.1.236	attack	1587872980 - 04/26/2020 05:49:40 Host: 36.65.1.236/36.65.1.236 Port: 445 TCP Blocked	2020-04-26 17:34:56
116.196.90.254	attackbotsspam	Dec 20 09:27:02 ms-srv sshd[22937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.90.254 Dec 20 09:27:05 ms-srv sshd[22937]: Failed password for invalid user text from 116.196.90.254 port 45426 ssh2	2020-04-26 17:29:51
51.158.111.168	attack	Tentative de connexion SSH	2020-04-26 18:03:51
49.233.134.31	attack	Invalid user xe from 49.233.134.31 port 58838	2020-04-26 18:01:34
14.215.51.241	attackspambots	fail2ban/Apr 26 08:28:33 h1962932 sshd[12907]: Invalid user allan from 14.215.51.241 port 44068 Apr 26 08:28:33 h1962932 sshd[12907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.215.51.241 Apr 26 08:28:33 h1962932 sshd[12907]: Invalid user allan from 14.215.51.241 port 44068 Apr 26 08:28:36 h1962932 sshd[12907]: Failed password for invalid user allan from 14.215.51.241 port 44068 ssh2 Apr 26 08:31:49 h1962932 sshd[12989]: Invalid user qxj from 14.215.51.241 port 50616	2020-04-26 17:55:00
202.152.1.67	attackspam	Apr 26 04:05:49 firewall sshd[27789]: Failed password for invalid user ubuntu from 202.152.1.67 port 54010 ssh2 Apr 26 04:12:05 firewall sshd[27924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.1.67 user=root Apr 26 04:12:08 firewall sshd[27924]: Failed password for root from 202.152.1.67 port 40328 ssh2 ...	2020-04-26 17:57:53
183.92.214.38	attackbots	SSH brutforce	2020-04-26 17:28:43

Recently Reported IPs

45.56.100.203	116.49.16.100	197.10.92.88	87.121.76.168
41.77.7.234	103.137.250.106	128.68.28.163	189.139.226.200
47.112.197.67	125.165.204.219	27.6.197.0	172.247.34.106
20.52.154.79	73.217.229.146	138.204.105.102	94.46.38.250
138.36.231.115	123.193.144.82	218.236.74.102	181.27.230.59