145.149.148.147

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: unknown

Hostname: unknown

Organization: SURFnet bv

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.149.148.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32862
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.149.148.147.		IN	A

;; AUTHORITY SECTION:
.			2654	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081201 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 13 03:18:34 CST 2019
;; MSG SIZE  rcvd: 119

Host info

147.148.149.145.in-addr.arpa domain name pointer 145.149.EARLY-REGISTRATION.of.SURFnet.invalid.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
147.148.149.145.in-addr.arpa	name = 145.149.EARLY-REGISTRATION.of.SURFnet.invalid.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.143.72.34	attack	Jul 14 20:26:11 relay postfix/smtpd\[25320\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 20:26:48 relay postfix/smtpd\[28725\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 20:27:27 relay postfix/smtpd\[30899\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 20:28:06 relay postfix/smtpd\[28725\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 20:28:40 relay postfix/smtpd\[27010\]: warning: unknown\[185.143.72.34\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-15 02:29:18
61.177.172.159	attack	Jul 14 18:28:29 localhost sshd[118956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.159 user=root Jul 14 18:28:32 localhost sshd[118956]: Failed password for root from 61.177.172.159 port 10292 ssh2 Jul 14 18:28:34 localhost sshd[118956]: Failed password for root from 61.177.172.159 port 10292 ssh2 Jul 14 18:28:29 localhost sshd[118956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.159 user=root Jul 14 18:28:32 localhost sshd[118956]: Failed password for root from 61.177.172.159 port 10292 ssh2 Jul 14 18:28:34 localhost sshd[118956]: Failed password for root from 61.177.172.159 port 10292 ssh2 Jul 14 18:28:29 localhost sshd[118956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.159 user=root Jul 14 18:28:32 localhost sshd[118956]: Failed password for root from 61.177.172.159 port 10292 ssh2 Jul 14 18:28:34 localhost sshd[11 ...	2020-07-15 02:37:01
195.223.211.242	attackbots	2020-07-14T18:28:31+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-07-15 02:46:50
152.136.133.70	attack	Jul 14 20:51:24 OPSO sshd\[15608\]: Invalid user mbb from 152.136.133.70 port 49684 Jul 14 20:51:24 OPSO sshd\[15608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.133.70 Jul 14 20:51:26 OPSO sshd\[15608\]: Failed password for invalid user mbb from 152.136.133.70 port 49684 ssh2 Jul 14 20:55:43 OPSO sshd\[16383\]: Invalid user dallas from 152.136.133.70 port 45800 Jul 14 20:55:43 OPSO sshd\[16383\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.133.70	2020-07-15 02:58:33
112.85.42.188	attackspam	07/14/2020-14:49:25.062221 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-07-15 02:50:37
190.129.2.146	attackbotsspam	1594751310 - 07/14/2020 20:28:30 Host: 190.129.2.146/190.129.2.146 Port: 445 TCP Blocked	2020-07-15 02:47:03
99.17.246.167	attackbots	Jul 14 08:24:35 tdfoods sshd\[16608\]: Invalid user red from 99.17.246.167 Jul 14 08:24:35 tdfoods sshd\[16608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.17.246.167 Jul 14 08:24:37 tdfoods sshd\[16608\]: Failed password for invalid user red from 99.17.246.167 port 43368 ssh2 Jul 14 08:28:33 tdfoods sshd\[16890\]: Invalid user ftpuser from 99.17.246.167 Jul 14 08:28:33 tdfoods sshd\[16890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.17.246.167	2020-07-15 02:42:13
192.241.238.11	attackbots	TCP port 8088: Scan and connection	2020-07-15 02:53:02
114.26.226.224	attackspam	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-15 02:40:48
222.186.175.154	attackbotsspam	Jul 14 20:35:21 Ubuntu-1404-trusty-64-minimal sshd\[14717\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Jul 14 20:35:23 Ubuntu-1404-trusty-64-minimal sshd\[14717\]: Failed password for root from 222.186.175.154 port 10426 ssh2 Jul 14 20:35:51 Ubuntu-1404-trusty-64-minimal sshd\[14900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Jul 14 20:35:53 Ubuntu-1404-trusty-64-minimal sshd\[14900\]: Failed password for root from 222.186.175.154 port 12906 ssh2 Jul 14 20:36:25 Ubuntu-1404-trusty-64-minimal sshd\[15007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root	2020-07-15 02:59:06
197.246.224.221	attack	Jul 14 20:28:19 mellenthin postfix/smtpd[19224]: NOQUEUE: reject: RCPT from unknown[197.246.224.221]: 554 5.7.1 Service unavailable; Client host [197.246.224.221] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/197.246.224.221; from= to= proto=ESMTP helo=<[197.246.224.221]>	2020-07-15 03:00:23
192.35.168.225	attackspam	TCP (SYN) 192.35.168.225:51664 -> port 5051, len 44	2020-07-15 02:21:03
173.252.95.36	attackbots	[Wed Jul 15 01:28:22.702077 2020] [:error] [pid 13074:tid 140254315534080] [client 173.252.95.36:64308] [client 173.252.95.36] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/script-v49.js"] [unique_id "Xw35Rp6BljNWiMsO2yWGSwABwwM"] ...	2020-07-15 02:54:47
93.142.246.116	attackbotsspam	.	2020-07-15 02:20:03
54.187.2.68	attack	Honeypot attack, port: 445, PTR: ec2-54-187-2-68.us-west-2.compute.amazonaws.com.	2020-07-15 02:51:47

Recently Reported IPs

150.228.207.228	52.160.162.196	203.150.171.58	176.241.87.148
176.157.139.60	82.66.204.7	5.128.63.79	98.191.204.195
222.172.198.165	82.203.237.214	182.47.76.227	117.155.13.247
62.140.170.86	119.22.163.67	185.166.38.106	181.176.34.11
70.213.200.45	219.12.202.73	198.117.170.57	134.73.76.15