149.202.42.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.202.42.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39807
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.202.42.28.			IN	A

;; AUTHORITY SECTION:
.			118	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 18:23:03 CST 2022
;; MSG SIZE  rcvd: 106

Host info

28.42.202.149.in-addr.arpa domain name pointer vps-be283055.vps.ovh.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
28.42.202.149.in-addr.arpa	name = vps-be283055.vps.ovh.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.209.233.225	attackbotsspam	Repeated brute force against a port	2020-09-17 02:18:35
119.60.25.234	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-16T05:37:05Z and 2020-09-16T05:47:53Z	2020-09-17 02:22:56
111.227.233.75	attack	TCP (SYN) 111.227.233.75:31192 -> port 8080, len 40	2020-09-17 02:13:46
178.128.45.173	attack	" "	2020-09-17 02:17:23
23.24.100.197	attack	SASL broute force	2020-09-17 01:51:25
142.93.127.173	attackspam	Sep 16 17:29:06 nextcloud sshd\[14317\]: Invalid user admin from 142.93.127.173 Sep 16 17:29:06 nextcloud sshd\[14317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.127.173 Sep 16 17:29:07 nextcloud sshd\[14317\]: Failed password for invalid user admin from 142.93.127.173 port 39396 ssh2	2020-09-17 01:48:16
186.154.32.104	attackspambots	TCP (SYN) 186.154.32.104:19696 -> port 8080, len 40	2020-09-17 02:01:59
49.235.69.80	attackspam	Sep 16 13:27:37 george sshd[1256]: Failed password for invalid user oracle from 49.235.69.80 port 37082 ssh2 Sep 16 13:30:54 george sshd[1341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.69.80 user=root Sep 16 13:30:56 george sshd[1341]: Failed password for root from 49.235.69.80 port 45750 ssh2 Sep 16 13:34:14 george sshd[1370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.69.80 user=root Sep 16 13:34:17 george sshd[1370]: Failed password for root from 49.235.69.80 port 54418 ssh2 ...	2020-09-17 01:58:06
106.12.84.83	attackspam	Sep 16 21:25:45 gw1 sshd[31881]: Failed password for root from 106.12.84.83 port 56796 ssh2 ...	2020-09-17 02:10:53
110.191.211.25	attack	Sep 16 01:32:46 mailserver sshd[11439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.191.211.25 user=r.r Sep 16 01:32:48 mailserver sshd[11439]: Failed password for r.r from 110.191.211.25 port 55457 ssh2 Sep 16 01:32:48 mailserver sshd[11439]: Received disconnect from 110.191.211.25 port 55457:11: Bye Bye [preauth] Sep 16 01:32:48 mailserver sshd[11439]: Disconnected from 110.191.211.25 port 55457 [preauth] Sep 16 01:41:10 mailserver sshd[12034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.191.211.25 user=r.r Sep 16 01:41:12 mailserver sshd[12034]: Failed password for r.r from 110.191.211.25 port 38241 ssh2 Sep 16 01:41:12 mailserver sshd[12034]: Received disconnect from 110.191.211.25 port 38241:11: Bye Bye [preauth] Sep 16 01:41:12 mailserver sshd[12034]: Disconnected from 110.191.211.25 port 38241 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=110.	2020-09-17 02:18:09
51.77.200.24	attackspambots	Sep 16 13:38:54 *** sshd[2888]: User root from 51.77.200.24 not allowed because not listed in AllowUsers	2020-09-17 02:05:41
84.22.144.202	attackspambots	DATE:2020-09-15 18:54:02, IP:84.22.144.202, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-17 02:20:53
162.241.65.44	attackspam	Mailserver and mailaccount attacks	2020-09-17 02:07:08
189.113.140.205	attackbots	Automatic report - Port Scan Attack	2020-09-17 02:22:24
104.131.13.221	attackbots	C1,DEF GET /adminer-3.6.4.php	2020-09-17 02:06:26

Recently Reported IPs

149.202.39.101	149.202.53.182	149.202.56.216	149.202.54.237
149.202.56.81	149.202.56.28	149.202.56.5	149.202.58.197
149.202.57.107	149.202.65.5	149.202.70.11	149.202.70.233
149.202.71.238	149.202.72.190	149.202.59.45	149.202.72.99
149.202.73.142	149.202.74.127	149.202.74.13	149.202.74.218