149.56.140.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.56.140.24	attackspambots	Scanning and Vuln Attempts	2019-06-26 17:15:54
149.56.140.24	attackbotsspam	149.56.140.24 - - \[24/Jun/2019:14:04:22 +0200\] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 149.56.140.24 - - \[24/Jun/2019:14:04:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-06-25 00:04:38

Type

Details

Datetime

149.56.140.24

attackspambots

Scanning and Vuln Attempts

2019-06-26 17:15:54

149.56.140.24

attackbotsspam

149.56.140.24 - - \[24/Jun/2019:14:04:22 +0200\] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
149.56.140.24 - - \[24/Jun/2019:14:04:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...

2019-06-25 00:04:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.140.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26140
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.56.140.4.			IN	A

;; AUTHORITY SECTION:
.			541	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:50:20 CST 2022
;; MSG SIZE  rcvd: 105

Host info

4.140.56.149.in-addr.arpa domain name pointer 4.ip-149-56-140.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.140.56.149.in-addr.arpa	name = 4.ip-149-56-140.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.44.229.242	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-05 15:47:14
185.244.173.194	attackbots	Mar 4 21:15:51 tdfoods sshd\[29389\]: Invalid user kernoops from 185.244.173.194 Mar 4 21:15:51 tdfoods sshd\[29389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.244.173.194 Mar 4 21:15:53 tdfoods sshd\[29389\]: Failed password for invalid user kernoops from 185.244.173.194 port 49506 ssh2 Mar 4 21:25:29 tdfoods sshd\[30324\]: Invalid user wlk-lab from 185.244.173.194 Mar 4 21:25:29 tdfoods sshd\[30324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.244.173.194	2020-03-05 15:42:40
185.234.219.105	attackspambots	Mar 5 07:52:34 web01.agentur-b-2.de postfix/smtpd[97572]: warning: unknown[185.234.219.105]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 5 07:52:34 web01.agentur-b-2.de postfix/smtpd[97572]: lost connection after AUTH from unknown[185.234.219.105] Mar 5 07:52:40 web01.agentur-b-2.de postfix/smtpd[99581]: warning: unknown[185.234.219.105]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 5 07:52:40 web01.agentur-b-2.de postfix/smtpd[99581]: lost connection after AUTH from unknown[185.234.219.105] Mar 5 08:01:08 web01.agentur-b-2.de postfix/smtpd[99581]: warning: unknown[185.234.219.105]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 5 08:01:08 web01.agentur-b-2.de postfix/smtpd[99581]: lost connection after AUTH from unknown[185.234.219.105]	2020-03-05 15:50:00
112.85.42.173	attack	Mar 5 09:03:17 srv206 sshd[718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Mar 5 09:03:19 srv206 sshd[718]: Failed password for root from 112.85.42.173 port 56625 ssh2 ...	2020-03-05 16:09:25
218.244.143.180	attackspambots	Unauthorised access (Mar 5) SRC=218.244.143.180 LEN=40 TTL=240 ID=52574 TCP DPT=445 WINDOW=1024 SYN	2020-03-05 16:02:01
18.190.86.132	attack	2020-03-05T07:27:48.546695shield sshd\[27881\]: Invalid user weichanghe from 18.190.86.132 port 45858 2020-03-05T07:27:48.553861shield sshd\[27881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-18-190-86-132.us-east-2.compute.amazonaws.com 2020-03-05T07:27:50.485546shield sshd\[27881\]: Failed password for invalid user weichanghe from 18.190.86.132 port 45858 ssh2 2020-03-05T07:36:58.013510shield sshd\[29270\]: Invalid user tester from 18.190.86.132 port 52512 2020-03-05T07:36:58.021362shield sshd\[29270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-18-190-86-132.us-east-2.compute.amazonaws.com	2020-03-05 15:46:51
180.253.84.182	attackspambots	20/3/4@23:50:51: FAIL: Alarm-Network address from=180.253.84.182 ...	2020-03-05 16:07:38
113.165.30.122	attackspambots	Email rejected due to spam filtering	2020-03-05 15:42:15
