104.185.149.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: AT&T Corp.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 104.185.149.1 to port 8000	2020-04-13 03:53:33
attackbotsspam	Unauthorized connection attempt detected from IP address 104.185.149.1 to port 81 [J]	2020-02-23 16:24:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.185.149.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7175
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.185.149.1.			IN	A

;; AUTHORITY SECTION:
.			123	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022300 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 23 16:24:51 CST 2020
;; MSG SIZE  rcvd: 117

Host info

1.149.185.104.in-addr.arpa domain name pointer 104-185-149-1.lightspeed.irvnca.sbcglobal.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.149.185.104.in-addr.arpa	name = 104-185-149-1.lightspeed.irvnca.sbcglobal.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.24.16.135	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-19 19:28:31
206.189.231.80	attackspam	xmlrpc attack	2020-07-19 19:05:34
203.236.51.35	attack	2020-07-18 UTC: (2x) - admin(2x)	2020-07-19 19:27:21
103.194.89.37	attackbots	TCP (SYN) 103.194.89.37:64493 -> port 445, len 52	2020-07-19 19:04:15
111.72.197.140	attack	Jul 19 11:35:32 srv01 postfix/smtpd\[11160\]: warning: unknown\[111.72.197.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 19 11:35:44 srv01 postfix/smtpd\[11160\]: warning: unknown\[111.72.197.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 19 11:36:00 srv01 postfix/smtpd\[11160\]: warning: unknown\[111.72.197.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 19 11:36:20 srv01 postfix/smtpd\[11160\]: warning: unknown\[111.72.197.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 19 11:36:36 srv01 postfix/smtpd\[11160\]: warning: unknown\[111.72.197.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-19 19:10:46
46.38.145.252	attackspambots	2020-07-19 11:14:40 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=ollie@csmailer.org) 2020-07-19 11:15:07 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=dcp@csmailer.org) 2020-07-19 11:15:33 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=pipe@csmailer.org) 2020-07-19 11:16:05 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=exporta@csmailer.org) 2020-07-19 11:16:33 auth_plain authenticator failed for (User) [46.38.145.252]: 535 Incorrect authentication data (set_id=pass1@csmailer.org) ...	2020-07-19 19:12:49
109.227.63.3	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-19 19:25:55
91.121.177.45	attackspam	Jul 19 10:53:26 scw-6657dc sshd[20757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.177.45 Jul 19 10:53:26 scw-6657dc sshd[20757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.177.45 Jul 19 10:53:28 scw-6657dc sshd[20757]: Failed password for invalid user password from 91.121.177.45 port 57090 ssh2 ...	2020-07-19 19:21:28
37.5.227.212	attackspambots	Jul 19 10:11:10 h2421860 sshd[31770]: Invalid user pi from 37.5.227.212 Jul 19 10:11:10 h2421860 sshd[31769]: Invalid user pi from 37.5.227.212 Jul 19 10:11:10 h2421860 sshd[31769]: Connection closed by 37.5.227.212 [preauth] Jul 19 10:11:10 h2421860 sshd[31770]: Connection closed by 37.5.227.212 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.5.227.212	2020-07-19 19:14:31
120.92.80.120	attackbots	Jul 19 11:30:26 havingfunrightnow sshd[335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.80.120 Jul 19 11:30:27 havingfunrightnow sshd[335]: Failed password for invalid user postgres from 120.92.80.120 port 54739 ssh2 Jul 19 11:42:44 havingfunrightnow sshd[574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.80.120 ...	2020-07-19 19:08:49
117.103.168.204	attackspambots	2020-07-19T11:06:19.499508vps1033 sshd[4258]: Invalid user oscar from 117.103.168.204 port 45186 2020-07-19T11:06:19.504219vps1033 sshd[4258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.sub168.pika.net.id 2020-07-19T11:06:19.499508vps1033 sshd[4258]: Invalid user oscar from 117.103.168.204 port 45186 2020-07-19T11:06:21.756772vps1033 sshd[4258]: Failed password for invalid user oscar from 117.103.168.204 port 45186 ssh2 2020-07-19T11:10:51.540554vps1033 sshd[13897]: Invalid user support from 117.103.168.204 port 60248 ...	2020-07-19 19:19:57
219.75.134.27	attack	2020-07-19T03:55:51.087054linuxbox-skyline sshd[74877]: Invalid user saku from 219.75.134.27 port 59741 ...	2020-07-19 19:32:39
119.28.178.213	attackbots	2020-07-19T10:10:40+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-07-19 19:16:47
88.102.234.75	attackspam	Jul 19 11:15:39 scw-tender-jepsen sshd[6515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.102.234.75 Jul 19 11:15:41 scw-tender-jepsen sshd[6515]: Failed password for invalid user park from 88.102.234.75 port 43676 ssh2	2020-07-19 19:17:58
202.175.46.170	attackbotsspam	Jul 19 10:38:48 vlre-nyc-1 sshd\[20708\]: Invalid user dsj from 202.175.46.170 Jul 19 10:38:48 vlre-nyc-1 sshd\[20708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 Jul 19 10:38:49 vlre-nyc-1 sshd\[20708\]: Failed password for invalid user dsj from 202.175.46.170 port 37620 ssh2 Jul 19 10:44:55 vlre-nyc-1 sshd\[20865\]: Invalid user morikawa from 202.175.46.170 Jul 19 10:44:55 vlre-nyc-1 sshd\[20865\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 ...	2020-07-19 19:05:08

Recently Reported IPs

200.236.99.47	67.177.132.197	200.75.107.111	195.26.55.27
117.199.223.176	182.121.86.191	182.52.103.47	176.212.108.45
175.144.217.231	174.21.67.178	131.150.198.49	170.82.66.24
150.107.188.48	123.201.108.58	119.182.115.21	118.232.136.2
118.70.123.208	115.132.243.215	114.35.112.9	113.52.131.3