84.48.9.250 - IPInfo

Basic Info

City: Oslo

Region: Oslo County

Country: Norway

Internet Service Provider: unknown

Hostname: unknown

Organization: NextGenTel AS

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
84.48.9.252	attackspam	Unauthorized connection attempt from IP address 84.48.9.252 on Port 445(SMB)	2020-08-13 08:42:23
84.48.9.252	attackbotsspam	Unauthorized connection attempt from IP address 84.48.9.252 on Port 445(SMB)	2020-02-26 08:22:47
84.48.9.252	attackspambots	Unauthorized connection attempt detected from IP address 84.48.9.252 to port 445	2020-02-23 23:56:08
84.48.9.252	attackbots	Unauthorized connection attempt from IP address 84.48.9.252 on Port 445(SMB)	2020-02-12 22:09:23
84.48.9.252	attackspambots	Unauthorized connection attempt detected from IP address 84.48.9.252 to port 445	2019-12-17 13:36:14
84.48.9.252	attackbots	1576477456 - 12/16/2019 07:24:16 Host: 84.48.9.252/84.48.9.252 Port: 445 TCP Blocked	2019-12-16 20:54:33

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 84.48.9.250
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21098
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;84.48.9.250.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042800 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 28 19:37:35 +08 2019
;; MSG SIZE  rcvd: 115

Host info

250.9.48.84.in-addr.arpa domain name pointer 250.84-48-9.nextgentel.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
250.9.48.84.in-addr.arpa	name = 250.84-48-9.nextgentel.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.64.77.62	attackbots	'IP reached maximum auth failures for a one day block'	2020-06-09 20:58:23
176.113.71.30	attackbotsspam	" "	2020-06-09 21:06:10
113.210.70.75	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-09 21:29:29
132.145.34.191	attackbotsspam	Jun 9 07:14:16 zimbra sshd[23918]: Invalid user xfs from 132.145.34.191 Jun 9 07:14:16 zimbra sshd[23918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.34.191 Jun 9 07:14:18 zimbra sshd[23918]: Failed password for invalid user xfs from 132.145.34.191 port 51800 ssh2 Jun 9 07:14:18 zimbra sshd[23918]: Received disconnect from 132.145.34.191 port 51800:11: Bye Bye [preauth] Jun 9 07:14:18 zimbra sshd[23918]: Disconnected from 132.145.34.191 port 51800 [preauth] Jun 9 07:19:15 zimbra sshd[27411]: Invalid user mc3 from 132.145.34.191 Jun 9 07:19:15 zimbra sshd[27411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.34.191 Jun 9 07:19:17 zimbra sshd[27411]: Failed password for invalid user mc3 from 132.145.34.191 port 48110 ssh2 Jun 9 07:19:17 zimbra sshd[27411]: Received disconnect from 132.145.34.191 port 48110:11: Bye Bye [preauth] Jun 9 07:19:17 zimbra sshd[27411]........ -------------------------------	2020-06-09 20:57:41
218.92.0.175	attackspam	$f2bV_matches	2020-06-09 21:36:49
34.80.113.205	attackbots	Jun 9 16:05:10 ift sshd\[47772\]: Failed password for root from 34.80.113.205 port 34756 ssh2Jun 9 16:05:31 ift sshd\[47870\]: Failed password for root from 34.80.113.205 port 56786 ssh2Jun 9 16:05:48 ift sshd\[47882\]: Invalid user test from 34.80.113.205Jun 9 16:05:50 ift sshd\[47882\]: Failed password for invalid user test from 34.80.113.205 port 50524 ssh2Jun 9 16:06:08 ift sshd\[47895\]: Invalid user redhat from 34.80.113.205 ...	2020-06-09 21:18:32
46.19.139.34	attackbots	1 attempts against mh-modsecurity-ban on pluto	2020-06-09 21:24:02
14.116.216.176	attack	2020-06-09T12:54:47.412810shield sshd\[23162\]: Invalid user finik from 14.116.216.176 port 60432 2020-06-09T12:54:47.416395shield sshd\[23162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.116.216.176 2020-06-09T12:54:49.681338shield sshd\[23162\]: Failed password for invalid user finik from 14.116.216.176 port 60432 ssh2 2020-06-09T12:58:43.521613shield sshd\[24866\]: Invalid user spotlight from 14.116.216.176 port 54339 2020-06-09T12:58:43.525847shield sshd\[24866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.116.216.176	2020-06-09 21:15:05
178.32.1.47	attackspambots	2020-06-09T12:02:38.934335abusebot.cloudsearch.cf sshd[26025]: Invalid user jdg from 178.32.1.47 port 36514 2020-06-09T12:02:38.941675abusebot.cloudsearch.cf sshd[26025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip47.ip-178-32-1.eu 2020-06-09T12:02:38.934335abusebot.cloudsearch.cf sshd[26025]: Invalid user jdg from 178.32.1.47 port 36514 2020-06-09T12:02:40.984169abusebot.cloudsearch.cf sshd[26025]: Failed password for invalid user jdg from 178.32.1.47 port 36514 ssh2 2020-06-09T12:06:48.756107abusebot.cloudsearch.cf sshd[26311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip47.ip-178-32-1.eu user=root 2020-06-09T12:06:50.788677abusebot.cloudsearch.cf sshd[26311]: Failed password for root from 178.32.1.47 port 37858 ssh2 2020-06-09T12:10:54.504303abusebot.cloudsearch.cf sshd[26581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip47.ip-178-32-1.eu user= ...	2020-06-09 21:12:08
167.71.9.180	attackspam	$f2bV_matches	2020-06-09 21:32:20
185.100.87.245	attackbots	Accessing a honeypot website	2020-06-09 21:28:17
209.97.175.191	attackbotsspam	209.97.175.191 - - [09/Jun/2020:14:07:43 +0200] "GET /wp-login.php HTTP/1.1" 200 6521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.175.191 - - [09/Jun/2020:14:07:46 +0200] "POST /wp-login.php HTTP/1.1" 200 6772 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.175.191 - - [09/Jun/2020:14:07:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-09 21:35:20
180.76.163.31	attack	SSH/22 MH Probe, BF, Hack -	2020-06-09 21:05:39
23.82.140.85	attackbots	Jun 9 15:18:47 debian-2gb-nbg1-2 kernel: \[13967462.103306\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=23.82.140.85 DST=195.201.40.59 LEN=52 TOS=0x02 PREC=0x00 TTL=118 ID=62035 DF PROTO=TCP SPT=51107 DPT=3389 WINDOW=64240 RES=0x00 CWR ECE SYN URGP=0	2020-06-09 21:33:54
218.92.0.184	attack	Jun 9 15:01:43 host sshd\[23121\]: Unable to negotiate with 218.92.0.184 port 46218: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 \[preauth\]	2020-06-09 21:02:20

Recently Reported IPs

152.242.113.170	81.22.45.160	102.143.213.92	14.59.186.50
111.145.237.101	166.241.28.219	115.230.124.103	113.172.9.220
105.178.108.234	179.230.161.216	201.217.144.21	183.74.32.198
37.224.110.61	52.203.9.182	162.198.46.115	177.200.80.190
36.217.57.86	128.176.3.91	175.71.176.225	208.5.0.208