149.91.98.249 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: PSINet Inc.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 10 23:01:05 vps639187 sshd\[26199\]: Invalid user admin from 149.91.98.249 port 1768 Sep 10 23:01:05 vps639187 sshd\[26199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.91.98.249 Sep 10 23:01:07 vps639187 sshd\[26199\]: Failed password for invalid user admin from 149.91.98.249 port 1768 ssh2 ...	2020-09-12 00:45:01
attackbotsspam	Sep 10 23:01:05 vps639187 sshd\[26199\]: Invalid user admin from 149.91.98.249 port 1768 Sep 10 23:01:05 vps639187 sshd\[26199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.91.98.249 Sep 10 23:01:07 vps639187 sshd\[26199\]: Failed password for invalid user admin from 149.91.98.249 port 1768 ssh2 ...	2020-09-11 16:43:41
attack	Sep 10 23:01:05 vps639187 sshd\[26199\]: Invalid user admin from 149.91.98.249 port 1768 Sep 10 23:01:05 vps639187 sshd\[26199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.91.98.249 Sep 10 23:01:07 vps639187 sshd\[26199\]: Failed password for invalid user admin from 149.91.98.249 port 1768 ssh2 ...	2020-09-11 08:54:42
attack	May 28 14:01:30 fhem-rasp sshd[9051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.91.98.249 user=root May 28 14:01:31 fhem-rasp sshd[9051]: Failed password for root from 149.91.98.249 port 13232 ssh2 ...	2020-05-28 23:02:52

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.91.98.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58245
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.91.98.249.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052800 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 28 23:02:39 CST 2020
;; MSG SIZE  rcvd: 117

Host info

249.98.91.149.in-addr.arpa domain name pointer 249.red.98.91.149.procono.es.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.98.91.149.in-addr.arpa	name = 249.red.98.91.149.procono.es.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.23	attackbots	Unauthorized connection attempt detected from IP address 222.186.175.23 to port 22 [J]	2020-02-02 22:50:28
82.102.166.167	attackbotsspam	$f2bV_matches	2020-02-02 23:15:40
113.181.124.244	attackbotsspam	Feb 2 14:40:24 vmd38886 sshd\[31895\]: Invalid user dircreate from 113.181.124.244 port 52689 Feb 2 14:40:24 vmd38886 sshd\[31895\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.181.124.244 Feb 2 14:40:27 vmd38886 sshd\[31895\]: Failed password for invalid user dircreate from 113.181.124.244 port 52689 ssh2	2020-02-02 23:05:56
185.234.219.82	attack	Rude login attack (64 tries in 1d)	2020-02-02 23:07:06
61.37.82.2	attackspam	Feb 2 14:59:10 thevastnessof sshd[30261]: Failed password for invalid user sysadmin from 61.37.82.2 port 57082 ssh2 Feb 2 15:09:42 thevastnessof sshd[30399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.37.82.2 ...	2020-02-02 23:20:23
45.134.179.15	attackspam	Portscan or hack attempt detected by psad/fwsnort	2020-02-02 22:52:04
149.202.56.194	attack	Feb 2 05:06:29 hpm sshd\[10077\]: Invalid user ftptest from 149.202.56.194 Feb 2 05:06:29 hpm sshd\[10077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.ip-149-202-56.eu Feb 2 05:06:31 hpm sshd\[10077\]: Failed password for invalid user ftptest from 149.202.56.194 port 51736 ssh2 Feb 2 05:09:38 hpm sshd\[10323\]: Invalid user gpadmin from 149.202.56.194 Feb 2 05:09:38 hpm sshd\[10323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.ip-149-202-56.eu	2020-02-02 23:26:16
154.72.195.154	attackspam	Aug 20 01:06:30 ms-srv sshd[56053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.72.195.154 Aug 20 01:06:32 ms-srv sshd[56053]: Failed password for invalid user opendkim from 154.72.195.154 port 16136 ssh2	2020-02-02 23:00:31
49.234.206.45	attack	Feb 2 18:08:56 server sshd\[7387\]: Invalid user teste from 49.234.206.45 Feb 2 18:08:56 server sshd\[7387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.206.45 Feb 2 18:08:59 server sshd\[7387\]: Failed password for invalid user teste from 49.234.206.45 port 42182 ssh2 Feb 2 18:09:37 server sshd\[7488\]: Invalid user teste from 49.234.206.45 Feb 2 18:09:37 server sshd\[7488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.206.45 ...	2020-02-02 23:26:39
42.243.150.215	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-02 23:18:20
154.8.138.184	attackbotsspam	Feb 2 11:11:59 ms-srv sshd[1142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.138.184 Feb 2 11:12:00 ms-srv sshd[1142]: Failed password for invalid user ubuntu from 154.8.138.184 port 58910 ssh2	2020-02-02 22:51:49
45.125.66.193	attackbotsspam	Rude login attack (3 tries in 1d)	2020-02-02 23:03:54
154.8.167.35	attack	Jan 26 06:02:51 ms-srv sshd[13588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.167.35 Jan 26 06:02:53 ms-srv sshd[13588]: Failed password for invalid user pi from 154.8.167.35 port 46410 ssh2	2020-02-02 22:45:16
62.48.188.133	attackbots	1580650850 - 02/02/2020 14:40:50 Host: 62.48.188.133/62.48.188.133 Port: 445 TCP Blocked	2020-02-02 22:43:28
45.125.66.69	attackbotsspam	Rude login attack (4 tries in 1d)	2020-02-02 23:00:52

Recently Reported IPs

82.102.82.58	93.74.2.117	73.37.26.198	2.60.85.191
188.43.245.225	1.220.226.173	49.247.135.74	8.88.199.22
14.191.45.37	210.2.88.34	103.29.198.20	109.130.89.118
46.177.63.122	145.208.130.124	111.18.215.40	129.192.208.232
70.196.51.129	42.98.234.220	225.232.25.214	182.40.159.172