148.120.54.57 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Norway

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.120.54.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63868
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.120.54.57.			IN	A

;; AUTHORITY SECTION:
.			488	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011101 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 12 04:15:17 CST 2022
;; MSG SIZE  rcvd: 106

Host info

57.54.120.148.in-addr.arpa domain name pointer 57.54.120.148.in-addr.arpa.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
57.54.120.148.in-addr.arpa	name = 57.54.120.148.in-addr.arpa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.230.185.56	attackbots	Oct 20 15:07:27 MK-Soft-VM7 sshd[20824]: Failed password for root from 111.230.185.56 port 19079 ssh2 Oct 20 15:12:41 MK-Soft-VM7 sshd[20885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.185.56 ...	2019-10-20 22:59:05
182.74.24.178	attackspambots	Unauthorized connection attempt from IP address 182.74.24.178 on Port 445(SMB)	2019-10-20 22:49:32
95.29.217.248	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/95.29.217.248/ RU - 1H : (154) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN8402 IP : 95.29.217.248 CIDR : 95.29.192.0/19 PREFIX COUNT : 1674 UNIQUE IP COUNT : 1840128 ATTACKS DETECTED ASN8402 : 1H - 1 3H - 2 6H - 2 12H - 2 24H - 5 DateTime : 2019-10-20 14:02:34 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-20 22:34:16
154.73.82.130	attackbots	Unauthorized connection attempt from IP address 154.73.82.130 on Port 445(SMB)	2019-10-20 22:58:16
125.227.255.79	attack	Oct 20 20:03:54 areeb-Workstation sshd[24499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.255.79 Oct 20 20:03:57 areeb-Workstation sshd[24499]: Failed password for invalid user in from 125.227.255.79 port 59985 ssh2 ...	2019-10-20 22:38:19
45.148.235.108	attackbotsspam	45.148.235.108 - - [20/Oct/2019:08:02:29 -0400] "GET /?page=products&action=/etc/passwd%00&manufacturerID=12&productID=973&linkID=15902 HTTP/1.1" 200 17147 "https://newportbrassfaucets.com/?page=products&action=/etc/passwd%00&manufacturerID=12&productID=973&linkID=15902" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" ...	2019-10-20 22:38:01
149.202.43.72	attackbotsspam	Oct 20 08:28:55 wildwolf wplogin[5105]: 149.202.43.72 prometheus.ngo [2019-10-20 08:28:55+0000] "POST /cms/wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "" "admin1" Oct 20 08:28:56 wildwolf wplogin[5470]: 149.202.43.72 prometheus.ngo [2019-10-20 08:28:56+0000] "POST /cms/xmlrpc.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "admin" "" Oct 20 08:31:19 wildwolf wplogin[5176]: 149.202.43.72 prometheus.ngo [2019-10-20 08:31:19+0000] "POST /2017/wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "admin" "edhostnameor" Oct 20 08:31:20 wildwolf wplogin[3438]: 149.202.43.72 prometheus.ngo [2019-10-20 08:31:20+0000] "POST /2017/xmlrpc.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "admin" "" Oct 20 10:04:52 wildwolf wplogin[32563]: 149.202.43.72 prometheus.ngo [2019-10........ ------------------------------	2019-10-20 23:22:05
