84.48.9.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Norway

Internet Service Provider: NextGenTel AS

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 84.48.9.252 on Port 445(SMB)	2020-08-13 08:42:23
attackbotsspam	Unauthorized connection attempt from IP address 84.48.9.252 on Port 445(SMB)	2020-02-26 08:22:47
attackspambots	Unauthorized connection attempt detected from IP address 84.48.9.252 to port 445	2020-02-23 23:56:08
attackbots	Unauthorized connection attempt from IP address 84.48.9.252 on Port 445(SMB)	2020-02-12 22:09:23
attackspambots	Unauthorized connection attempt detected from IP address 84.48.9.252 to port 445	2019-12-17 13:36:14
attackbots	1576477456 - 12/16/2019 07:24:16 Host: 84.48.9.252/84.48.9.252 Port: 445 TCP Blocked	2019-12-16 20:54:33

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 84.48.9.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55942
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;84.48.9.252.			IN	A

;; AUTHORITY SECTION:
.			459	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121600 1800 900 604800 86400

;; Query time: 127 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 16 20:54:26 CST 2019
;; MSG SIZE  rcvd: 115

Host info

252.9.48.84.in-addr.arpa domain name pointer 252.84-48-9.nextgentel.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.9.48.84.in-addr.arpa	name = 252.84-48-9.nextgentel.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.69.44.193	attackbots	Sep 2 09:40:29 web9 sshd\[15877\]: Invalid user ts3 from 177.69.44.193 Sep 2 09:40:29 web9 sshd\[15877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.44.193 Sep 2 09:40:32 web9 sshd\[15877\]: Failed password for invalid user ts3 from 177.69.44.193 port 36091 ssh2 Sep 2 09:45:46 web9 sshd\[16891\]: Invalid user ubuntu from 177.69.44.193 Sep 2 09:45:46 web9 sshd\[16891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.44.193	2019-09-03 06:29:23
210.180.118.189	attackbots	WordPress brute force	2019-09-03 06:06:15
46.101.11.213	attackspam	Sep 2 22:35:57 debian sshd\[27634\]: Invalid user selma from 46.101.11.213 port 39128 Sep 2 22:35:57 debian sshd\[27634\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.11.213 ...	2019-09-03 06:18:22
54.39.138.251	attack	Sep 2 18:54:32 SilenceServices sshd[31849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 Sep 2 18:54:34 SilenceServices sshd[31849]: Failed password for invalid user main from 54.39.138.251 port 55748 ssh2 Sep 2 18:58:38 SilenceServices sshd[2438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251	2019-09-03 06:10:44
122.138.48.50	attack	Unauthorised access (Sep 2) SRC=122.138.48.50 LEN=40 TTL=49 ID=38404 TCP DPT=8080 WINDOW=9986 SYN Unauthorised access (Sep 2) SRC=122.138.48.50 LEN=40 TTL=49 ID=31981 TCP DPT=8080 WINDOW=14775 SYN	2019-09-03 06:23:20
104.160.10.250	attackspambots	NAME : RIPE + e-mail abuse : noc@interconnects.us CIDR : 104.160.0.0/19 \| STATUS : 403 {Looking for resource vulnerabilities} DDoS Attack NL - block certain countries :) IP: 104.160.10.250 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-03 06:17:28
209.182.232.52	attack	Sep 2 23:15:55 h2177944 sshd\[26373\]: Invalid user julia from 209.182.232.52 port 33776 Sep 2 23:15:55 h2177944 sshd\[26373\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.182.232.52 Sep 2 23:15:57 h2177944 sshd\[26373\]: Failed password for invalid user julia from 209.182.232.52 port 33776 ssh2 Sep 2 23:20:55 h2177944 sshd\[26424\]: Invalid user wesley from 209.182.232.52 port 52728 Sep 2 23:20:55 h2177944 sshd\[26424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.182.232.52 ...	2019-09-03 06:07:42
117.60.81.240	attackspambots	23/tcp [2019-09-02]1pkt	2019-09-03 06:04:53
49.88.112.114	attackspambots	Sep 2 23:50:27 rpi sshd[16952]: Failed password for root from 49.88.112.114 port 57160 ssh2 Sep 2 23:50:30 rpi sshd[16952]: Failed password for root from 49.88.112.114 port 57160 ssh2	2019-09-03 05:54:51
103.23.100.87	attackspam	2019-09-02T14:44:50.694948abusebot-7.cloudsearch.cf sshd\[21149\]: Invalid user mailman from 103.23.100.87 port 33594	2019-09-03 06:08:45
54.38.47.28	attackspambots	Sep 2 15:48:18 SilenceServices sshd[21662]: Failed password for root from 54.38.47.28 port 40102 ssh2 Sep 2 15:52:09 SilenceServices sshd[24481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.47.28 Sep 2 15:52:12 SilenceServices sshd[24481]: Failed password for invalid user jake from 54.38.47.28 port 56194 ssh2	2019-09-03 05:52:01
223.27.16.120	attackspam	[munged]::443 223.27.16.120 - - [02/Sep/2019:22:33:08 +0200] "POST /[munged]: HTTP/1.1" 200 6386 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 223.27.16.120 - - [02/Sep/2019:22:33:11 +0200] "POST /[munged]: HTTP/1.1" 200 6564 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 223.27.16.120 - - [02/Sep/2019:22:33:11 +0200] "POST /[munged]: HTTP/1.1" 200 6564 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 223.27.16.120 - - [02/Sep/2019:22:33:49 +0200] "POST /[munged]: HTTP/1.1" 200 6115 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 223.27.16.120 - - [02/Sep/2019:22:33:49 +0200] "POST /[munged]: HTTP/1.1" 200 6115 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 223.27.16.120 - - [02/Sep/2019:22:33:53 +0200] "POST /[munged]: HTTP/1.1" 200 6091 "-" "Mozilla/5.0 (X11; Ubun	2019-09-03 06:20:42
178.128.104.246	attackbots	Sep 2 11:51:34 hiderm sshd\[30267\]: Invalid user Justin from 178.128.104.246 Sep 2 11:51:34 hiderm sshd\[30267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.104.246 Sep 2 11:51:35 hiderm sshd\[30267\]: Failed password for invalid user Justin from 178.128.104.246 port 51546 ssh2 Sep 2 11:56:17 hiderm sshd\[30654\]: Invalid user vcsa from 178.128.104.246 Sep 2 11:56:17 hiderm sshd\[30654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.104.246	2019-09-03 06:13:19
187.207.137.29	attack	Sep 2 16:06:27 server sshd\[14452\]: Invalid user lxd from 187.207.137.29 port 35374 Sep 2 16:06:27 server sshd\[14452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.207.137.29 Sep 2 16:06:29 server sshd\[14452\]: Failed password for invalid user lxd from 187.207.137.29 port 35374 ssh2 Sep 2 16:11:20 server sshd\[9982\]: Invalid user www from 187.207.137.29 port 58244 Sep 2 16:11:20 server sshd\[9982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.207.137.29	2019-09-03 06:25:46
117.102.176.226	attackspam	Unauthorized SSH login attempts	2019-09-03 06:29:51

Recently Reported IPs

40.92.70.64	174.213.40.23	189.249.66.97	117.74.131.123
33.183.216.124	88.66.10.125	176.109.173.164	43.186.230.235
115.84.69.14	190.213.191.78	113.161.71.73	43.5.207.4
64.181.253.51	0.177.132.5	168.111.218.144	42.242.227.6
34.253.253.150	218.60.3.198	103.219.13.215	163.158.125.133