152.242.29.30 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Vivo S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Mar 25 22:30:17 iago sshd[17650]: Address 152.242.29.30 maps to 152-242-29-30.user.vivozap.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Mar 25 22:30:17 iago sshd[17650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.242.29.30 user=r.r Mar 25 22:30:19 iago sshd[17650]: Failed password for r.r from 152.242.29.30 port 45401 ssh2 Mar 25 22:30:19 iago sshd[17651]: Received disconnect from 152.242.29.30: 11: Bye Bye ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=152.242.29.30	2020-03-26 08:44:41

Type

Details

Datetime

attack

Mar 25 22:30:17 iago sshd[17650]: Address 152.242.29.30 maps to 152-242-29-30.user.vivozap.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Mar 25 22:30:17 iago sshd[17650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.242.29.30  user=r.r
Mar 25 22:30:19 iago sshd[17650]: Failed password for r.r from 152.242.29.30 port 45401 ssh2
Mar 25 22:30:19 iago sshd[17651]: Received disconnect from 152.242.29.30: 11: Bye Bye


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=152.242.29.30

2020-03-26 08:44:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 152.242.29.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7499
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;152.242.29.30.			IN	A

;; AUTHORITY SECTION:
.			178	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032503 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 26 08:44:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

30.29.242.152.in-addr.arpa domain name pointer 152-242-29-30.user.vivozap.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
30.29.242.152.in-addr.arpa	name = 152-242-29-30.user.vivozap.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.169.254.106	attackbots	Oct 10 14:35:03 mail postfix/smtpd\[4122\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 15:24:44 mail postfix/smtpd\[5828\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 15:49:31 mail postfix/smtpd\[6715\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 16:14:24 mail postfix/smtpd\[7475\]: warning: unknown\[193.169.254.106\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-10 23:55:44
2.57.122.181	attack	TCP (SYN) 2.57.122.181:33950 -> port 80, len 40	2020-10-10 23:49:38
212.129.144.231	attackspam	2020-10-10T09:04:15+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-10 23:48:15
192.35.168.218	attack	192.35.168.218 - - [24/Sep/2020:23:20:10 +0100] "GET / HTTP/1.1" 444 0 "-" "-" ...	2020-10-11 00:07:19
27.254.130.67	attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-10 23:36:12
194.180.224.103	attackbotsspam	Invalid user user from 194.180.224.103 port 39896	2020-10-10 23:55:15
208.186.113.144	attackspambots	2020-10-09 15:46:28.207311-0500 localhost smtpd[23498]: NOQUEUE: reject: RCPT from unknown[208.186.113.144]: 450 4.7.25 Client host rejected: cannot find your hostname, [208.186.113.144]; from= to= proto=ESMTP helo=	2020-10-10 23:39:43
222.186.15.62	attackspambots	2020-10-10T19:04:18.658111snf-827550 sshd[21848]: Failed password for root from 222.186.15.62 port 54476 ssh2 2020-10-10T19:04:21.127908snf-827550 sshd[21848]: Failed password for root from 222.186.15.62 port 54476 ssh2 2020-10-10T19:04:23.931602snf-827550 sshd[21848]: Failed password for root from 222.186.15.62 port 54476 ssh2 ...	2020-10-11 00:14:51
51.104.242.17	attackspam	Oct 10 17:33:02 hidden sshd[50626]: Failed password for invalid user otrs from 51.104.242.17 port 46456 ssh2 Oct 10 17:47:37 hidden sshd[65095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.104.242.17 user=root Oct 10 17:47:39 hidden sshd[65095]: Failed password for hidden from 51.104.242.17 port 40966 ssh2	2020-10-11 00:06:38
86.91.244.200	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2020-10-10 23:47:16
84.92.92.196	attack	prod11 ...	2020-10-11 00:04:34
92.62.131.106	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 82 - port: 19825 proto: tcp cat: Misc Attackbytes: 60	2020-10-10 23:46:13
192.35.168.250	attack	192.35.168.250 - - [29/Sep/2020:12:53:59 +0100] "GET / HTTP/1.1" 444 0 "-" "-" ...	2020-10-11 00:02:14
98.146.212.146	attack	(sshd) Failed SSH login from 98.146.212.146 (US/United States/cpe-98-146-212-146.natnow.res.rr.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 11:57:56 optimus sshd[15315]: Invalid user shift from 98.146.212.146 Oct 10 11:57:58 optimus sshd[15315]: Failed password for invalid user shift from 98.146.212.146 port 49822 ssh2 Oct 10 12:00:07 optimus sshd[16211]: Invalid user paraccel from 98.146.212.146 Oct 10 12:00:09 optimus sshd[16211]: Failed password for invalid user paraccel from 98.146.212.146 port 46282 ssh2 Oct 10 12:02:15 optimus sshd[16949]: Failed password for root from 98.146.212.146 port 42744 ssh2	2020-10-11 00:06:16
195.158.26.238	attack	Oct 11 01:54:26 web1 sshd[15950]: Invalid user list from 195.158.26.238 port 50906 Oct 11 01:54:26 web1 sshd[15950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.158.26.238 Oct 11 01:54:26 web1 sshd[15950]: Invalid user list from 195.158.26.238 port 50906 Oct 11 01:54:29 web1 sshd[15950]: Failed password for invalid user list from 195.158.26.238 port 50906 ssh2 Oct 11 01:59:55 web1 sshd[17744]: Invalid user jaxson from 195.158.26.238 port 40824 Oct 11 01:59:55 web1 sshd[17744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.158.26.238 Oct 11 01:59:55 web1 sshd[17744]: Invalid user jaxson from 195.158.26.238 port 40824 Oct 11 01:59:57 web1 sshd[17744]: Failed password for invalid user jaxson from 195.158.26.238 port 40824 ssh2 Oct 11 02:03:59 web1 sshd[19116]: Invalid user cvs1 from 195.158.26.238 port 44856 ...	2020-10-11 00:00:30

Recently Reported IPs

85.147.236.126	101.217.236.100	33.135.81.108	164.160.182.205
56.91.238.16	21.197.57.29	139.199.36.50	151.17.60.6
142.177.170.90	138.118.59.252	92.20.174.64	118.24.248.17
56.139.47.226	113.173.239.188	104.180.219.31	63.141.31.40
210.208.252.215	123.37.36.61	125.25.86.175	181.169.155.174