78.85.48.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
78.85.48.225	attackspambots	Unauthorized connection attempt from IP address 78.85.48.225 on Port 445(SMB)	2020-08-01 06:23:46
78.85.48.201	attack	Automatic report - Port Scan Attack	2020-07-16 15:06:43
78.85.48.86	attack	Honeypot attack, port: 445, PTR: a86.sub48.net78.udm.net.	2020-06-06 11:13:53
78.85.48.86	attackspambots	20/6/3@07:57:29: FAIL: Alarm-Intrusion address from=78.85.48.86 ...	2020-06-03 20:21:23
78.85.48.225	attack	Port Scan	2020-05-30 01:37:17
78.85.48.221	attackbots	Unauthorized connection attempt from IP address 78.85.48.221 on Port 445(SMB)	2020-04-24 01:29:32
78.85.48.55	attackbots	1582813527 - 02/27/2020 15:25:27 Host: 78.85.48.55/78.85.48.55 Port: 445 TCP Blocked	2020-02-28 00:57:25
78.85.48.198	attackspam	Honeypot attack, port: 445, PTR: a198.sub48.net78.udm.net.	2020-02-08 21:20:44
78.85.48.76	attack	Unauthorized connection attempt from IP address 78.85.48.76 on Port 445(SMB)	2019-12-16 06:24:39
78.85.48.130	attack	Port Scan: TCP/445	2019-09-14 10:51:42
78.85.48.7	attackspam	Honeypot attack, port: 445, PTR: a7.sub48.net78.udm.net.	2019-08-09 18:59:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 78.85.48.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15883
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;78.85.48.48.			IN	A

;; AUTHORITY SECTION:
.			127	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 09:12:51 CST 2022
;; MSG SIZE  rcvd: 104

Host info

48.48.85.78.in-addr.arpa domain name pointer a48.sub48.net78.udm.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.48.85.78.in-addr.arpa	name = a48.sub48.net78.udm.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.229.128.136	attackbotsspam	SSH invalid-user multiple login try	2020-05-29 13:37:19
23.129.64.184	attackspam	Unauthorized connection attempt IP: 23.129.64.184 Ports affected Simple Mail Transfer (25) Message Submission (587) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS396507 EMERALD-ONION United States (US) CIDR 23.129.64.0/24 Log Date: 29/05/2020 3:55:01 AM UTC	2020-05-29 13:43:14
3.6.222.2	attackbotsspam	Unauthorized connection attempt detected from IP address 3.6.222.2 to port 23	2020-05-29 13:50:33
157.245.122.248	attackbotsspam	Invalid user amavis from 157.245.122.248 port 41934	2020-05-29 14:08:57
202.185.199.64	attackspam	$f2bV_matches	2020-05-29 13:47:25
132.148.167.225	attack	132.148.167.225 - - \[29/May/2020:05:55:04 +0200\] "POST /wp-login.php HTTP/1.0" 200 5674 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 132.148.167.225 - - \[29/May/2020:05:55:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 5644 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 132.148.167.225 - - \[29/May/2020:05:55:07 +0200\] "POST /wp-login.php HTTP/1.0" 200 5676 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-29 13:31:19
123.206.69.81	attack	May 29 05:02:25 ip-172-31-62-245 sshd\[5701\]: Invalid user ftp-user from 123.206.69.81\ May 29 05:02:27 ip-172-31-62-245 sshd\[5701\]: Failed password for invalid user ftp-user from 123.206.69.81 port 34163 ssh2\ May 29 05:06:18 ip-172-31-62-245 sshd\[5759\]: Invalid user yanari123 from 123.206.69.81\ May 29 05:06:20 ip-172-31-62-245 sshd\[5759\]: Failed password for invalid user yanari123 from 123.206.69.81 port 60444 ssh2\ May 29 05:10:16 ip-172-31-62-245 sshd\[5881\]: Invalid user pardeep from 123.206.69.81\	2020-05-29 13:26:14
37.148.69.214	attackspambots	Automatic report - Port Scan Attack	2020-05-29 13:35:43
193.169.212.37	attackbots	SpamScore above: 10.0	2020-05-29 13:47:56
120.92.42.123	attackbotsspam	$f2bV_matches	2020-05-29 13:29:42
23.129.64.194	attackspambots	Unauthorized connection attempt IP: 23.129.64.194 Ports affected Simple Mail Transfer (25) Message Submission (587) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS396507 EMERALD-ONION United States (US) CIDR 23.129.64.0/24 Log Date: 29/05/2020 3:55:31 AM UTC	2020-05-29 13:30:22
193.169.212.17	attackbots	SpamScore above: 10.0	2020-05-29 13:48:17
192.99.31.122	attackspam	192.99.31.122 - - \[29/May/2020:05:54:23 +0200\] "POST /wp-login.php HTTP/1.0" 200 2797 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 192.99.31.122 - - \[29/May/2020:05:54:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 2796 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 192.99.31.122 - - \[29/May/2020:05:54:27 +0200\] "POST /wp-login.php HTTP/1.0" 200 2771 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-29 14:05:21
178.128.242.233	attackspam	May 29 06:19:39 h2779839 sshd[19557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.242.233 user=root May 29 06:19:41 h2779839 sshd[19557]: Failed password for root from 178.128.242.233 port 42610 ssh2 May 29 06:20:41 h2779839 sshd[19587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.242.233 user=root May 29 06:20:43 h2779839 sshd[19587]: Failed password for root from 178.128.242.233 port 60570 ssh2 May 29 06:21:42 h2779839 sshd[19618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.242.233 user=root May 29 06:21:44 h2779839 sshd[19618]: Failed password for root from 178.128.242.233 port 50298 ssh2 May 29 06:22:46 h2779839 sshd[19644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.242.233 user=root May 29 06:22:47 h2779839 sshd[19644]: Failed password for root from 178.128.242.233 port ...	2020-05-29 13:30:46
182.61.187.60	attack	20 attempts against mh-ssh on cloud	2020-05-29 13:45:55

Recently Reported IPs

78.85.216.79	78.85.5.133	78.85.251.179	78.87.239.16
78.87.216.202	78.87.128.146	78.87.27.122	78.9.72.87
78.87.220.141	78.88.224.175	78.92.250.93	78.92.48.140
78.92.170.193	78.92.54.31	78.95.12.233	78.96.99.61
78.98.130.165	78.99.111.116	78.99.32.212	78.97.229.194