149.129.136.252

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Alibaba.com Singapore E-Commerce Private Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	port scan and connect, tcp 23 (telnet)	2019-07-11 22:38:14

Comments on same subnet:

IP	Type	Details	Datetime
149.129.136.90	attackbotsspam	20 attempts against mh-ssh on air	2020-10-03 04:53:48
149.129.136.90	attackbots	20 attempts against mh-ssh on cloud	2020-10-03 00:16:13
149.129.136.90	attackbotsspam	20 attempts against mh-ssh on cloud	2020-10-02 20:47:20
149.129.136.90	attack	20 attempts against mh-ssh on cloud	2020-10-02 17:20:09
149.129.136.90	attackspam	20 attempts against mh-ssh on cloud	2020-10-02 13:42:02
149.129.136.90	attackspam	20 attempts against mh-ssh on light	2020-09-30 08:36:29
149.129.136.90	attack	20 attempts against mh-ssh on light	2020-09-30 01:25:20
149.129.136.90	attack	20 attempts against mh-ssh on light	2020-09-29 17:24:38
149.129.136.211	attackbotsspam	Unauthorised access (Aug 9) SRC=149.129.136.211 LEN=40 PREC=0x20 TTL=47 ID=22338 TCP DPT=8080 WINDOW=50376 SYN	2019-08-09 13:08:37
149.129.136.113	attackspam	Aug 8 02:23:17 DDOS Attack: SRC=149.129.136.113 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=49 DF PROTO=TCP SPT=16456 DPT=80 WINDOW=0 RES=0x00 RST URGP=0	2019-08-08 13:10:26
149.129.136.212	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=27604)(08050931)	2019-08-05 20:17:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.129.136.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33367
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.129.136.252.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 11 22:38:03 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 252.136.129.149.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 252.136.129.149.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.114.192.115	attack	Automatic report - SSH Brute-Force Attack	2019-07-08 11:38:08
198.108.66.92	attackspambots	TCP port 143 (IMAP) attempt blocked by firewall. [2019-07-08 01:02:00]	2019-07-08 11:45:12
45.59.69.138	attackbots	Jul 8 01:12:53 db sshd\[1705\]: Invalid user uno50 from 45.59.69.138 Jul 8 01:12:53 db sshd\[1705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.59.69.138 Jul 8 01:12:55 db sshd\[1705\]: Failed password for invalid user uno50 from 45.59.69.138 port 40376 ssh2 Jul 8 01:16:14 db sshd\[1732\]: Invalid user user from 45.59.69.138 Jul 8 01:16:14 db sshd\[1732\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.59.69.138 ...	2019-07-08 11:40:56
93.158.161.176	attackbots	EventTime:Mon Jul 8 09:01:55 AEST 2019,Protocol:UDP,VendorEventCode:RT_FLOW_SESSION_DENY,TargetPort:53,SourceIP:93.158.161.176,SourcePort:55427	2019-07-08 11:55:55
222.186.52.123	attackbots	Jul 8 03:43:57 MK-Soft-VM6 sshd\[9264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.123 user=root Jul 8 03:43:59 MK-Soft-VM6 sshd\[9264\]: Failed password for root from 222.186.52.123 port 49404 ssh2 Jul 8 03:44:01 MK-Soft-VM6 sshd\[9264\]: Failed password for root from 222.186.52.123 port 49404 ssh2 ...	2019-07-08 11:50:00
138.99.7.2	attack	Automatic report - Web App Attack	2019-07-08 11:39:17
45.13.39.53	attackbotsspam	Jul 8 05:55:53 mail postfix/smtpd\[29549\]: warning: unknown\[45.13.39.53\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 05:56:41 mail postfix/smtpd\[29543\]: warning: unknown\[45.13.39.53\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 05:57:30 mail postfix/smtpd\[29548\]: warning: unknown\[45.13.39.53\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-08 12:02:55
189.51.104.154	attackbots	Brute force attempt	2019-07-08 11:55:39
191.240.25.214	attackbots	Brute force attempt	2019-07-08 12:01:42
31.0.213.224	attackbotsspam	Unauthorized IMAP connection attempt.	2019-07-08 12:13:26
36.83.227.25	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-07 22:29:12,157 INFO [amun_request_handler] PortScan Detected on Port: 445 (36.83.227.25)	2019-07-08 11:53:56
116.49.37.75	attackspambots	" "	2019-07-08 12:02:14
160.119.81.72	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-07-08 12:06:34
45.117.4.151	attackspambots	Jul 8 01:01:40 mail postfix/smtpd\[26417\]: NOQUEUE: reject: RCPT from pydg.yuktokti.com\[45.117.4.151\]: 554 5.7.1 Service unavailable\; Client host \[45.117.4.151\] blocked using zen.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBL348179 / https://www.spamhaus.org/sbl/query/SBLCSS\; from=\ to=\ proto=ESMTP helo=\\	2019-07-08 12:20:54
37.9.87.161	attack	EventTime:Mon Jul 8 09:02:25 AEST 2019,Protocol:TCP,VendorEventCode:RT_FLOW_SESSION_DENY,TargetPort:443,SourceIP:37.9.87.161,SourcePort:44207	2019-07-08 11:55:21

Recently Reported IPs

80.211.239.10	79.124.49.227	23.249.167.146	91.135.188.209
185.88.197.15	206.189.148.96	15.171.9.108	142.44.130.187
108.160.74.150	2a02:560:4294:f400:c039:2f57:f3ac:ac88	91.210.85.39	94.73.147.215
82.165.80.246	174.200.71.45	87.103.8.94	90.108.210.116
49.88.160.25	130.77.60.182	189.198.144.47	39.182.157.4