City: unknown
Region: unknown
Country: Norway
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.148.48.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63934
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.148.48.147. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020400 1800 900 604800 86400
;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 18:07:27 CST 2025
;; MSG SIZE rcvd: 105147.48.148.2.in-addr.arpa domain name pointer 2.148.48.147.tmi.telenormobil.no.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
147.48.148.2.in-addr.arpa name = 2.148.48.147.tmi.telenormobil.no.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 118.4.249.218 | attackbots | (sshd) Failed SSH login from 118.4.249.218 (JP/Japan/p2630218-ipngn201302tokaisakaetozai.aichi.ocn.ne.jp): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 2 18:31:37 elude sshd[405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.4.249.218 user=root Jun 2 18:31:39 elude sshd[405]: Failed password for root from 118.4.249.218 port 63225 ssh2 Jun 2 18:40:57 elude sshd[1865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.4.249.218 user=root Jun 2 18:40:59 elude sshd[1865]: Failed password for root from 118.4.249.218 port 60232 ssh2 Jun 2 18:42:47 elude sshd[2145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.4.249.218 user=root |
2020-06-03 00:55:15 |
| 27.34.30.141 | attack | 2020-06-02T14:45:24.2539821240 sshd\[30458\]: Invalid user admin from 27.34.30.141 port 59447 2020-06-02T14:45:24.4695821240 sshd\[30458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.34.30.141 2020-06-02T14:45:26.6034411240 sshd\[30458\]: Failed password for invalid user admin from 27.34.30.141 port 59447 ssh2 ... |
2020-06-03 01:20:28 |
| 186.122.148.216 | attackbots | Jun 2 13:10:22 firewall sshd[4069]: Failed password for root from 186.122.148.216 port 54634 ssh2 Jun 2 13:15:09 firewall sshd[4204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.148.216 user=root Jun 2 13:15:11 firewall sshd[4204]: Failed password for root from 186.122.148.216 port 59846 ssh2 ... |
2020-06-03 01:17:00 |
| 94.122.229.229 | attack | [02/Jun/2020 x@x [02/Jun/2020 x@x [02/Jun/2020 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.122.229.229 |
2020-06-03 00:49:35 |
| 182.61.2.238 | attack | Jun 2 17:40:05 web01 sshd[32760]: Failed password for root from 182.61.2.238 port 50756 ssh2 ... |
2020-06-03 01:12:55 |
| 45.141.84.44 | attackbots | Jun 2 19:00:01 debian-2gb-nbg1-2 kernel: \[13375967.917458\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.141.84.44 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=11104 PROTO=TCP SPT=58485 DPT=6995 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-06-03 01:00:22 |
| 179.221.72.99 | attackspambots | 2020-06-02T16:15:11.798476vps751288.ovh.net sshd\[16862\]: Invalid user equinox\\r from 179.221.72.99 port 53164 2020-06-02T16:15:11.806003vps751288.ovh.net sshd\[16862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.221.72.99 2020-06-02T16:15:13.813745vps751288.ovh.net sshd\[16862\]: Failed password for invalid user equinox\\r from 179.221.72.99 port 53164 ssh2 2020-06-02T16:21:38.993786vps751288.ovh.net sshd\[16912\]: Invalid user !QAZ1231zxc\\r from 179.221.72.99 port 58272 2020-06-02T16:21:39.002710vps751288.ovh.net sshd\[16912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.221.72.99 |
2020-06-03 01:22:52 |
