80.252.137.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Flex Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jan 16 17:21:09 mout sshd[32757]: Invalid user demo from 80.252.137.29 port 39790	2020-01-17 02:26:20

Comments on same subnet:

IP	Type	Details	Datetime
80.252.137.26	attackbotsspam	Mar 3 12:45:14 server sshd\[19275\]: Invalid user wayne from 80.252.137.26 Mar 3 12:45:14 server sshd\[19275\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.26 Mar 3 12:45:16 server sshd\[19275\]: Failed password for invalid user wayne from 80.252.137.26 port 43406 ssh2 Mar 3 13:33:00 server sshd\[27901\]: Invalid user diana from 80.252.137.26 Mar 3 13:33:00 server sshd\[27901\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.26 ...	2020-03-03 18:59:26
80.252.137.50	attackspambots	Mar 1 05:24:44 mockhub sshd[14219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.50 Mar 1 05:24:46 mockhub sshd[14219]: Failed password for invalid user deployer from 80.252.137.50 port 51742 ssh2 ...	2020-03-01 23:27:43
80.252.137.50	attack	Feb 28 23:32:31 server sshd\[29382\]: Invalid user user05 from 80.252.137.50 Feb 28 23:32:31 server sshd\[29382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.50 Feb 28 23:32:32 server sshd\[29382\]: Failed password for invalid user user05 from 80.252.137.50 port 44330 ssh2 Feb 29 07:55:37 server sshd\[27267\]: Invalid user git from 80.252.137.50 Feb 29 07:55:37 server sshd\[27267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.50 ...	2020-02-29 13:15:42
80.252.137.50	attackbotsspam	Feb 25 04:01:46 server sshd\[3869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.50 user=root Feb 25 04:01:49 server sshd\[3869\]: Failed password for root from 80.252.137.50 port 46960 ssh2 Feb 25 22:37:18 server sshd\[23212\]: Invalid user chenyang from 80.252.137.50 Feb 25 22:37:18 server sshd\[23212\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.50 Feb 25 22:37:20 server sshd\[23212\]: Failed password for invalid user chenyang from 80.252.137.50 port 53284 ssh2 ...	2020-02-26 03:39:07
80.252.137.54	attack	Feb 15 18:58:06 MK-Soft-Root1 sshd[15061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 Feb 15 18:58:08 MK-Soft-Root1 sshd[15061]: Failed password for invalid user nginx from 80.252.137.54 port 50992 ssh2 ...	2020-02-16 05:45:37
80.252.137.54	attackbotsspam	Feb 10 10:36:05 MK-Soft-Root2 sshd[19584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 Feb 10 10:36:08 MK-Soft-Root2 sshd[19584]: Failed password for invalid user juy from 80.252.137.54 port 39696 ssh2 ...	2020-02-10 19:01:29
80.252.137.52	attackbotsspam	2020-02-10T05:51:58.9140581240 sshd\[4779\]: Invalid user kbl from 80.252.137.52 port 33968 2020-02-10T05:51:58.9169851240 sshd\[4779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.52 2020-02-10T05:52:00.7504511240 sshd\[4779\]: Failed password for invalid user kbl from 80.252.137.52 port 33968 ssh2 ...	2020-02-10 18:04:31
80.252.137.52	attack	$f2bV_matches	2020-02-02 08:56:45
