59.149.138.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Broadband Network Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	unauthorized connection attempt	2020-02-02 16:50:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.149.138.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62766
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.149.138.52.			IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020200 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 16:50:10 CST 2020
;; MSG SIZE  rcvd: 117

Host info

52.138.149.59.in-addr.arpa domain name pointer 059149138052.ctinets.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.138.149.59.in-addr.arpa	name = 059149138052.ctinets.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
107.179.116.226	attack	Jun 28 14:27:10 localhost sshd\[49906\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.179.116.226 user=root Jun 28 14:27:12 localhost sshd\[49906\]: Failed password for root from 107.179.116.226 port 49142 ssh2 Jun 28 14:28:51 localhost sshd\[49950\]: Invalid user ts from 107.179.116.226 port 34746 Jun 28 14:28:51 localhost sshd\[49950\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.179.116.226 Jun 28 14:28:53 localhost sshd\[49950\]: Failed password for invalid user ts from 107.179.116.226 port 34746 ssh2 ...	2019-06-28 22:40:22
178.197.234.223	attackspam	''	2019-06-28 22:47:57
51.254.53.32	attackbots	Jun 28 13:50:45 thevastnessof sshd[7326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.53.32 ...	2019-06-28 22:51:35
35.192.32.67	attackspam	[FriJun2815:48:15.1988882019][:error][pid19996:tid47129072404224][client35.192.32.67:60236][client35.192.32.67]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\<\\|script\\|\>\)"atARGS:domain.[file"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf"][line"317"][id"347147"][rev"1"][msg"Atomicorp.comWAFRules:Wordpressadmin-ajaxXSSattack"][data"admin-ajax.php"][severity"CRITICAL"][hostname"appetit-sa.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XRYan74Q6DA1E87EP1SCMQAAAVI"][FriJun2815:50:03.4282142019][:error][pid19998:tid47129061897984][client35.192.32.67:45712][client35.192.32.67]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"miglaa\?_"atARGS:action.[file"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf"][line"60"][id"334072"][rev"5"][msg"Atomicorp.comWAFRules:CVE-2019-6703Attackblocked"][severity"ALERT"][hostname"appetit-sa.ch"][uri"/wp-admin/admin-ajax.php"][unique_id"XRYbC@b2FwWmHlVINHhMYAAAAA0"]	2019-06-28 23:08:35
194.190.39.50	attackbotsspam	[portscan] Port scan	2019-06-28 23:31:31
139.99.106.10	attackspam	Banned for posting to wp-login.php without referer {"redirect_to":"","user_email":"traveltocity@zohomail.eu","user_login":"traveltocityyy","wp-submit":"Register"}	2019-06-28 22:36:48
168.197.38.80	attackspambots	Brute force attack to crack SMTP password (port 25 / 587)	2019-06-28 23:13:13
168.196.148.52	attackbots	SMTP-sasl brute force ...	2019-06-28 22:47:18
37.52.9.242	attackspambots	Automated report - ssh fail2ban: Jun 28 15:50:35 wrong password, user=jhesrhel, port=51358, ssh2 Jun 28 16:20:34 authentication failure Jun 28 16:20:35 wrong password, user=deploy, port=59412, ssh2	2019-06-28 22:56:57
168.194.153.193	attack	Brute force attack to crack SMTP password (port 25 / 587)	2019-06-28 23:09:07
92.119.160.40	attackbotsspam	28.06.2019 15:10:24 Connection to port 1212 blocked by firewall	2019-06-28 23:19:44
223.255.10.6	attack	fraudulent SSH attempt	2019-06-28 23:26:59
71.6.233.96	attackspambots	firewall-block, port(s): 3000/tcp	2019-06-28 23:14:24
176.43.131.49	attackbots	Jun 28 10:42:57 localhost sshd[26097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.43.131.49 Jun 28 10:42:59 localhost sshd[26097]: Failed password for invalid user frank from 176.43.131.49 port 10261 ssh2 Jun 28 10:46:01 localhost sshd[26167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.43.131.49 Jun 28 10:46:03 localhost sshd[26167]: Failed password for invalid user alexandra from 176.43.131.49 port 43447 ssh2 ...	2019-06-28 23:07:41
185.246.128.25	attackbotsspam	Jun 28 15:50:51 herz-der-gamer sshd[18723]: Invalid user 0 from 185.246.128.25 port 33646 ...	2019-06-28 22:49:43

Recently Reported IPs

177.82.139.144	177.137.118.156	75.223.161.107	109.214.186.246
78.41.175.161	234.149.5.166	45.76.33.186	169.243.124.66
85.238.99.206	80.150.225.235	46.146.213.166	91.195.248.111
63.155.175.43	78.69.235.188	44.227.136.252	103.92.225.8
200.7.176.3	111.229.45.193	103.70.129.138	178.55.167.3