206.189.34.149

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Apr 15 14:07:07 ns382633 sshd\[4434\]: Invalid user apagar from 206.189.34.149 port 44608 Apr 15 14:07:07 ns382633 sshd\[4434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.34.149 Apr 15 14:07:08 ns382633 sshd\[4434\]: Failed password for invalid user apagar from 206.189.34.149 port 44608 ssh2 Apr 15 14:12:24 ns382633 sshd\[5539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.34.149 user=root Apr 15 14:12:27 ns382633 sshd\[5539\]: Failed password for root from 206.189.34.149 port 38280 ssh2	2020-04-15 21:17:32

Type

Details

Datetime

attack

Apr 15 14:07:07 ns382633 sshd\[4434\]: Invalid user apagar from 206.189.34.149 port 44608
Apr 15 14:07:07 ns382633 sshd\[4434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.34.149
Apr 15 14:07:08 ns382633 sshd\[4434\]: Failed password for invalid user apagar from 206.189.34.149 port 44608 ssh2
Apr 15 14:12:24 ns382633 sshd\[5539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.34.149  user=root
Apr 15 14:12:27 ns382633 sshd\[5539\]: Failed password for root from 206.189.34.149 port 38280 ssh2

2020-04-15 21:17:32

Comments on same subnet:

IP	Type	Details	Datetime
206.189.34.65	attackspam	Apr 28 07:34:01 meumeu sshd[4988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.34.65 Apr 28 07:34:03 meumeu sshd[4988]: Failed password for invalid user rick from 206.189.34.65 port 42652 ssh2 Apr 28 07:36:22 meumeu sshd[5398]: Failed password for backup from 206.189.34.65 port 60216 ssh2 ...	2020-04-28 13:59:18
206.189.34.34	attack	Mar 25 20:26:09 XXXXXX sshd[35559]: Invalid user cacti from 206.189.34.34 port 33478	2020-03-26 05:26:30
206.189.34.34	attackbots	2020-03-24T23:01:21.377466shield sshd\[26668\]: Invalid user cacti from 206.189.34.34 port 42710 2020-03-24T23:01:21.388421shield sshd\[26668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.34.34 2020-03-24T23:01:23.345404shield sshd\[26668\]: Failed password for invalid user cacti from 206.189.34.34 port 42710 ssh2 2020-03-24T23:03:14.542821shield sshd\[27024\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.34.34 user=root 2020-03-24T23:03:16.344475shield sshd\[27024\]: Failed password for root from 206.189.34.34 port 56770 ssh2	2020-03-25 08:45:38
206.189.34.34	attack	Mar 13 19:19:22 work-partkepr sshd\[5727\]: Invalid user oracle from 206.189.34.34 port 57036 Mar 13 19:19:22 work-partkepr sshd\[5727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.34.34 ...	2020-03-14 03:37:19
206.189.34.34	attackbots	Invalid user rezzorox from 206.189.34.34 port 39566	2020-03-11 17:08:40
206.189.34.150	attackspambots	$f2bV_matches	2020-02-27 04:07:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 206.189.34.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13203
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;206.189.34.149.			IN	A

;; AUTHORITY SECTION:
.			251	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041500 1800 900 604800 86400

;; Query time: 475 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 15 21:17:27 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 149.34.189.206.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.34.189.206.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.203.15.250	attackspam	wp-login.php	2020-07-11 21:43:22
177.52.52.254	attackbots	1594468851 - 07/11/2020 14:00:51 Host: 177.52.52.254/177.52.52.254 Port: 445 TCP Blocked	2020-07-11 21:44:27
203.160.55.106	attackspam	Jul 11 08:00:25 raspberrypi sshd[28457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.160.55.106 Jul 11 08:00:27 raspberrypi sshd[28457]: Failed password for invalid user fabrina from 203.160.55.106 port 55126 ssh2 Jul 11 08:01:07 raspberrypi sshd[28562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.160.55.106 ...	2020-07-11 21:23:59
87.245.179.94	attack	Unauthorized connection attempt from IP address 87.245.179.94 on Port 445(SMB)	2020-07-11 21:12:15
185.143.72.27	attackbotsspam	Jul 11 15:25:32 srv01 postfix/smtpd\[23694\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 11 15:26:05 srv01 postfix/smtpd\[22829\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 11 15:26:34 srv01 postfix/smtpd\[21603\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 11 15:27:03 srv01 postfix/smtpd\[24869\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 11 15:27:32 srv01 postfix/smtpd\[11475\]: warning: unknown\[185.143.72.27\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-11 21:36:02
118.24.234.79	attack	2020-07-11T12:56:37.389269shield sshd\[5782\]: Invalid user admin from 118.24.234.79 port 37392 2020-07-11T12:56:37.397626shield sshd\[5782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.234.79 2020-07-11T12:56:38.647065shield sshd\[5782\]: Failed password for invalid user admin from 118.24.234.79 port 37392 ssh2 2020-07-11T13:00:08.243160shield sshd\[6413\]: Invalid user testing from 118.24.234.79 port 48200 2020-07-11T13:00:08.255488shield sshd\[6413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.234.79	2020-07-11 21:08:03
222.186.180.130	attack	2020-07-11T15:47:24.398623lavrinenko.info sshd[6230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root 2020-07-11T15:47:26.064470lavrinenko.info sshd[6230]: Failed password for root from 222.186.180.130 port 55563 ssh2 2020-07-11T15:47:24.398623lavrinenko.info sshd[6230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root 2020-07-11T15:47:26.064470lavrinenko.info sshd[6230]: Failed password for root from 222.186.180.130 port 55563 ssh2 2020-07-11T15:47:29.026634lavrinenko.info sshd[6230]: Failed password for root from 222.186.180.130 port 55563 ssh2 ...	2020-07-11 21:14:54
178.208.142.134	attack	Unauthorized connection attempt from IP address 178.208.142.134 on Port 445(SMB)	2020-07-11 21:26:23
36.37.93.234	attackspam	Unauthorized connection attempt from IP address 36.37.93.234 on Port 445(SMB)	2020-07-11 21:32:11
42.116.12.188	attackbots	Unauthorized connection attempt from IP address 42.116.12.188 on Port 445(SMB)	2020-07-11 21:10:01
14.241.235.241	attackspambots	Dovecot Invalid User Login Attempt.	2020-07-11 21:14:38
77.42.72.121	attack	Automatic report - Port Scan Attack	2020-07-11 21:37:55
112.133.246.89	attackbots	Port scan on 1 port(s): 1433	2020-07-11 21:12:01
5.236.234.165	attackbots	20/7/11@08:00:53: FAIL: IoT-Telnet address from=5.236.234.165 ...	2020-07-11 21:45:18
186.67.32.130	attackspam	Unauthorized connection attempt from IP address 186.67.32.130 on Port 445(SMB)	2020-07-11 21:06:20

Recently Reported IPs

85.209.0.57	49.207.11.43	185.12.45.115	64.121.49.22
223.16.24.240	51.178.58.22	202.47.35.12	157.245.176.143
44.20.199.112	77.40.107.252	188.247.76.32	94.98.203.130
11.190.67.42	115.28.25.240	95.163.255.53	81.162.56.18
171.251.86.123	182.61.149.192	211.83.213.176	51.255.215.177