49.234.163.142

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Invalid user nagios from 49.234.163.142 port 45730	2020-03-20 03:41:00

Comments on same subnet:

IP	Type	Details	Datetime
49.234.163.220	attack	Sep 8 02:58:23 hosting sshd[15185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 user=root Sep 8 02:58:25 hosting sshd[15185]: Failed password for root from 49.234.163.220 port 59188 ssh2 ...	2020-09-08 12:24:16
49.234.163.220	attackbotsspam	2020-09-07T16:54:28.963397upcloud.m0sh1x2.com sshd[27602]: Invalid user alice from 49.234.163.220 port 43340	2020-09-08 05:00:57
49.234.163.189	attackbots	Time: Fri Aug 28 04:31:21 2020 +0000 IP: 49.234.163.189 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 28 04:09:57 ca-29-ams1 sshd[13239]: Invalid user upgrade from 49.234.163.189 port 40280 Aug 28 04:09:59 ca-29-ams1 sshd[13239]: Failed password for invalid user upgrade from 49.234.163.189 port 40280 ssh2 Aug 28 04:16:55 ca-29-ams1 sshd[14271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.189 user=root Aug 28 04:16:56 ca-29-ams1 sshd[14271]: Failed password for root from 49.234.163.189 port 50344 ssh2 Aug 28 04:31:17 ca-29-ams1 sshd[16482]: Invalid user oracle from 49.234.163.189 port 47806	2020-08-28 15:09:09
49.234.163.220	attack	2020-08-25T11:50:02.550586dmca.cloudsearch.cf sshd[19531]: Invalid user ubuntu from 49.234.163.220 port 54256 2020-08-25T11:50:02.555299dmca.cloudsearch.cf sshd[19531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 2020-08-25T11:50:02.550586dmca.cloudsearch.cf sshd[19531]: Invalid user ubuntu from 49.234.163.220 port 54256 2020-08-25T11:50:04.713234dmca.cloudsearch.cf sshd[19531]: Failed password for invalid user ubuntu from 49.234.163.220 port 54256 ssh2 2020-08-25T11:59:26.682108dmca.cloudsearch.cf sshd[20512]: Invalid user xuyf from 49.234.163.220 port 54716 2020-08-25T11:59:26.687378dmca.cloudsearch.cf sshd[20512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 2020-08-25T11:59:26.682108dmca.cloudsearch.cf sshd[20512]: Invalid user xuyf from 49.234.163.220 port 54716 2020-08-25T11:59:28.273089dmca.cloudsearch.cf sshd[20512]: Failed password for invalid user xuyf from 49. ...	2020-08-25 22:20:48
49.234.163.189	attackspam	Invalid user sistemas from 49.234.163.189 port 36552	2020-08-21 12:04:42
49.234.163.189	attackbotsspam	Aug 16 14:43:16 dignus sshd[28222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.189 user=root Aug 16 14:43:18 dignus sshd[28222]: Failed password for root from 49.234.163.189 port 52302 ssh2 Aug 16 14:46:43 dignus sshd[28758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.189 user=root Aug 16 14:46:45 dignus sshd[28758]: Failed password for root from 49.234.163.189 port 36366 ssh2 Aug 16 14:50:15 dignus sshd[29257]: Invalid user ts3bot from 49.234.163.189 port 48658 ...	2020-08-17 06:12:22
49.234.163.189	attack	Aug 14 15:29:48 ip106 sshd[7860]: Failed password for root from 49.234.163.189 port 57406 ssh2 ...	2020-08-15 04:09:07
49.234.163.220	attackbots	Aug 8 00:01:43 ajax sshd[15856]: Failed password for root from 49.234.163.220 port 52542 ssh2	2020-08-08 07:18:12
49.234.163.220	attackspambots	Aug 3 19:42:46 lola sshd[26974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 user=r.r Aug 3 19:42:48 lola sshd[26974]: Failed password for r.r from 49.234.163.220 port 59872 ssh2 Aug 3 19:42:48 lola sshd[26974]: Received disconnect from 49.234.163.220: 11: Bye Bye [preauth] Aug 3 19:45:32 lola sshd[27093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 user=r.r Aug 3 19:45:34 lola sshd[27093]: Failed password for r.r from 49.234.163.220 port 55540 ssh2 Aug 3 19:45:34 lola sshd[27093]: Received disconnect from 49.234.163.220: 11: Bye Bye [preauth] Aug 3 19:47:48 lola sshd[27146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 user=r.r Aug 3 19:47:51 lola sshd[27146]: Failed password for r.r from 49.234.163.220 port 48916 ssh2 Aug 3 19:47:51 lola sshd[27146]: Received disconnect from 49.234.1........ -------------------------------	2020-08-04 15:32:34
49.234.163.220	attackspam	B: Abusive ssh attack	2020-08-02 05:00:29
49.234.163.220	attackspambots	Jul 31 00:17:25 lukav-desktop sshd\[2428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 user=root Jul 31 00:17:27 lukav-desktop sshd\[2428\]: Failed password for root from 49.234.163.220 port 55906 ssh2 Jul 31 00:20:46 lukav-desktop sshd\[2474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 user=root Jul 31 00:20:48 lukav-desktop sshd\[2474\]: Failed password for root from 49.234.163.220 port 46784 ssh2 Jul 31 00:23:54 lukav-desktop sshd\[2495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.220 user=root	2020-07-31 05:31:22
