189.252.22.149

Basic Info

City: Ciudad de Huajuapan de León

Region: Oaxaca

Country: Mexico

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.252.22.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26221
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;189.252.22.149.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021301 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 14 01:51:33 CST 2025
;; MSG SIZE  rcvd: 107

Host info

149.22.252.189.in-addr.arpa domain name pointer dsl-189-252-22-149-dyn.prod-infinitum.com.mx.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.22.252.189.in-addr.arpa	name = dsl-189-252-22-149-dyn.prod-infinitum.com.mx.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.111.227.5	attackspambots	2019-10-20T11:46:00.673996abusebot.cloudsearch.cf sshd\[24763\]: Invalid user admin from 183.111.227.5 port 49468	2019-10-20 20:05:23
101.79.62.143	attack	Oct 20 12:16:45 web8 sshd\[11765\]: Invalid user 0l0ctyQh243O63uD from 101.79.62.143 Oct 20 12:16:45 web8 sshd\[11765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.79.62.143 Oct 20 12:16:47 web8 sshd\[11765\]: Failed password for invalid user 0l0ctyQh243O63uD from 101.79.62.143 port 46825 ssh2 Oct 20 12:22:10 web8 sshd\[14305\]: Invalid user Abcd1234!@\#\$ from 101.79.62.143 Oct 20 12:22:10 web8 sshd\[14305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.79.62.143	2019-10-20 20:26:27
165.22.6.73	attackbotsspam	Oct 19 05:02:41 newdogma sshd[5587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.6.73 user=r.r Oct 19 05:02:43 newdogma sshd[5587]: Failed password for r.r from 165.22.6.73 port 57736 ssh2 Oct 19 05:02:43 newdogma sshd[5587]: Received disconnect from 165.22.6.73 port 57736:11: Bye Bye [preauth] Oct 19 05:02:43 newdogma sshd[5587]: Disconnected from 165.22.6.73 port 57736 [preauth] Oct 19 05:07:33 newdogma sshd[5650]: Invalid user arnau from 165.22.6.73 port 46236 Oct 19 05:07:33 newdogma sshd[5650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.6.73 Oct 19 05:07:35 newdogma sshd[5650]: Failed password for invalid user arnau from 165.22.6.73 port 46236 ssh2 Oct 19 05:07:35 newdogma sshd[5650]: Received disconnect from 165.22.6.73 port 46236:11: Bye Bye [preauth] Oct 19 05:07:35 newdogma sshd[5650]: Disconnected from 165.22.6.73 port 46236 [preauth] ........ ----------------------------------------------- http	2019-10-20 20:27:48
139.99.78.208	attackbots	Oct 20 12:00:38 localhost sshd\[78349\]: Invalid user bash from 139.99.78.208 port 39410 Oct 20 12:00:38 localhost sshd\[78349\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.78.208 Oct 20 12:00:40 localhost sshd\[78349\]: Failed password for invalid user bash from 139.99.78.208 port 39410 ssh2 Oct 20 12:05:47 localhost sshd\[78490\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.78.208 user=root Oct 20 12:05:49 localhost sshd\[78490\]: Failed password for root from 139.99.78.208 port 51330 ssh2 ...	2019-10-20 20:15:20
122.175.55.196	attackbots	SSH bruteforce (Triggered fail2ban)	2019-10-20 20:25:22
144.217.242.111	attack	Oct 20 14:49:57 sauna sshd[88238]: Failed password for root from 144.217.242.111 port 38268 ssh2 ...	2019-10-20 20:06:18
193.202.83.104	attackspam	193.202.83.104 - - [20/Oct/2019:08:05:19 -0400] "GET /?page=products&action=../../../../../../etc/passwd%00&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17303 "https://newportbrassfaucets.com/?page=products&action=../../../../../../etc/passwd%00&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 20:35:49
94.177.224.127	attack	Oct 20 02:17:26 php1 sshd\[29294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.224.127 user=root Oct 20 02:17:27 php1 sshd\[29294\]: Failed password for root from 94.177.224.127 port 36972 ssh2 Oct 20 02:21:28 php1 sshd\[29624\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.224.127 user=root Oct 20 02:21:31 php1 sshd\[29624\]: Failed password for root from 94.177.224.127 port 48578 ssh2 Oct 20 02:25:37 php1 sshd\[29970\]: Invalid user informix from 94.177.224.127	2019-10-20 20:38:37
45.113.71.101	attackbots	" "	2019-10-20 19:59:09
89.252.141.185	attack	89.252.141.185 - - [20/Oct/2019:14:05:58 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 89.252.141.185 - - [20/Oct/2019:14:05:59 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 89.252.141.185 - - [20/Oct/2019:14:05:59 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 89.252.141.185 - - [20/Oct/2019:14:05:59 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 89.252.141.185 - - [20/Oct/2019:14:06:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 89.252.141.185 - - [20/Oct/2019:14:06:00 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-20 20:10:32
222.186.175.155	attack	Oct 20 14:24:07 MK-Soft-VM5 sshd[16637]: Failed password for root from 222.186.175.155 port 60266 ssh2 Oct 20 14:24:13 MK-Soft-VM5 sshd[16637]: Failed password for root from 222.186.175.155 port 60266 ssh2 ...	2019-10-20 20:32:18
154.209.4.173	attackbots	Oct 20 19:19:51 webhost01 sshd[10883]: Failed password for root from 154.209.4.173 port 54943 ssh2 ...	2019-10-20 20:36:05
5.14.169.92	attackbotsspam	Automatic report - Port Scan Attack	2019-10-20 20:13:45
185.250.44.68	attackbotsspam	185.250.44.68 - - [20/Oct/2019:08:05:49 -0400] "GET /?page=products&action=../../../../../../../etc/passwd&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17300 "https://newportbrassfaucets.com/?page=products&action=../../../../../../../etc/passwd&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 20:17:56
124.74.248.218	attackspam	Oct 20 14:54:42 server sshd\[26816\]: Invalid user sandbox from 124.74.248.218 Oct 20 14:54:42 server sshd\[26816\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.248.218 Oct 20 14:54:45 server sshd\[26816\]: Failed password for invalid user sandbox from 124.74.248.218 port 58398 ssh2 Oct 20 15:05:48 server sshd\[30714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.248.218 user=root Oct 20 15:05:50 server sshd\[30714\]: Failed password for root from 124.74.248.218 port 52534 ssh2 ...	2019-10-20 20:19:36

Recently Reported IPs

196.46.194.77	174.253.149.182	34.130.84.238	127.128.74.246
108.78.75.124	155.255.163.48	172.93.138.168	241.75.175.201
212.218.148.118	34.33.184.74	151.92.7.233	185.105.44.78
67.83.64.134	203.225.237.36	15.220.221.232	142.163.164.167
199.51.212.97	51.120.192.107	99.125.34.254	209.116.12.20