145.149.148.147

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: unknown

Hostname: unknown

Organization: SURFnet bv

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.149.148.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32862
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.149.148.147.		IN	A

;; AUTHORITY SECTION:
.			2654	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081201 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 13 03:18:34 CST 2019
;; MSG SIZE  rcvd: 119

Host info

147.148.149.145.in-addr.arpa domain name pointer 145.149.EARLY-REGISTRATION.of.SURFnet.invalid.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
147.148.149.145.in-addr.arpa	name = 145.149.EARLY-REGISTRATION.of.SURFnet.invalid.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.247.81.99	attack	Sep 8 09:33:33 IngegnereFirenze sshd[21737]: User root from 116.247.81.99 not allowed because not listed in AllowUsers ...	2020-09-08 19:17:46
129.28.177.29	attack	Sep 8 15:31:46 webhost01 sshd[15412]: Failed password for root from 129.28.177.29 port 54482 ssh2 ...	2020-09-08 19:26:39
221.207.8.254	attack	Sep 8 06:12:09 root sshd[4338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.207.8.254 Sep 8 06:31:57 root sshd[25000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.207.8.254 ...	2020-09-08 19:25:11
193.56.28.220	attackbots	Feb 6 02:28:44 server postfix/smtpd[32521]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 6 02:29:10 server postfix/smtpd[32521]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: Connection lost to authentication server Feb 6 02:30:28 server postfix/smtpd[32521]: warning: unknown[193.56.28.220]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-08 19:25:52
191.83.43.218	attackspambots	1599502520 - 09/07/2020 20:15:20 Host: 191.83.43.218/191.83.43.218 Port: 445 TCP Blocked	2020-09-08 19:36:02
117.0.39.101	attackbotsspam	Unauthorized connection attempt from IP address 117.0.39.101 on Port 445(SMB)	2020-09-08 19:47:42
54.37.71.235	attackspambots	SSH login attempts.	2020-09-08 19:07:40
187.216.126.39	attack	20/9/7@17:35:03: FAIL: Alarm-Network address from=187.216.126.39 ...	2020-09-08 19:13:25
129.150.222.204	attackspambots	srvr2: (mod_security) mod_security (id:920350) triggered by 129.150.222.204 (US/-/oc-129-150-222-204.compute.oraclecloud.com): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/07 18:47:02 [error] 260960#0: 252580 [client 129.150.222.204] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159949722274.418435"] [ref "o0,17v21,17"], client: 129.150.222.204, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-08 19:11:23
124.105.87.254	attackspambots	$f2bV_matches	2020-09-08 19:38:57
189.206.189.5	attackspambots	Unauthorized connection attempt from IP address 189.206.189.5 on Port 445(SMB)	2020-09-08 19:37:52
162.204.50.89	attackspambots	Sep 8 12:28:16 ns382633 sshd\[10079\]: Invalid user admin from 162.204.50.89 port 37134 Sep 8 12:28:16 ns382633 sshd\[10079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.204.50.89 Sep 8 12:28:18 ns382633 sshd\[10079\]: Failed password for invalid user admin from 162.204.50.89 port 37134 ssh2 Sep 8 12:45:28 ns382633 sshd\[13392\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.204.50.89 user=root Sep 8 12:45:30 ns382633 sshd\[13392\]: Failed password for root from 162.204.50.89 port 57542 ssh2	2020-09-08 19:22:40
90.150.87.199	attack	Sep 8 03:43:54 Host-KLAX-C dovecot: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=, method=PLAIN, rip=90.150.87.199, lip=185.198.26.142, TLS: Disconnected, session= ...	2020-09-08 19:15:59
45.5.68.3	attackspambots	Unauthorized connection attempt from IP address 45.5.68.3 on Port 445(SMB)	2020-09-08 19:28:42
210.242.90.195	attackbots	Unauthorized connection attempt from IP address 210.242.90.195 on Port 445(SMB)	2020-09-08 19:32:11

Recently Reported IPs

150.228.207.228	52.160.162.196	203.150.171.58	176.241.87.148
176.157.139.60	82.66.204.7	5.128.63.79	98.191.204.195
222.172.198.165	82.203.237.214	182.47.76.227	117.155.13.247
62.140.170.86	119.22.163.67	185.166.38.106	181.176.34.11
70.213.200.45	219.12.202.73	198.117.170.57	134.73.76.15