149.56.10.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.56.102.43	attack	failed root login	2020-09-23 01:18:20
149.56.102.43	attack	failed root login	2020-09-22 17:20:56
149.56.100.237	attackspam	2020-09-09T13:27:45+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-09-10 01:21:01
149.56.100.237	attackspambots	$f2bV_matches	2020-09-03 04:09:16
149.56.100.237	attack	Invalid user ftp1 from 149.56.100.237 port 56500	2020-09-02 19:51:59
149.56.100.237	attackbots	Aug 28 23:28:31 lukav-desktop sshd\[25910\]: Invalid user user3 from 149.56.100.237 Aug 28 23:28:31 lukav-desktop sshd\[25910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.100.237 Aug 28 23:28:34 lukav-desktop sshd\[25910\]: Failed password for invalid user user3 from 149.56.100.237 port 53816 ssh2 Aug 28 23:32:57 lukav-desktop sshd\[25960\]: Invalid user mark from 149.56.100.237 Aug 28 23:32:57 lukav-desktop sshd\[25960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.100.237	2020-08-29 04:54:17
149.56.107.216	attackspambots	Aug 28 11:11:30 gw1 sshd[16318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.107.216 Aug 28 11:11:31 gw1 sshd[16318]: Failed password for invalid user sonar from 149.56.107.216 port 50124 ssh2 ...	2020-08-28 14:39:27
149.56.102.43	attack	Aug 26 13:59:28 NPSTNNYC01T sshd[22809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.102.43 Aug 26 13:59:30 NPSTNNYC01T sshd[22809]: Failed password for invalid user felins from 149.56.102.43 port 36390 ssh2 Aug 26 14:05:53 NPSTNNYC01T sshd[26322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.102.43 ...	2020-08-27 03:44:23
149.56.100.237	attack	Aug 23 14:14:08 ajax sshd[23543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.100.237 Aug 23 14:14:10 ajax sshd[23543]: Failed password for invalid user fangnan from 149.56.100.237 port 52500 ssh2	2020-08-23 21:36:05
149.56.102.43	attack	Aug 18 11:03:17 fhem-rasp sshd[26185]: User lp from 149.56.102.43 not allowed because not listed in AllowUsers ...	2020-08-18 19:59:41
149.56.107.216	attackspambots	Aug 9 18:43:52 ip106 sshd[19342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.107.216 Aug 9 18:43:54 ip106 sshd[19342]: Failed password for invalid user saqib from 149.56.107.216 port 45192 ssh2 ...	2020-08-10 01:08:24
149.56.107.216	attackspam	Aug 9 00:19:16 jane sshd[12063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.107.216 Aug 9 00:19:19 jane sshd[12063]: Failed password for invalid user routhier from 149.56.107.216 port 33422 ssh2 ...	2020-08-09 06:19:37
149.56.107.216	attackspam	Aug 8 16:53:29 ip106 sshd[30425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.107.216 Aug 8 16:53:31 ip106 sshd[30425]: Failed password for invalid user roberto from 149.56.107.216 port 58968 ssh2 ...	2020-08-08 23:05:43
149.56.100.237	attack	Jul 30 10:00:01 vps sshd[210043]: Failed password for invalid user postgre from 149.56.100.237 port 43988 ssh2 Jul 30 10:02:55 vps sshd[226519]: Invalid user sue from 149.56.100.237 port 37308 Jul 30 10:02:55 vps sshd[226519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=237.ip-149-56-100.net Jul 30 10:02:57 vps sshd[226519]: Failed password for invalid user sue from 149.56.100.237 port 37308 ssh2 Jul 30 10:05:56 vps sshd[242356]: Invalid user butter from 149.56.100.237 port 58860 ...	2020-07-30 18:53:22
149.56.100.237	attackbotsspam	Jul 27 10:40:38 OPSO sshd\[11090\]: Invalid user tk from 149.56.100.237 port 45754 Jul 27 10:40:38 OPSO sshd\[11090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.100.237 Jul 27 10:40:40 OPSO sshd\[11090\]: Failed password for invalid user tk from 149.56.100.237 port 45754 ssh2 Jul 27 10:42:08 OPSO sshd\[11500\]: Invalid user user2 from 149.56.100.237 port 40474 Jul 27 10:42:08 OPSO sshd\[11500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.100.237	2020-07-27 16:43:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.10.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23859
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.56.10.72.			IN	A

