149.140.2.100 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Turkey

Internet Service Provider: Vodafone Telekomunikasyon A.S.

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	2020-03-13 22:10:36 H=\(\[149.140.2.100\]\) \[149.140.2.100\]:47617 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2020-03-13 22:11:30 H=\(\[149.140.2.100\]\) \[149.140.2.100\]:47806 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2020-03-13 22:12:09 H=\(\[149.140.2.100\]\) \[149.140.2.100\]:47945 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-03-14 09:38:42

Type

Details

Datetime

attackspambots

2020-03-13 22:10:36 H=\(\[149.140.2.100\]\) \[149.140.2.100\]:47617 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2020-03-13 22:11:30 H=\(\[149.140.2.100\]\) \[149.140.2.100\]:47806 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2020-03-13 22:12:09 H=\(\[149.140.2.100\]\) \[149.140.2.100\]:47945 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
...

2020-03-14 09:38:42

Comments on same subnet:

IP	Type	Details	Datetime
149.140.200.162	attackbotsspam	bruteforce detected	2020-07-30 01:20:25
149.140.20.213	attack	Apr 6 17:30:57 server postfix/smtpd[28694]: NOQUEUE: reject: RCPT from unknown[149.140.20.213]: 554 5.7.1 Service unavailable; Client host [149.140.20.213] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/149.140.20.213; from= to=<7927378anav@anavveneto.it> proto=ESMTP helo=<[149.140.20.213]>	2020-04-07 06:09:44
149.140.238.211	attackspambots	SMTP/25/465/587 Probe, BadAuth, SPAM, Hack -	2019-11-22 03:56:40
149.140.252.144	attack	Port Scan: TCP/81	2019-09-25 08:53:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.140.2.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26910
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.140.2.100.			IN	A

