149.28.200.140

Basic Info

City: San Jose

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.28.200.94	attackspam	TCP Port Scanning	2020-02-25 21:18:34
149.28.200.143	attack	Oct 27 04:51:58 vps58358 sshd\[12790\]: Invalid user miyabi from 149.28.200.143Oct 27 04:52:01 vps58358 sshd\[12790\]: Failed password for invalid user miyabi from 149.28.200.143 port 56156 ssh2Oct 27 04:55:36 vps58358 sshd\[12856\]: Invalid user kolosal from 149.28.200.143Oct 27 04:55:38 vps58358 sshd\[12856\]: Failed password for invalid user kolosal from 149.28.200.143 port 35656 ssh2Oct 27 04:59:16 vps58358 sshd\[12924\]: Invalid user nl from 149.28.200.143Oct 27 04:59:18 vps58358 sshd\[12924\]: Failed password for invalid user nl from 149.28.200.143 port 43384 ssh2 ...	2019-10-27 12:00:23

Type

Details

Datetime

149.28.200.94

attackspam

TCP Port Scanning

2020-02-25 21:18:34

149.28.200.143

attack

Oct 27 04:51:58 vps58358 sshd\[12790\]: Invalid user miyabi from 149.28.200.143Oct 27 04:52:01 vps58358 sshd\[12790\]: Failed password for invalid user miyabi from 149.28.200.143 port 56156 ssh2Oct 27 04:55:36 vps58358 sshd\[12856\]: Invalid user kolosal from 149.28.200.143Oct 27 04:55:38 vps58358 sshd\[12856\]: Failed password for invalid user kolosal from 149.28.200.143 port 35656 ssh2Oct 27 04:59:16 vps58358 sshd\[12924\]: Invalid user nl from 149.28.200.143Oct 27 04:59:18 vps58358 sshd\[12924\]: Failed password for invalid user nl from 149.28.200.143 port 43384 ssh2
...

2019-10-27 12:00:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.28.200.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25992
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.28.200.140.			IN	A

;; AUTHORITY SECTION:
.			511	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2021121602 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 17 11:39:45 CST 2021
;; MSG SIZE  rcvd: 107

Host info

140.200.28.149.in-addr.arpa domain name pointer 149.28.200.140.vultr.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.200.28.149.in-addr.arpa	name = 149.28.200.140.vultr.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.27.157.205	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-06 02:04:18
37.128.219.13	attackbots	57910/udp [2020-03-05]1pkt	2020-03-06 01:34:11
200.46.99.67	attackspam	Honeypot attack, port: 81, PTR: 67-99-46-200-ip.alianzaviva.net.	2020-03-06 01:54:05
185.53.88.130	attackbotsspam	185.53.88.130 was recorded 5 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 34, 653	2020-03-06 01:51:45
142.93.149.226	attackspambots	Unauthorised access (Mar 5) SRC=142.93.149.226 LEN=40 TTL=48 ID=9153 TCP DPT=8080 WINDOW=17229 SYN Unauthorised access (Mar 4) SRC=142.93.149.226 LEN=40 TTL=48 ID=10114 TCP DPT=8080 WINDOW=17229 SYN Unauthorised access (Mar 3) SRC=142.93.149.226 LEN=40 TTL=48 ID=15698 TCP DPT=8080 WINDOW=4314 SYN	2020-03-06 01:41:55
165.22.144.147	attack	Feb 6 10:38:39 odroid64 sshd\[8657\]: Invalid user zkw from 165.22.144.147 Feb 6 10:38:39 odroid64 sshd\[8657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.144.147 ...	2020-03-06 01:49:22
165.22.200.35	attackbotsspam	Dec 20 16:29:47 odroid64 sshd\[2050\]: Invalid user _lldpd from 165.22.200.35 Dec 20 16:29:47 odroid64 sshd\[2050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.200.35 Dec 20 16:29:47 odroid64 sshd\[2052\]: Invalid user a from 165.22.200.35 Dec 20 16:29:47 odroid64 sshd\[2052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.200.35 Dec 20 16:29:50 odroid64 sshd\[2050\]: Failed password for invalid user _lldpd from 165.22.200.35 port 45268 ssh2 Dec 20 16:29:50 odroid64 sshd\[2052\]: Failed password for invalid user a from 165.22.200.35 port 45372 ssh2 ...	2020-03-06 01:43:26
87.250.224.91	attackbotsspam	[Fri Mar 06 00:05:45.257971 2020] [:error] [pid 27723:tid 140077053236992] [client 87.250.224.91:41079] [client 87.250.224.91] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XmExaXmbPk9OvAC@hgJzlQAAAfE"] ...	2020-03-06 01:47:04
93.2.134.147	attackbotsspam	Jan 10 00:18:26 odroid64 sshd\[26074\]: User root from 93.2.134.147 not allowed because not listed in AllowUsers Jan 10 00:18:26 odroid64 sshd\[26074\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.2.134.147 user=root Feb 8 22:52:56 odroid64 sshd\[6032\]: Invalid user iyk from 93.2.134.147 Feb 8 22:52:56 odroid64 sshd\[6032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.2.134.147 ...	2020-03-06 01:36:16
121.146.141.200	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-06 02:00:53
165.22.112.43	attackspam	Oct 26 21:58:31 odroid64 sshd\[7844\]: Invalid user albert from 165.22.112.43 Oct 26 21:58:31 odroid64 sshd\[7844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.43 Oct 26 21:58:31 odroid64 sshd\[7844\]: Invalid user albert from 165.22.112.43 Oct 26 21:58:31 odroid64 sshd\[7844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.43 Oct 26 21:58:33 odroid64 sshd\[7844\]: Failed password for invalid user albert from 165.22.112.43 port 45417 ssh2 ...	2020-03-06 01:56:12
118.140.251.106	attackbots	suspicious action Thu, 05 Mar 2020 10:33:40 -0300	2020-03-06 01:37:56
106.12.192.107	attack	2020-03-03 15:09:27 server sshd[12574]: Failed password for invalid user fred from 106.12.192.107 port 36340 ssh2	2020-03-06 02:10:05
167.71.220.148	attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-06 01:57:13
164.52.152.12	attackbots	Jan 19 15:17:29 odroid64 sshd\[15424\]: User root from 164.52.152.12 not allowed because not listed in AllowUsers Jan 19 15:17:29 odroid64 sshd\[15424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.152.12 user=root ...	2020-03-06 02:13:50

Recently Reported IPs

73.179.55.104	172.217.194.94	59.26.184.204	203.194.110.194
45.148.124.240	2603:6080:fb40:8c4:2020:4e7c:2db6:8cbb	165.227.106.212	116.25.251.72
204.188.244.10	182.92.60.88	103.70.171.250	103.136.220.130
125.120.33.209	87.251.85.227	117.211.74.68	162.142.125.60
117.62.46.88	49.78.149.34	185.215.15.59	111.202.101.223