85.10.21.212 - IPInfo

Basic Info

City: Slovenj Gradec

Region: Slovenj Gradec

Country: Slovenia

Internet Service Provider: Reverse Delegation for A1 Slovenija

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	DATE:2020-05-07 19:20:34, IP:85.10.21.212, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-08 03:38:42
attackspambots	Automatic report - Port Scan Attack	2020-04-25 05:34:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.10.21.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47048
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.10.21.212.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042401 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 05:34:37 CST 2020
;; MSG SIZE  rcvd: 116

Host info

212.21.10.85.in-addr.arpa domain name pointer cpe-85-10-21-212.static.amis.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
212.21.10.85.in-addr.arpa	name = cpe-85-10-21-212.static.amis.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.116.150.230	attackspam	Jun 4 23:36:58 cloud sshd[2857]: Failed password for root from 14.116.150.230 port 41328 ssh2	2020-06-05 07:42:04
193.29.15.169	attackspam	Port scanning [7 denied]	2020-06-05 07:59:58
85.239.35.161	attack	(sshd) Failed SSH login from 85.239.35.161 (RU/Russia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 5 00:48:47 amsweb01 sshd[31520]: Did not receive identification string from 85.239.35.161 port 53942 Jun 5 00:48:47 amsweb01 sshd[31519]: Did not receive identification string from 85.239.35.161 port 34832 Jun 5 00:48:57 amsweb01 sshd[31527]: Invalid user user from 85.239.35.161 port 36194 Jun 5 00:48:58 amsweb01 sshd[31521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.239.35.161 user=admin Jun 5 00:48:59 amsweb01 sshd[31522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.239.35.161 user=admin	2020-06-05 07:30:51
146.0.51.100	attackspam	firewall-block, port(s): 3389/tcp	2020-06-05 07:38:22
45.251.47.21	attack	(sshd) Failed SSH login from 45.251.47.21 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 4 22:13:35 elude sshd[29306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.251.47.21 user=root Jun 4 22:13:38 elude sshd[29306]: Failed password for root from 45.251.47.21 port 43252 ssh2 Jun 4 22:18:16 elude sshd[30020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.251.47.21 user=root Jun 4 22:18:18 elude sshd[30020]: Failed password for root from 45.251.47.21 port 52140 ssh2 Jun 4 22:20:32 elude sshd[30370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.251.47.21 user=root	2020-06-05 07:27:26
194.61.27.246	attackbotsspam	3390/tcp 3389/tcp... [2020-04-09/06-04]72pkt,2pt.(tcp)	2020-06-05 07:35:02
104.236.22.133	attack	Jun 4 22:11:36 xeon sshd[14468]: Failed password for root from 104.236.22.133 port 58834 ssh2	2020-06-05 07:53:30
194.25.134.80	attackspambots	another scammer trying to scam info	2020-06-05 07:39:00
114.35.222.183	attackbots	firewall-block, port(s): 8080/tcp	2020-06-05 07:47:11
140.246.171.180	attackspam	DATE:2020-06-05 00:20:34, IP:140.246.171.180, PORT:ssh SSH brute force auth (docker-dc)	2020-06-05 07:59:29
2400:6180:0:d1::571:9001	attack	MYH,DEF GET /wp-login.php	2020-06-05 07:37:21
106.13.15.242	attack	20 attempts against mh-ssh on cloud	2020-06-05 07:54:57
141.98.10.127	attackspambots	[2020-06-04 19:44:19] NOTICE[1288] chan_sip.c: Registration from '' failed for '141.98.10.127:50262' - Wrong password [2020-06-04 19:44:19] SECURITY[1303] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-04T19:44:19.007-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="Camden",SessionID="0x7f4d7403c148",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/141.98.10.127/50262",Challenge="63c478a9",ReceivedChallenge="63c478a9",ReceivedHash="ee93c68d9a0ee7132a0fa6189f9e2975" [2020-06-04 19:44:32] NOTICE[1288] chan_sip.c: Registration from '' failed for '141.98.10.127:52748' - Wrong password [2020-06-04 19:44:32] SECURITY[1303] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-04T19:44:32.334-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="Tanner",SessionID="0x7f4d74371bc8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/141.9 ...	2020-06-05 07:54:37
190.0.27.242	attackbotsspam	Automatic report - Banned IP Access	2020-06-05 07:46:42
185.67.33.243	attackspam	Jun 5 02:36:51 debian kernel: [216374.040577] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=185.67.33.243 DST=89.252.131.35 LEN=49 TOS=0x00 PREC=0x00 TTL=246 ID=54321 PROTO=UDP SPT=8179 DPT=11211 LEN=29	2020-06-05 08:04:33

Recently Reported IPs

197.15.41.2	192.245.44.153	110.197.79.95	191.33.98.35
71.88.221.159	90.39.182.214	70.162.38.16	125.71.226.41
69.14.67.72	99.12.246.147	109.186.172.209	190.6.120.114
153.132.160.201	200.11.48.245	72.252.132.149	31.199.25.112
94.25.163.118	70.158.213.205	129.133.84.159	51.81.254.27