JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.49.38

143.20.49.38 was found in our database!

This IP was reported 216 times. Confidence of Abuse is 100%: ?

100%

ISP	Data Centre Global
Usage Type	Data Center/Web Hosting/Transit
ASN	AS150249
Hostname(s)	ip-38.49.20.143.in-addr.arpa
Domain Name	atharva.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.49.38

Whois 143.20.49.38

IP Abuse Reports for 143.20.49.38:

This IP address has been reported a total of 216 times from 169 distinct sources. 143.20.49.38 was first reported on June 6th 2026, and the most recent report was 30 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇰 Portuseco Biling	2026-06-07 23:32:57 (30 minutes ago)	-hosteroid-F2B blocked SSH BF--	Brute-Force SSH
🇫🇷 bellovacorp	2026-06-07 23:02:22 (1 hour ago)	Automated abuse detection (CrowdSec) - scenario: http-cve-2021-41773	Web App Attack
Anonymous	2026-06-07 23:00:03 (1 hour ago)	\| A web attack returned code 200 (success).	Web App Attack Hacking SQL Injection
🇦🇹 urnilxfgbez	2026-06-07 22:45:00 (1 hour ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 MPL	2026-06-07 22:19:35 (1 hour ago)	tcp/80 (4 or more attempts)	Port Scan
🇺🇸 cwytech	2026-06-07 22:19:00 (1 hour ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/rdg-local-lockdown-high.	Bad Web Bot Web App Attack
🇫🇮 tjs	2026-06-07 21:55:00 (2 hours ago)	web attack, shell attempt	Hacking Web App Attack
🇳🇱 BIV	2026-06-07 20:25:11 (3 hours ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2375. Automated tiered ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2375. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Brute-Force SSH
🇩🇪 licen777	2026-06-07 20:20:13 (3 hours ago)	Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-07T19:19:21Z and 2026-06-0 ... show more Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-07T19:19:21Z and 2026-06-07T20:20:13Z show less	Brute-Force SSH
Anonymous	2026-06-07 20:19:39 (3 hours ago)	SSH brute-force	Brute-Force
Anonymous	2026-06-07 19:57:15 (4 hours ago)	"POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1"	Hacking Web App Attack
🇫🇮 pr0vieh	2026-06-07 19:49:01 (4 hours ago)	2026-06-07T20:36:13.443185+01:00 Linux14 sshd-session[3171765]: pam_unix(sshd:auth): authentication ... show more 2026-06-07T20:36:13.443185+01:00 Linux14 sshd-session[3171765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.20.49.38 user=root 2026-06-07T20:36:15.382728+01:00 Linux14 sshd-session[3171765]: Failed password for root from 143.20.49.38 port 58440 ssh2 2026-06-07T20:39:21.613757+01:00 Linux14 sshd-session[3185883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.20.49.38 user=root 2026-06-07T20:39:23.118717+01:00 Linux14 sshd-session[3185883]: Failed password for root from 143.20.49.38 port 38124 ssh2 2026-06-07T20:42:32.362587+01:00 Linux14 sshd-session[3204348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.20.49.38 user=root 2026-06-07T20:42:34.428741+01:00 Linux14 sshd-session[3204348]: Failed password for root from 143.20.49.38 port 51430 ssh2 2026-06-07T20:45:45.773395+01:00 Linux14 sshd-session[3224618]: pam_unix(sshd:auth): authentication fai ... show less	Brute-Force SSH
🇩🇪 LoNET	2026-06-07 19:46:52 (4 hours ago)	Report 2441808 with IP 3489375 for SSH brute-force attack by source 3484033 via ssh-honeypot/0.2.0+h ... show more Report 2441808 with IP 3489375 for SSH brute-force attack by source 3484033 via ssh-honeypot/0.2.0+http show less	Brute-Force SSH
🇳🇱 spirttm	2026-06-07 19:23:31 (4 hours ago)	143.20.49.38 - - [07/Jun/2026:19:23:22 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e ... show more 143.20.49.38 - - [07/Jun/2026:19:23:22 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 166 "-" "-" 143.20.49.38 - - [07/Jun/2026:19:23:23 +0000] "POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1" 400 166 "-" "-" 143.20.49.38 - - [07/Jun/2026:19:23:24 +0000] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 162 "-" "libredtail-http" 143.20.49.38 - - [07/Jun/2026:19:23:26 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 162 "-" "libredtail-http" 143.20.49.38 - - [07/Jun/2026:19:23:26 +0000] "GET /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 404 162 "-" "libredtail-http" 143.20.49.38 - - [07/Jun/2026:19:23:27 +0000] "GET /vendor/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 162 "-" "libredtail-http" 143.20.49.38 - - [07/Jun/2026:19:23:28 +0000] "GET /vendor/phpunit/Util ... show less	Port Scan Web App Attack
🇫🇮 WebDig	2026-06-07 19:19:42 (4 hours ago)	Fail2Ban: sshd ban on 143.20.49.38	Brute-Force SSH

Showing 1 to 15 of 216 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.189.157.132

🇨🇱 216.155.93.75

🇮🇩 202.67.44.7

🇬🇧 193.163.125.243

🇩🇪 164.92.161.148

🇳🇱 146.190.27.229

🇻🇪 143.105.147.100

🇮🇪 34.244.11.216

🇺🇸 216.133.148.234

🇺🇸 216.108.237.50

🇮🇳 216.10.245.88

🇪🇸 213.194.150.9

🇧🇷 205.210.31.231

🇳🇱 173.194.170.87

🇳🇱 146.190.27.206

🇱🇾 102.203.197.6

🇵🇱 87.251.64.145

🇺🇸 66.132.186.242

🇳🇱 45.148.10.174

🇺🇸 45.92.229.201