189.111.244.149

Basic Info

City: São Paulo

Region: Sao Paulo

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: TELEFÔNICA BRASIL S.A

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.111.244.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30970
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;189.111.244.149.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue May 14 01:18:42 CST 2019
;; MSG SIZE  rcvd: 119

Host info

149.244.111.189.in-addr.arpa domain name pointer 189-111-244-149.dsl.telesp.net.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
149.244.111.189.in-addr.arpa	name = 189-111-244-149.dsl.telesp.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.199.70.48	attackbots	B: /wp-login.php attack	2019-09-15 16:08:09
37.187.0.20	attackspam	2019-09-15T06:00:35.831232abusebot-5.cloudsearch.cf sshd\[21271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3323025.ip-37-187-0.eu user=operator	2019-09-15 16:28:35
112.85.42.232	attack	SSH Brute Force, server-1 sshd[30867]: Failed password for root from 112.85.42.232 port 54619 ssh2	2019-09-15 17:03:03
78.148.242.111	attackspambots	GB - 1H : (44) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN13285 IP : 78.148.242.111 CIDR : 78.148.0.0/14 PREFIX COUNT : 35 UNIQUE IP COUNT : 3565824 WYKRYTE ATAKI Z ASN13285 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 5 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-15 16:56:35
95.168.180.88	attackspambots	\[2019-09-15 03:48:25\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-15T03:48:25.175-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="11100448002294911",SessionID="0x7f8a6c6094e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/95.168.180.88/8746",ACLName="no_extension_match" \[2019-09-15 03:53:12\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-15T03:53:12.208-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="111100448002294911",SessionID="0x7f8a6c362808",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/95.168.180.88/7150",ACLName="no_extension_match" \[2019-09-15 03:57:55\] SECURITY\[20693\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-15T03:57:55.865-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="11110448002294911",SessionID="0x7f8a6c255a88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/95.168.180.88/7079",ACLName=	2019-09-15 16:21:36
167.99.4.112	attack	Sep 15 00:07:56 aat-srv002 sshd[6043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.4.112 Sep 15 00:07:59 aat-srv002 sshd[6043]: Failed password for invalid user singha from 167.99.4.112 port 56216 ssh2 Sep 15 00:12:02 aat-srv002 sshd[6489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.4.112 Sep 15 00:12:04 aat-srv002 sshd[6489]: Failed password for invalid user do from 167.99.4.112 port 42616 ssh2 ...	2019-09-15 16:52:20
23.94.133.77	attackspam	2019-09-15T05:41:20.418803abusebot-7.cloudsearch.cf sshd\[5941\]: Invalid user vodaphone from 23.94.133.77 port 51252	2019-09-15 16:56:59
108.58.41.139	attack	Sep 15 16:14:45 localhost sshd[19150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.58.41.139 user=man Sep 15 16:14:46 localhost sshd[19150]: Failed password for man from 108.58.41.139 port 55996 ssh2 Sep 15 16:25:57 localhost sshd[19461]: Invalid user jwgblog from 108.58.41.139 port 26393 ...	2019-09-15 16:50:36
192.99.17.189	attack	Sep 15 05:35:42 ns37 sshd[13493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.17.189	2019-09-15 16:35:22
206.189.108.59	attack	Invalid user gast from 206.189.108.59 port 58398	2019-09-15 16:47:46
193.56.29.130	attackbots	Port scan: Attack repeated for 24 hours	2019-09-15 16:06:21
115.186.148.38	attackbots	Sep 15 03:55:06 ws12vmsma01 sshd[50065]: Failed password for invalid user mhal from 115.186.148.38 port 52540 ssh2 Sep 15 04:00:05 ws12vmsma01 sshd[50727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115-186-148-38.nayatel.pk user=postgres Sep 15 04:00:07 ws12vmsma01 sshd[50727]: Failed password for postgres from 115.186.148.38 port 41311 ssh2 ...	2019-09-15 16:52:47
103.86.50.211	attackspam	103.86.50.211 - - [15/Sep/2019:09:22:45 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.86.50.211 - - [15/Sep/2019:09:22:46 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.86.50.211 - - [15/Sep/2019:09:22:47 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.86.50.211 - - [15/Sep/2019:09:22:48 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.86.50.211 - - [15/Sep/2019:09:22:49 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.86.50.211 - - [15/Sep/2019:09:22:50 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-15 16:36:40
103.245.181.2	attackspambots	Sep 15 06:51:55 server sshd\[18446\]: Invalid user scan from 103.245.181.2 port 47994 Sep 15 06:51:55 server sshd\[18446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.245.181.2 Sep 15 06:51:57 server sshd\[18446\]: Failed password for invalid user scan from 103.245.181.2 port 47994 ssh2 Sep 15 06:56:14 server sshd\[31137\]: Invalid user server from 103.245.181.2 port 40092 Sep 15 06:56:14 server sshd\[31137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.245.181.2	2019-09-15 16:32:33
105.159.173.62	attack	Automatic report - Port Scan Attack	2019-09-15 16:22:43

Recently Reported IPs

5.62.39.232	34.109.155.189	210.207.143.2	139.53.201.233
85.105.12.13	200.29.84.229	164.48.129.70	79.137.77.62
199.188.188.80	184.45.173.71	59.11.120.15	23.34.127.91
162.252.57.221	208.130.169.228	198.217.28.35	179.182.65.35
44.118.28.96	121.253.245.50	80.211.230.51	217.177.7.16