80.252.137.54	attackspambots	Feb 1 04:47:11 ns392434 sshd[26033]: Invalid user teamspeak from 80.252.137.54 port 42446 Feb 1 04:47:11 ns392434 sshd[26033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 Feb 1 04:47:11 ns392434 sshd[26033]: Invalid user teamspeak from 80.252.137.54 port 42446 Feb 1 04:47:14 ns392434 sshd[26033]: Failed password for invalid user teamspeak from 80.252.137.54 port 42446 ssh2 Feb 1 05:26:40 ns392434 sshd[26555]: Invalid user whmcs from 80.252.137.54 port 57916 Feb 1 05:26:40 ns392434 sshd[26555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 Feb 1 05:26:40 ns392434 sshd[26555]: Invalid user whmcs from 80.252.137.54 port 57916 Feb 1 05:26:42 ns392434 sshd[26555]: Failed password for invalid user whmcs from 80.252.137.54 port 57916 ssh2 Feb 1 05:58:15 ns392434 sshd[26927]: Invalid user radio from 80.252.137.54 port 46356	2020-02-01 13:27:08
80.252.137.54	attackspam	Jan 29 18:14:13 server sshd\[1122\]: Invalid user araga from 80.252.137.54 Jan 29 18:14:13 server sshd\[1122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 Jan 29 18:14:14 server sshd\[1122\]: Failed password for invalid user araga from 80.252.137.54 port 37520 ssh2 Jan 29 19:13:13 server sshd\[10113\]: Invalid user bhuvaneshwari from 80.252.137.54 Jan 29 19:13:13 server sshd\[10113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 ...	2020-01-30 01:53:33
80.252.137.52	attack	Jan 23 18:21:24 lnxmail61 sshd[25175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.52	2020-01-24 08:18:24
80.252.137.54	attack	SSH bruteforce (Triggered fail2ban)	2020-01-24 00:31:41
80.252.137.38	attack	Jan 22 06:58:39 MK-Soft-VM8 sshd[9699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.38 Jan 22 06:58:41 MK-Soft-VM8 sshd[9699]: Failed password for invalid user prueba from 80.252.137.38 port 41492 ssh2 ...	2020-01-22 14:05:52
80.252.137.54	attack	2020-01-13T10:22:47.7178461495-001 sshd[2124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 user=r.r 2020-01-13T10:22:50.1999361495-001 sshd[2124]: Failed password for r.r from 80.252.137.54 port 52564 ssh2 2020-01-13T11:06:44.2386471495-001 sshd[4017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 user=r.r 2020-01-13T11:06:46.4036871495-001 sshd[4017]: Failed password for r.r from 80.252.137.54 port 44498 ssh2 2020-01-13T11:17:40.7518641495-001 sshd[4495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.54 user=r.r 2020-01-13T11:17:41.9737861495-001 sshd[4495]: Failed password for r.r from 80.252.137.54 port 40762 ssh2 2020-01-13T11:28:33.1932901495-001 sshd[4828]: Invalid user bash from 80.252.137.54 port 37010 2020-01-13T11:28:33.1969931495-001 sshd[4828]: pam_unix(sshd:auth): authentication failure; log........ ------------------------------	2020-01-14 02:25:45
80.252.137.38	attackspam	Jan 3 12:28:28 tdfoods sshd\[20323\]: Invalid user hih from 80.252.137.38 Jan 3 12:28:28 tdfoods sshd\[20323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.38 Jan 3 12:28:30 tdfoods sshd\[20323\]: Failed password for invalid user hih from 80.252.137.38 port 38972 ssh2 Jan 3 12:36:52 tdfoods sshd\[20918\]: Invalid user db2adm from 80.252.137.38 Jan 3 12:36:52 tdfoods sshd\[20918\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.252.137.38	2020-01-04 06:59:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.252.137.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40571
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.252.137.29.			IN	A

