149.129.222.252

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Alibaba.com Singapore E-Commerce Private Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH brute force	2020-03-11 08:29:11
attackspambots	DATE:2020-02-28 09:53:15, IP:149.129.222.252, PORT:ssh SSH brute force auth (docker-dc)	2020-02-28 18:13:22
attack	Feb 27 11:28:15 MK-Soft-VM4 sshd[6014]: Failed password for root from 149.129.222.252 port 49860 ssh2 Feb 27 11:36:34 MK-Soft-VM4 sshd[8402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.252 Feb 27 11:36:35 MK-Soft-VM4 sshd[8402]: Failed password for invalid user ts3srv from 149.129.222.252 port 59068 ssh2 ...	2020-02-27 19:02:52

Type

Details

Datetime

attack

SSH brute force

2020-03-11 08:29:11

attackspambots

DATE:2020-02-28 09:53:15, IP:149.129.222.252, PORT:ssh SSH brute force auth (docker-dc)

2020-02-28 18:13:22

attack

Feb 27 11:28:15 MK-Soft-VM4 sshd[6014]: Failed password for root from 149.129.222.252 port 49860 ssh2
Feb 27 11:36:34 MK-Soft-VM4 sshd[8402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.252 
Feb 27 11:36:35 MK-Soft-VM4 sshd[8402]: Failed password for invalid user ts3srv from 149.129.222.252 port 59068 ssh2
...

2020-02-27 19:02:52

Comments on same subnet:

IP	Type	Details	Datetime
149.129.222.60	attackspambots	Invalid user postgres from 149.129.222.60 port 41158	2020-07-23 18:34:31
149.129.222.60	attackbotsspam	Fail2Ban	2020-07-20 07:13:55
149.129.222.97	attackspambots	21 attempts against mh-ssh on echoip	2020-05-03 04:53:53
149.129.222.60	attackspambots	Jan 20 13:50:36 pi sshd[6232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 Jan 20 13:50:37 pi sshd[6232]: Failed password for invalid user postgres from 149.129.222.60 port 43760 ssh2	2020-03-13 23:51:28
149.129.222.60	attackbotsspam	Feb 16 09:01:24 plusreed sshd[29146]: Invalid user corine from 149.129.222.60 ...	2020-02-17 03:54:10
149.129.222.60	attackspam	Feb 12 17:34:48 ns382633 sshd\[1653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 user=root Feb 12 17:34:50 ns382633 sshd\[1653\]: Failed password for root from 149.129.222.60 port 60042 ssh2 Feb 12 17:47:58 ns382633 sshd\[4132\]: Invalid user ethernet from 149.129.222.60 port 47326 Feb 12 17:47:58 ns382633 sshd\[4132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 Feb 12 17:47:59 ns382633 sshd\[4132\]: Failed password for invalid user ethernet from 149.129.222.60 port 47326 ssh2	2020-02-13 03:15:42
149.129.222.60	attackbotsspam	Jan 27 09:52:17 *** sshd[12548]: Invalid user mcserver from 149.129.222.60	2020-01-27 23:00:42
149.129.222.60	attackspambots	$f2bV_matches	2020-01-11 22:06:03
149.129.222.60	attackspam	2019-12-26T19:39:27.367774vps751288.ovh.net sshd\[1447\]: Invalid user paul from 149.129.222.60 port 38506 2019-12-26T19:39:27.378672vps751288.ovh.net sshd\[1447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 2019-12-26T19:39:29.256654vps751288.ovh.net sshd\[1447\]: Failed password for invalid user paul from 149.129.222.60 port 38506 ssh2 2019-12-26T19:42:39.310787vps751288.ovh.net sshd\[1479\]: Invalid user kizer from 149.129.222.60 port 38584 2019-12-26T19:42:39.322055vps751288.ovh.net sshd\[1479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60	2019-12-27 02:48:52
149.129.222.60	attack	Dec 23 10:27:54 Ubuntu-1404-trusty-64-minimal sshd\[23802\]: Invalid user biffs from 149.129.222.60 Dec 23 10:27:54 Ubuntu-1404-trusty-64-minimal sshd\[23802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 Dec 23 10:27:56 Ubuntu-1404-trusty-64-minimal sshd\[23802\]: Failed password for invalid user biffs from 149.129.222.60 port 59902 ssh2 Dec 23 10:34:34 Ubuntu-1404-trusty-64-minimal sshd\[31602\]: Invalid user plus from 149.129.222.60 Dec 23 10:34:34 Ubuntu-1404-trusty-64-minimal sshd\[31602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60	2019-12-23 18:38:20
149.129.222.60	attack	Dec 14 08:17:19 web1 sshd\[27280\]: Invalid user admin from 149.129.222.60 Dec 14 08:17:19 web1 sshd\[27280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 Dec 14 08:17:21 web1 sshd\[27280\]: Failed password for invalid user admin from 149.129.222.60 port 35848 ssh2 Dec 14 08:23:41 web1 sshd\[27929\]: Invalid user raju from 149.129.222.60 Dec 14 08:23:41 web1 sshd\[27929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60	2019-12-15 06:28:58
149.129.222.60	attack	Dec 9 18:53:26 hanapaa sshd\[2929\]: Invalid user pickles from 149.129.222.60 Dec 9 18:53:26 hanapaa sshd\[2929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 Dec 9 18:53:28 hanapaa sshd\[2929\]: Failed password for invalid user pickles from 149.129.222.60 port 44820 ssh2 Dec 9 18:59:36 hanapaa sshd\[3535\]: Invalid user q520 from 149.129.222.60 Dec 9 18:59:36 hanapaa sshd\[3535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60	2019-12-10 13:02:52
149.129.222.60	attackbotsspam	Dec 9 16:37:05 legacy sshd[16491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 Dec 9 16:37:07 legacy sshd[16491]: Failed password for invalid user gnetov from 149.129.222.60 port 50312 ssh2 Dec 9 16:43:59 legacy sshd[16789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 ...	2019-12-10 02:25:16
149.129.222.60	attackbots	Dec 8 17:36:18 markkoudstaal sshd[22375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 Dec 8 17:36:20 markkoudstaal sshd[22375]: Failed password for invalid user hhhhh from 149.129.222.60 port 44744 ssh2 Dec 8 17:43:26 markkoudstaal sshd[23354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60	2019-12-09 00:53:28
149.129.222.60	attackspam	2019-12-06T06:56:59.893095shield sshd\[6991\]: Invalid user marischon from 149.129.222.60 port 46564 2019-12-06T06:56:59.897834shield sshd\[6991\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60 2019-12-06T06:57:01.952298shield sshd\[6991\]: Failed password for invalid user marischon from 149.129.222.60 port 46564 ssh2 2019-12-06T07:03:47.788808shield sshd\[8366\]: Invalid user ubuntu from 149.129.222.60 port 55550 2019-12-06T07:03:47.793331shield sshd\[8366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.222.60	2019-12-06 15:37:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.129.222.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18899
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.129.222.252.		IN	A

;; AUTHORITY SECTION:
.			271	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022700 1800 900 604800 86400

