52.148.2.85 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
52.148.240.217	attackspam	Unauthorized connection attempt detected from IP address 52.148.240.217 to port 1433	2020-07-22 20:09:35
52.148.202.239	attack	Unauthorized connection attempt detected from IP address 52.148.202.239 to port 1433	2020-07-22 19:05:24
52.148.202.239	attack	Icarus honeypot on github	2020-07-21 23:52:11
52.148.202.239	attack	Invalid user alphanet from 52.148.202.239 port 26703	2020-07-18 19:48:51
52.148.254.76	attackspambots	SSH Brute-Force reported by Fail2Ban	2020-07-18 07:28:24
52.148.202.239	attackbots	$f2bV_matches	2020-07-16 18:01:10
52.148.254.76	attackspambots	Jul 15 15:09:20 main sshd[24954]: Failed password for invalid user admin from 52.148.254.76 port 16229 ssh2 Jul 15 18:19:46 main sshd[28563]: Failed password for invalid user eugenemolotov.ru from 52.148.254.76 port 47537 ssh2 Jul 15 18:19:46 main sshd[28564]: Failed password for invalid user eugenemolotov from 52.148.254.76 port 47536 ssh2	2020-07-16 04:32:59
52.148.202.239	attack	"fail2ban match"	2020-07-15 22:16:46
52.148.202.239	attackspam	2020-07-15T10:33:46.702081vps773228.ovh.net sshd[20303]: Invalid user admin from 52.148.202.239 port 19532 2020-07-15T10:33:46.718949vps773228.ovh.net sshd[20303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.148.202.239 2020-07-15T10:33:46.702081vps773228.ovh.net sshd[20303]: Invalid user admin from 52.148.202.239 port 19532 2020-07-15T10:33:48.745866vps773228.ovh.net sshd[20303]: Failed password for invalid user admin from 52.148.202.239 port 19532 ssh2 2020-07-15T12:44:16.301909vps773228.ovh.net sshd[21890]: Invalid user admin from 52.148.202.239 port 7235 ...	2020-07-15 18:53:26
52.148.254.76	attackspam	Jul 15 04:31:08 * sshd[32580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.148.254.76 Jul 15 04:31:10 * sshd[32580]: Failed password for invalid user admin from 52.148.254.76 port 2869 ssh2	2020-07-15 10:34:18
52.148.202.239	attackbotsspam	Jun 30 20:39:11 rancher-0 sshd[60772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.148.202.239 user=root Jun 30 20:39:14 rancher-0 sshd[60772]: Failed password for root from 52.148.202.239 port 11954 ssh2 ...	2020-07-01 15:25:14
52.148.202.239	attackspambots	2020-06-28T06:59:13.513631Z 98608030dd06 New connection: 52.148.202.239:27258 (172.17.0.2:2222) [session: 98608030dd06] 2020-06-28T07:54:32.327559Z 5a266b3d829d New connection: 52.148.202.239:14177 (172.17.0.2:2222) [session: 5a266b3d829d]	2020-06-28 15:56:29
52.148.202.239	attack	Lines containing failures of 52.148.202.239 Jun 25 19:04:47 linuxrulz sshd[6988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.148.202.239 user=r.r Jun 25 19:04:47 linuxrulz sshd[6987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.148.202.239 user=r.r Jun 25 19:04:49 linuxrulz sshd[6988]: Failed password for r.r from 52.148.202.239 port 48717 ssh2 Jun 25 19:04:49 linuxrulz sshd[6987]: Failed password for r.r from 52.148.202.239 port 48716 ssh2 Jun 25 19:04:50 linuxrulz sshd[6988]: Received disconnect from 52.148.202.239 port 48717:11: Client disconnecting normally [preauth] Jun 25 19:04:50 linuxrulz sshd[6988]: Disconnected from authenticating user r.r 52.148.202.239 port 48717 [preauth] Jun 25 19:04:50 linuxrulz sshd[6987]: Received disconnect from 52.148.202.239 port 48716:11: Client disconnecting normally [preauth] Jun 25 19:04:50 linuxrulz sshd[6987]: Disconnected from authe........ ------------------------------	2020-06-27 18:15:21
52.148.209.177	attackbots	Lines containing failures of 52.148.209.177 Jun 16 03:01:15 neweola sshd[23624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.148.209.177 user=r.r Jun 16 03:01:17 neweola sshd[23624]: Failed password for r.r from 52.148.209.177 port 53172 ssh2 Jun 16 03:01:19 neweola sshd[23624]: Received disconnect from 52.148.209.177 port 53172:11: Bye Bye [preauth] Jun 16 03:01:19 neweola sshd[23624]: Disconnected from authenticating user r.r 52.148.209.177 port 53172 [preauth] Jun 16 03:13:06 neweola sshd[24287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.148.209.177 user=r.r Jun 16 03:13:08 neweola sshd[24287]: Failed password for r.r from 52.148.209.177 port 32960 ssh2 Jun 16 03:13:10 neweola sshd[24287]: Received disconnect from 52.148.209.177 port 32960:11: Bye Bye [preauth] Jun 16 03:13:10 neweola sshd[24287]: Disconnected from authenticating user r.r 52.148.209.177 port 32960 [preaut........ ------------------------------	2020-06-16 20:44:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.148.2.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22026
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.148.2.85.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021200 1800 900 604800 86400

