49.213.162.148

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: Taiwan Infrastructure Network Technologies

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt detected from IP address 49.213.162.148 to port 81 [J]	2020-03-01 02:20:02
attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 20:40:44

Comments on same subnet:

IP	Type	Details	Datetime
49.213.162.173	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 20:36:09
49.213.162.80	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 20:33:35
49.213.162.84	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 20:31:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.213.162.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42985
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.213.162.148.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021801 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 20:40:36 CST 2020
;; MSG SIZE  rcvd: 118

Host info

148.162.213.49.in-addr.arpa domain name pointer 148-162-213-49.tinp.net.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.162.213.49.in-addr.arpa	name = 148-162-213-49.tinp.net.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
109.70.100.32	attackbotsspam	Automatic report - Banned IP Access	2020-09-02 03:07:29
112.85.42.180	attackspambots	Sep 1 21:01:56 vps1 sshd[6340]: Failed none for invalid user root from 112.85.42.180 port 53464 ssh2 Sep 1 21:01:56 vps1 sshd[6340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.180 user=root Sep 1 21:01:58 vps1 sshd[6340]: Failed password for invalid user root from 112.85.42.180 port 53464 ssh2 Sep 1 21:02:03 vps1 sshd[6340]: Failed password for invalid user root from 112.85.42.180 port 53464 ssh2 Sep 1 21:02:07 vps1 sshd[6340]: Failed password for invalid user root from 112.85.42.180 port 53464 ssh2 Sep 1 21:02:11 vps1 sshd[6340]: Failed password for invalid user root from 112.85.42.180 port 53464 ssh2 Sep 1 21:02:16 vps1 sshd[6340]: Failed password for invalid user root from 112.85.42.180 port 53464 ssh2 Sep 1 21:02:16 vps1 sshd[6340]: error: maximum authentication attempts exceeded for invalid user root from 112.85.42.180 port 53464 ssh2 [preauth] ...	2020-09-02 03:11:57
195.54.167.152	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-01T12:42:33Z and 2020-09-01T14:38:09Z	2020-09-02 02:53:32
40.107.6.107	attackspambots	TCP Port: 25 invalid blocked Listed on backscatter (124)	2020-09-02 03:10:50
218.92.0.251	attack	Sep 1 18:31:44 scw-6657dc sshd[10383]: Failed password for root from 218.92.0.251 port 34351 ssh2 Sep 1 18:31:44 scw-6657dc sshd[10383]: Failed password for root from 218.92.0.251 port 34351 ssh2 Sep 1 18:31:48 scw-6657dc sshd[10383]: Failed password for root from 218.92.0.251 port 34351 ssh2 ...	2020-09-02 02:37:13
114.113.68.112	attack	2020-09-01T20:06:53.739472amanda2.illicoweb.com sshd\[2804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.113.68.112 user=root 2020-09-01T20:06:56.166740amanda2.illicoweb.com sshd\[2804\]: Failed password for root from 114.113.68.112 port 51194 ssh2 2020-09-01T20:11:05.817421amanda2.illicoweb.com sshd\[2941\]: Invalid user admin from 114.113.68.112 port 40548 2020-09-01T20:11:05.822673amanda2.illicoweb.com sshd\[2941\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.113.68.112 2020-09-01T20:11:08.179533amanda2.illicoweb.com sshd\[2941\]: Failed password for invalid user admin from 114.113.68.112 port 40548 ssh2 ...	2020-09-02 02:41:31
176.9.111.138	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-02 02:44:53
185.200.118.74	attack	TCP (SYN) 185.200.118.74:41644 -> port 1723, len 44	2020-09-02 03:09:30
134.175.154.93	attackbots	Sep 1 14:29:56 ajax sshd[11866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.154.93 Sep 1 14:29:59 ajax sshd[11866]: Failed password for invalid user strider from 134.175.154.93 port 51522 ssh2	2020-09-02 03:08:26
46.41.64.251	attackspambots	1598963360 - 09/01/2020 14:29:20 Host: 46.41.64.251/46.41.64.251 Port: 445 TCP Blocked	2020-09-02 02:40:17
206.189.124.254	attackbotsspam	Sep 1 17:55:10 game-panel sshd[1810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.124.254 Sep 1 17:55:12 game-panel sshd[1810]: Failed password for invalid user demo from 206.189.124.254 port 50244 ssh2 Sep 1 17:57:11 game-panel sshd[1873]: Failed password for mysql from 206.189.124.254 port 47582 ssh2	2020-09-02 03:13:56
13.71.21.123	attackspambots	2020-09-01T17:01:30.265177paragon sshd[1087335]: Invalid user postgres from 13.71.21.123 port 1024 2020-09-01T17:01:30.267700paragon sshd[1087335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.71.21.123 2020-09-01T17:01:30.265177paragon sshd[1087335]: Invalid user postgres from 13.71.21.123 port 1024 2020-09-01T17:01:32.602571paragon sshd[1087335]: Failed password for invalid user postgres from 13.71.21.123 port 1024 ssh2 2020-09-01T17:06:02.235851paragon sshd[1087661]: Invalid user postgres from 13.71.21.123 port 1024 ...	2020-09-02 02:49:50
89.253.226.90	attack	2020-09-01T18:52:11.993911hostname sshd[26393]: Failed password for invalid user magno from 89.253.226.90 port 55222 ssh2 ...	2020-09-02 02:36:53
169.239.92.81	attack	Sep 1 13:29:09 shivevps sshd[28898]: Did not receive identification string from 169.239.92.81 port 34241 ...	2020-09-02 02:51:24
185.220.102.6	attack	Trolling for resource vulnerabilities	2020-09-02 03:14:24

Recently Reported IPs

49.207.181.100	49.22.248.213	54.109.70.66	49.207.178.155
85.105.140.24	119.142.78.60	49.207.177.205	80.82.65.190
11.213.15.214	49.206.230.231	117.158.194.18	38.222.56.120
49.234.118.122	78.52.6.59	157.32.141.253	49.194.121.171
2.41.124.198	49.193.73.39	218.161.4.246	226.110.155.137