City: unknown
Region: unknown
Country: Norway
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.148.48.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63934
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.148.48.147. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025020400 1800 900 604800 86400
;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 18:07:27 CST 2025
;; MSG SIZE rcvd: 105147.48.148.2.in-addr.arpa domain name pointer 2.148.48.147.tmi.telenormobil.no.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
147.48.148.2.in-addr.arpa name = 2.148.48.147.tmi.telenormobil.no.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 77.247.108.15 | attack | 77.247.108.15 was recorded 7 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 7, 9, 478 |
2019-12-11 07:50:08 |
| 222.186.190.2 | attackspambots | SSH-BruteForce |
2019-12-11 08:23:09 |
| 132.145.218.241 | attackspambots | Dec 11 00:38:35 srv206 sshd[21223]: Invalid user jianxin from 132.145.218.241 ... |
2019-12-11 08:15:58 |
| 180.242.181.228 | attack | Unauthorized connection attempt from IP address 180.242.181.228 on Port 445(SMB) |
2019-12-11 07:51:39 |
| 182.61.36.38 | attackspam | Dec 10 21:45:09 pi sshd\[9381\]: Failed password for invalid user zaq789 from 182.61.36.38 port 46366 ssh2 Dec 10 21:50:58 pi sshd\[9723\]: Invalid user 123456 from 182.61.36.38 port 49296 Dec 10 21:50:58 pi sshd\[9723\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.36.38 Dec 10 21:51:00 pi sshd\[9723\]: Failed password for invalid user 123456 from 182.61.36.38 port 49296 ssh2 Dec 10 21:56:46 pi sshd\[10022\]: Invalid user wwwspeshul from 182.61.36.38 port 52212 ... |
2019-12-11 08:00:27 |
| 85.105.58.220 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 10-12-2019 18:15:15. |
2019-12-11 08:11:37 |
| 106.12.114.26 | attackspam | SSH bruteforce |
2019-12-11 08:25:54 |
| 51.255.173.245 | attackspam | Dec 10 23:37:32 heissa sshd\[1510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=245.ip-51-255-173.eu user=root Dec 10 23:37:34 heissa sshd\[1510\]: Failed password for root from 51.255.173.245 port 44758 ssh2 Dec 10 23:43:26 heissa sshd\[2615\]: Invalid user buratynski from 51.255.173.245 port 36484 Dec 10 23:43:26 heissa sshd\[2615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=245.ip-51-255-173.eu Dec 10 23:43:28 heissa sshd\[2615\]: Failed password for invalid user buratynski from 51.255.173.245 port 36484 ssh2 |
2019-12-11 08:08:01 |
| 195.170.179.113 | attackspambots | TCP Port Scanning |
2019-12-11 08:23:28 |
| 93.157.174.102 | attack | --- report --- Dec 10 20:41:54 sshd: Connection from 93.157.174.102 port 35436 Dec 10 20:41:59 sshd: Invalid user junsuk from 93.157.174.102 Dec 10 20:41:59 sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.157.174.102 Dec 10 20:41:59 sshd: reverse mapping checking getaddrinfo for 93-157-174-102.avk-wellcom.com [93.157.174.102] failed - POSSIBLE BREAK-IN ATTEMPT! Dec 10 20:42:01 sshd: Failed password for invalid user junsuk from 93.157.174.102 port 35436 ssh2 Dec 10 20:42:02 sshd: Received disconnect from 93.157.174.102: 11: Bye Bye [preauth] |
2019-12-11 08:27:40 |
| 112.85.42.194 | attackspam | Dec 11 00:41:14 srv206 sshd[21255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194 user=root Dec 11 00:41:16 srv206 sshd[21255]: Failed password for root from 112.85.42.194 port 49008 ssh2 ... |
2019-12-11 08:22:50 |
| 94.188.120.10 | attackbotsspam | Attempt to attack host OS, exploiting network vulnerabilities, on 10-12-2019 18:15:15. |
2019-12-11 08:11:04 |
| 159.65.77.254 | attack | Dec 11 00:36:48 wh01 sshd[24504]: Failed password for root from 159.65.77.254 port 40244 ssh2 Dec 11 00:36:48 wh01 sshd[24504]: Received disconnect from 159.65.77.254 port 40244:11: Bye Bye [preauth] Dec 11 00:36:48 wh01 sshd[24504]: Disconnected from 159.65.77.254 port 40244 [preauth] Dec 11 00:46:15 wh01 sshd[26478]: Failed password for root from 159.65.77.254 port 45112 ssh2 Dec 11 00:46:15 wh01 sshd[26478]: Received disconnect from 159.65.77.254 port 45112:11: Bye Bye [preauth] Dec 11 00:46:15 wh01 sshd[26478]: Disconnected from 159.65.77.254 port 45112 [preauth] Dec 11 00:51:14 wh01 sshd[26934]: Failed password for root from 159.65.77.254 port 52874 ssh2 Dec 11 00:51:14 wh01 sshd[26934]: Received disconnect from 159.65.77.254 port 52874:11: Bye Bye [preauth] Dec 11 00:51:14 wh01 sshd[26934]: Disconnected from 159.65.77.254 port 52874 [preauth] Dec 11 01:16:34 wh01 sshd[30365]: Invalid user nfs from 159.65.77.254 port 35398 Dec 11 01:16:34 wh01 sshd[30365]: Failed password for inva |
2019-12-11 08:27:53 |
| 70.186.146.138 | attackspam | Dec 10 23:56:20 nextcloud sshd\[26066\]: Invalid user cq from 70.186.146.138 Dec 10 23:56:20 nextcloud sshd\[26066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.186.146.138 Dec 10 23:56:22 nextcloud sshd\[26066\]: Failed password for invalid user cq from 70.186.146.138 port 53660 ssh2 ... |
2019-12-11 08:21:59 |
| 31.207.216.25 | attackspambots | Unauthorized connection attempt detected from IP address 31.207.216.25 to port 445 |
2019-12-11 08:17:06 |