;; AUTHORITY SECTION:
.			537	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:50:11 CST 2022
;; MSG SIZE  rcvd: 105

Host info

72.10.56.149.in-addr.arpa domain name pointer srv.portaldoaz.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.10.56.149.in-addr.arpa	name = srv.portaldoaz.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.99.196.77	attackbotsspam	Jul 17 07:43:28 mxgate1 postfix/postscreen[14130]: CONNECT from [116.99.196.77]:40568 to [176.31.12.44]:25 Jul 17 07:43:28 mxgate1 postfix/dnsblog[14131]: addr 116.99.196.77 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 17 07:43:28 mxgate1 postfix/dnsblog[14134]: addr 116.99.196.77 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 17 07:43:28 mxgate1 postfix/dnsblog[14134]: addr 116.99.196.77 listed by domain zen.spamhaus.org as 127.0.0.11 Jul 17 07:43:34 mxgate1 postfix/postscreen[14130]: DNSBL rank 3 for [116.99.196.77]:40568 Jul x@x Jul 17 07:43:35 mxgate1 postfix/postscreen[14130]: HANGUP after 1.4 from [116.99.196.77]:40568 in tests after SMTP handshake Jul 17 07:43:35 mxgate1 postfix/postscreen[14130]: DISCONNECT [116.99.196.77]:40568 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=116.99.196.77	2019-07-17 17:18:36
74.208.159.180	attackspam	2019-07-17T10:03:24.817527lon01.zurich-datacenter.net sshd\[25044\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.208.159.180 user=redis 2019-07-17T10:03:26.383186lon01.zurich-datacenter.net sshd\[25044\]: Failed password for redis from 74.208.159.180 port 35386 ssh2 2019-07-17T10:03:28.322397lon01.zurich-datacenter.net sshd\[25044\]: Failed password for redis from 74.208.159.180 port 35386 ssh2 2019-07-17T10:03:30.203449lon01.zurich-datacenter.net sshd\[25044\]: Failed password for redis from 74.208.159.180 port 35386 ssh2 2019-07-17T10:03:31.691968lon01.zurich-datacenter.net sshd\[25044\]: Failed password for redis from 74.208.159.180 port 35386 ssh2 ...	2019-07-17 17:03:19
140.143.69.34	attackbots	Jul 17 11:18:36 yabzik sshd[26848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.69.34 Jul 17 11:18:38 yabzik sshd[26848]: Failed password for invalid user vivo from 140.143.69.34 port 60273 ssh2 Jul 17 11:22:04 yabzik sshd[27957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.69.34	2019-07-17 16:34:19
188.246.226.71	attackspambots	SPLUNK port scan detected	2019-07-17 16:44:52
196.203.31.154	attackspam	Jul 17 10:44:47 mail sshd\[16271\]: Invalid user craven from 196.203.31.154 Jul 17 10:44:47 mail sshd\[16271\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.203.31.154 Jul 17 10:44:50 mail sshd\[16271\]: Failed password for invalid user craven from 196.203.31.154 port 50196 ssh2 ...	2019-07-17 16:49:50
185.176.26.104	attackspam	41258/tcp 42585/tcp 42464/tcp... [2019-06-14/07-17]3022pkt,584pt.(tcp)	2019-07-17 16:43:20
40.77.167.6	attack	Automatic report - Banned IP Access	2019-07-17 16:48:13
167.99.189.74	attackspam	WordPress wp-login brute force :: 167.99.189.74 0.044 BYPASS [17/Jul/2019:16:10:51 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-17 16:33:12