;; AUTHORITY SECTION:
.			568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031301 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 14 09:38:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 100.2.140.149.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 100.2.140.149.in-addr.arpa.: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.201.105.62	attackbots	Port scan on 4 port(s): 12345 23456 55555 56789	2019-11-29 23:52:47
5.148.3.212	attackbotsspam	Nov 29 17:27:53 server sshd\[19242\]: Invalid user hung from 5.148.3.212 port 53264 Nov 29 17:27:53 server sshd\[19242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Nov 29 17:27:56 server sshd\[19242\]: Failed password for invalid user hung from 5.148.3.212 port 53264 ssh2 Nov 29 17:32:08 server sshd\[27587\]: Invalid user server from 5.148.3.212 port 43274 Nov 29 17:32:08 server sshd\[27587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212	2019-11-29 23:43:07
103.194.243.238	attack	Nov 29 16:03:47 mxgate1 sshd[25300]: Did not receive identification string from 103.194.243.238 port 54343 Nov 29 16:04:45 mxgate1 sshd[25316]: Invalid user Adminixxxr from 103.194.243.238 port 61573 Nov 29 16:04:46 mxgate1 sshd[25316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.194.243.238 Nov 29 16:04:48 mxgate1 sshd[25316]: Failed password for invalid user Adminixxxr from 103.194.243.238 port 61573 ssh2 Nov 29 16:04:48 mxgate1 sshd[25316]: Connection closed by 103.194.243.238 port 61573 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.194.243.238	2019-11-30 00:10:32
62.210.151.21	attackspam	\[2019-11-29 10:54:20\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-29T10:54:20.992-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6744441254929806",SessionID="0x7f26c43b0c68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.151.21/57865",ACLName="no_extension_match" \[2019-11-29 10:54:27\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-29T10:54:27.288-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6745441254929806",SessionID="0x7f26c498eac8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.151.21/51252",ACLName="no_extension_match" \[2019-11-29 10:54:33\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-29T10:54:33.699-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6746441254929806",SessionID="0x7f26c4a9e0e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.151.21/61509",ACLName="no_	2019-11-30 00:09:03
45.115.99.38	attackbotsspam	Nov 29 15:32:20 localhost sshd\[63136\]: Invalid user sexmachine from 45.115.99.38 port 34444 Nov 29 15:32:20 localhost sshd\[63136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.115.99.38 Nov 29 15:32:22 localhost sshd\[63136\]: Failed password for invalid user sexmachine from 45.115.99.38 port 34444 ssh2 Nov 29 15:36:02 localhost sshd\[63262\]: Invalid user siemensmeyer from 45.115.99.38 port 52231 Nov 29 15:36:02 localhost sshd\[63262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.115.99.38 ...	2019-11-29 23:39:00
42.242.162.188	attack	/download/file.php?id=214&sid=608bd083159fab6a8e86677d47a7b81d	2019-11-30 00:02:30
91.121.211.34	attackbots	Nov 29 16:09:56 SilenceServices sshd[6054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.211.34 Nov 29 16:09:58 SilenceServices sshd[6054]: Failed password for invalid user Good from 91.121.211.34 port 44268 ssh2 Nov 29 16:13:20 SilenceServices sshd[7021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.211.34	2019-11-30 00:08:00
106.13.139.252	attackspambots	Nov 29 16:13:02 mout sshd[23256]: Invalid user 123440 from 106.13.139.252 port 49978	2019-11-30 00:19:30
124.108.21.100	attackbots	Nov 29 12:24:52 firewall sshd[12912]: Invalid user guest from 124.108.21.100 Nov 29 12:24:54 firewall sshd[12912]: Failed password for invalid user guest from 124.108.21.100 port 47480 ssh2 Nov 29 12:27:29 firewall sshd[12960]: Invalid user guest from 124.108.21.100 ...	2019-11-30 00:14:03
91.207.40.42	attackspambots	Automatic report - SSH Brute-Force Attack	2019-11-30 00:03:30
89.146.169.235	attackspam	Automatic report - Port Scan Attack	2019-11-29 23:57:48
159.65.4.64	attack	Nov 29 07:13:39 mockhub sshd[12882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.4.64 Nov 29 07:13:40 mockhub sshd[12882]: Failed password for invalid user ident from 159.65.4.64 port 45842 ssh2 ...	2019-11-29 23:50:35
63.143.57.30	attackspam	Nov 29 16:12:24 h2177944 kernel: \[7915619.002167\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=10753 DF PROTO=TCP SPT=10127 DPT=8009 WINDOW=512 RES=0x00 SYN URGP=0 Nov 29 16:13:07 h2177944 kernel: \[7915662.666156\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=10753 DF PROTO=TCP SPT=10129 DPT=8013 WINDOW=512 RES=0x00 SYN URGP=0 Nov 29 16:13:22 h2177944 kernel: \[7915677.008298\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=10753 DF PROTO=TCP SPT=10130 DPT=8888 WINDOW=512 RES=0x00 SYN URGP=0 Nov 29 16:13:39 h2177944 kernel: \[7915694.469446\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=10753 DF PROTO=TCP SPT=10131 DPT=16001 WINDOW=512 RES=0x00 SYN URGP=0 Nov 29 16:13:56 h2177944 kernel: \[7915711.025414\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.1	2019-11-29 23:37:48
178.70.79.174	attack	Nov 29 16:13:46 arianus sshd\[13773\]: Invalid user admin from 178.70.79.174 port 48754 ...	2019-11-29 23:47:36
185.117.215.9	attack	11/29/2019-16:13:49.146273 185.117.215.9 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 27	2019-11-29 23:46:20

Recently Reported IPs

10.111.13.255	10.182.9.20	220.99.255.64	123.230.197.253
193.242.148.220	104.244.243.104	77.175.48.246	157.181.110.153
179.106.244.11	224.214.164.94	66.97.45.175	204.249.10.230
95.141.127.52	201.241.171.152	108.180.91.133	76.186.184.208
111.82.189.44	54.255.116.48	203.42.78.3	87.112.23.110