200.149.231.74

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Telemar Norte Leste S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SMB Server BruteForce Attack	2019-09-03 19:26:31
attackbotsspam	Unauthorised access (Aug 14) SRC=200.149.231.74 LEN=40 TTL=236 ID=770 TCP DPT=445 WINDOW=1024 SYN	2019-08-14 15:30:36
attack	445/tcp 445/tcp 445/tcp... [2019-05-30/07-29]19pkt,1pt.(tcp)	2019-07-30 15:37:35

Comments on same subnet:

IP	Type	Details	Datetime
200.149.231.50	attackspam	[ssh] SSH attack	2020-06-03 02:27:42
200.149.231.50	attackbotsspam	leo_www	2020-05-26 12:34:23
200.149.231.50	attackspam	2020-05-07T04:57:30.777826Z 15a31c0ac13f New connection: 200.149.231.50:58388 (172.17.0.5:2222) [session: 15a31c0ac13f] 2020-05-07T05:07:41.105426Z bfe3c9fffc24 New connection: 200.149.231.50:34272 (172.17.0.5:2222) [session: bfe3c9fffc24]	2020-05-07 16:02:38
200.149.231.50	attackspam	(sshd) Failed SSH login from 200.149.231.50 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 20 06:46:57 elude sshd[3973]: Invalid user zl from 200.149.231.50 port 49302 Apr 20 06:46:59 elude sshd[3973]: Failed password for invalid user zl from 200.149.231.50 port 49302 ssh2 Apr 20 06:54:50 elude sshd[5145]: Invalid user test2 from 200.149.231.50 port 37112 Apr 20 06:54:51 elude sshd[5145]: Failed password for invalid user test2 from 200.149.231.50 port 37112 ssh2 Apr 20 07:00:51 elude sshd[6091]: Invalid user re from 200.149.231.50 port 55110	2020-04-20 13:51:55
200.149.231.50	attack	(sshd) Failed SSH login from 200.149.231.50 (BR/Brazil/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 10 10:03:49 ubnt-55d23 sshd[25702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.149.231.50 user=root Apr 10 10:03:52 ubnt-55d23 sshd[25702]: Failed password for root from 200.149.231.50 port 50140 ssh2	2020-04-10 16:44:02
200.149.231.50	attackbotsspam	Mar 31 23:27:25 sip sshd[21623]: Failed password for root from 200.149.231.50 port 54286 ssh2 Mar 31 23:29:09 sip sshd[22050]: Failed password for root from 200.149.231.50 port 45306 ssh2	2020-04-01 07:52:17
200.149.231.50	attackbots	Mar 17 08:32:48 php1 sshd\[8309\]: Invalid user jiayuanyang from 200.149.231.50 Mar 17 08:32:48 php1 sshd\[8309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.149.231.50 Mar 17 08:32:50 php1 sshd\[8309\]: Failed password for invalid user jiayuanyang from 200.149.231.50 port 41296 ssh2 Mar 17 08:39:20 php1 sshd\[9129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.149.231.50 user=root Mar 17 08:39:22 php1 sshd\[9129\]: Failed password for root from 200.149.231.50 port 49436 ssh2	2020-03-18 05:08:57
200.149.231.50	attackspambots	Invalid user cron from 200.149.231.50 port 48594	2020-02-28 09:42:49
200.149.231.50	attackspambots	Feb 27 14:27:14 *** sshd[21806]: Invalid user xxx from 200.149.231.50	2020-02-27 23:09:39
200.149.231.50	attack	Automatic report - Banned IP Access	2020-02-14 21:03:24
200.149.231.50	attackbots	Unauthorized connection attempt detected from IP address 200.149.231.50 to port 2220 [J]	2020-02-06 21:06:45
200.149.231.50	attackbots	Unauthorized connection attempt detected from IP address 200.149.231.50 to port 2220 [J]	2020-01-30 02:13:13
200.149.231.50	attack	Unauthorized connection attempt detected from IP address 200.149.231.50 to port 2220 [J]	2020-01-16 20:15:38
200.149.231.50	attack	[Aegis] @ 2020-01-13 07:15:51 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-01-13 14:49:33
200.149.231.50	attackspambots	Dec 20 15:52:56 icinga sshd[24394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.149.231.50 Dec 20 15:52:57 icinga sshd[24394]: Failed password for invalid user diem from 200.149.231.50 port 40726 ssh2 ...	2019-12-21 01:24:41