;; Query time: 842 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 27 19:02:49 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 252.222.129.149.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.222.129.149.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.234.103.7	attack	Oct 15 18:21:56 server sshd\[27235\]: Invalid user asd!@\#321 from 62.234.103.7 port 40856 Oct 15 18:21:56 server sshd\[27235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.103.7 Oct 15 18:21:58 server sshd\[27235\]: Failed password for invalid user asd!@\#321 from 62.234.103.7 port 40856 ssh2 Oct 15 18:29:01 server sshd\[20730\]: Invalid user anita123 from 62.234.103.7 port 51848 Oct 15 18:29:01 server sshd\[20730\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.103.7	2019-10-15 23:40:37
122.225.100.82	attack	Oct 15 20:03:24 areeb-Workstation sshd[19034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.100.82 Oct 15 20:03:26 areeb-Workstation sshd[19034]: Failed password for invalid user ilove51marry from 122.225.100.82 port 49064 ssh2 ...	2019-10-15 23:57:36
193.112.220.76	attack	Oct 15 11:41:13 anodpoucpklekan sshd[62551]: Invalid user vagrant3 from 193.112.220.76 port 33681 ...	2019-10-15 23:45:04
165.227.53.38	attackspambots	Oct 15 02:10:08 eddieflores sshd\[31898\]: Invalid user baodu from 165.227.53.38 Oct 15 02:10:08 eddieflores sshd\[31898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.53.38 Oct 15 02:10:10 eddieflores sshd\[31898\]: Failed password for invalid user baodu from 165.227.53.38 port 36324 ssh2 Oct 15 02:14:23 eddieflores sshd\[32201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.53.38 user=root Oct 15 02:14:25 eddieflores sshd\[32201\]: Failed password for root from 165.227.53.38 port 47854 ssh2	2019-10-15 23:43:37
1.193.160.164	attackbotsspam	Oct 15 17:03:04 nextcloud sshd\[24488\]: Invalid user wallpaper from 1.193.160.164 Oct 15 17:03:04 nextcloud sshd\[24488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.193.160.164 Oct 15 17:03:07 nextcloud sshd\[24488\]: Failed password for invalid user wallpaper from 1.193.160.164 port 18059 ssh2 ...	2019-10-15 23:36:55
128.199.95.60	attackbotsspam	Oct 15 17:03:36 vps691689 sshd[13600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.95.60 Oct 15 17:03:38 vps691689 sshd[13600]: Failed password for invalid user Riviera@2017 from 128.199.95.60 port 56762 ssh2 ...	2019-10-15 23:21:23
27.50.162.82	attackbots	2019-10-15 13:41:20,386 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 2019-10-15 14:13:23,458 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 2019-10-15 14:54:07,531 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 2019-10-15 15:37:26,022 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 2019-10-15 16:10:34,449 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 27.50.162.82 ...	2019-10-15 23:20:40
188.217.151.74	attackspambots	PHI,WP GET /wp-login.php	2019-10-15 23:24:32
51.38.95.12	attackspam	Oct 15 17:06:53 lnxded64 sshd[19808]: Failed password for root from 51.38.95.12 port 59974 ssh2 Oct 15 17:06:53 lnxded64 sshd[19808]: Failed password for root from 51.38.95.12 port 59974 ssh2	2019-10-15 23:26:12
51.79.52.224	attack	$f2bV_matches	2019-10-15 23:25:02
80.82.70.239	attack	firewall-block, port(s): 8604/tcp, 8615/tcp, 8624/tcp, 8631/tcp, 8645/tcp, 8646/tcp	2019-10-15 23:38:31
51.158.104.101	attack	Oct 15 09:21:15 ny01 sshd[14499]: Failed password for root from 51.158.104.101 port 33162 ssh2 Oct 15 09:25:40 ny01 sshd[15305]: Failed password for root from 51.158.104.101 port 44998 ssh2	2019-10-15 23:29:43
62.176.161.80	attackbots	chaangnoifulda.de 62.176.161.80 \[15/Oct/2019:13:41:37 +0200\] "POST /wp-login.php HTTP/1.1" 200 5874 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" chaangnoifulda.de 62.176.161.80 \[15/Oct/2019:13:41:37 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4097 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-15 23:32:22
128.199.107.252	attackspambots	Oct 15 16:01:48 hosting sshd[23196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.107.252 user=root Oct 15 16:01:50 hosting sshd[23196]: Failed password for root from 128.199.107.252 port 36812 ssh2 ...	2019-10-15 23:19:49
155.4.32.16	attack	Oct 15 13:54:10 vps691689 sshd[10333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.4.32.16 Oct 15 13:54:13 vps691689 sshd[10333]: Failed password for invalid user vali from 155.4.32.16 port 55219 ssh2 Oct 15 13:58:17 vps691689 sshd[10382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.4.32.16 ...	2019-10-15 23:23:59

Recently Reported IPs

180.242.244.214	103.30.180.145	46.101.184.111	190.203.77.252
103.134.133.38	16.107.93.49	71.227.200.42	89.76.106.204
232.95.248.227	38.252.215.86	39.175.13.227	123.88.169.165
116.105.225.137	68.51.124.49	82.51.126.70	42.113.131.199
114.34.94.114	182.69.154.148	124.78.50.16	88.99.184.216