49.234.163.189	attack	Jul 29 00:23:31 mellenthin sshd[7325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.189 Jul 29 00:23:33 mellenthin sshd[7325]: Failed password for invalid user chenyifan from 49.234.163.189 port 56738 ssh2	2020-07-29 06:54:37
49.234.163.189	attackbots	Jul 28 12:03:14 ip-172-31-61-156 sshd[32029]: Failed password for invalid user jack from 49.234.163.189 port 47318 ssh2 Jul 28 12:03:12 ip-172-31-61-156 sshd[32029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.163.189 Jul 28 12:03:12 ip-172-31-61-156 sshd[32029]: Invalid user jack from 49.234.163.189 Jul 28 12:03:14 ip-172-31-61-156 sshd[32029]: Failed password for invalid user jack from 49.234.163.189 port 47318 ssh2 Jul 28 12:07:59 ip-172-31-61-156 sshd[32176]: Invalid user saksham from 49.234.163.189 ...	2020-07-28 20:35:16
49.234.163.189	attackbots	Jul 14 11:24:52 XXXXXX sshd[54677]: Invalid user neel from 49.234.163.189 port 49652	2020-07-14 20:10:21
49.234.163.189	attackbots	sshd: Failed password for invalid user .... from 49.234.163.189 port 42938 ssh2 (8 attempts)	2020-06-24 18:24:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.234.163.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50874
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.234.163.142.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031901 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 20 03:40:56 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 142.163.234.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.163.234.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.129.94	attackspam	scans once in preceeding hours on the ports (in chronological order) 7210 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:41:13
162.243.131.220	attack	scans once in preceeding hours on the ports (in chronological order) 2222 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:35:16
192.241.239.156	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 47808 resulting in total of 25 scans from 192.241.128.0/17 block.	2020-04-25 23:10:47
192.241.238.11	attackspam	scans 2 times in preceeding hours on the ports (in chronological order) 1723 2379 resulting in total of 25 scans from 192.241.128.0/17 block.	2020-04-25 23:15:11
206.189.177.201	attack	scans once in preceeding hours on the ports (in chronological order) 3476 resulting in total of 22 scans from 206.189.0.0/16 block.	2020-04-25 23:04:29
167.172.49.247	attack	scans once in preceeding hours on the ports (in chronological order) 21895 resulting in total of 13 scans from 167.172.0.0/16 block.	2020-04-25 23:27:56
192.241.237.175	attack	scans once in preceeding hours on the ports (in chronological order) 4840 resulting in total of 25 scans from 192.241.128.0/17 block.	2020-04-25 23:15:51
167.172.201.254	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 18101 resulting in total of 13 scans from 167.172.0.0/16 block.	2020-04-25 23:23:29
206.189.65.107	attack	Apr 25 17:08:08 debian-2gb-nbg1-2 kernel: \[10086228.097995\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=206.189.65.107 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=20153 PROTO=TCP SPT=48569 DPT=25973 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-25 23:09:42
162.243.133.185	attackbots	scans once in preceeding hours on the ports (in chronological order) 1911 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:30:20
192.241.239.62	attackspam	Port scan: Attack repeated for 24 hours	2020-04-25 23:11:23
192.241.237.107	attack	Unauthorized connection attempt detected from IP address 192.241.237.107 to port 8140	2020-04-25 23:17:09
162.243.132.46	attackbots	scans once in preceeding hours on the ports (in chronological order) 5984 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:34:08
192.241.238.12	attackspam	firewall-block, port(s): 9200/tcp	2020-04-25 23:14:39
162.243.133.39	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 2525 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:32:31

Recently Reported IPs

41.224.249.60	14.29.213.136	201.187.110.137	197.50.17.205
194.156.121.27	177.206.160.157	164.155.64.18	120.36.213.187
114.67.122.89	103.97.3.247	82.223.35.240	51.15.226.137
46.101.113.206	40.84.1.219	35.172.163.9	34.93.211.49
14.29.156.148	1.85.222.252	66.71.118.108	192.181.124.20