149.56.140.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.56.140.24	attackspambots	Scanning and Vuln Attempts	2019-06-26 17:15:54
149.56.140.24	attackbotsspam	149.56.140.24 - - \[24/Jun/2019:14:04:22 +0200\] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 149.56.140.24 - - \[24/Jun/2019:14:04:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-06-25 00:04:38

Type

Details

Datetime

149.56.140.24

attackspambots

Scanning and Vuln Attempts

2019-06-26 17:15:54

149.56.140.24

attackbotsspam

149.56.140.24 - - \[24/Jun/2019:14:04:22 +0200\] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
149.56.140.24 - - \[24/Jun/2019:14:04:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...

2019-06-25 00:04:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.140.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26140
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.56.140.4.			IN	A

;; AUTHORITY SECTION:
.			541	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:50:20 CST 2022
;; MSG SIZE  rcvd: 105

Host info

4.140.56.149.in-addr.arpa domain name pointer 4.ip-149-56-140.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.140.56.149.in-addr.arpa	name = 4.ip-149-56-140.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.31.83	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-15 05:19:36
117.232.127.51	attackbots	Aug 14 22:43:56 ns37 sshd[13931]: Failed password for root from 117.232.127.51 port 42874 ssh2 Aug 14 22:43:56 ns37 sshd[13931]: Failed password for root from 117.232.127.51 port 42874 ssh2	2020-08-15 05:44:32
142.93.195.15	attackspambots	fail2ban detected bruce force on ssh iptables	2020-08-15 05:48:59
67.20.21.243	attack	port scan and connect, tcp 22 (ssh)	2020-08-15 05:58:17
222.186.180.41	attack	Aug 14 23:32:52 melroy-server sshd[1855]: Failed password for root from 222.186.180.41 port 12316 ssh2 Aug 14 23:32:56 melroy-server sshd[1855]: Failed password for root from 222.186.180.41 port 12316 ssh2 ...	2020-08-15 05:36:58
147.135.225.193	attackspam	Unauthorized access detected from black listed ip!	2020-08-15 05:40:10
81.183.182.37	attackbotsspam	Aug 14 22:05:43 ajax sshd[22172]: Failed password for root from 81.183.182.37 port 51208 ssh2	2020-08-15 05:33:28
193.200.160.20	attackspam	1597437836 - 08/14/2020 22:43:56 Host: 193.200.160.20/193.200.160.20 Port: 23 TCP Blocked ...	2020-08-15 05:44:03
188.166.244.184	attackbots	Lines containing failures of 188.166.244.184 Aug 13 20:54:48 penfold sshd[7339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.244.184 user=r.r Aug 13 20:54:50 penfold sshd[7339]: Failed password for r.r from 188.166.244.184 port 51518 ssh2 Aug 13 20:54:52 penfold sshd[7339]: Received disconnect from 188.166.244.184 port 51518:11: Bye Bye [preauth] Aug 13 20:54:52 penfold sshd[7339]: Disconnected from authenticating user r.r 188.166.244.184 port 51518 [preauth] Aug 13 21:07:02 penfold sshd[8009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.244.184 user=r.r Aug 13 21:07:04 penfold sshd[8009]: Failed password for r.r from 188.166.244.184 port 33098 ssh2 Aug 13 21:07:04 penfold sshd[8009]: Received disconnect from 188.166.244.184 port 33098:11: Bye Bye [preauth] Aug 13 21:07:04 penfold sshd[8009]: Disconnected from authenticating user r.r 188.166.244.184 port 33098 [preau........ ------------------------------	2020-08-15 05:39:16
177.139.136.73	attackbotsspam	Aug 14 23:14:00 vps1 sshd[28526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.139.136.73 user=root Aug 14 23:14:02 vps1 sshd[28526]: Failed password for invalid user root from 177.139.136.73 port 53998 ssh2 Aug 14 23:15:46 vps1 sshd[28554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.139.136.73 user=root Aug 14 23:15:48 vps1 sshd[28554]: Failed password for invalid user root from 177.139.136.73 port 51046 ssh2 Aug 14 23:17:36 vps1 sshd[28565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.139.136.73 user=root Aug 14 23:17:37 vps1 sshd[28565]: Failed password for invalid user root from 177.139.136.73 port 48096 ssh2 Aug 14 23:19:24 vps1 sshd[28582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.139.136.73 user=root ...	2020-08-15 05:55:38
192.0.102.40	attackbots	[Fri Aug 14 22:43:48.388291 2020] [authz_core:error] [pid 16570] [client 192.0.102.40:43077] AH01630: client denied by server configuration: /var/www/buchtic.net/blog/index.php [Fri Aug 14 22:43:48.388611 2020] [authz_core:error] [pid 16570] [client 192.0.102.40:43077] AH01630: client denied by server configuration: /var/www/buchtic.net/blog/index.php ...	2020-08-15 05:50:49
106.54.139.117	attackbotsspam	Aug 15 03:33:46 itv-usvr-01 sshd[19461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.139.117 user=root Aug 15 03:33:49 itv-usvr-01 sshd[19461]: Failed password for root from 106.54.139.117 port 33466 ssh2 Aug 15 03:39:47 itv-usvr-01 sshd[19854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.139.117 user=root Aug 15 03:39:49 itv-usvr-01 sshd[19854]: Failed password for root from 106.54.139.117 port 45596 ssh2 Aug 15 03:43:37 itv-usvr-01 sshd[19979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.139.117 user=root Aug 15 03:43:40 itv-usvr-01 sshd[19979]: Failed password for root from 106.54.139.117 port 59638 ssh2	2020-08-15 05:59:03
111.161.74.117	attack	2020-08-14T22:45:06.811492n23.at sshd[1907286]: Failed password for root from 111.161.74.117 port 43506 ssh2 2020-08-14T22:49:15.103233n23.at sshd[1909962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.161.74.117 user=root 2020-08-14T22:49:16.731627n23.at sshd[1909962]: Failed password for root from 111.161.74.117 port 48279 ssh2 ...	2020-08-15 05:52:38
121.229.6.166	attackspam	Aug 14 22:43:54 rancher-0 sshd[1086357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root Aug 14 22:43:56 rancher-0 sshd[1086357]: Failed password for root from 121.229.6.166 port 40200 ssh2 ...	2020-08-15 05:45:14
185.216.140.31	attackspam	Port scan: Attack repeated for 24 hours	2020-08-15 05:37:41

Recently Reported IPs

149.56.14.126	149.56.142.28	149.56.143.24	149.56.140.43
149.56.147.198	149.56.141.75	149.56.15.77	149.56.150.141
149.56.155.20	149.56.155.8	149.56.159.7	149.56.15.68
149.56.160.80	149.56.17.13	149.56.167.170	149.56.17.45
149.56.153.188	149.56.17.40	149.56.184.246	149.56.17.68