Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Telemar Norte Leste S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attackspam
SMB Server BruteForce Attack
2019-09-03 19:26:31
attackbotsspam
Unauthorised access (Aug 14) SRC=200.149.231.74 LEN=40 TTL=236 ID=770 TCP DPT=445 WINDOW=1024 SYN
2019-08-14 15:30:36
attack
445/tcp 445/tcp 445/tcp...
[2019-05-30/07-29]19pkt,1pt.(tcp)
2019-07-30 15:37:35
Comments on same subnet:
IP Type Details Datetime
200.149.231.50 attackspam
[ssh] SSH attack
2020-06-03 02:27:42
200.149.231.50 attackbotsspam
leo_www
2020-05-26 12:34:23
200.149.231.50 attackspam
2020-05-07T04:57:30.777826Z 15a31c0ac13f New connection: 200.149.231.50:58388 (172.17.0.5:2222) [session: 15a31c0ac13f]
2020-05-07T05:07:41.105426Z bfe3c9fffc24 New connection: 200.149.231.50:34272 (172.17.0.5:2222) [session: bfe3c9fffc24]
2020-05-07 16:02:38
200.149.231.50 attackspam
(sshd) Failed SSH login from 200.149.231.50 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 20 06:46:57 elude sshd[3973]: Invalid user zl from 200.149.231.50 port 49302
Apr 20 06:46:59 elude sshd[3973]: Failed password for invalid user zl from 200.149.231.50 port 49302 ssh2
Apr 20 06:54:50 elude sshd[5145]: Invalid user test2 from 200.149.231.50 port 37112
Apr 20 06:54:51 elude sshd[5145]: Failed password for invalid user test2 from 200.149.231.50 port 37112 ssh2
Apr 20 07:00:51 elude sshd[6091]: Invalid user re from 200.149.231.50 port 55110
2020-04-20 13:51:55
200.149.231.50 attack
(sshd) Failed SSH login from 200.149.231.50 (BR/Brazil/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 10 10:03:49 ubnt-55d23 sshd[25702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.149.231.50  user=root
Apr 10 10:03:52 ubnt-55d23 sshd[25702]: Failed password for root from 200.149.231.50 port 50140 ssh2
2020-04-10 16:44:02
200.149.231.50 attackbotsspam
Mar 31 23:27:25 sip sshd[21623]: Failed password for root from 200.149.231.50 port 54286 ssh2
Mar 31 23:29:09 sip sshd[22050]: Failed password for root from 200.149.231.50 port 45306 ssh2
2020-04-01 07:52:17
200.149.231.50 attackbots
Mar 17 08:32:48 php1 sshd\[8309\]: Invalid user jiayuanyang from 200.149.231.50
Mar 17 08:32:48 php1 sshd\[8309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.149.231.50
Mar 17 08:32:50 php1 sshd\[8309\]: Failed password for invalid user jiayuanyang from 200.149.231.50 port 41296 ssh2
Mar 17 08:39:20 php1 sshd\[9129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.149.231.50  user=root
Mar 17 08:39:22 php1 sshd\[9129\]: Failed password for root from 200.149.231.50 port 49436 ssh2
2020-03-18 05:08:57
200.149.231.50 attackspambots
Invalid user cron from 200.149.231.50 port 48594
2020-02-28 09:42:49
200.149.231.50 attackspambots
Feb 27 14:27:14 *** sshd[21806]: Invalid user xxx from 200.149.231.50
2020-02-27 23:09:39
200.149.231.50 attack
Automatic report - Banned IP Access
2020-02-14 21:03:24
200.149.231.50 attackbots
Unauthorized connection attempt detected from IP address 200.149.231.50 to port 2220 [J]
2020-02-06 21:06:45
200.149.231.50 attackbots
Unauthorized connection attempt detected from IP address 200.149.231.50 to port 2220 [J]
2020-01-30 02:13:13
200.149.231.50 attack
Unauthorized connection attempt detected from IP address 200.149.231.50 to port 2220 [J]
2020-01-16 20:15:38
200.149.231.50 attack
[Aegis] @ 2020-01-13 07:15:51  0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack
2020-01-13 14:49:33
200.149.231.50 attackspambots
Dec 20 15:52:56 icinga sshd[24394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.149.231.50
Dec 20 15:52:57 icinga sshd[24394]: Failed password for invalid user diem from 200.149.231.50 port 40726 ssh2
...
2019-12-21 01:24:41
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.149.231.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11788
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.149.231.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042702 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 28 11:13:48 +08 2019
;; MSG SIZE  rcvd: 118

Host info
Host 74.231.149.200.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 74.231.149.200.in-addr.arpa: NXDOMAIN

Related IP info:
Related comments:
IP Type Details Datetime
158.181.206.60 attackspam
 TCP (SYN) 158.181.206.60:16857 -> port 23, len 44
2020-05-20 06:50:53
110.137.177.199 attackspam
 TCP (SYN) 110.137.177.199:55491 -> port 22, len 52
2020-05-20 06:45:59
193.124.112.127 attackspambots
Unauthorized connection attempt detected from IP address 193.124.112.127 to port 445 [T]
2020-05-20 06:33:50
193.118.53.195 attackspambots
 TCP (SYN) 193.118.53.195:22154 -> port 80, len 40
2020-05-20 06:27:11
1.174.78.230 attackbots
 TCP (SYN) 1.174.78.230:19156 -> port 23, len 40
2020-05-20 06:17:53
49.158.200.241 attackbots
 TCP (SYN) 49.158.200.241:31772 -> port 81, len 40
2020-05-20 06:32:40
220.132.83.172 attackspambots
 TCP (SYN) 220.132.83.172:3564 -> port 23, len 40
2020-05-20 06:38:06
111.75.210.58 attackspam
Unauthorized connection attempt detected from IP address 111.75.210.58 to port 445 [T]
2020-05-20 06:31:15
14.173.123.48 attack
 TCP (SYN) 14.173.123.48:42077 -> port 8080, len 44
2020-05-20 06:35:35
122.116.33.200 attack
 TCP (SYN) 122.116.33.200:19915 -> port 80, len 40
2020-05-20 06:44:33
220.137.34.130 attackspambots
 TCP (SYN) 220.137.34.130:18777 -> port 23, len 40
2020-05-20 06:18:51
123.195.112.124 attackbotsspam
 TCP (SYN) 123.195.112.124:4967 -> port 23, len 40
2020-05-20 06:43:08
124.77.186.8 attackspambots
[portscan] tcp/1433 [MsSQL]
[scan/connect: 2 time(s)]
*(RWIN=8192)(05191225)
2020-05-20 06:21:30
125.224.38.202 attackspambots
trying to access non-authorized port
2020-05-20 06:15:06
103.81.114.134 attackspambots
 TCP (SYN) 103.81.114.134:56814 -> port 445, len 52
2020-05-20 06:46:22

Recently Reported IPs

71.122.164.51 202.40.190.54 88.99.26.8 23.28.71.42
209.146.23.182 147.192.179.130 201.184.152.138 129.213.117.53
203.80.170.68 52.144.32.193 101.132.164.89 216.218.206.119
36.204.224.86 177.130.136.192 191.184.203.71 182.162.89.59
176.65.122.8 41.239.158.141 50.4.168.149 124.113.219.188