85.105.242.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Turkey

Internet Service Provider: Turk Telekomunikasyon Anonim Sirketi

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	23/tcp 23/tcp 23/tcp [2020-07-12/08-23]3pkt	2020-08-24 06:33:52
attackbots	[portscan] tcp/23 [TELNET] *(RWIN=44729)(06301147)	2020-07-01 19:45:11

Comments on same subnet:

IP	Type	Details	Datetime
85.105.242.55	attack	DATE:2020-06-06 14:33:13, IP:85.105.242.55, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-06 22:06:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.105.242.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.105.242.11.			IN	A

;; AUTHORITY SECTION:
.			195	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070101 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 01 19:45:07 CST 2020
;; MSG SIZE  rcvd: 117

Host info

11.242.105.85.in-addr.arpa domain name pointer 85.105.242.11.static.ttnet.com.tr.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.242.105.85.in-addr.arpa	name = 85.105.242.11.static.ttnet.com.tr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
73.6.227.20	attackbotsspam	Sep 3 20:14:19 buvik sshd[9124]: Invalid user pi from 73.6.227.20 Sep 3 20:14:19 buvik sshd[9123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.6.227.20 Sep 3 20:14:21 buvik sshd[9123]: Failed password for invalid user pi from 73.6.227.20 port 42310 ssh2 ...	2020-09-04 21:11:49
189.59.5.81	attack	(imapd) Failed IMAP login from 189.59.5.81 (BR/Brazil/centershop.static.gvt.net.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 4 13:07:18 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 11 secs): user=, method=PLAIN, rip=189.59.5.81, lip=5.63.12.44, session=	2020-09-04 20:55:41
222.186.173.215	attackspambots	Sep 4 13:37:56 rocket sshd[2426]: Failed password for root from 222.186.173.215 port 7944 ssh2 Sep 4 13:38:09 rocket sshd[2426]: Failed password for root from 222.186.173.215 port 7944 ssh2 Sep 4 13:38:09 rocket sshd[2426]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 7944 ssh2 [preauth] ...	2020-09-04 20:39:37
46.245.222.203	attackbots	Port Scan detected from 46.245.222.203 (DE/Germany/North Rhine-Westphalia/Borken (Gemen)/2ef5decb.static.network.bornet.de). 4 hits in the last 170 seconds	2020-09-04 20:47:58
192.241.220.50	attackspambots	Sep 4 12:55:43 mail postfix/submission/smtpd[17112]: lost connection after UNKNOWN from unknown[192.241.220.50] ...	2020-09-04 21:04:56
156.217.50.32	attackspam	IP 156.217.50.32 attacked honeypot on port: 23 at 9/3/2020 9:50:14 AM	2020-09-04 21:00:30
167.248.133.25	attackspambots	Port scan: Attack repeated for 24 hours	2020-09-04 21:10:48
103.242.15.52	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-04 21:15:27
54.36.148.79	attackbots	/dev	2020-09-04 20:58:31
62.210.99.134	attackbotsspam	TCP (SYN) 62.210.99.134:51804 -> port 7945, len 44	2020-09-04 21:18:38
222.186.180.8	attackbots	2020-09-04T14:39:20.271880vps773228.ovh.net sshd[9530]: Failed password for root from 222.186.180.8 port 53652 ssh2 2020-09-04T14:39:24.045122vps773228.ovh.net sshd[9530]: Failed password for root from 222.186.180.8 port 53652 ssh2 2020-09-04T14:39:28.166943vps773228.ovh.net sshd[9530]: Failed password for root from 222.186.180.8 port 53652 ssh2 2020-09-04T14:39:28.168402vps773228.ovh.net sshd[9530]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 53652 ssh2 [preauth] 2020-09-04T14:39:28.168437vps773228.ovh.net sshd[9530]: Disconnecting: Too many authentication failures [preauth] ...	2020-09-04 20:43:15
129.204.205.125	attack	2020-09-04T07:27:55.4871051495-001 sshd[44454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.205.125 user=root 2020-09-04T07:27:57.9559891495-001 sshd[44454]: Failed password for root from 129.204.205.125 port 43056 ssh2 2020-09-04T07:33:16.3336111495-001 sshd[44712]: Invalid user Nicole from 129.204.205.125 port 50114 2020-09-04T07:33:16.3371351495-001 sshd[44712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.205.125 2020-09-04T07:33:16.3336111495-001 sshd[44712]: Invalid user Nicole from 129.204.205.125 port 50114 2020-09-04T07:33:18.5399581495-001 sshd[44712]: Failed password for invalid user Nicole from 129.204.205.125 port 50114 ssh2 ...	2020-09-04 21:00:45
54.38.81.231	attackspambots	2020-09-04T13:22:25.449581vps773228.ovh.net sshd[8474]: Failed password for root from 54.38.81.231 port 43686 ssh2 2020-09-04T13:22:27.388823vps773228.ovh.net sshd[8474]: Failed password for root from 54.38.81.231 port 43686 ssh2 2020-09-04T13:22:28.917168vps773228.ovh.net sshd[8474]: Failed password for root from 54.38.81.231 port 43686 ssh2 2020-09-04T13:22:31.072015vps773228.ovh.net sshd[8474]: Failed password for root from 54.38.81.231 port 43686 ssh2 2020-09-04T13:22:33.716349vps773228.ovh.net sshd[8474]: Failed password for root from 54.38.81.231 port 43686 ssh2 ...	2020-09-04 20:39:17
185.220.102.245	attackspam	Sep 4 11:24:20 django-0 sshd[22715]: Failed password for root from 185.220.102.245 port 11590 ssh2 Sep 4 11:24:31 django-0 sshd[22715]: error: maximum authentication attempts exceeded for root from 185.220.102.245 port 11590 ssh2 [preauth] Sep 4 11:24:31 django-0 sshd[22715]: Disconnecting: Too many authentication failures for root [preauth] ...	2020-09-04 20:44:19
54.36.190.245	attackbots	Invalid user yxu from 54.36.190.245 port 45880	2020-09-04 20:51:38

Recently Reported IPs

23.148.222.139	171.173.240.112	61.234.237.181	132.122.54.176
142.89.247.34	202.63.199.36	106.205.220.54	14.230.96.170
192.192.46.134	208.189.214.23	160.197.164.154	149.135.103.201
35.233.221.174	178.94.131.81	81.120.67.127	147.128.0.201
171.142.53.14	98.16.138.171	44.185.141.246	146.55.143.196