138.152.216.149

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: DoD Network Information Center

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.152.216.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55251
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.152.216.149.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 23 01:32:16 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 149.216.152.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 149.216.152.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
18.228.94.30	attack	18.228.94.30 - - [18/Oct/2019:11:18:02 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.228.94.30 - - [18/Oct/2019:11:18:03 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.228.94.30 - - [18/Oct/2019:11:18:04 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.228.94.30 - - [18/Oct/2019:11:18:05 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.228.94.30 - - [18/Oct/2019:11:18:05 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 18.228.94.30 - - [18/Oct/2019:11:18:06 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-18 18:06:36
114.113.238.22	attackspam	Unauthorised access (Oct 18) SRC=114.113.238.22 LEN=40 TTL=236 ID=43558 TCP DPT=1433 WINDOW=1024 SYN	2019-10-18 17:50:05
122.117.177.221	attackbots	Honeypot attack, port: 23, PTR: 122-117-177-221.HINET-IP.hinet.net.	2019-10-18 17:48:44
111.33.20.52	attack	DATE:2019-10-18 05:47:13, IP:111.33.20.52, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2019-10-18 17:37:45
140.143.197.56	attackbotsspam	Oct 18 06:07:37 lnxweb62 sshd[25909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.197.56 Oct 18 06:07:37 lnxweb62 sshd[25909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.197.56	2019-10-18 18:13:09
219.93.20.155	attack	leo_www	2019-10-18 17:57:42
151.40.227.130	attack	Automatic report - Port Scan Attack	2019-10-18 17:53:06
121.225.85.30	attackspam	Oct 18 08:38:34 ovpn sshd[20848]: Invalid user soporte from 121.225.85.30 Oct 18 08:38:34 ovpn sshd[20848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.225.85.30 Oct 18 08:38:36 ovpn sshd[20848]: Failed password for invalid user soporte from 121.225.85.30 port 43961 ssh2 Oct 18 08:38:36 ovpn sshd[20848]: Received disconnect from 121.225.85.30 port 43961:11: Bye Bye [preauth] Oct 18 08:38:36 ovpn sshd[20848]: Disconnected from 121.225.85.30 port 43961 [preauth] Oct 18 08:46:13 ovpn sshd[22317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.225.85.30 user=r.r Oct 18 08:46:15 ovpn sshd[22317]: Failed password for r.r from 121.225.85.30 port 47816 ssh2 Oct 18 08:46:15 ovpn sshd[22317]: Received disconnect from 121.225.85.30 port 47816:11: Bye Bye [preauth] Oct 18 08:46:15 ovpn sshd[22317]: Disconnected from 121.225.85.30 port 47816 [preauth] ........ ----------------------------------------------- https://www.blocklist	2019-10-18 17:55:19
101.51.106.220	attackspam	Unauthorised access (Oct 18) SRC=101.51.106.220 LEN=52 TTL=114 ID=11692 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-18 18:16:29
201.16.246.71	attackbots	Oct 18 00:18:57 Tower sshd[38943]: Connection from 201.16.246.71 port 57764 on 192.168.10.220 port 22 Oct 18 00:18:58 Tower sshd[38943]: Failed password for root from 201.16.246.71 port 57764 ssh2 Oct 18 00:18:58 Tower sshd[38943]: Received disconnect from 201.16.246.71 port 57764:11: Bye Bye [preauth] Oct 18 00:18:58 Tower sshd[38943]: Disconnected from authenticating user root 201.16.246.71 port 57764 [preauth]	2019-10-18 17:53:59
171.244.0.81	attackbotsspam	Oct 18 07:22:12 MK-Soft-VM5 sshd[1279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.0.81 Oct 18 07:22:14 MK-Soft-VM5 sshd[1279]: Failed password for invalid user 123 from 171.244.0.81 port 35927 ssh2 ...	2019-10-18 17:52:14
180.101.125.162	attack	Oct 17 18:00:15 web9 sshd\[28982\]: Invalid user ubuntu from 180.101.125.162 Oct 17 18:00:15 web9 sshd\[28982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.125.162 Oct 17 18:00:17 web9 sshd\[28982\]: Failed password for invalid user ubuntu from 180.101.125.162 port 55424 ssh2 Oct 17 18:05:08 web9 sshd\[29745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.125.162 user=root Oct 17 18:05:09 web9 sshd\[29745\]: Failed password for root from 180.101.125.162 port 37744 ssh2	2019-10-18 18:07:06
188.150.173.73	attackspam	Lines containing failures of 188.150.173.73 (max 1000) Oct 17 08:13:06 localhost sshd[13493]: User r.r from 188.150.173.73 not allowed because listed in DenyUsers Oct 17 08:13:06 localhost sshd[13493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.150.173.73 user=r.r Oct 17 08:13:08 localhost sshd[13493]: Failed password for invalid user r.r from 188.150.173.73 port 44588 ssh2 Oct 17 08:13:08 localhost sshd[13493]: Received disconnect from 188.150.173.73 port 44588:11: Bye Bye [preauth] Oct 17 08:13:08 localhost sshd[13493]: Disconnected from invalid user r.r 188.150.173.73 port 44588 [preauth] Oct 17 08:21:33 localhost sshd[17701]: Invalid user vbox from 188.150.173.73 port 48614 Oct 17 08:21:33 localhost sshd[17701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.150.173.73 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=188.150.173.73	2019-10-18 17:43:04
222.186.173.180	attackspam	Oct 18 05:50:52 ny01 sshd[6158]: Failed password for root from 222.186.173.180 port 63044 ssh2 Oct 18 05:51:08 ny01 sshd[6158]: error: maximum authentication attempts exceeded for root from 222.186.173.180 port 63044 ssh2 [preauth] Oct 18 05:51:18 ny01 sshd[6191]: Failed password for root from 222.186.173.180 port 12414 ssh2	2019-10-18 17:58:52
220.142.51.136	attack	Unauthorised access (Oct 18) SRC=220.142.51.136 LEN=40 PREC=0x20 TTL=51 ID=15306 TCP DPT=23 WINDOW=34725 SYN	2019-10-18 17:52:31

Recently Reported IPs

168.82.236.40	124.152.245.88	119.20.158.152	63.147.78.239
72.160.65.114	106.47.169.12	63.218.170.54	195.114.191.88
2.34.66.99	18.25.36.235	142.29.46.33	140.136.147.92
112.249.32.4	31.226.98.108	47.96.225.77	161.227.64.52
201.143.1.250	56.34.117.63	39.40.125.26	148.102.201.252