2.90.148.252 - IPInfo

Basic Info

City: Riyadh

Region: Riyadh Region

Country: Saudi Arabia

Internet Service Provider: Saudi Telecom Company JSC

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 2.90.148.252 on Port 445(SMB)	2020-06-12 08:16:39

Comments on same subnet:

IP	Type	Details	Datetime
2.90.148.34	attackspam	2019-10-21 x@x 2019-10-21 12:22:54 unexpected disconnection while reading SMTP command from ([2.90.148.34]) [2.90.148.34]:42291 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-10-21 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=2.90.148.34	2019-10-21 21:59:45

Type

Details

Datetime

2.90.148.34

attackspam

2019-10-21 x@x
2019-10-21 12:22:54 unexpected disconnection while reading SMTP command from ([2.90.148.34]) [2.90.148.34]:42291 I=[10.100.18.21]:25 (error: Connection reset by peer)
2019-10-21 x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=2.90.148.34

2019-10-21 21:59:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.90.148.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2630
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.90.148.252.			IN	A

;; AUTHORITY SECTION:
.			236	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061102 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 12 08:16:35 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 252.148.90.2.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.148.90.2.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
168.197.31.13	attack	Invalid user rakesh from 168.197.31.13 port 46656	2020-02-18 04:56:33
190.202.40.53	attackbotsspam	Feb 17 19:13:54 nextcloud sshd\[4888\]: Invalid user gymnast from 190.202.40.53 Feb 17 19:13:54 nextcloud sshd\[4888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.202.40.53 Feb 17 19:13:56 nextcloud sshd\[4888\]: Failed password for invalid user gymnast from 190.202.40.53 port 39486 ssh2	2020-02-18 05:12:00
213.241.10.110	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 04:49:20
213.248.137.162	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 04:36:29
104.248.159.69	attack	$f2bV_matches	2020-02-18 05:08:05
61.91.56.250	attackspambots	Brute force attempt	2020-02-18 04:42:27
111.93.31.227	attackspam	Feb 17 21:06:20 sso sshd[16003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.31.227 Feb 17 21:06:23 sso sshd[16003]: Failed password for invalid user uchiha from 111.93.31.227 port 47642 ssh2 ...	2020-02-18 04:44:31
114.237.154.104	attack	[Mon Feb 17 12:43:43 2020 GMT] "James Gu" [RDNS_NONE,FREEMAIL_FORGED_REPLYTO], Subject: Re: We have accumulated f	2020-02-18 04:39:26
5.182.26.22	attack	Feb 17 14:32:54 vmd17057 sshd\[25481\]: Invalid user peaches from 5.182.26.22 port 60768 Feb 17 14:32:54 vmd17057 sshd\[25481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.182.26.22 Feb 17 14:32:56 vmd17057 sshd\[25481\]: Failed password for invalid user peaches from 5.182.26.22 port 60768 ssh2 ...	2020-02-18 04:42:51
49.232.163.88	attackbots	Automatic report - SSH Brute-Force Attack	2020-02-18 04:34:14
193.187.80.35	attackspambots	5x Failed Password	2020-02-18 05:06:49
134.209.148.107	attackbotsspam	Feb 17 19:49:39 lnxmysql61 sshd[24139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.148.107	2020-02-18 04:41:28
182.114.213.46	attackspambots	" "	2020-02-18 04:58:13
42.112.143.122	attack	Autoban 42.112.143.122 AUTH/CONNECT	2020-02-18 04:36:10
117.34.200.242	attackspambots	Port probing on unauthorized port 22	2020-02-18 05:07:14

Recently Reported IPs

50.76.68.122	196.94.27.215	164.100.103.63	47.65.163.90
87.213.16.62	196.150.116.244	72.93.157.188	196.234.150.117
35.243.224.124	221.224.26.171	173.220.186.140	63.183.145.45
46.82.193.41	66.249.79.49	65.144.227.117	45.186.167.1
83.45.244.98	179.190.230.167	100.23.132.141	220.81.102.118