149.56.252.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.56.252.117	attackspam	Sep 16 23:32:11 www_kotimaassa_fi sshd[17354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117 Sep 16 23:32:14 www_kotimaassa_fi sshd[17354]: Failed password for invalid user tty from 149.56.252.117 port 47860 ssh2 ...	2019-09-17 10:07:02
149.56.252.117	attack	Sep 15 11:56:59 server sshd\[22094\]: Invalid user blake from 149.56.252.117 port 42542 Sep 15 11:56:59 server sshd\[22094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117 Sep 15 11:57:01 server sshd\[22094\]: Failed password for invalid user blake from 149.56.252.117 port 42542 ssh2 Sep 15 12:00:47 server sshd\[7814\]: User root from 149.56.252.117 not allowed because listed in DenyUsers Sep 15 12:00:47 server sshd\[7814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117 user=root	2019-09-15 17:07:27

Type

Details

Datetime

149.56.252.117

attackspam

Sep 16 23:32:11 www_kotimaassa_fi sshd[17354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117
Sep 16 23:32:14 www_kotimaassa_fi sshd[17354]: Failed password for invalid user tty from 149.56.252.117 port 47860 ssh2
...

2019-09-17 10:07:02

149.56.252.117

attack

Sep 15 11:56:59 server sshd\[22094\]: Invalid user blake from 149.56.252.117 port 42542
Sep 15 11:56:59 server sshd\[22094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117
Sep 15 11:57:01 server sshd\[22094\]: Failed password for invalid user blake from 149.56.252.117 port 42542 ssh2
Sep 15 12:00:47 server sshd\[7814\]: User root from 149.56.252.117 not allowed because listed in DenyUsers
Sep 15 12:00:47 server sshd\[7814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117  user=root

2019-09-15 17:07:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.252.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31310
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.56.252.29.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 14:32:33 CST 2022
;; MSG SIZE  rcvd: 106

Host info

29.252.56.149.in-addr.arpa domain name pointer ip29.ip-149-56-252.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.252.56.149.in-addr.arpa	name = ip29.ip-149-56-252.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.150.26	attack	7000/tcp 15432/tcp 41592/tcp... [2019-04-21/06-21]79pkt,53pt.(tcp),6pt.(udp),2proto	2019-06-21 23:54:53
123.120.239.73	attackspam	23/tcp [2019-06-21]1pkt	2019-06-21 23:44:12
90.143.46.14	attackbotsspam	Wordpress attack	2019-06-21 23:14:40
14.253.47.65	attack	445/tcp [2019-06-21]1pkt	2019-06-22 00:13:30
2.180.46.115	attack	wget call in url	2019-06-22 00:26:44
45.249.48.21	attackspam	Jun 21 08:02:22 plusreed sshd[29094]: Invalid user starbound from 45.249.48.21 Jun 21 08:02:22 plusreed sshd[29094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.249.48.21 Jun 21 08:02:22 plusreed sshd[29094]: Invalid user starbound from 45.249.48.21 Jun 21 08:02:24 plusreed sshd[29094]: Failed password for invalid user starbound from 45.249.48.21 port 52292 ssh2 ...	2019-06-21 23:12:40
23.89.100.98	attackbots	firewall-block, port(s): 445/tcp	2019-06-22 00:24:41
118.68.60.164	attack	TCP port 445 (SMB) attempt blocked by firewall. [2019-06-21 11:10:37]	2019-06-21 23:35:12
124.78.252.242	attack	¯\_(ツ)_/¯	2019-06-21 23:27:33
139.59.59.187	attackbotsspam	Invalid user ftpuser from 139.59.59.187 port 59064	2019-06-21 23:36:32
188.151.75.100	attackbots	Jun 21 11:01:29 server3 sshd[794325]: Invalid user admin from 188.151.75.100 Jun 21 11:01:29 server3 sshd[794325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.151.75.100 Jun 21 11:01:30 server3 sshd[794325]: Failed password for invalid user admin from 188.151.75.100 port 37023 ssh2 Jun 21 11:01:31 server3 sshd[794325]: Connection closed by 188.151.75.100 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=188.151.75.100	2019-06-22 00:28:21
223.206.232.103	attackbots	445/tcp [2019-06-21]1pkt	2019-06-21 23:13:23
182.58.63.241	attackspambots	23/tcp [2019-06-21]1pkt	2019-06-21 23:42:57
115.165.0.224	attack	Brute-Force attack detected (85) and blocked by Fail2Ban.	2019-06-21 23:13:46
171.228.88.202	attackspam	9527/tcp 9527/tcp [2019-06-21]2pkt	2019-06-21 23:54:21

Recently Reported IPs

187.190.121.243	156.200.116.71	143.198.50.232	177.126.91.146
154.201.45.135	201.209.112.95	36.70.241.10	188.143.217.17
73.33.183.3	62.128.110.230	186.96.26.132	167.172.173.208
14.142.133.235	104.237.151.251	123.56.82.70	47.38.133.157
36.72.169.242	160.20.202.58	14.52.29.168	222.247.1.110