149.248.1.143 - IPInfo

Basic Info

City: Los Angeles

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.248.101.71	attack	Jul 17 15:09:20 server2 sshd\[15946\]: Invalid user admin from 149.248.101.71 Jul 17 15:09:21 server2 sshd\[15948\]: Invalid user admin from 149.248.101.71 Jul 17 15:09:22 server2 sshd\[15950\]: Invalid user admin from 149.248.101.71 Jul 17 15:09:23 server2 sshd\[15954\]: Invalid user admin from 149.248.101.71 Jul 17 15:09:25 server2 sshd\[15958\]: Invalid user admin from 149.248.101.71 Jul 17 15:09:26 server2 sshd\[15962\]: Invalid user admin from 149.248.101.71	2020-07-18 02:51:00
149.248.18.252	attackspambots	Time: Tue May 19 06:16:28 2020 -0300 IP: 149.248.18.252 (US/United States/149.248.18.252.vultr.com) Failures: 30 (smtpauth) Interval: 3600 seconds Blocked: Permanent Block	2020-05-20 05:19:42
149.248.18.150	attackspambots	$f2bV_matches	2020-01-04 07:22:57
149.248.10.219	attack	Trying ports that it shouldn't be.	2019-06-27 23:57:39
149.248.18.22	attackspam	NAME : CHOOP-1 CIDR : 149.248.0.0/18 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack USA - New Jersey - block certain countries :) IP: 149.248.18.22 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-24 19:22:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.248.1.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19010
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.248.1.143.			IN	A

;; AUTHORITY SECTION:
.			256	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022092300 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 23 14:31:09 CST 2022
;; MSG SIZE  rcvd: 106

Host info

143.1.248.149.in-addr.arpa domain name pointer 149.248.1.143.vultrusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
143.1.248.149.in-addr.arpa	name = 149.248.1.143.vultrusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
155.4.32.16	attackspambots	Sep 5 10:08:36 aiointranet sshd\[6827\]: Invalid user minecraftpassword from 155.4.32.16 Sep 5 10:08:36 aiointranet sshd\[6827\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se Sep 5 10:08:38 aiointranet sshd\[6827\]: Failed password for invalid user minecraftpassword from 155.4.32.16 port 46467 ssh2 Sep 5 10:13:05 aiointranet sshd\[7258\]: Invalid user test4 from 155.4.32.16 Sep 5 10:13:05 aiointranet sshd\[7258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se	2019-09-06 10:48:57
177.73.250.160	attack	Mail sent to address obtained from MySpace hack	2019-09-06 10:59:47
129.204.147.102	attackbotsspam	Sep 5 10:35:46 friendsofhawaii sshd\[18537\]: Invalid user mcserver from 129.204.147.102 Sep 5 10:35:46 friendsofhawaii sshd\[18537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.147.102 Sep 5 10:35:48 friendsofhawaii sshd\[18537\]: Failed password for invalid user mcserver from 129.204.147.102 port 43890 ssh2 Sep 5 10:40:39 friendsofhawaii sshd\[19055\]: Invalid user ts from 129.204.147.102 Sep 5 10:40:39 friendsofhawaii sshd\[19055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.147.102	2019-09-06 10:39:04
89.103.132.233	attackspam	Unauthorized connection attempt from IP address 89.103.132.233 on Port 445(SMB)	2019-09-06 10:32:38
191.241.242.52	attackspambots	Unauthorized connection attempt from IP address 191.241.242.52 on Port 445(SMB)	2019-09-06 10:58:08
43.225.192.54	attackbotsspam	Unauthorized connection attempt from IP address 43.225.192.54 on Port 445(SMB)	2019-09-06 10:47:15
121.78.129.147	attackbots	2019-09-06T02:18:23.514201abusebot-2.cloudsearch.cf sshd\[21905\]: Invalid user developer from 121.78.129.147 port 58920	2019-09-06 10:21:50
157.52.193.83	attackspambots	Brute force attempt	2019-09-06 10:52:20
61.216.124.84	attackbots	Unauthorized connection attempt from IP address 61.216.124.84 on Port 445(SMB)	2019-09-06 10:53:10
159.192.183.86	attackspam	Unauthorized connection attempt from IP address 159.192.183.86 on Port 445(SMB)	2019-09-06 10:46:13
54.37.154.254	attack	Sep 5 16:15:13 hcbb sshd\[28725\]: Invalid user alex from 54.37.154.254 Sep 5 16:15:13 hcbb sshd\[28725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=254.ip-54-37-154.eu Sep 5 16:15:15 hcbb sshd\[28725\]: Failed password for invalid user alex from 54.37.154.254 port 45296 ssh2 Sep 5 16:19:02 hcbb sshd\[29034\]: Invalid user teamspeak from 54.37.154.254 Sep 5 16:19:02 hcbb sshd\[29034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=254.ip-54-37-154.eu	2019-09-06 10:31:48
142.0.70.36	attackspambots	Unauthorized connection attempt from IP address 142.0.70.36 on Port 445(SMB)	2019-09-06 10:40:49
187.44.184.250	attack	Unauthorized connection attempt from IP address 187.44.184.250 on Port 445(SMB)	2019-09-06 10:22:31
203.192.210.172	attackspam	2019-09-05T21:01:37.083550mail01 postfix/smtpd[7337]: warning: unknown[203.192.210.172]: SASL PLAIN authentication failed: 2019-09-05T21:01:44.186412mail01 postfix/smtpd[6349]: warning: unknown[203.192.210.172]: SASL PLAIN authentication failed: 2019-09-05T21:01:55.323160mail01 postfix/smtpd[19636]: warning: unknown[203.192.210.172]: SASL PLAIN authentication failed:	2019-09-06 10:19:25
181.28.94.205	attack	Sep 5 16:34:30 web9 sshd\[13386\]: Invalid user bots from 181.28.94.205 Sep 5 16:34:30 web9 sshd\[13386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.28.94.205 Sep 5 16:34:31 web9 sshd\[13386\]: Failed password for invalid user bots from 181.28.94.205 port 52294 ssh2 Sep 5 16:39:36 web9 sshd\[14409\]: Invalid user test from 181.28.94.205 Sep 5 16:39:36 web9 sshd\[14409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.28.94.205	2019-09-06 10:52:43

Recently Reported IPs

214.167.184.24	138.29.247.121	182.135.14.171	234.7.168.51
23.196.138.233	45.14.224.58	185.163.114.242	106.75.64.150
125.29.169.29	153.1.84.143	1.139.5.221	163.141.92.225
195.214.200.106	215.21.206.206	167.116.25.77	19.216.181.218
45.178.49.77	132.253.9.6	49.19.106.66	110.88.154.75