151.242.199.149

Basic Info

City: unknown

Region: unknown

Country: Iran (ISLAMIC Republic Of)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 151.242.199.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56307
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;151.242.199.149.		IN	A

;; AUTHORITY SECTION:
.			281	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 16:14:46 CST 2022
;; MSG SIZE  rcvd: 108

Host info

149.199.242.151.in-addr.arpa domain name pointer 151-242-199-149.shatel.ir.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.199.242.151.in-addr.arpa	name = 151-242-199-149.shatel.ir.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.96.254.100	attack	Sep 4 18:51:07 mellenthin postfix/smtpd[32144]: NOQUEUE: reject: RCPT from 179-96-254-100.outcenter.com.br[179.96.254.100]: 554 5.7.1 Service unavailable; Client host [179.96.254.100] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/179.96.254.100; from= to= proto=ESMTP helo=<179-96-254-100.outcenter.com.br>	2020-09-05 06:51:52
194.26.25.97	attack	Multiport scan : 43 ports scanned 58 221 292 322 442 565 710 939 1876 1891 1901 2025 2552 2795 4894 5435 5671 6336 8990 9222 9351 9456 9585 9769 12124 13022 13135 13226 14145 14444 14725 18586 19495 19756 20726 21216 21439 22021 22227 24445 26914 31112 32122	2020-09-05 07:12:45
200.27.212.22	attack	Invalid user ubuntu from 200.27.212.22 port 54644	2020-09-05 07:26:42
112.85.42.173	attackbots	Sep 5 00:40:07 sd-69548 sshd[755217]: Unable to negotiate with 112.85.42.173 port 23352: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Sep 5 01:17:12 sd-69548 sshd[757731]: Unable to negotiate with 112.85.42.173 port 11297: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2020-09-05 07:20:41
172.107.95.30	attackspam	Honeypot hit.	2020-09-05 07:11:08
141.98.10.209	attack	2020-09-04T23:19:57.024437shield sshd\[22092\]: Invalid user 1234 from 141.98.10.209 port 49980 2020-09-04T23:19:57.037605shield sshd\[22092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.209 2020-09-04T23:19:59.491901shield sshd\[22092\]: Failed password for invalid user 1234 from 141.98.10.209 port 49980 ssh2 2020-09-04T23:20:39.786556shield sshd\[22257\]: Invalid user user from 141.98.10.209 port 41124 2020-09-04T23:20:39.795474shield sshd\[22257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.209	2020-09-05 07:24:40
193.29.15.169	attackbotsspam	193.29.15.169 was recorded 8 times by 4 hosts attempting to connect to the following ports: 389,1900,123. Incident counter (4h, 24h, all-time): 8, 17, 4401	2020-09-05 07:27:33
209.200.15.178	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-05 07:20:17
80.232.241.122	attackspambots	Port Scan detected! ...	2020-09-05 07:16:10
91.134.248.230	attack	WEB server attack.	2020-09-05 07:02:36
220.134.169.119	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-05 07:03:13
222.186.173.201	attack	Sep 5 00:58:07 vps647732 sshd[8967]: Failed password for root from 222.186.173.201 port 24234 ssh2 Sep 5 00:58:17 vps647732 sshd[8967]: Failed password for root from 222.186.173.201 port 24234 ssh2 ...	2020-09-05 07:15:25
114.119.147.129	attack	[Sat Sep 05 03:55:20.453338 2020] [:error] [pid 23286:tid 140308377491200] [client 114.119.147.129:21512] [client 114.119.147.129] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/1741-kalender-tanam-katam-terpadu-pulau-jawa/kalender-tanam-katam-terpadu-provinsi-jawa-timur/kalender-tanam-katam-terpadu-kota-surabaya/kalender-tanam-katam-terpadu-kecamatan-sawahan-kota-surab ...	2020-09-05 07:10:15
60.2.224.234	attack	2020-09-04T23:00:58.678474correo.[domain] sshd[21305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.2.224.234 2020-09-04T23:00:58.669688correo.[domain] sshd[21305]: Invalid user emily from 60.2.224.234 port 39266 2020-09-04T23:01:00.334196correo.[domain] sshd[21305]: Failed password for invalid user emily from 60.2.224.234 port 39266 ssh2 ...	2020-09-05 07:04:27
197.51.193.194	attackspambots	Honeypot attack, port: 81, PTR: host-197.51.193.194.tedata.net.	2020-09-05 07:10:43

Recently Reported IPs

81.215.201.170	115.87.217.73	176.59.98.119	64.62.197.142
180.210.176.218	41.45.167.27	13.233.196.98	41.45.212.181
197.255.207.168	2.187.168.21	87.251.67.64	111.92.79.158
171.101.133.161	194.38.20.240	171.96.102.83	189.236.18.165
114.132.224.32	106.52.96.130	102.89.3.87	125.137.52.187