158.148.149.252

Basic Info

City: Rome

Region: Lazio

Country: Italy

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.148.149.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17530
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;158.148.149.252.		IN	A

;; AUTHORITY SECTION:
.			157	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022041600 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 16 20:52:28 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 252.149.148.158.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.149.148.158.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.68.190	attack	Mar 18 05:22:25 ourumov-web sshd\[29706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.68.190 user=root Mar 18 05:22:27 ourumov-web sshd\[29706\]: Failed password for root from 106.13.68.190 port 34846 ssh2 Mar 18 05:27:33 ourumov-web sshd\[30092\]: Invalid user yangzishuang from 106.13.68.190 port 37196 ...	2020-03-18 15:46:02
134.209.228.241	attack	$f2bV_matches	2020-03-18 15:29:14
112.217.225.59	attack	Invalid user xiaoshengchang from 112.217.225.59 port 37111	2020-03-18 15:42:58
5.45.207.74	attackbotsspam	[Wed Mar 18 11:56:23.095711 2020] [:error] [pid 7194:tid 139937944954624] [client 5.45.207.74:40273] [client 5.45.207.74] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnGp9yDR2vdY1fmOmBU-ZQAAADg"] ...	2020-03-18 15:28:22
185.81.99.206	attackbotsspam	SSH Brute-Force Attack	2020-03-18 15:57:31
114.67.68.224	attackbotsspam	$f2bV_matches	2020-03-18 16:02:40
88.215.33.141	attackspambots	Chat Spam	2020-03-18 15:35:48
164.132.47.139	attack	Invalid user dolphin from 164.132.47.139 port 54712	2020-03-18 15:30:26
59.127.172.234	attackbots	k+ssh-bruteforce	2020-03-18 16:05:30
220.246.26.51	attack	Mar 18 03:48:58 Tower sshd[38833]: Connection from 220.246.26.51 port 47080 on 192.168.10.220 port 22 rdomain "" Mar 18 03:49:00 Tower sshd[38833]: Failed password for root from 220.246.26.51 port 47080 ssh2 Mar 18 03:49:00 Tower sshd[38833]: Received disconnect from 220.246.26.51 port 47080:11: Bye Bye [preauth] Mar 18 03:49:00 Tower sshd[38833]: Disconnected from authenticating user root 220.246.26.51 port 47080 [preauth]	2020-03-18 16:05:51
101.89.95.77	attackbotsspam	$f2bV_matches	2020-03-18 15:41:03
58.152.43.8	attackbots	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-03-18 15:58:46
5.188.62.25	attack	5.188.62.25 - - [18/Mar/2020:07:04:31 +0100] "POST /wp-login.php HTTP/1.1" 200 6824 "-" "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36" 5.188.62.25 - - [18/Mar/2020:07:04:33 +0100] "POST /wp-login.php HTTP/1.1" 200 7526 "-" "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36" 5.188.62.25 - - [18/Mar/2020:08:08:50 +0100] "POST /wp-login.php HTTP/1.1" 200 6825 "-" "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"	2020-03-18 16:03:05
149.28.8.137	attack	CMS (WordPress or Joomla) login attempt.	2020-03-18 15:50:31
189.109.204.218	attackbotsspam	Invalid user ispconfig from 189.109.204.218 port 48180	2020-03-18 15:56:57

Recently Reported IPs

105.51.66.238	202.84.221.52	119.254.208.246	189.84.164.137
116.242.173.107	61.105.156.222	121.169.228.164	83.217.148.166
254.38.85.99	239.102.132.96	159.28.183.219	212.229.233.18
130.7.204.9	233.138.3.238	105.35.76.107	6.80.122.233
196.55.216.193	80.237.47.85	185.110.94.119	218.20.157.133