149.56.252.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.56.252.117	attackspam	Sep 16 23:32:11 www_kotimaassa_fi sshd[17354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117 Sep 16 23:32:14 www_kotimaassa_fi sshd[17354]: Failed password for invalid user tty from 149.56.252.117 port 47860 ssh2 ...	2019-09-17 10:07:02
149.56.252.117	attack	Sep 15 11:56:59 server sshd\[22094\]: Invalid user blake from 149.56.252.117 port 42542 Sep 15 11:56:59 server sshd\[22094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117 Sep 15 11:57:01 server sshd\[22094\]: Failed password for invalid user blake from 149.56.252.117 port 42542 ssh2 Sep 15 12:00:47 server sshd\[7814\]: User root from 149.56.252.117 not allowed because listed in DenyUsers Sep 15 12:00:47 server sshd\[7814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117 user=root	2019-09-15 17:07:27

Type

Details

Datetime

149.56.252.117

attackspam

Sep 16 23:32:11 www_kotimaassa_fi sshd[17354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117
Sep 16 23:32:14 www_kotimaassa_fi sshd[17354]: Failed password for invalid user tty from 149.56.252.117 port 47860 ssh2
...

2019-09-17 10:07:02

149.56.252.117

attack

Sep 15 11:56:59 server sshd\[22094\]: Invalid user blake from 149.56.252.117 port 42542
Sep 15 11:56:59 server sshd\[22094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117
Sep 15 11:57:01 server sshd\[22094\]: Failed password for invalid user blake from 149.56.252.117 port 42542 ssh2
Sep 15 12:00:47 server sshd\[7814\]: User root from 149.56.252.117 not allowed because listed in DenyUsers
Sep 15 12:00:47 server sshd\[7814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.252.117  user=root

2019-09-15 17:07:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.56.252.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31310
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.56.252.29.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 14:32:33 CST 2022
;; MSG SIZE  rcvd: 106