| 103.213.131.108 | attack | ft-1848-basketball.de 103.213.131.108 [02/Jun/2020:14:03:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" ft-1848-basketball.de 103.213.131.108 [02/Jun/2020:14:03:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" |
2020-06-03 01:04:12 |
| 92.63.196.3 | attack | Jun 2 18:48:01 debian-2gb-nbg1-2 kernel: \[13375247.450883\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.63.196.3 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=22844 PROTO=TCP SPT=55186 DPT=5003 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-06-03 00:55:47 |
| 37.254.76.96 | attackbots | Jun 2 14:03:19 icecube postfix/smtpd[55001]: warning: unknown[37.254.76.96]: SASL CRAM-MD5 authentication failed: authentication failure |
2020-06-03 01:18:58 |
| 175.24.132.222 | attack | Jun 2 14:03:15 mellenthin sshd[20937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.132.222 user=root Jun 2 14:03:17 mellenthin sshd[20937]: Failed password for invalid user root from 175.24.132.222 port 55180 ssh2 |
2020-06-03 01:19:27 |
| 190.55.158.182 | attackbotsspam | Jun 2 13:57:52 mxgate1 postfix/postscreen[1621]: CONNECT from [190.55.158.182]:14039 to [176.31.12.44]:25 Jun 2 13:57:52 mxgate1 postfix/dnsblog[1624]: addr 190.55.158.182 listed by domain zen.spamhaus.org as 127.0.0.4 Jun 2 13:57:52 mxgate1 postfix/dnsblog[1624]: addr 190.55.158.182 listed by domain zen.spamhaus.org as 127.0.0.11 Jun 2 13:57:52 mxgate1 postfix/dnsblog[1622]: addr 190.55.158.182 listed by domain cbl.abuseat.org as 127.0.0.2 Jun 2 13:57:53 mxgate1 postfix/dnsblog[1627]: addr 190.55.158.182 listed by domain b.barracudacentral.org as 127.0.0.2 Jun 2 13:57:58 mxgate1 postfix/postscreen[1621]: DNSBL rank 4 for [190.55.158.182]:14039 Jun x@x Jun 2 13:57:59 mxgate1 postfix/postscreen[1621]: HANGUP after 1.2 from [190.55.158.182]:14039 in tests after SMTP handshake Jun 2 13:57:59 mxgate1 postfix/postscreen[1621]: DISCONNECT [190.55.158.182]:14039 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.55.158.182 |
2020-06-03 00:43:34 |
| 49.88.112.55 | attack | Jun 2 18:57:37 vps sshd[792150]: Failed password for root from 49.88.112.55 port 64625 ssh2 Jun 2 18:57:40 vps sshd[792150]: Failed password for root from 49.88.112.55 port 64625 ssh2 Jun 2 18:57:43 vps sshd[792150]: Failed password for root from 49.88.112.55 port 64625 ssh2 Jun 2 18:57:46 vps sshd[792150]: Failed password for root from 49.88.112.55 port 64625 ssh2 Jun 2 18:57:49 vps sshd[792150]: Failed password for root from 49.88.112.55 port 64625 ssh2 ... |
2020-06-03 01:11:30 |
| 46.32.45.207 | attack | Jun 2 16:03:29 vps647732 sshd[30578]: Failed password for root from 46.32.45.207 port 36478 ssh2 ... |
2020-06-03 00:53:29 |
| 49.232.34.247 | attackbots | Jun 3 00:44:10 web1 sshd[31658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.34.247 user=root Jun 3 00:44:12 web1 sshd[31658]: Failed password for root from 49.232.34.247 port 48968 ssh2 Jun 3 00:47:57 web1 sshd[32561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.34.247 user=root Jun 3 00:48:00 web1 sshd[32561]: Failed password for root from 49.232.34.247 port 58898 ssh2 Jun 3 00:51:15 web1 sshd[937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.34.247 user=root Jun 3 00:51:17 web1 sshd[937]: Failed password for root from 49.232.34.247 port 34618 ssh2 Jun 3 00:54:17 web1 sshd[1671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.34.247 user=root Jun 3 00:54:19 web1 sshd[1671]: Failed password for root from 49.232.34.247 port 38566 ssh2 Jun 3 01:00:19 web1 sshd[3197]: pam_unix( ... |
2020-06-03 01:19:54 |