92.119.160.141	attackbots	Jul 17 02:05:04 box kernel: [1436529.720146] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=59251 PROTO=TCP SPT=46502 DPT=8087 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 17 02:06:22 box kernel: [1436607.655033] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=15794 PROTO=TCP SPT=46502 DPT=7306 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 17 03:01:11 box kernel: [1439896.579683] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=19792 PROTO=TCP SPT=46502 DPT=40 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 17 04:20:17 box kernel: [1444642.612719] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=21343 PROTO=TCP SPT=46502 DPT=7025 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 17 09:09:44 box kernel: [1462009.022174] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=	2019-07-17 16:34:38
139.59.80.65	attackspambots	Jul 17 04:35:29 vps200512 sshd\[25738\]: Invalid user caja from 139.59.80.65 Jul 17 04:35:29 vps200512 sshd\[25738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.65 Jul 17 04:35:31 vps200512 sshd\[25738\]: Failed password for invalid user caja from 139.59.80.65 port 59222 ssh2 Jul 17 04:42:53 vps200512 sshd\[25931\]: Invalid user redmine from 139.59.80.65 Jul 17 04:42:53 vps200512 sshd\[25931\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.80.65	2019-07-17 16:57:23
54.39.145.123	attackspambots	Reported by AbuseIPDB proxy server.	2019-07-17 17:19:30
197.164.187.193	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 00:45:06,628 INFO [shellcode_manager] (197.164.187.193) no match, writing hexdump (7c3370635542481540da5c8358b3e151 :2160871) - MS17010 (EternalBlue)	2019-07-17 16:32:22
122.116.86.54	attackbots	Multiple failed RDP login attempts	2019-07-17 17:25:44
64.44.34.119	attackbotsspam	17.07.2019 08:52:50 - SMTP Spam without Auth on hMailserver Detected by ELinOX-hMail-A2F	2019-07-17 16:36:07
117.194.92.138	attack	2019-07-17 x@x 2019-07-17 x@x 2019-07-17 x@x 2019-07-17 x@x 2019-07-17 08:42:52 dovecot_plain authenticator failed for (HP-PC) [117.194.92.138]:63076: 535 Incorrect authentication data (set_id=gatis) 2019-07-17 08:42:59 dovecot_login authenticator failed for (HP-PC) [117.194.92.138]:63076: 535 Incorrect authentication data (set_id=gatis) 2019-07-17 08:43:07 dovecot_plain authenticator failed for (HP-PC) [117.194.92.138]:63644: 535 Incorrect authentication data (set_id=gatis) 2019-07-17 08:43:09 dovecot_login authenticator failed for (HP-PC) [117.194.92.138]:63644: 535 Incorrect authentication data (set_id=gatis) 2019-07-17 x@x 2019-07-17 x@x 2019-07-17 x@x 2019-07-17 x@x 2019-07-17 08:43:26 dovecot_plain authenticator failed for (HP-PC) [117.194.92.138]:64739: 535 Incorrect authentication data (set_id=gatis) 2019-07-17 08:43:29 dovecot_login authenticator failed for (HP-PC) [117.194.92.138]:64739: 535 Incorrect authentication data (set_id=gatis) 2019-07-17 08:43:33 dovec........ ------------------------------	2019-07-17 17:24:17

Recently Reported IPs

149.5.24.115	149.56.103.13	149.5.244.44	149.5.37.1
149.56.109.246	149.56.106.108	149.56.110.98	149.56.11.178
149.56.117.110	149.56.117.142	149.56.117.69	149.56.121.17
149.56.118.36	149.56.119.229	149.5.4.220	149.56.123.169
149.56.129.223	149.56.124.36	149.56.120.51	149.56.13.167