54.166.58.241	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/54.166.58.241/ US - 1H : (93) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN14618 IP : 54.166.58.241 CIDR : 54.166.0.0/15 PREFIX COUNT : 433 UNIQUE IP COUNT : 19526400 ATTACKS DETECTED ASN14618 : 1H - 1 3H - 2 6H - 5 12H - 15 24H - 35 DateTime : 2020-03-05 05:51:21 INFO : DNS DENIED Scan Detected and Blocked by ADMIN - data recovery	2020-03-05 15:35:07
37.187.113.144	attack	Mar 5 12:24:39 gw1 sshd[25184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.113.144 Mar 5 12:24:41 gw1 sshd[25184]: Failed password for invalid user andrew from 37.187.113.144 port 51070 ssh2 ...	2020-03-05 15:41:51
63.82.48.19	attackspam	Mar 5 06:51:16 web01.agentur-b-2.de postfix/smtpd[87652]: NOQUEUE: reject: RCPT from unknown[63.82.48.19]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Mar 5 07:00:00 web01.agentur-b-2.de postfix/smtpd[87653]: NOQUEUE: reject: RCPT from unknown[63.82.48.19]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Mar 5 07:00:00 web01.agentur-b-2.de postfix/smtpd[81920]: NOQUEUE: reject: RCPT from unknown[63.82.48.19]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Mar 5 07:00:00 web01.agentur-b-2.de postfix/smtpd[81919]: NOQUEUE: reject: RCPT from unknown[63.82.48.19]: 450 4.7.1	2020-03-05 15:58:01
63.82.48.158	attackbots	Mar 5 05:30:51 mail.srvfarm.net postfix/smtpd[269608]: NOQUEUE: reject: RCPT from unknown[63.82.48.158]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 5 05:30:57 mail.srvfarm.net postfix/smtpd[264065]: NOQUEUE: reject: RCPT from unknown[63.82.48.158]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 5 05:30:59 mail.srvfarm.net postfix/smtpd[282922]: NOQUEUE: reject: RCPT from unknown[63.82.48.158]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 5 05:31:07 mail.srvfarm.net postfix/smtpd[280912]: NOQUEUE: reject: RCPT from unknown[63.82.48.158]: 450 4.1.8	2020-03-05 15:56:30
222.186.175.215	attackspam	2020-03-05T02:57:02.812884xentho-1 sshd[263063]: Failed password for root from 222.186.175.215 port 28604 ssh2 2020-03-05T02:56:56.238829xentho-1 sshd[263063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root 2020-03-05T02:56:58.465909xentho-1 sshd[263063]: Failed password for root from 222.186.175.215 port 28604 ssh2 2020-03-05T02:57:02.812884xentho-1 sshd[263063]: Failed password for root from 222.186.175.215 port 28604 ssh2 2020-03-05T02:57:07.634723xentho-1 sshd[263063]: Failed password for root from 222.186.175.215 port 28604 ssh2 2020-03-05T02:56:56.238829xentho-1 sshd[263063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root 2020-03-05T02:56:58.465909xentho-1 sshd[263063]: Failed password for root from 222.186.175.215 port 28604 ssh2 2020-03-05T02:57:02.812884xentho-1 sshd[263063]: Failed password for root from 222.186.175.215 port 28604 ssh2 2020-0 ...	2020-03-05 16:03:29
219.142.140.2	attackbots	Mar 5 05:51:04 v22018076622670303 sshd\[15465\]: Invalid user msagent from 219.142.140.2 port 13338 Mar 5 05:51:04 v22018076622670303 sshd\[15465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.142.140.2 Mar 5 05:51:06 v22018076622670303 sshd\[15465\]: Failed password for invalid user msagent from 219.142.140.2 port 13338 ssh2 ...	2020-03-05 15:43:34
46.164.143.82	attackbots	Mar 4 22:00:19 wbs sshd\[6686\]: Invalid user info from 46.164.143.82 Mar 4 22:00:19 wbs sshd\[6686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.164.143.82 Mar 4 22:00:21 wbs sshd\[6686\]: Failed password for invalid user info from 46.164.143.82 port 43882 ssh2 Mar 4 22:06:50 wbs sshd\[7303\]: Invalid user rajesh from 46.164.143.82 Mar 4 22:06:50 wbs sshd\[7303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.164.143.82	2020-03-05 16:11:34

Recently Reported IPs

149.56.14.126	149.56.142.28	149.56.143.24	149.56.140.43
149.56.147.198	149.56.141.75	149.56.15.77	149.56.150.141
149.56.155.20	149.56.155.8	149.56.159.7	149.56.15.68
149.56.160.80	149.56.17.13	149.56.167.170	149.56.17.45
149.56.153.188	149.56.17.40	149.56.184.246	149.56.17.68