149.202.52.221

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: OVH SAS

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Feb 13 04:49:09 localhost sshd\[27633\]: Invalid user rushmere from 149.202.52.221 port 34743 Feb 13 04:49:09 localhost sshd\[27633\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 Feb 13 04:49:11 localhost sshd\[27633\]: Failed password for invalid user rushmere from 149.202.52.221 port 34743 ssh2 ...	2020-02-13 17:58:06
attackbots	Feb 12 11:46:50 firewall sshd[15487]: Invalid user saeuberlich from 149.202.52.221 Feb 12 11:46:51 firewall sshd[15487]: Failed password for invalid user saeuberlich from 149.202.52.221 port 43204 ssh2 Feb 12 11:49:52 firewall sshd[15611]: Invalid user ryan from 149.202.52.221 ...	2020-02-12 23:22:18
attackbotsspam	Feb 10 16:33:14 server sshd\[27386\]: Invalid user tio from 149.202.52.221 Feb 10 16:33:14 server sshd\[27386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=up-bg.net Feb 10 16:33:17 server sshd\[27386\]: Failed password for invalid user tio from 149.202.52.221 port 46199 ssh2 Feb 10 16:37:07 server sshd\[28071\]: Invalid user ieu from 149.202.52.221 Feb 10 16:37:07 server sshd\[28071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=up-bg.net ...	2020-02-11 04:31:20
attackbots	Feb 8 07:25:08 XXX sshd[12691]: Invalid user qmh from 149.202.52.221 port 53600	2020-02-08 19:28:06
attackbotsspam	Dec 14 19:00:29 v22018076590370373 sshd[15484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 ...	2020-02-01 22:11:48
attackbots	$f2bV_matches	2020-01-24 21:09:55
attackbotsspam	Automatic report - SSH Brute-Force Attack	2020-01-19 19:05:14
attackbotsspam	Invalid user administrator from 149.202.52.221 port 46863	2020-01-12 08:49:09
attackbots	Jan 11 14:24:21 SilenceServices sshd[10948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 Jan 11 14:24:23 SilenceServices sshd[10948]: Failed password for invalid user redhat from 149.202.52.221 port 58730 ssh2 Jan 11 14:27:33 SilenceServices sshd[12245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221	2020-01-11 21:57:42
attackbots	Dec 25 15:36:24 localhost sshd[35047]: Failed password for invalid user info from 149.202.52.221 port 34325 ssh2 Dec 25 15:52:23 localhost sshd[35972]: Failed password for root from 149.202.52.221 port 53028 ssh2 Dec 25 15:55:14 localhost sshd[36282]: Failed password for invalid user womack from 149.202.52.221 port 39605 ssh2	2019-12-26 00:32:57
attackspambots	Automatic report - SSH Brute-Force Attack	2019-12-24 16:49:07
attack	Dec 5 11:47:03 mail sshd[17244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 Dec 5 11:47:05 mail sshd[17244]: Failed password for invalid user pass123456789 from 149.202.52.221 port 53608 ssh2 Dec 5 11:52:33 mail sshd[18886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221	2019-12-05 19:01:43
attackspambots	Nov 24 21:54:34 hpm sshd\[13338\]: Invalid user asterisk from 149.202.52.221 Nov 24 21:54:34 hpm sshd\[13338\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=up-bg.net Nov 24 21:54:37 hpm sshd\[13338\]: Failed password for invalid user asterisk from 149.202.52.221 port 51670 ssh2 Nov 24 22:00:36 hpm sshd\[13813\]: Invalid user sabrizio from 149.202.52.221 Nov 24 22:00:36 hpm sshd\[13813\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=up-bg.net	2019-11-25 16:16:43
attackspam	2019-11-17T08:04:19.735815scmdmz1 sshd\[31228\]: Invalid user furmyr from 149.202.52.221 port 39529 2019-11-17T08:04:19.738414scmdmz1 sshd\[31228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=up-bg.net 2019-11-17T08:04:21.773628scmdmz1 sshd\[31228\]: Failed password for invalid user furmyr from 149.202.52.221 port 39529 ssh2 ...	2019-11-17 15:30:22
