104.185.149.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: AT&T Corp.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 104.185.149.1 to port 8000	2020-04-13 03:53:33
attackbotsspam	Unauthorized connection attempt detected from IP address 104.185.149.1 to port 81 [J]	2020-02-23 16:24:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.185.149.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7175
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.185.149.1.			IN	A

;; AUTHORITY SECTION:
.			123	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022300 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 23 16:24:51 CST 2020
;; MSG SIZE  rcvd: 117

Host info

1.149.185.104.in-addr.arpa domain name pointer 104-185-149-1.lightspeed.irvnca.sbcglobal.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.149.185.104.in-addr.arpa	name = 104-185-149-1.lightspeed.irvnca.sbcglobal.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
96.45.179.236	attack	Oct 25 18:39:58 sachi sshd\[5462\]: Invalid user ter from 96.45.179.236 Oct 25 18:39:58 sachi sshd\[5462\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.45.179.236.16clouds.com Oct 25 18:40:00 sachi sshd\[5462\]: Failed password for invalid user ter from 96.45.179.236 port 45854 ssh2 Oct 25 18:44:04 sachi sshd\[5785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.45.179.236.16clouds.com user=root Oct 25 18:44:06 sachi sshd\[5785\]: Failed password for root from 96.45.179.236 port 55534 ssh2	2019-10-26 16:56:56
185.22.142.7	attackspam	Oct 26 09:23:46 icinga sshd[9421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.22.142.7 Oct 26 09:23:48 icinga sshd[9421]: Failed password for invalid user op from 185.22.142.7 port 43749 ssh2 Oct 26 09:36:58 icinga sshd[19460]: Failed password for root from 185.22.142.7 port 34782 ssh2 ...	2019-10-26 17:12:30
95.27.205.101	attack	23/tcp [2019-10-26]1pkt	2019-10-26 17:04:49
54.37.130.197	attack	Lines containing failures of 54.37.130.197 Oct 22 17:17:41 * sshd[45176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.130.197 user=r.r Oct 22 17:17:43 * sshd[45176]: Failed password for r.r from 54.37.130.197 port 54254 ssh2 Oct 22 17:17:43 * sshd[45176]: Received disconnect from 54.37.130.197 port 54254:11: Bye Bye [preauth] Oct 22 17:17:43 * sshd[45176]: Disconnected from authenticating user r.r 54.37.130.197 port 54254 [preauth] Oct 22 17:31:04 * sshd[46121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.130.197 user=r.r Oct 22 17:31:05 * sshd[46121]: Failed password for r.r from 54.37.130.197 port 52592 ssh2 Oct 22 17:31:06 * sshd[46121]: Received disconnect from 54.37.130.197 port 52592:11: Bye Bye [preauth] Oct 22 17:31:06 * sshd[46121]: Disconnected from authenticating user r.r 54.37.130.197 port 52592 [preauth] Oct 22 17:35:04 *** sshd[46496]: pam_u........ ------------------------------	2019-10-26 17:06:29
85.93.20.84	attackspambots	191025 23:21:45 \[Warning\] Access denied for user 'BANKRUPTCY'@'85.93.20.84' \(using password: YES\) 191025 23:36:21 \[Warning\] Access denied for user 'BANKRUPTCY'@'85.93.20.84' \(using password: YES\) 191025 23:37:30 \[Warning\] Access denied for user 'BANKRUPTCY'@'85.93.20.84' \(using password: YES\) ...	2019-10-26 17:01:51
49.204.76.142	attackbotsspam	SSH bruteforce	2019-10-26 17:14:19
92.253.66.38	attackbotsspam	8080/tcp [2019-10-26]1pkt	2019-10-26 17:19:30
81.92.149.60	attackspam	Invalid user mktg1 from 81.92.149.60 port 34796	2019-10-26 16:55:34
124.216.18.54	attackspam	1433/tcp 1433/tcp 1433/tcp [2019-10-26]3pkt	2019-10-26 17:21:48
222.154.238.59	attack	Oct 26 07:54:10 ms-srv sshd[12075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.154.238.59 user=root Oct 26 07:54:13 ms-srv sshd[12075]: Failed password for invalid user root from 222.154.238.59 port 55618 ssh2	2019-10-26 16:57:48
1.9.46.177	attack	Oct 26 07:03:41 www sshd\[56563\]: Invalid user jayapradha from 1.9.46.177Oct 26 07:03:43 www sshd\[56563\]: Failed password for invalid user jayapradha from 1.9.46.177 port 47429 ssh2Oct 26 07:07:55 www sshd\[56753\]: Invalid user ifanw from 1.9.46.177 ...	2019-10-26 17:07:16
176.121.14.191	attackbots	Sql/code injection probe	2019-10-26 17:06:55
39.135.34.204	attackbots	1433/tcp [2019-10-02/26]2pkt	2019-10-26 17:32:02
124.121.216.35	attackspambots	1433/tcp [2019-10-26]1pkt	2019-10-26 17:23:27
52.192.73.251	attack	WordPress wp-login brute force :: 52.192.73.251 0.052 BYPASS [26/Oct/2019:18:12:24 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4634 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"	2019-10-26 17:16:15

Recently Reported IPs

200.236.99.47	67.177.132.197	200.75.107.111	195.26.55.27
117.199.223.176	182.121.86.191	182.52.103.47	176.212.108.45
175.144.217.231	174.21.67.178	131.150.198.49	170.82.66.24
150.107.188.48	123.201.108.58	119.182.115.21	118.232.136.2
118.70.123.208	115.132.243.215	114.35.112.9	113.52.131.3