2.90.148.252 - IPInfo

Basic Info

City: Riyadh

Region: Riyadh Region

Country: Saudi Arabia

Internet Service Provider: Saudi Telecom Company JSC

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 2.90.148.252 on Port 445(SMB)	2020-06-12 08:16:39

Comments on same subnet:

IP	Type	Details	Datetime
2.90.148.34	attackspam	2019-10-21 x@x 2019-10-21 12:22:54 unexpected disconnection while reading SMTP command from ([2.90.148.34]) [2.90.148.34]:42291 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-10-21 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=2.90.148.34	2019-10-21 21:59:45

Type

Details

Datetime

2.90.148.34

attackspam

2019-10-21 x@x
2019-10-21 12:22:54 unexpected disconnection while reading SMTP command from ([2.90.148.34]) [2.90.148.34]:42291 I=[10.100.18.21]:25 (error: Connection reset by peer)
2019-10-21 x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=2.90.148.34

2019-10-21 21:59:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.90.148.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2630
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.90.148.252.			IN	A

;; AUTHORITY SECTION:
.			236	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061102 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 12 08:16:35 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 252.148.90.2.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.148.90.2.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
69.65.62.93	spamattack	PHISHING AND SPAM ATTACK FROM "123Greetings specials@123g.biz -" : SUBJECT "Miracle Ingredients Reverse Type II Diabetes " : RECEIVED "from mail.silver93.123g.biz ([69.65.62.93]:36536) " : DATE/TIMESENT "Tue, 23 Feb 2021 09:30:32 " NOTE "Take care with cards from 123Greetings.com"	2021-02-23 07:11:42
142.93.240.62	spamattack	PHISHING AND SPAM ATTACK FROM "Casino For You - newsletter@app.ksinergy.biz -" : SUBJECT "Join today and receive an amazing welcome bonus " : RECEIVED "from mail-02.ksinergy.biz ([142.93.240.62]:57421) " : DATE/TIMESENT "Tue, 23 Feb 2021 01:27:07 "	2021-02-23 04:32:24
195.62.46.89	spamattack	PHISHING AND SPAM ATTACK FROM "View Fore closureHomes - ViewForeclosureHomes@perpetualincome.buzz -" : SUBJECT "Foreclosure Home Listings " : RECEIVED "from [195.62.46.89] (port=60039 helo=emily.perpetualincome.buzz)" : DATE/TIMESENT "Wed, 24 Feb 2021 19:02:11 " IP ADDRESS "inetnum: 195.62.46.0 - 195.62.47.255 org-name: XSServer GmbH	2021-02-25 08:08:27
105.71.20.80	proxy	105.71.20.80	2021-02-27 08:52:57
189.6.237.180	attack	Automatic report - Port Scan Attack ssh	2021-02-28 18:39:15
45.134.22.26	normal	Versucht auf das Admin-Kono zuzugreifen	2021-02-10 05:09:00
185.63.253.223	spambotsattackproxynormal	153.63.253.200	2021-03-02 00:01:10
154.28.188.30	spamattack	Trying to login to NAS (Qnap)	2021-02-17 18:05:37
154.28.188.156	normal	... hat auch 2 x versucht auf das admin-Konto zuzugreifen	2021-02-10 05:04:50
23.247.75.101	spamattack	PHISHING AND SPAM ATTACK FROM "Forgotten Power - forgottenpower@stopmal.live -" : SUBJECT "The Medicinal plant hiding in your backyard " : RECEIVED "from hsbt.rotonat.com ([23.247.75.101]:60136 helo=tango.stopmal.live)" : DATE/TIMESENT "Mon, 22 Feb 2021 01:58:13 "	2021-02-22 07:07:25
195.62.46.181	spamattack	PHISHING AND SPAM ATTACK FROM "Dating Latina Girls - FlirtInSpanish@healthplane.biz -" : SUBJECT "Now this is cool… " : RECEIVED "from [195.62.46.181] (port=59288 helo=topeka.healthplane.biz)" : DATE/TIMESENT "Wed, 24 Feb 2021 04:35:50 "	2021-02-24 04:09:43
72.19.13.42	spamattack	PHISHING AND SPAM ATTACK FROM "Gear-Airbuds-PRO " : SUBJECT "SPECIALOFFER:Gear-AirbudsPro-available-at*discounted pric --limited-time-only" : RECEIVED "from [72.19.13.42] (port=39787 helo=meade.pey.buzz)" : DATE/TIMESENT Sat, 20 Feb 2021 22:02:09	2021-02-21 07:35:09
45.237.107.87	spambotsattackproxynormal	rrrrrr	2021-02-23 11:37:44
183.63.253.26	proxy	Thanks	2021-02-26 19:48:09
69.65.62.119	spamattack	PHISHING AND SPAM ATTACK FROM "123Greetings - specials@123g.biz -" : SUBJECT "How To Treat Toenail Fungus, According To Doctors " : RECEIVED "from mail.silver119.123g.biz ([69.65.62.119]:34483) " : DATE/TIMESENT "Thu, 25 Feb 2021 09:25:50 " NOTE Take care with cards from 123Greetings.com, it uses 69.65.62.0/25 as above"	2021-02-25 07:49:04

Recently Reported IPs

50.76.68.122	196.94.27.215	164.100.103.63	47.65.163.90
87.213.16.62	196.150.116.244	72.93.157.188	196.234.150.117
35.243.224.124	221.224.26.171	173.220.186.140	63.183.145.45
46.82.193.41	66.249.79.49	65.144.227.117	45.186.167.1
83.45.244.98	179.190.230.167	100.23.132.141	220.81.102.118