149.56.142.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.56.142.1	attackspambots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-11 00:35:24
149.56.142.1	attackspam	149.56.142.1 - - [10/Oct/2020:09:46:40 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.56.142.1 - - [10/Oct/2020:09:46:42 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.56.142.1 - - [10/Oct/2020:09:46:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-10 16:24:09
149.56.142.1	attackbots	149.56.142.1 - - \[19/Sep/2020:19:09:40 +0200\] "POST /wp-login.php HTTP/1.0" 200 9485 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 149.56.142.1 - - \[19/Sep/2020:19:09:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 9315 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 149.56.142.1 - - \[19/Sep/2020:19:09:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 9309 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-20 03:49:31
149.56.142.1	attack	149.56.142.1 - - [19/Sep/2020:09:32:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2391 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.56.142.1 - - [19/Sep/2020:09:32:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2325 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.56.142.1 - - [19/Sep/2020:09:32:40 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-19 19:54:48
149.56.142.47	attack	Jul 27 18:14:15 vpn01 sshd[4207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.47 Jul 27 18:14:17 vpn01 sshd[4207]: Failed password for invalid user wtli from 149.56.142.47 port 60222 ssh2 ...	2020-07-28 01:14:01
149.56.142.47	attack	Jul 17 11:19:12 pixelmemory sshd[3118379]: Invalid user library from 149.56.142.47 port 48908 Jul 17 11:19:12 pixelmemory sshd[3118379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.47 Jul 17 11:19:12 pixelmemory sshd[3118379]: Invalid user library from 149.56.142.47 port 48908 Jul 17 11:19:14 pixelmemory sshd[3118379]: Failed password for invalid user library from 149.56.142.47 port 48908 ssh2 Jul 17 11:25:05 pixelmemory sshd[3137853]: Invalid user rocha from 149.56.142.47 port 36840 ...	2020-07-18 02:37:34
149.56.142.47	attack	Jul 9 15:09:41 rancher-0 sshd[211744]: Invalid user lisa from 149.56.142.47 port 39858 ...	2020-07-09 23:12:56
149.56.142.47	attackbotsspam	Jun 3 14:39:09 electroncash sshd[12501]: Failed password for root from 149.56.142.47 port 41284 ssh2 Jun 3 14:41:30 electroncash sshd[13102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.47 user=root Jun 3 14:41:31 electroncash sshd[13102]: Failed password for root from 149.56.142.47 port 41748 ssh2 Jun 3 14:43:54 electroncash sshd[13719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.47 user=root Jun 3 14:43:56 electroncash sshd[13719]: Failed password for root from 149.56.142.47 port 42212 ssh2 ...	2020-06-03 20:50:50
149.56.142.47	attackbots	Invalid user webmaster1 from 149.56.142.47 port 42356	2020-05-16 23:30:37
149.56.142.47	attackbotsspam	Total attacks: 4	2020-05-13 03:22:27
149.56.142.47	attack	May 6 22:23:10 ns381471 sshd[693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.47 May 6 22:23:12 ns381471 sshd[693]: Failed password for invalid user xwq from 149.56.142.47 port 45916 ssh2	2020-05-07 04:44:11
149.56.142.47	attackspambots	SSH Invalid Login	2020-05-05 05:56:40
149.56.142.47	attackspambots	hit -> srv3:22	2020-05-01 16:13:57
149.56.142.198	attackbots	Apr 30 16:44:14 server sshd[19472]: Failed password for invalid user sammy from 149.56.142.198 port 54246 ssh2 Apr 30 16:49:37 server sshd[23590]: Failed password for invalid user dcc from 149.56.142.198 port 36804 ssh2 Apr 30 16:54:59 server sshd[27505]: User postgres from 149.56.142.198 not allowed because not listed in AllowUsers	2020-05-01 03:26:10
149.56.142.198	attack	Apr 29 19:57:40 web1 sshd\[17360\]: Invalid user group3 from 149.56.142.198 Apr 29 19:57:40 web1 sshd\[17360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.198 Apr 29 19:57:43 web1 sshd\[17360\]: Failed password for invalid user group3 from 149.56.142.198 port 45436 ssh2 Apr 29 20:03:07 web1 sshd\[17738\]: Invalid user fred from 149.56.142.198 Apr 29 20:03:07 web1 sshd\[17738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.142.198	2020-04-30 15:23:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.142.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62698
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.56.142.28.			IN	A