167.99.67.209	attackspambots	Oct 20 12:46:13 rb06 sshd[3338]: Failed password for invalid user test from 167.99.67.209 port 52192 ssh2 Oct 20 12:46:13 rb06 sshd[3338]: Received disconnect from 167.99.67.209: 11: Bye Bye [preauth] Oct 20 12:58:41 rb06 sshd[13547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.67.209 user=r.r Oct 20 12:58:43 rb06 sshd[13547]: Failed password for r.r from 167.99.67.209 port 49180 ssh2 Oct 20 12:58:43 rb06 sshd[13547]: Received disconnect from 167.99.67.209: 11: Bye Bye [preauth] Oct 20 13:03:05 rb06 sshd[14583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.67.209 user=r.r Oct 20 13:03:07 rb06 sshd[14583]: Failed password for r.r from 167.99.67.209 port 60810 ssh2 Oct 20 13:03:07 rb06 sshd[14583]: Received disconnect from 167.99.67.209: 11: Bye Bye [preauth] Oct 20 13:07:40 rb06 sshd[15187]: Failed password for invalid user abhijhostnameh from 167.99.67.209 port 44212 s........ -------------------------------	2019-10-20 22:45:46
91.106.193.72	attackbotsspam	Triggered by Fail2Ban at Vostok web server	2019-10-20 23:02:31
160.16.94.153	attackspam	2019-10-18T04:38:49.355372ldap.arvenenaske.de sshd[21397]: Connection from 160.16.94.153 port 43949 on 5.199.128.55 port 22 2019-10-18T04:38:51.066310ldap.arvenenaske.de sshd[21397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.94.153 user=r.r 2019-10-18T04:38:53.009202ldap.arvenenaske.de sshd[21397]: Failed password for r.r from 160.16.94.153 port 43949 ssh2 2019-10-18T04:42:47.458090ldap.arvenenaske.de sshd[21403]: Connection from 160.16.94.153 port 36004 on 5.199.128.55 port 22 2019-10-18T04:42:49.169635ldap.arvenenaske.de sshd[21403]: Invalid user user from 160.16.94.153 port 36004 2019-10-18T04:42:49.203110ldap.arvenenaske.de sshd[21403]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.94.153 user=user 2019-10-18T04:42:49.205147ldap.arvenenaske.de sshd[21403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.94.153 2019-10-18........ ------------------------------	2019-10-20 22:59:59
202.179.17.7	attackspambots	Unauthorized connection attempt from IP address 202.179.17.7 on Port 445(SMB)	2019-10-20 23:06:41
110.80.17.26	attackspam	Oct 20 16:10:20 vpn01 sshd[22375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.80.17.26 Oct 20 16:10:23 vpn01 sshd[22375]: Failed password for invalid user tomcat from 110.80.17.26 port 37036 ssh2 ...	2019-10-20 22:38:44
93.186.254.242	attack	Oct 18 05:30:47 vtv3 sshd\[30184\]: Invalid user lynda from 93.186.254.242 port 58042 Oct 18 05:30:47 vtv3 sshd\[30184\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.186.254.242 Oct 18 05:30:49 vtv3 sshd\[30184\]: Failed password for invalid user lynda from 93.186.254.242 port 58042 ssh2 Oct 18 05:34:39 vtv3 sshd\[31689\]: Invalid user server from 93.186.254.242 port 42074 Oct 18 05:34:39 vtv3 sshd\[31689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.186.254.242 Oct 18 05:45:58 vtv3 sshd\[5492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.186.254.242 user=root Oct 18 05:46:00 vtv3 sshd\[5492\]: Failed password for root from 93.186.254.242 port 48694 ssh2 Oct 18 05:49:52 vtv3 sshd\[7007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.186.254.242 user=root Oct 18 05:49:54 vtv3 sshd\[7007\]: Failed password for r	2019-10-20 22:46:00
189.4.2.30	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/189.4.2.30/ BR - 1H : (307) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN28573 IP : 189.4.2.30 CIDR : 189.4.0.0/22 PREFIX COUNT : 1254 UNIQUE IP COUNT : 9653760 ATTACKS DETECTED ASN28573 : 1H - 2 3H - 5 6H - 5 12H - 11 24H - 22 DateTime : 2019-10-20 14:01:43 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-20 23:25:10
45.136.109.15	attack	10/20/2019-09:29:02.358949 45.136.109.15 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-20 22:33:46

Recently Reported IPs

43.13.216.217	161.161.2.22	230.199.62.228	43.225.106.46
67.96.135.207	183.156.253.40	39.90.144.164	31.20.74.61
20.236.196.59	38.169.206.73	240.220.16.239	128.255.52.185
130.47.80.168	29.177.199.132	178.250.90.89	226.180.44.143
243.69.104.108	119.89.37.92	241.136.120.6	23.222.99.52