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.149.231.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11788
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.149.231.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042702 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 28 11:13:48 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 74.231.149.200.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 74.231.149.200.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.233.223.162	attack	Apr 20 09:30:35 lock-38 sshd[1277672]: Disconnected from authenticating user root 92.233.223.162 port 37928 [preauth] Apr 20 09:40:40 lock-38 sshd[1278095]: Invalid user admin from 92.233.223.162 port 52310 Apr 20 09:40:40 lock-38 sshd[1278095]: Invalid user admin from 92.233.223.162 port 52310 Apr 20 09:40:40 lock-38 sshd[1278095]: Failed password for invalid user admin from 92.233.223.162 port 52310 ssh2 Apr 20 09:40:40 lock-38 sshd[1278095]: Disconnected from invalid user admin 92.233.223.162 port 52310 [preauth] ...	2020-04-20 16:02:15
51.15.140.60	attackspambots	(sshd) Failed SSH login from 51.15.140.60 (FR/France/60-140-15-51.rev.cloud.scaleway.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 20 05:54:35 amsweb01 sshd[11807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.140.60 user=root Apr 20 05:54:36 amsweb01 sshd[11807]: Failed password for root from 51.15.140.60 port 54872 ssh2 Apr 20 06:06:30 amsweb01 sshd[13414]: Invalid user rg from 51.15.140.60 port 50528 Apr 20 06:06:32 amsweb01 sshd[13414]: Failed password for invalid user rg from 51.15.140.60 port 50528 ssh2 Apr 20 06:10:32 amsweb01 sshd[13861]: Invalid user postgres from 51.15.140.60 port 40174	2020-04-20 15:36:01
125.19.37.226	attack	2020-04-20T05:51:22.601748upcloud.m0sh1x2.com sshd[31772]: Invalid user testa from 125.19.37.226 port 55346	2020-04-20 15:57:10
75.109.199.102	attackspambots	Apr 20 08:04:28 ncomp sshd[5985]: Invalid user postgres from 75.109.199.102 Apr 20 08:04:28 ncomp sshd[5985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.109.199.102 Apr 20 08:04:28 ncomp sshd[5985]: Invalid user postgres from 75.109.199.102 Apr 20 08:04:30 ncomp sshd[5985]: Failed password for invalid user postgres from 75.109.199.102 port 54515 ssh2	2020-04-20 15:21:55
185.176.27.54	attackspambots	04/20/2020-02:18:42.143367 185.176.27.54 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-20 15:46:11
221.236.77.85	attack	Apr 20 05:55:38 vmanager6029 sshd\[5339\]: Invalid user liu from 221.236.77.85 port 56426 Apr 20 05:55:39 vmanager6029 sshd\[5341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.236.77.85 Apr 20 05:55:41 vmanager6029 sshd\[5339\]: error: PAM: User not known to the underlying authentication module for illegal user liu from 221.236.77.85 Apr 20 05:55:41 vmanager6029 sshd\[5339\]: Failed keyboard-interactive/pam for invalid user liu from 221.236.77.85 port 56426 ssh2	2020-04-20 15:59:11
64.225.70.13	attackspam	5x Failed Password	2020-04-20 15:44:55
195.154.172.15	attackspambots	Wordpress malicious attack:[octablocked]	2020-04-20 15:28:08
51.254.227.121	attackbotsspam	/inf/license.txt	2020-04-20 15:23:46
111.229.43.153	attack	srv03 Mass scanning activity detected Target: 11321 ..	2020-04-20 15:39:16
94.102.49.137	attackspambots	04/20/2020-02:28:20.527962 94.102.49.137 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-20 15:48:26
60.251.57.189	attackspam	2020-04-20T07:47:16.630584shield sshd\[29167\]: Invalid user informix from 60.251.57.189 port 49610 2020-04-20T07:47:16.634305shield sshd\[29167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60-251-57-189.hinet-ip.hinet.net 2020-04-20T07:47:18.806767shield sshd\[29167\]: Failed password for invalid user informix from 60.251.57.189 port 49610 ssh2 2020-04-20T07:51:27.428486shield sshd\[30160\]: Invalid user admin from 60.251.57.189 port 57746 2020-04-20T07:51:27.432904shield sshd\[30160\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60-251-57-189.hinet-ip.hinet.net	2020-04-20 15:57:23
80.82.70.239	attackbotsspam	firewall-block, port(s): 3166/tcp, 3173/tcp	2020-04-20 15:56:20
104.131.190.193	attackspam	Invalid user li from 104.131.190.193 port 58137	2020-04-20 15:33:34
81.182.254.124	attack	$f2bV_matches	2020-04-20 15:39:46

Recently Reported IPs

71.122.164.51	202.40.190.54	88.99.26.8	23.28.71.42
209.146.23.182	147.192.179.130	201.184.152.138	129.213.117.53
203.80.170.68	52.144.32.193	101.132.164.89	216.218.206.119
36.204.224.86	177.130.136.192	191.184.203.71	182.162.89.59
176.65.122.8	41.239.158.141	50.4.168.149	124.113.219.188