;; AUTHORITY SECTION:
.			442	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:50:21 CST 2022
;; MSG SIZE  rcvd: 106

Host info

28.142.56.149.in-addr.arpa domain name pointer tls2.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
28.142.56.149.in-addr.arpa	name = tls2.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.204.44	attack	Jul 5 19:51:06 vmd17057 sshd\[16260\]: Invalid user johny from 106.12.204.44 port 46190 Jul 5 19:51:06 vmd17057 sshd\[16260\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.204.44 Jul 5 19:51:08 vmd17057 sshd\[16260\]: Failed password for invalid user johny from 106.12.204.44 port 46190 ssh2 ...	2019-07-06 10:05:35
77.243.23.32	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: 77-243-23-32.dynamic.vipmobile.rs.	2019-07-06 10:07:31
128.199.78.191	attackbotsspam	Invalid user vagrant from 128.199.78.191 port 38762	2019-07-06 10:45:42
31.181.105.122	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 15:59:18,003 INFO [shellcode_manager] (31.181.105.122) no match, writing hexdump (537acc26b42e8664e01baba0d1f9d5da :15921) - SMB (Unknown)	2019-07-06 10:03:03
181.171.106.167	attack	Invalid user weblogic from 181.171.106.167 port 29865 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.171.106.167 Failed password for invalid user weblogic from 181.171.106.167 port 29865 ssh2 Invalid user csgoserver from 181.171.106.167 port 40801 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.171.106.167	2019-07-06 10:00:37
185.203.18.68	attackspambots	Jul 6 01:53:52 bouncer sshd\[18655\]: Invalid user window from 185.203.18.68 port 49172 Jul 6 01:53:52 bouncer sshd\[18655\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.203.18.68 Jul 6 01:53:54 bouncer sshd\[18655\]: Failed password for invalid user window from 185.203.18.68 port 49172 ssh2 ...	2019-07-06 10:21:16
187.94.80.227	attackspambots	SASL PLAIN auth failed: ruser=...	2019-07-06 10:14:54
192.185.21.201	attackspam	192.185.21.201	2019-07-06 10:44:29
187.60.149.158	attackspambots	Port scan and connecxt tcp 80	2019-07-06 10:13:27
213.49.99.96	attackbots	Jul 6 01:30:35 rpi sshd[16148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.49.99.96 Jul 6 01:30:37 rpi sshd[16148]: Failed password for invalid user pass from 213.49.99.96 port 60916 ssh2	2019-07-06 10:18:12
37.182.190.64	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 15:58:56,477 INFO [shellcode_manager] (37.182.190.64) no match, writing hexdump (1902f87d71ef67b6a51d22b6d558c3d9 :2028332) - MS17010 (EternalBlue)	2019-07-06 10:23:57
171.105.47.101	attack	RDP Bruteforce	2019-07-06 10:46:37
36.7.140.77	attack	Jul 5 20:37:52 core01 sshd\[27722\]: Invalid user ph from 36.7.140.77 port 48455 Jul 5 20:37:52 core01 sshd\[27722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.7.140.77 ...	2019-07-06 10:19:15
159.65.159.1	attack	Jul 6 04:02:56 vps65 sshd\[1546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.159.1 user=root Jul 6 04:02:57 vps65 sshd\[1546\]: Failed password for root from 159.65.159.1 port 52240 ssh2 ...	2019-07-06 10:36:31
185.66.131.248	attackspam	failed_logins	2019-07-06 10:36:10

Recently Reported IPs

149.56.140.4	149.56.143.24	149.56.140.43	149.56.147.198
149.56.141.75	149.56.15.77	149.56.150.141	149.56.155.20
149.56.155.8	149.56.159.7	149.56.15.68	149.56.160.80
149.56.17.13	149.56.167.170	149.56.17.45	149.56.153.188
149.56.17.40	149.56.184.246	149.56.17.68	149.56.18.3