;; AUTHORITY SECTION:
.			391	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011601 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 17 02:26:17 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 29.137.252.80.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 29.137.252.80.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.215.94	attack	2020-08-07T22:16:48.274768amanda2.illicoweb.com sshd\[28251\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.94 user=root 2020-08-07T22:16:50.107624amanda2.illicoweb.com sshd\[28251\]: Failed password for root from 106.13.215.94 port 42424 ssh2 2020-08-07T22:20:38.108912amanda2.illicoweb.com sshd\[28706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.94 user=root 2020-08-07T22:20:40.182521amanda2.illicoweb.com sshd\[28706\]: Failed password for root from 106.13.215.94 port 36308 ssh2 2020-08-07T22:24:23.445645amanda2.illicoweb.com sshd\[29424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.215.94 user=root ...	2020-08-08 07:44:46
106.38.0.67	attackbots	Unwanted checking 80 or 443 port ...	2020-08-08 07:54:57
186.10.125.209	attackspam	Aug 7 19:33:25 host sshd\[31940\]: Failed password for root from 186.10.125.209 port 13753 ssh2 Aug 7 19:40:01 host sshd\[511\]: Failed password for root from 186.10.125.209 port 20495 ssh2 Aug 7 19:44:36 host sshd\[1529\]: Invalid user \~\#$%\^\&\,.\; from 186.10.125.209 Aug 7 19:44:36 host sshd\[1529\]: Failed password for invalid user \~\#$%\^\&\,.\; from 186.10.125.209 port 15534 ssh2 ...	2020-08-08 07:54:00
103.246.240.26	attackspambots	Aug 7 23:21:49 *** sshd[1439]: User root from 103.246.240.26 not allowed because not listed in AllowUsers	2020-08-08 07:26:02
139.180.189.0	attackbots	Registration form abuse	2020-08-08 07:40:13
111.229.199.67	attack	2020-08-07T22:17:47.500018amanda2.illicoweb.com sshd\[28389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.199.67 user=root 2020-08-07T22:17:49.097136amanda2.illicoweb.com sshd\[28389\]: Failed password for root from 111.229.199.67 port 56308 ssh2 2020-08-07T22:21:17.096462amanda2.illicoweb.com sshd\[28998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.199.67 user=root 2020-08-07T22:21:19.190302amanda2.illicoweb.com sshd\[28998\]: Failed password for root from 111.229.199.67 port 33508 ssh2 2020-08-07T22:24:49.165806amanda2.illicoweb.com sshd\[29581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.199.67 user=root ...	2020-08-08 07:25:33
188.166.251.156	attackspam	Aug 8 00:12:10 s1 sshd\[5579\]: User root from 188.166.251.156 not allowed because not listed in AllowUsers Aug 8 00:12:10 s1 sshd\[5579\]: Failed password for invalid user root from 188.166.251.156 port 41590 ssh2 Aug 8 00:14:01 s1 sshd\[5642\]: User root from 188.166.251.156 not allowed because not listed in AllowUsers Aug 8 00:14:01 s1 sshd\[5642\]: Failed password for invalid user root from 188.166.251.156 port 41892 ssh2 Aug 8 00:15:57 s1 sshd\[6456\]: User root from 188.166.251.156 not allowed because not listed in AllowUsers Aug 8 00:15:57 s1 sshd\[6456\]: Failed password for invalid user root from 188.166.251.156 port 42198 ssh2 ...	2020-08-08 08:00:57
139.59.22.2	attackbotsspam	Web App Attack	2020-08-08 07:51:29
218.92.0.224	attack	Aug 7 16:32:30 propaganda sshd[101013]: Connection from 218.92.0.224 port 8795 on 10.0.0.160 port 22 rdomain "" Aug 7 16:32:30 propaganda sshd[101013]: Unable to negotiate with 218.92.0.224 port 8795: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]	2020-08-08 07:38:01
68.183.19.26	attack	Port Scan detected from 68.183.19.26 (US/United States/New Jersey/North Bergen/kaltim.bawaslu.go.id). 4 hits in the last 75 seconds	2020-08-08 07:55:30
124.251.110.147	attackbotsspam	2020-08-08T00:59:56.156161amanda2.illicoweb.com sshd\[1697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.251.110.147 user=root 2020-08-08T00:59:58.043090amanda2.illicoweb.com sshd\[1697\]: Failed password for root from 124.251.110.147 port 38190 ssh2 2020-08-08T01:04:02.007507amanda2.illicoweb.com sshd\[2194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.251.110.147 user=root 2020-08-08T01:04:03.999734amanda2.illicoweb.com sshd\[2194\]: Failed password for root from 124.251.110.147 port 55142 ssh2 2020-08-08T01:08:07.820999amanda2.illicoweb.com sshd\[2706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.251.110.147 user=root ...	2020-08-08 07:57:16
207.244.84.132	attack	Fail2Ban Ban Triggered	2020-08-08 07:34:14
61.177.172.177	attack	Aug 7 20:31:08 firewall sshd[22239]: Failed password for root from 61.177.172.177 port 42132 ssh2 Aug 7 20:31:11 firewall sshd[22239]: Failed password for root from 61.177.172.177 port 42132 ssh2 Aug 7 20:31:15 firewall sshd[22239]: Failed password for root from 61.177.172.177 port 42132 ssh2 ...	2020-08-08 07:32:00
125.162.123.114	attackbots	IP 125.162.123.114 attacked honeypot on port: 23 at 8/7/2020 1:23:36 PM	2020-08-08 07:45:59
106.75.7.92	attack	$f2bV_matches	2020-08-08 07:32:32

Recently Reported IPs

150.95.147.216	144.91.102.190	121.229.29.86	118.187.4.172
249.90.87.223	174.58.163.192	108.11.25.71	117.183.224.215
242.234.105.96	9.167.114.46	102.243.243.116	104.168.237.171
103.243.164.251	67.205.174.230	51.91.159.46	12.33.34.73
14.250.122.233	5.253.17.160	5.29.191.195	3.104.156.83