Host info

29.252.56.149.in-addr.arpa domain name pointer ip29.ip-149-56-252.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.252.56.149.in-addr.arpa	name = ip29.ip-149-56-252.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.60.94.189	attackbotsspam	May 20 19:07:27 home sshd[1528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.60.94.189 May 20 19:07:28 home sshd[1528]: Failed password for invalid user wlk-lab from 190.60.94.189 port 48808 ssh2 May 20 19:11:38 home sshd[2447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.60.94.189 ...	2020-05-21 01:20:00
167.71.199.96	attack	May 20 19:46:17 pkdns2 sshd\[60572\]: Invalid user qau from 167.71.199.96May 20 19:46:19 pkdns2 sshd\[60572\]: Failed password for invalid user qau from 167.71.199.96 port 37484 ssh2May 20 19:49:08 pkdns2 sshd\[60700\]: Invalid user pzx from 167.71.199.96May 20 19:49:10 pkdns2 sshd\[60700\]: Failed password for invalid user pzx from 167.71.199.96 port 51072 ssh2May 20 19:52:00 pkdns2 sshd\[60878\]: Invalid user huwenbo from 167.71.199.96May 20 19:52:02 pkdns2 sshd\[60878\]: Failed password for invalid user huwenbo from 167.71.199.96 port 36432 ssh2 ...	2020-05-21 01:10:31
46.123.240.244	attack	May 20 18:31:15 vmd26974 sshd[29330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.123.240.244 May 20 18:31:17 vmd26974 sshd[29330]: Failed password for invalid user pi from 46.123.240.244 port 18606 ssh2 ...	2020-05-21 01:14:13
91.223.250.170	attackspambots	May 20 17:41:06 mail.srvfarm.net postfix/smtpd[1509539]: warning: 91-223-250-170.nowogrod.net[91.223.250.170]: SASL PLAIN authentication failed: May 20 17:41:06 mail.srvfarm.net postfix/smtpd[1509539]: lost connection after AUTH from 91-223-250-170.nowogrod.net[91.223.250.170] May 20 17:44:41 mail.srvfarm.net postfix/smtps/smtpd[1512863]: warning: 91-223-250-170.nowogrod.net[91.223.250.170]: SASL PLAIN authentication failed: May 20 17:44:41 mail.srvfarm.net postfix/smtps/smtpd[1512863]: lost connection after AUTH from 91-223-250-170.nowogrod.net[91.223.250.170] May 20 17:45:56 mail.srvfarm.net postfix/smtps/smtpd[1508895]: lost connection after CONNECT from 91-223-250-170.nowogrod.net[91.223.250.170]	2020-05-21 01:08:39
152.32.164.39	attackbots	2020-05-20T11:02:47.412808server.mjenks.net sshd[713547]: Invalid user hcz from 152.32.164.39 port 57018 2020-05-20T11:02:47.420072server.mjenks.net sshd[713547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.164.39 2020-05-20T11:02:47.412808server.mjenks.net sshd[713547]: Invalid user hcz from 152.32.164.39 port 57018 2020-05-20T11:02:49.258278server.mjenks.net sshd[713547]: Failed password for invalid user hcz from 152.32.164.39 port 57018 ssh2 2020-05-20T11:05:34.136015server.mjenks.net sshd[713844]: Invalid user hxd from 152.32.164.39 port 56996 ...	2020-05-21 01:24:10
77.45.85.135	attackspambots	May 20 17:48:09 mail.srvfarm.net postfix/smtpd[1512860]: warning: 77-45-85-135.sta.asta-net.com.pl[77.45.85.135]: SASL PLAIN authentication failed: May 20 17:48:09 mail.srvfarm.net postfix/smtpd[1512860]: lost connection after AUTH from 77-45-85-135.sta.asta-net.com.pl[77.45.85.135] May 20 17:52:02 mail.srvfarm.net postfix/smtpd[1512860]: warning: 77-45-85-135.sta.asta-net.com.pl[77.45.85.135]: SASL PLAIN authentication failed: May 20 17:52:02 mail.srvfarm.net postfix/smtpd[1512860]: lost connection after AUTH from 77-45-85-135.sta.asta-net.com.pl[77.45.85.135] May 20 17:56:07 mail.srvfarm.net postfix/smtps/smtpd[1515643]: lost connection after CONNECT from 77-45-85-135.sta.asta-net.com.pl[77.45.85.135]	2020-05-21 01:00:49
79.124.62.118	attack	May 20 19:09:47 debian-2gb-nbg1-2 kernel: \[12253412.935447\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=79.124.62.118 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=40156 PROTO=TCP SPT=49173 DPT=6934 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-21 01:13:46
37.139.1.197	attack	May 20 18:54:38 srv-ubuntu-dev3 sshd[12475]: Invalid user irp from 37.139.1.197 May 20 18:54:38 srv-ubuntu-dev3 sshd[12475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.1.197 May 20 18:54:38 srv-ubuntu-dev3 sshd[12475]: Invalid user irp from 37.139.1.197 May 20 18:54:40 srv-ubuntu-dev3 sshd[12475]: Failed password for invalid user irp from 37.139.1.197 port 57017 ssh2 May 20 18:58:58 srv-ubuntu-dev3 sshd[13092]: Invalid user rtz from 37.139.1.197 May 20 18:58:58 srv-ubuntu-dev3 sshd[13092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.1.197 May 20 18:58:58 srv-ubuntu-dev3 sshd[13092]: Invalid user rtz from 37.139.1.197 May 20 18:59:01 srv-ubuntu-dev3 sshd[13092]: Failed password for invalid user rtz from 37.139.1.197 port 60064 ssh2 May 20 19:03:30 srv-ubuntu-dev3 sshd[13908]: Invalid user pcu from 37.139.1.197 ...	2020-05-21 01:21:47
222.186.42.136	attack	May 20 19:35:56 PorscheCustomer sshd[26185]: Failed password for root from 222.186.42.136 port 10907 ssh2 May 20 19:35:58 PorscheCustomer sshd[26185]: Failed password for root from 222.186.42.136 port 10907 ssh2 May 20 19:36:00 PorscheCustomer sshd[26185]: Failed password for root from 222.186.42.136 port 10907 ssh2 ...	2020-05-21 01:38:29
118.24.18.226	attackbotsspam	May 20 16:02:26 game-panel sshd[23077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.18.226 May 20 16:02:28 game-panel sshd[23077]: Failed password for invalid user pjq from 118.24.18.226 port 54864 ssh2 May 20 16:05:40 game-panel sshd[23210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.18.226	2020-05-21 01:10:46
162.243.142.72	attackbotsspam	firewall-block, port(s): 7574/tcp	2020-05-21 01:07:14
187.189.61.8	attack	May 20 17:55:06 icinga sshd[43767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.61.8 May 20 17:55:08 icinga sshd[43767]: Failed password for invalid user jez from 187.189.61.8 port 41374 ssh2 May 20 18:05:39 icinga sshd[61080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.61.8 ...	2020-05-21 01:12:27
203.192.204.168	attackspambots	May 20 19:13:19 vps687878 sshd\[12455\]: Failed password for invalid user rhh from 203.192.204.168 port 37090 ssh2 May 20 19:17:03 vps687878 sshd\[12898\]: Invalid user yfv from 203.192.204.168 port 49018 May 20 19:17:03 vps687878 sshd\[12898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.192.204.168 May 20 19:17:05 vps687878 sshd\[12898\]: Failed password for invalid user yfv from 203.192.204.168 port 49018 ssh2 May 20 19:20:59 vps687878 sshd\[13272\]: Invalid user ecn from 203.192.204.168 port 32982 May 20 19:20:59 vps687878 sshd\[13272\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.192.204.168 ...	2020-05-21 01:32:36
49.88.112.110	attackspam	SSH/22 MH Probe, BF, Hack -	2020-05-21 01:32:10
129.28.178.78	attackspam	May 20 18:45:32 home sshd[29875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.178.78 May 20 18:45:34 home sshd[29875]: Failed password for invalid user oyk from 129.28.178.78 port 35442 ssh2 May 20 18:51:03 home sshd[30741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.178.78 ...	2020-05-21 01:07:44

Recently Reported IPs

187.190.121.243	156.200.116.71	143.198.50.232	177.126.91.146
154.201.45.135	201.209.112.95	36.70.241.10	188.143.217.17
73.33.183.3	62.128.110.230	186.96.26.132	167.172.173.208
14.142.133.235	104.237.151.251	123.56.82.70	47.38.133.157
36.72.169.242	160.20.202.58	14.52.29.168	222.247.1.110