;; Query time: 198 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 18:26:53 CST 2025
;; MSG SIZE  rcvd: 104

Host info

Host 85.2.148.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 85.2.148.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.99.216.171	attackbotsspam	...	2020-05-05 07:19:26
121.227.80.111	attackbots	sshd	2020-05-05 07:36:06
69.162.127.162	attack	firewall-block, port(s): 8089/tcp	2020-05-05 07:03:17
34.82.49.225	attack	SASL PLAIN auth failed: ruser=...	2020-05-05 07:06:44
95.165.163.188	attackspam	Brute force attack stopped by firewall	2020-05-05 07:17:12
58.87.68.226	attackbots	2020-05-04T22:08:20.913415ns386461 sshd\[29657\]: Invalid user link from 58.87.68.226 port 15737 2020-05-04T22:08:20.917755ns386461 sshd\[29657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.68.226 2020-05-04T22:08:22.898578ns386461 sshd\[29657\]: Failed password for invalid user link from 58.87.68.226 port 15737 ssh2 2020-05-04T22:24:25.641141ns386461 sshd\[12266\]: Invalid user gituser from 58.87.68.226 port 10070 2020-05-04T22:24:25.645492ns386461 sshd\[12266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.68.226 ...	2020-05-05 07:11:21
138.197.179.111	attackspam	2020-05-04T18:42:02.2017951495-001 sshd[52030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 2020-05-04T18:42:02.1933101495-001 sshd[52030]: Invalid user btm from 138.197.179.111 port 36734 2020-05-04T18:42:03.8705881495-001 sshd[52030]: Failed password for invalid user btm from 138.197.179.111 port 36734 ssh2 2020-05-04T18:45:54.2435191495-001 sshd[52246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 user=root 2020-05-04T18:45:56.4289721495-001 sshd[52246]: Failed password for root from 138.197.179.111 port 45740 ssh2 2020-05-04T18:49:25.5510541495-001 sshd[52426]: Invalid user natasa from 138.197.179.111 port 54748 ...	2020-05-05 07:39:18
185.244.151.102	attackspambots	DNS QUERY AMPLIFICATION ATTEMPT	2020-05-05 07:23:01
139.199.0.28	attackbotsspam	May 5 00:42:44 hosting sshd[13108]: Invalid user ftpuser from 139.199.0.28 port 54696 ...	2020-05-05 06:59:38
87.163.53.146	attack	$f2bV_matches	2020-05-05 07:14:53
129.28.150.45	attackspam	May 5 00:02:44 OPSO sshd\[30622\]: Invalid user deploy from 129.28.150.45 port 53684 May 5 00:02:44 OPSO sshd\[30622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.150.45 May 5 00:02:45 OPSO sshd\[30622\]: Failed password for invalid user deploy from 129.28.150.45 port 53684 ssh2 May 5 00:05:40 OPSO sshd\[31295\]: Invalid user www from 129.28.150.45 port 58822 May 5 00:05:40 OPSO sshd\[31295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.150.45	2020-05-05 07:27:54
165.227.114.134	attackbotsspam	May 4 23:35:52 home sshd[4963]: Failed password for root from 165.227.114.134 port 38530 ssh2 May 4 23:39:31 home sshd[5628]: Failed password for root from 165.227.114.134 port 46998 ssh2 ...	2020-05-05 07:21:58
106.12.133.103	attackspam	SSH Invalid Login	2020-05-05 07:13:18
120.210.134.49	attack	May 5 01:13:16 mout sshd[15957]: Invalid user administrator from 120.210.134.49 port 41958	2020-05-05 07:33:42
49.234.182.55	attack	SASL PLAIN auth failed: ruser=...	2020-05-05 07:18:00

Recently Reported IPs

107.204.52.183	142.199.53.82	165.116.203.142	13.43.67.35
56.3.10.137	245.235.96.115	95.35.51.151	81.235.26.104
182.131.51.212	219.209.127.102	201.239.255.117	18.7.87.80
5.91.88.50	84.151.178.103	72.232.157.132	43.42.102.128
128.162.35.130	170.54.15.97	108.212.146.208	42.46.217.165