attackspam	SSH invalid-user multiple login try	2019-11-12 22:55:02
attack	Oct 10 18:32:40 SilenceServices sshd[31112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 Oct 10 18:32:43 SilenceServices sshd[31112]: Failed password for invalid user Produkts-123 from 149.202.52.221 port 51187 ssh2 Oct 10 18:36:30 SilenceServices sshd[32134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221	2019-10-11 00:55:30
attackspambots	Oct 4 22:48:25 localhost sshd\[1777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 user=root Oct 4 22:48:28 localhost sshd\[1777\]: Failed password for root from 149.202.52.221 port 44843 ssh2 Oct 4 22:51:45 localhost sshd\[2129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 user=root	2019-10-05 05:05:18
attackbots	Oct 2 20:26:25 ws12vmsma01 sshd[48259]: Invalid user fi from 149.202.52.221 Oct 2 20:26:26 ws12vmsma01 sshd[48259]: Failed password for invalid user fi from 149.202.52.221 port 59188 ssh2 Oct 2 20:29:40 ws12vmsma01 sshd[48734]: Invalid user aleksandrs from 149.202.52.221 ...	2019-10-03 09:52:35
attack	Sep 30 18:00:52 eddieflores sshd\[18442\]: Invalid user coeurs from 149.202.52.221 Sep 30 18:00:52 eddieflores sshd\[18442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=up-bg.net Sep 30 18:00:54 eddieflores sshd\[18442\]: Failed password for invalid user coeurs from 149.202.52.221 port 49579 ssh2 Sep 30 18:04:30 eddieflores sshd\[18788\]: Invalid user sftp from 149.202.52.221 Sep 30 18:04:30 eddieflores sshd\[18788\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=up-bg.net	2019-10-01 19:29:56
attackbots	Automatic report - Banned IP Access	2019-09-25 17:17:35
attack	SSH Brute-Force reported by Fail2Ban	2019-09-20 01:48:34
attack	Sep 15 07:26:43 TORMINT sshd\[29005\]: Invalid user itump from 149.202.52.221 Sep 15 07:26:43 TORMINT sshd\[29005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 Sep 15 07:26:45 TORMINT sshd\[29005\]: Failed password for invalid user itump from 149.202.52.221 port 56519 ssh2 ...	2019-09-15 19:41:00
attackbotsspam	Invalid user uucp from 149.202.52.221 port 48137	2019-09-15 02:07:09
attackspambots	Sep 13 12:01:49 game-panel sshd[17644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 Sep 13 12:01:51 game-panel sshd[17644]: Failed password for invalid user dev from 149.202.52.221 port 43098 ssh2 Sep 13 12:05:37 game-panel sshd[17790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221	2019-09-13 20:06:22
attack	Sep 11 00:30:59 debian sshd\[1209\]: Invalid user hadoop from 149.202.52.221 port 47982 Sep 11 00:30:59 debian sshd\[1209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 Sep 11 00:31:01 debian sshd\[1209\]: Failed password for invalid user hadoop from 149.202.52.221 port 47982 ssh2 ...	2019-09-11 14:22:47
attackspam	Sep 9 06:06:15 MK-Soft-VM3 sshd\[22857\]: Invalid user www-upload from 149.202.52.221 port 43049 Sep 9 06:06:15 MK-Soft-VM3 sshd\[22857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.52.221 Sep 9 06:06:16 MK-Soft-VM3 sshd\[22857\]: Failed password for invalid user www-upload from 149.202.52.221 port 43049 ssh2 ...	2019-09-09 14:35:05
attack	Sep 6 19:13:55 ws12vmsma01 sshd[50622]: Invalid user radio from 149.202.52.221 Sep 6 19:13:57 ws12vmsma01 sshd[50622]: Failed password for invalid user radio from 149.202.52.221 port 49153 ssh2 Sep 6 19:17:35 ws12vmsma01 sshd[51109]: Invalid user ftpuser2 from 149.202.52.221 ...	2019-09-07 06:39:01
attack	Sep 3 04:54:59 mout sshd[17824]: Invalid user oracle from 149.202.52.221 port 33461	2019-09-03 11:02:02
attack	Invalid user willshao from 149.202.52.221 port 44516	2019-08-25 15:33:37
attackspam	Aug 15 22:21:20 dedicated sshd[22680]: Invalid user account from 149.202.52.221 port 41759	2019-08-16 04:40:51

