149.28.30.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Japan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
149.28.30.70	attackbotsspam	Dec 30 15:44:15 debian-2gb-nbg1-2 kernel: \[1369761.721965\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=149.28.30.70 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=29360 DF PROTO=TCP SPT=51888 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-31 04:14:38

Type

Details

Datetime

149.28.30.70

attackbotsspam

Dec 30 15:44:15 debian-2gb-nbg1-2 kernel: \[1369761.721965\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=149.28.30.70 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=29360 DF PROTO=TCP SPT=51888 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0

2019-12-31 04:14:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.28.30.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20853
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;149.28.30.48.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020900 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 09 23:44:59 CST 2025
;; MSG SIZE  rcvd: 105

Host info

48.30.28.149.in-addr.arpa domain name pointer 149.28.30.48.vultrusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.30.28.149.in-addr.arpa	name = 149.28.30.48.vultrusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
146.0.209.72	attackspambots	Apr 9 08:52:49 server sshd\[8427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72-209-0-146.static.cpe.unicatlc.net user=root Apr 9 08:52:51 server sshd\[8427\]: Failed password for root from 146.0.209.72 port 34810 ssh2 Apr 9 08:57:25 server sshd\[9541\]: Invalid user ec2-user from 146.0.209.72 Apr 9 08:57:25 server sshd\[9541\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=72-209-0-146.static.cpe.unicatlc.net Apr 9 08:57:26 server sshd\[9541\]: Failed password for invalid user ec2-user from 146.0.209.72 port 53528 ssh2 ...	2020-04-09 14:24:42
138.59.26.143	spambotsattackproxynormal	He use booter on me	2020-04-09 14:49:18
129.204.63.100	attackspam	Fail2Ban Ban Triggered (2)	2020-04-09 14:21:52
203.83.121.14	spambotsattackproxynormal	Sent attack	2020-04-09 15:02:35
45.179.173.252	attackspam	Apr 9 05:40:35 srv01 sshd[32756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.179.173.252 user=bind Apr 9 05:40:37 srv01 sshd[32756]: Failed password for bind from 45.179.173.252 port 60114 ssh2 Apr 9 05:43:45 srv01 sshd[473]: Invalid user vpn from 45.179.173.252 port 48244 Apr 9 05:43:45 srv01 sshd[473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.179.173.252 Apr 9 05:43:45 srv01 sshd[473]: Invalid user vpn from 45.179.173.252 port 48244 Apr 9 05:43:47 srv01 sshd[473]: Failed password for invalid user vpn from 45.179.173.252 port 48244 ssh2 ...	2020-04-09 15:02:33
47.75.172.46	attackbots	xmlrpc attack	2020-04-09 15:03:40
71.83.123.141	spambotsattackproxynormal	Sent attack	2020-04-09 15:00:17
104.209.170.163	attackbotsspam	$lgm	2020-04-09 14:36:24
222.186.175.148	attackspam	Apr 9 08:48:41 MainVPS sshd[10926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Apr 9 08:48:42 MainVPS sshd[10926]: Failed password for root from 222.186.175.148 port 56204 ssh2 Apr 9 08:48:54 MainVPS sshd[10926]: error: maximum authentication attempts exceeded for root from 222.186.175.148 port 56204 ssh2 [preauth] Apr 9 08:48:41 MainVPS sshd[10926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Apr 9 08:48:42 MainVPS sshd[10926]: Failed password for root from 222.186.175.148 port 56204 ssh2 Apr 9 08:48:54 MainVPS sshd[10926]: error: maximum authentication attempts exceeded for root from 222.186.175.148 port 56204 ssh2 [preauth] Apr 9 08:48:58 MainVPS sshd[11458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Apr 9 08:48:59 MainVPS sshd[11458]: Failed password for root from 222.186.175.148 port	2020-04-09 14:56:36
159.65.216.206	attackspam	Port 22 Scan, PTR: None	2020-04-09 14:23:30
167.71.111.16	attack	[09/Apr/2020:05:54:20 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-09 14:41:56
45.95.168.98	attackbots	2020-04-09T05:45:01.955055randservbullet-proofcloud-66.localdomain sshd[11328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.95.168.98 user=root 2020-04-09T05:45:03.790452randservbullet-proofcloud-66.localdomain sshd[11328]: Failed password for root from 45.95.168.98 port 44332 ssh2 2020-04-09T05:45:04.900803randservbullet-proofcloud-66.localdomain sshd[11331]: Invalid user admin from 45.95.168.98 port 45604 ...	2020-04-09 14:22:58
203.83.121.14	spambotsattackproxynormal	Sent attack	2020-04-09 15:02:52
203.83.121.14	spambotsattackproxynormal	Sent attack	2020-04-09 15:01:14
77.42.95.251	attackspambots	Automatic report - Port Scan Attack	2020-04-09 14:49:07

Recently Reported IPs

219.116.184.184	166.184.126.159	13.231.170.187	229.172.240.99
144.212.235.233	179.168.180.32	2.104.86.108	198.141.204.32
99.232.23.87	159.222.206.184	18.56.165.58	235.177.156.86
190.177.150.103	128.46.186.254	98.26.32.5	64.4.143.77
244.18.254.131	40.192.166.41	210.123.126.13	104.163.161.176