149.200.134.85

Basic Info

City: unknown

Region: unknown

Country: Hashemite Kingdom of Jordan

Internet Service Provider: Jordan Data Communications Company LLC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 149.200.134.85 to port 5555 [J]	2020-01-12 23:34:03

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.200.134.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22794
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.200.134.85.			IN	A

;; AUTHORITY SECTION:
.			429	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011200 1800 900 604800 86400

;; Query time: 319 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 23:33:56 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 85.134.200.149.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 85.134.200.149.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.169.145.14	attack	2020-06-06T19:04:08.814908shield sshd\[13892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209-169-145-14.mc.derytele.com user=root 2020-06-06T19:04:11.097000shield sshd\[13892\]: Failed password for root from 209.169.145.14 port 45809 ssh2 2020-06-06T19:07:33.606558shield sshd\[15412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209-169-145-14.mc.derytele.com user=root 2020-06-06T19:07:35.360889shield sshd\[15412\]: Failed password for root from 209.169.145.14 port 47051 ssh2 2020-06-06T19:10:52.599123shield sshd\[16845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209-169-145-14.mc.derytele.com user=root	2020-06-07 04:23:49
112.0.170.178	attackspam	Jun 6 15:44:13 Tower sshd[36176]: Connection from 112.0.170.178 port 44498 on 192.168.10.220 port 22 rdomain "" Jun 6 15:44:16 Tower sshd[36176]: Failed password for root from 112.0.170.178 port 44498 ssh2 Jun 6 15:44:17 Tower sshd[36176]: Received disconnect from 112.0.170.178 port 44498:11: Bye Bye [preauth] Jun 6 15:44:17 Tower sshd[36176]: Disconnected from authenticating user root 112.0.170.178 port 44498 [preauth]	2020-06-07 04:18:57
104.238.120.74	attackspam	Automatic report - XMLRPC Attack	2020-06-07 04:26:22
69.162.79.242	attackspam	69.162.79.242 - - [06/Jun/2020:19:57:45 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 69.162.79.242 - - [06/Jun/2020:19:57:46 +0200] "POST /wp-login.php HTTP/1.1" 200 6684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 69.162.79.242 - - [06/Jun/2020:19:57:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-07 04:17:15
83.48.101.184	attackspambots	2020-06-06T19:15:47.375902abusebot-3.cloudsearch.cf sshd[12127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.red-83-48-101.staticip.rima-tde.net user=root 2020-06-06T19:15:49.276745abusebot-3.cloudsearch.cf sshd[12127]: Failed password for root from 83.48.101.184 port 26769 ssh2 2020-06-06T19:19:06.401620abusebot-3.cloudsearch.cf sshd[12316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.red-83-48-101.staticip.rima-tde.net user=root 2020-06-06T19:19:08.290006abusebot-3.cloudsearch.cf sshd[12316]: Failed password for root from 83.48.101.184 port 17773 ssh2 2020-06-06T19:22:28.100666abusebot-3.cloudsearch.cf sshd[12517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.red-83-48-101.staticip.rima-tde.net user=root 2020-06-06T19:22:29.715760abusebot-3.cloudsearch.cf sshd[12517]: Failed password for root from 83.48.101.184 port 17542 ssh2 2020-06-06T19 ...	2020-06-07 04:49:27
117.48.154.14	attack	Jun 3 19:23:13 ntop sshd[2199]: User r.r from 117.48.154.14 not allowed because not listed in AllowUsers Jun 3 19:23:13 ntop sshd[2199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.154.14 user=r.r Jun 3 19:23:15 ntop sshd[2199]: Failed password for invalid user r.r from 117.48.154.14 port 56366 ssh2 Jun 3 19:23:17 ntop sshd[2199]: Received disconnect from 117.48.154.14 port 56366:11: Bye Bye [preauth] Jun 3 19:23:17 ntop sshd[2199]: Disconnected from invalid user r.r 117.48.154.14 port 56366 [preauth] Jun 3 19:36:35 ntop sshd[4738]: User r.r from 117.48.154.14 not allowed because not listed in AllowUsers Jun 3 19:36:35 ntop sshd[4738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.154.14 user=r.r Jun 3 19:36:37 ntop sshd[4738]: Failed password for invalid user r.r from 117.48.154.14 port 49930 ssh2 Jun 3 19:36:38 ntop sshd[4738]: Received disconnect from 117.48........ -------------------------------	2020-06-07 04:17:44
64.202.185.147	attackspambots	Automatic report - XMLRPC Attack	2020-06-07 04:30:28
193.84.76.23	attack	Jun 6 22:45:39 vmd26974 sshd[28062]: Failed password for root from 193.84.76.23 port 38984 ssh2 ...	2020-06-07 04:51:36
95.111.231.201	attackspam	Unauthorized connection attempt from IP address 95.111.231.201 on Port 445(SMB)	2020-06-07 04:19:15
186.178.6.42	attack	20/6/6@08:27:36: FAIL: Alarm-Network address from=186.178.6.42 ...	2020-06-07 04:18:44
142.93.101.148	attack	Jun 6 22:28:24 server sshd[22175]: Failed password for root from 142.93.101.148 port 46808 ssh2 Jun 6 22:31:29 server sshd[22417]: Failed password for root from 142.93.101.148 port 49676 ssh2 ...	2020-06-07 04:41:43
207.180.195.150	attackbotsspam	Port probing on unauthorized port 1433	2020-06-07 04:54:06
150.95.217.213	attackbotsspam	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-07 04:24:00
45.187.204.32	attackbotsspam	20 attempts against mh-ssh on echoip	2020-06-07 04:37:31
165.90.80.4	attack	C1,WP GET /wp-login.php	2020-06-07 04:32:56

Recently Reported IPs

89.207.106.236	88.50.89.118	85.105.7.114	82.204.140.14
79.126.44.211	59.115.15.123	61.133.194.58	49.178.92.174
38.76.240.48	119.25.65.120	138.155.194.233	131.236.197.159
1.63.74.138	7.237.214.170	49.89.187.124	96.94.2.177
106.8.221.207	131.126.130.11	51.139.120.83	202.202.50.118