213.222.201.149

Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.222.201.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42519
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;213.222.201.149.		IN	A

;; AUTHORITY SECTION:
.			446	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 19 01:41:50 CST 2022
;; MSG SIZE  rcvd: 108

Host info

149.201.222.213.in-addr.arpa domain name pointer scep.certum.pl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.201.222.213.in-addr.arpa	name = scep.certum.pl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
54.206.114.237	attackbots	[SatFeb0105:47:49.0300752020][:error][pid24188:tid47392770438912][client54.206.114.237:59080][client54.206.114.237]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"www.robertselitrenny.ch"][uri"/.env"][unique_id"XjUC9JlcfRG8Izvxj6PnLwAAAQU"][SatFeb0105:58:42.9758062020][:error][pid23763:tid47392797755136][client54.206.114.237:44158][client54.206.114.237]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|	2020-02-01 13:06:59
122.51.96.57	attack	Jan 31 02:59:15 : SSH login attempts with invalid user	2020-02-01 11:02:17
67.205.153.16	attack	Feb 1 01:58:30 ws22vmsma01 sshd[134071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.153.16 Feb 1 01:58:32 ws22vmsma01 sshd[134071]: Failed password for invalid user test2 from 67.205.153.16 port 53784 ssh2 ...	2020-02-01 13:15:21
35.183.126.125	attackbots	Time: Fri Jan 31 18:27:15 2020 -0300 IP: 35.183.126.125 (CA/Canada/ec2-35-183-126-125.ca-central-1.compute.amazonaws.com) Failures: 5 (mod_security) Interval: 3600 seconds Blocked: Permanent Block	2020-02-01 11:04:27
112.85.42.173	attackspam	Scanned 5 times in the last 24 hours on port 22	2020-02-01 13:19:02
13.211.40.250	attackbots	B: File scanning	2020-02-01 13:24:10
176.95.169.216	attack	Feb 1 05:58:28 sso sshd[8515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.95.169.216 Feb 1 05:58:30 sso sshd[8515]: Failed password for invalid user dev from 176.95.169.216 port 59950 ssh2 ...	2020-02-01 13:15:51
35.183.210.93	attackbots	Server penetration trying other domain names than server publicly serves (ex https://localhost)	2020-02-01 13:33:48
89.248.168.217	attack	02/01/2020-05:58:15.855101 89.248.168.217 Protocol: 17 ET DROP Dshield Block Listed Source group 1	2020-02-01 13:26:43
119.254.12.66	attack	Feb 1 06:06:25 vmd17057 sshd\[18438\]: Invalid user test4 from 119.254.12.66 port 53950 Feb 1 06:06:25 vmd17057 sshd\[18438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.254.12.66 Feb 1 06:06:27 vmd17057 sshd\[18438\]: Failed password for invalid user test4 from 119.254.12.66 port 53950 ssh2 ...	2020-02-01 13:16:21
222.186.3.249	attack	Feb 1 04:53:32 hcbbdb sshd\[32247\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root Feb 1 04:53:34 hcbbdb sshd\[32247\]: Failed password for root from 222.186.3.249 port 54614 ssh2 Feb 1 04:54:26 hcbbdb sshd\[32339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root Feb 1 04:54:28 hcbbdb sshd\[32339\]: Failed password for root from 222.186.3.249 port 13853 ssh2 Feb 1 04:58:22 hcbbdb sshd\[381\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root	2020-02-01 13:20:37
212.174.63.119	attackspam	Automatic report - Port Scan Attack	2020-02-01 13:12:47
218.92.0.145	attackspambots	$f2bV_matches	2020-02-01 10:51:42
181.49.254.230	attackspam	Unauthorized connection attempt detected from IP address 181.49.254.230 to port 2220 [J]	2020-02-01 13:32:45
104.210.3.106	attack	Unauthorized connection attempt detected from IP address 104.210.3.106 to port 2220 [J]	2020-02-01 13:31:58

Recently Reported IPs

213.221.40.245	213.221.250.116	213.222.239.164	213.224.232.10
213.226.114.29	213.226.114.98	213.222.29.147	213.225.37.189
213.226.118.204	213.226.118.208	213.226.118.3	213.223.145.166
213.226.126.142	213.226.125.61	213.226.125.174	213.226.139.90
213.227.129.194	213.227.129.23	213.227.129.193	213.227.135.21