59.149.138.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Broadband Network Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	unauthorized connection attempt	2020-02-02 16:50:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.149.138.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62766
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.149.138.52.			IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020200 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 16:50:10 CST 2020
;; MSG SIZE  rcvd: 117

Host info

52.138.149.59.in-addr.arpa domain name pointer 059149138052.ctinets.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.138.149.59.in-addr.arpa	name = 059149138052.ctinets.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.245.153.82	attackbotsspam	$f2bV_matches	2019-07-14 05:04:05
160.238.241.130	attackbots	Automatic report - Port Scan Attack	2019-07-14 04:35:33
196.52.43.98	attack	Automatic report - Banned IP Access	2019-07-14 04:33:59
42.116.170.40	attackspambots	Lines containing failures of 42.116.170.40 Jul 13 16:53:10 mellenthin postfix/smtpd[5627]: connect from unknown[42.116.170.40] Jul x@x Jul 13 16:53:12 mellenthin postfix/smtpd[5627]: lost connection after DATA from unknown[42.116.170.40] Jul 13 16:53:12 mellenthin postfix/smtpd[5627]: disconnect from unknown[42.116.170.40] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.116.170.40	2019-07-14 04:51:00
197.234.176.185	attack	Automatic report - Port Scan Attack	2019-07-14 04:43:04
123.14.108.153	attackbots	Jul 13 16:35:39 flomail sshd[20393]: Invalid user admin from 123.14.108.153 Jul 13 16:35:50 flomail sshd[20393]: error: maximum authentication attempts exceeded for invalid user admin from 123.14.108.153 port 45021 ssh2 [preauth] Jul 13 16:35:50 flomail sshd[20393]: Disconnecting: Too many authentication failures for admin [preauth]	2019-07-14 04:20:32
40.73.107.211	attack	Jul 13 20:14:52 bouncer sshd\[19158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.107.211 user=root Jul 13 20:14:54 bouncer sshd\[19158\]: Failed password for root from 40.73.107.211 port 33142 ssh2 Jul 13 20:19:41 bouncer sshd\[19236\]: Invalid user http from 40.73.107.211 port 44928 ...	2019-07-14 04:52:34
196.191.127.65	attackbots	Lines containing failures of 196.191.127.65 Jul 13 16:53:21 mellenthin postfix/smtpd[5662]: connect from unknown[196.191.127.65] Jul x@x Jul 13 16:53:22 mellenthin postfix/smtpd[5662]: lost connection after DATA from unknown[196.191.127.65] Jul 13 16:53:22 mellenthin postfix/smtpd[5662]: disconnect from unknown[196.191.127.65] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=196.191.127.65	2019-07-14 04:28:47
83.144.92.94	attack	Jul 13 20:03:56 animalibera sshd[4708]: Invalid user postgres from 83.144.92.94 port 40338 ...	2019-07-14 04:18:16
181.123.10.88	attack	Jul 13 21:44:05 vps691689 sshd[23206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.123.10.88 Jul 13 21:44:07 vps691689 sshd[23206]: Failed password for invalid user hamish from 181.123.10.88 port 46630 ssh2 ...	2019-07-14 04:15:41
81.102.186.102	attackspam	Automatic report - Port Scan Attack	2019-07-14 04:38:08
185.53.88.26	attackbotsspam	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-14 04:19:46
198.108.67.95	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-07-14 04:29:59
61.244.41.75	attack	Jul 13 20:55:11 localhost sshd\[23568\]: Invalid user hadoop from 61.244.41.75 port 37144 Jul 13 20:55:11 localhost sshd\[23568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.244.41.75 ...	2019-07-14 04:32:05
182.119.158.105	attackbots	Scanning random ports - tries to find possible vulnerable services	2019-07-14 04:13:01

Recently Reported IPs

177.82.139.144	177.137.118.156	75.223.161.107	109.214.186.246
78.41.175.161	234.149.5.166	45.76.33.186	169.243.124.66
85.238.99.206	80.150.225.235	46.146.213.166	91.195.248.111
63.155.175.43	78.69.235.188	44.227.136.252	103.92.225.8
200.7.176.3	111.229.45.193	103.70.129.138	178.55.167.3