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.202.52.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33835
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.202.52.221.			IN	A

;; AUTHORITY SECTION:
.			2708	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040801 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 09 06:21:06 +08 2019
;; MSG SIZE  rcvd: 118

Host info

221.52.202.149.in-addr.arpa domain name pointer up-bg.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
221.52.202.149.in-addr.arpa	name = up-bg.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
66.23.193.76	attack	Sep 5 11:18:33 eventyay sshd[795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.23.193.76 Sep 5 11:18:34 eventyay sshd[795]: Failed password for invalid user password from 66.23.193.76 port 50934 ssh2 Sep 5 11:23:47 eventyay sshd[938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.23.193.76 ...	2019-09-05 19:22:07
118.27.9.88	attackbotsspam	" "	2019-09-05 19:17:21
181.49.153.74	attackspambots	Sep 5 00:24:13 hcbb sshd\[4563\]: Invalid user password123 from 181.49.153.74 Sep 5 00:24:13 hcbb sshd\[4563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.153.74 Sep 5 00:24:15 hcbb sshd\[4563\]: Failed password for invalid user password123 from 181.49.153.74 port 51476 ssh2 Sep 5 00:29:10 hcbb sshd\[4987\]: Invalid user jtsai from 181.49.153.74 Sep 5 00:29:10 hcbb sshd\[4987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.153.74	2019-09-05 19:16:15
175.211.105.99	attackspam	Sep 5 11:23:59 icinga sshd[18535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.105.99 Sep 5 11:24:02 icinga sshd[18535]: Failed password for invalid user qwer1234 from 175.211.105.99 port 42434 ssh2 ...	2019-09-05 20:00:27
154.126.227.238	attack	SMB Server BruteForce Attack	2019-09-05 19:48:15
218.98.26.184	attack	$f2bV_matches	2019-09-05 19:47:37
223.205.234.100	attackspam	Unauthorized connection attempt from IP address 223.205.234.100 on Port 445(SMB)	2019-09-05 19:54:54
193.31.25.2	attack	Sep 5 11:32:19 tuotantolaitos sshd[2661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.31.25.2 Sep 5 11:32:21 tuotantolaitos sshd[2661]: Failed password for invalid user user from 193.31.25.2 port 40718 ssh2 ...	2019-09-05 19:45:30
80.141.93.10	attackbots	Automatic report - Port Scan Attack	2019-09-05 19:53:28
103.102.102.2	attackbotsspam	Unauthorized connection attempt from IP address 103.102.102.2 on Port 445(SMB)	2019-09-05 19:46:27
91.79.63.118	attack	Unauthorized connection attempt from IP address 91.79.63.118 on Port 445(SMB)	2019-09-05 19:59:55
212.248.39.131	attack	Unauthorized connection attempt from IP address 212.248.39.131 on Port 445(SMB)	2019-09-05 19:32:02
119.166.7.145	attackspam	Bruteforce on smtp	2019-09-05 19:42:30
134.119.221.7	attackbots	\[2019-09-05 07:13:18\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-05T07:13:18.941-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="181046812112996",SessionID="0x7f7b30414c28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/64978",ACLName="no_extension_match" \[2019-09-05 07:16:09\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-05T07:16:09.205-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="770076646812112996",SessionID="0x7f7b3004ac28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/63248",ACLName="no_extension_match" \[2019-09-05 07:19:05\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-05T07:19:05.529-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9900146812112996",SessionID="0x7f7b30414c28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/134.119.221.7/64924",ACLName="no	2019-09-05 19:30:55
118.180.38.103	attackspam	2019-09-05T16:14:33.185974ns1.unifynetsol.net postfix/smtpd\[13449\]: warning: unknown\[118.180.38.103\]: SASL LOGIN authentication failed: authentication failure 2019-09-05T16:14:38.927080ns1.unifynetsol.net postfix/smtpd\[9809\]: warning: unknown\[118.180.38.103\]: SASL LOGIN authentication failed: authentication failure 2019-09-05T16:14:45.589699ns1.unifynetsol.net postfix/smtpd\[13449\]: warning: unknown\[118.180.38.103\]: SASL LOGIN authentication failed: authentication failure 2019-09-05T16:14:54.059568ns1.unifynetsol.net postfix/smtpd\[9809\]: warning: unknown\[118.180.38.103\]: SASL LOGIN authentication failed: authentication failure 2019-09-05T16:15:03.461600ns1.unifynetsol.net postfix/smtpd\[11966\]: warning: unknown\[118.180.38.103\]: SASL LOGIN authentication failed: authentication failure	2019-09-05 20:01:25

Recently Reported IPs

177.2.29.182	185.216.140.67	177.182.55.109	185.216.140.23
162.243.1.231	121.204.129.42	185.193.38.90	177.16.195.132
185.153.196.59	177.156.70.150	132.148.148.146	177.156.120.131
185.142.236.35	177.143.199.94	184.154.189.90	151.80.207.9
177.132.125.141	178.159.7.6	197.200.234.194	177.103.211.5