78.85.48.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
78.85.48.225	attackspambots	Unauthorized connection attempt from IP address 78.85.48.225 on Port 445(SMB)	2020-08-01 06:23:46
78.85.48.201	attack	Automatic report - Port Scan Attack	2020-07-16 15:06:43
78.85.48.86	attack	Honeypot attack, port: 445, PTR: a86.sub48.net78.udm.net.	2020-06-06 11:13:53
78.85.48.86	attackspambots	20/6/3@07:57:29: FAIL: Alarm-Intrusion address from=78.85.48.86 ...	2020-06-03 20:21:23
78.85.48.225	attack	Port Scan	2020-05-30 01:37:17
78.85.48.221	attackbots	Unauthorized connection attempt from IP address 78.85.48.221 on Port 445(SMB)	2020-04-24 01:29:32
78.85.48.55	attackbots	1582813527 - 02/27/2020 15:25:27 Host: 78.85.48.55/78.85.48.55 Port: 445 TCP Blocked	2020-02-28 00:57:25
78.85.48.198	attackspam	Honeypot attack, port: 445, PTR: a198.sub48.net78.udm.net.	2020-02-08 21:20:44
78.85.48.76	attack	Unauthorized connection attempt from IP address 78.85.48.76 on Port 445(SMB)	2019-12-16 06:24:39
78.85.48.130	attack	Port Scan: TCP/445	2019-09-14 10:51:42
78.85.48.7	attackspam	Honeypot attack, port: 445, PTR: a7.sub48.net78.udm.net.	2019-08-09 18:59:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 78.85.48.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15883
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;78.85.48.48.			IN	A

;; AUTHORITY SECTION:
.			127	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 09:12:51 CST 2022
;; MSG SIZE  rcvd: 104

Host info

48.48.85.78.in-addr.arpa domain name pointer a48.sub48.net78.udm.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.48.85.78.in-addr.arpa	name = a48.sub48.net78.udm.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.154.136.224	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: 195-154-136-224.rev.poneytelecom.eu.	2019-11-18 03:39:35
203.91.114.6	attackspambots	Nov 17 18:49:47 microserver sshd[15959]: Invalid user stansberry from 203.91.114.6 port 48042 Nov 17 18:49:47 microserver sshd[15959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.91.114.6 Nov 17 18:49:49 microserver sshd[15959]: Failed password for invalid user stansberry from 203.91.114.6 port 48042 ssh2 Nov 17 18:54:43 microserver sshd[16650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.91.114.6 user=root Nov 17 18:54:45 microserver sshd[16650]: Failed password for root from 203.91.114.6 port 56420 ssh2 Nov 17 19:09:43 microserver sshd[18723]: Invalid user ce from 203.91.114.6 port 53178 Nov 17 19:09:43 microserver sshd[18723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.91.114.6 Nov 17 19:09:45 microserver sshd[18723]: Failed password for invalid user ce from 203.91.114.6 port 53178 ssh2 Nov 17 19:14:46 microserver sshd[19414]: Invalid user marzullo from 203.91.11	2019-11-18 03:35:25
112.186.77.86	attackbots	2019-11-17T17:44:17.432433abusebot-5.cloudsearch.cf sshd\[8626\]: Invalid user bjorn from 112.186.77.86 port 36530	2019-11-18 03:15:08
51.38.232.93	attackspambots	2019-11-17T15:39:49.419903centos sshd\[983\]: Invalid user info from 51.38.232.93 port 51896 2019-11-17T15:39:49.426737centos sshd\[983\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.ip-51-38-232.eu 2019-11-17T15:39:51.879408centos sshd\[983\]: Failed password for invalid user info from 51.38.232.93 port 51896 ssh2	2019-11-18 03:16:52
185.143.223.114	attack	firewall-block, port(s): 2900/tcp, 2929/tcp, 3355/tcp, 9065/tcp, 10185/tcp, 11211/tcp, 18330/tcp, 23932/tcp, 29554/tcp, 41614/tcp, 54398/tcp, 61500/tcp	2019-11-18 03:03:43
51.38.57.78	attack	Nov 17 18:02:01 jane sshd[5821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.57.78 Nov 17 18:02:03 jane sshd[5821]: Failed password for invalid user iamsemon from 51.38.57.78 port 48052 ssh2 ...	2019-11-18 03:10:32
222.74.186.186	attack	404 NOT FOUND	2019-11-18 03:09:23
139.192.214.207	attack	LGS,WP GET /wp-login.php	2019-11-18 03:04:29
1.169.66.178	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/1.169.66.178/ TW - 1H : (157) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 1.169.66.178 CIDR : 1.169.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 ATTACKS DETECTED ASN3462 : 1H - 3 3H - 13 6H - 25 12H - 54 24H - 131 DateTime : 2019-11-17 15:39:30 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-18 03:34:40
103.127.21.222	attack	Telnetd brute force attack detected by fail2ban	2019-11-18 03:23:50
218.24.45.75	attack	218.24.45.75 was recorded 5 times by 5 hosts attempting to connect to the following ports: 8080. Incident counter (4h, 24h, all-time): 5, 5, 156	2019-11-18 03:31:14
95.110.28.234	attackspam	Telnet/23 MH Probe, BF, Hack -	2019-11-18 03:14:28
95.110.46.173	attack	Telnet/23 MH Probe, BF, Hack -	2019-11-18 03:13:42
129.211.10.228	attackbots	Nov 17 17:59:40 mail sshd[27917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 user=mysql Nov 17 17:59:42 mail sshd[27917]: Failed password for mysql from 129.211.10.228 port 17688 ssh2 Nov 17 18:18:42 mail sshd[30443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 user=root Nov 17 18:18:45 mail sshd[30443]: Failed password for root from 129.211.10.228 port 9764 ssh2 Nov 17 18:23:11 mail sshd[30925]: Invalid user intraweb from 129.211.10.228 ...	2019-11-18 03:29:40
45.225.126.89	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/45.225.126.89/ BR - 1H : (371) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN266936 IP : 45.225.126.89 CIDR : 45.225.126.0/23 PREFIX COUNT : 2 UNIQUE IP COUNT : 1024 ATTACKS DETECTED ASN266936 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-17 15:39:31 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-18 03:33:20

Recently Reported IPs

78.85.216.79	78.85.5.133	78.85.251.179	78.87.239.16
78.87.216.202	78.87.128.146	78.87.27.122	78.9.72.87
78.87.220.141	78.88.224.175	78.92.250.93	78.92.48.140
78.92.170.193	78.92.54.31	78.95.12.233	78.96.99.61
78.98.130.165	78.99.111.116	78.99.32.212	78.97.229.194