85.166.167.148

Basic Info

City: Moss

Region: unknown

Country: Norway

Internet Service Provider: Telenor

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.166.167.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6456
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;85.166.167.148.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025030601 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 07 08:00:23 CST 2025
;; MSG SIZE  rcvd: 107

Host info

148.167.166.85.in-addr.arpa domain name pointer ti0117a400-7294.bb.online.no.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.167.166.85.in-addr.arpa	name = ti0117a400-7294.bb.online.no.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.231.10	attackspambots	Fail2Ban	2020-10-11 23:47:39
106.13.80.167	attackspambots	2020-10-11T08:19:27.040842kitsunetech sshd[10146]: Invalid user henrik from 106.13.80.167 port 38640	2020-10-11 23:57:17
142.44.211.27	attackbotsspam	$f2bV_matches	2020-10-11 23:26:43
191.36.200.147	attackspambots	polres 191.36.200.147 [11/Oct/2020:04:15:20 "-" "POST /xmlrpc.php 200 459 191.36.200.147 [11/Oct/2020:11:46:08 "-" "POST /xmlrpc.php 200 459 191.36.200.147 [11/Oct/2020:12:46:23 "-" "POST /xmlrpc.php 200 490	2020-10-11 23:51:17
182.254.166.97	attackspambots	2020-10-11T15:57:10+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-10-11 23:22:12
61.155.233.234	attack	Bruteforce detected by fail2ban	2020-10-11 23:30:32
213.92.250.18	attackbots	Use Brute-Force	2020-10-11 23:52:54
218.92.0.172	attack	Oct 11 17:45:33 sso sshd[8847]: Failed password for root from 218.92.0.172 port 38858 ssh2 Oct 11 17:45:43 sso sshd[8847]: Failed password for root from 218.92.0.172 port 38858 ssh2 ...	2020-10-11 23:50:22
51.79.161.170	attack	2020-10-11T08:09:16.672042centos sshd[13851]: Failed password for root from 51.79.161.170 port 34376 ssh2 2020-10-11T08:10:05.865381centos sshd[13959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.161.170 user=root 2020-10-11T08:10:07.648037centos sshd[13959]: Failed password for root from 51.79.161.170 port 44142 ssh2 ...	2020-10-11 23:53:57
125.133.32.189	attackbotsspam	Lines containing failures of 125.133.32.189 Oct 8 21:57:15 penfold sshd[16363]: Invalid user adm from 125.133.32.189 port 1758 Oct 8 21:57:15 penfold sshd[16363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.133.32.189 Oct 8 21:57:17 penfold sshd[16363]: Failed password for invalid user adm from 125.133.32.189 port 1758 ssh2 Oct 8 21:57:19 penfold sshd[16363]: Received disconnect from 125.133.32.189 port 1758:11: Bye Bye [preauth] Oct 8 21:57:19 penfold sshd[16363]: Disconnected from invalid user adm 125.133.32.189 port 1758 [preauth] Oct 8 22:07:57 penfold sshd[17026]: Invalid user operator from 125.133.32.189 port 60865 Oct 8 22:07:57 penfold sshd[17026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.133.32.189 Oct 8 22:07:58 penfold sshd[17026]: Failed password for invalid user operator from 125.133.32.189 port 60865 ssh2 Oct 8 22:07:59 penfold sshd[17026]: Received........ ------------------------------	2020-10-11 23:32:44
51.255.173.222	attackbots	Oct 11 17:25:32 Server sshd[586403]: Invalid user yonik from 51.255.173.222 port 41178 Oct 11 17:25:34 Server sshd[586403]: Failed password for invalid user yonik from 51.255.173.222 port 41178 ssh2 Oct 11 17:28:25 Server sshd[586689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.173.222 user=root Oct 11 17:28:27 Server sshd[586689]: Failed password for root from 51.255.173.222 port 60628 ssh2 Oct 11 17:31:16 Server sshd[586956]: Invalid user moon from 51.255.173.222 port 51842 ...	2020-10-11 23:33:16
45.45.21.189	attack	srvr2: (mod_security) mod_security (id:920350) triggered by 45.45.21.189 (CA/-/modemcable189.21-45-45.mc.videotron.ca): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/10 22:46:28 [error] 201616#0: 5361 [client 45.45.21.189] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "16023627889.799352"] [ref "o0,18v21,18"], client: 45.45.21.189, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-11 23:36:01
177.134.162.97	attackbots	Oct 11 13:30:28 localhost sshd[94586]: Invalid user admin from 177.134.162.97 port 51068 Oct 11 13:30:28 localhost sshd[94586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.134.162.97 Oct 11 13:30:28 localhost sshd[94586]: Invalid user admin from 177.134.162.97 port 51068 Oct 11 13:30:31 localhost sshd[94586]: Failed password for invalid user admin from 177.134.162.97 port 51068 ssh2 Oct 11 13:36:46 localhost sshd[95364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.134.162.97 user=root Oct 11 13:36:48 localhost sshd[95364]: Failed password for root from 177.134.162.97 port 55291 ssh2 ...	2020-10-11 23:20:46
45.150.206.113	attack	2020-10-11 17:27:39 dovecot_login authenticator failed for $\[45.150.206.113\]$ \[45.150.206.113\]: 535 Incorrect authentication data $set_id=remo.martinoli@opso.it$ 2020-10-11 17:27:47 dovecot_login authenticator failed for $\[45.150.206.113\]$ \[45.150.206.113\]: 535 Incorrect authentication data $set_id=remo.martinoli$ 2020-10-11 17:34:08 dovecot_login authenticator failed for $\[45.150.206.113\]$ \[45.150.206.113\]: 535 Incorrect authentication data $set_id=bt@opso.it$ 2020-10-11 17:34:16 dovecot_login authenticator failed for $\[45.150.206.113\]$ \[45.150.206.113\]: 535 Incorrect authentication data 2020-10-11 17:34:25 dovecot_login authenticator failed for $\[45.150.206.113\]$ \[45.150.206.113\]: 535 Incorrect authentication data	2020-10-11 23:39:26
189.127.144.22	attack	20/10/11@07:58:21: FAIL: IoT-Telnet address from=189.127.144.22 ...	2020-10-12 00:04:23

Recently Reported IPs

172.117.91.145	177.208.153.115	199.130.41.58	226.34.101.56
45.213.124.98	101.232.90.208	7.254.43.45	73.106.116.201
81.148.221.103	68.148.196.188	217.92.241.73	132.202.70.115
83.172.82.2	144.5.192.104	49.81.129.86	208.144.225.195
62.195.119.88	171.142.78.76	251.213.144.27	141.226.243.44