85.113.18.130 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kyrgyzstan

Internet Service Provider: OJSC Kyrgyztelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Banned IP Access	2020-06-20 19:48:24

Comments on same subnet:

IP	Type	Details	Datetime
85.113.188.62	attack	Honeypot attack, port: 23, PTR: tk1-062.ftth.trollnet.no.	2019-11-18 01:44:47
85.113.188.62	attack	Unauthorised access (Oct 22) SRC=85.113.188.62 LEN=40 TTL=48 ID=61995 TCP DPT=23 WINDOW=62163 SYN Unauthorised access (Oct 19) SRC=85.113.188.62 LEN=40 TTL=48 ID=9784 TCP DPT=23 WINDOW=41928 SYN Unauthorised access (Oct 19) SRC=85.113.188.62 LEN=40 TTL=48 ID=27018 TCP DPT=23 WINDOW=64219 SYN	2019-10-22 14:41:13

Type

Details

Datetime

85.113.188.62

attack

Honeypot attack, port: 23, PTR: tk1-062.ftth.trollnet.no.

2019-11-18 01:44:47

85.113.188.62

attack

Unauthorised access (Oct 22) SRC=85.113.188.62 LEN=40 TTL=48 ID=61995 TCP DPT=23 WINDOW=62163 SYN 
Unauthorised access (Oct 19) SRC=85.113.188.62 LEN=40 TTL=48 ID=9784 TCP DPT=23 WINDOW=41928 SYN 
Unauthorised access (Oct 19) SRC=85.113.188.62 LEN=40 TTL=48 ID=27018 TCP DPT=23 WINDOW=64219 SYN

2019-10-22 14:41:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.113.18.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60793
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.113.18.130.			IN	A

;; AUTHORITY SECTION:
.			582	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061901 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 20 19:48:19 CST 2020
;; MSG SIZE  rcvd: 117

Host info

130.18.113.85.in-addr.arpa has no PTR record

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
130.18.113.85.in-addr.arpa	name = 85-113-18-130.static.ktnet.kg.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
153.36.236.35	attack	Jul 12 00:13:20 aat-srv002 sshd[2060]: Failed password for root from 153.36.236.35 port 13917 ssh2 Jul 12 00:13:23 aat-srv002 sshd[2060]: Failed password for root from 153.36.236.35 port 13917 ssh2 Jul 12 00:13:26 aat-srv002 sshd[2060]: Failed password for root from 153.36.236.35 port 13917 ssh2 Jul 12 00:13:31 aat-srv002 sshd[2070]: Failed password for root from 153.36.236.35 port 40495 ssh2 ...	2019-07-12 14:33:55
134.209.66.147	attackbotsspam	abasicmove.de 134.209.66.147 \[12/Jul/2019:01:58:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 5761 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" abasicmove.de 134.209.66.147 \[12/Jul/2019:01:58:24 +0200\] "POST /wp-login.php HTTP/1.1" 200 5560 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" abasicmove.de 134.209.66.147 \[12/Jul/2019:01:58:25 +0200\] "POST /wp-login.php HTTP/1.1" 200 5548 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-07-12 13:48:15
134.19.179.171	attack	[portscan] Port scan	2019-07-12 14:10:36
115.159.102.231	attackbots	Jul 12 07:31:42 server01 sshd\[2478\]: Invalid user 123456 from 115.159.102.231 Jul 12 07:31:42 server01 sshd\[2478\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.102.231 Jul 12 07:31:45 server01 sshd\[2478\]: Failed password for invalid user 123456 from 115.159.102.231 port 14082 ssh2 ...	2019-07-12 14:38:54
170.0.60.70	attack	Invalid user deploy from 170.0.60.70 port 40029	2019-07-12 14:28:08
112.169.9.149	attackbotsspam	Invalid user fabrice from 112.169.9.149 port 57866	2019-07-12 14:39:12
69.17.158.101	attackbotsspam	Jul 12 07:01:04 dedicated sshd[17121]: Invalid user aline from 69.17.158.101 port 54618	2019-07-12 13:28:57
151.253.43.75	attackbotsspam	12.07.2019 05:30:48 SSH access blocked by firewall	2019-07-12 13:49:29
93.152.202.148	attackbotsspam	Jul 12 03:28:24 debian sshd\[18885\]: Invalid user testuser from 93.152.202.148 port 48102 Jul 12 03:28:24 debian sshd\[18885\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.152.202.148 ...	2019-07-12 13:58:18
201.49.127.212	attackbots	Jul 12 08:04:06 MK-Soft-Root1 sshd\[15611\]: Invalid user flor from 201.49.127.212 port 47098 Jul 12 08:04:06 MK-Soft-Root1 sshd\[15611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.127.212 Jul 12 08:04:08 MK-Soft-Root1 sshd\[15611\]: Failed password for invalid user flor from 201.49.127.212 port 47098 ssh2 ...	2019-07-12 14:20:17
111.231.75.83	attack	Mar 8 21:18:03 vtv3 sshd\[11997\]: Invalid user ha from 111.231.75.83 port 60840 Mar 8 21:18:03 vtv3 sshd\[11997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83 Mar 8 21:18:06 vtv3 sshd\[11997\]: Failed password for invalid user ha from 111.231.75.83 port 60840 ssh2 Mar 8 21:26:38 vtv3 sshd\[15418\]: Invalid user jj from 111.231.75.83 port 33636 Mar 8 21:26:38 vtv3 sshd\[15418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83 Mar 22 23:32:45 vtv3 sshd\[20153\]: Invalid user jz from 111.231.75.83 port 47686 Mar 22 23:32:45 vtv3 sshd\[20153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83 Mar 22 23:32:46 vtv3 sshd\[20153\]: Failed password for invalid user jz from 111.231.75.83 port 47686 ssh2 Mar 22 23:40:57 vtv3 sshd\[23662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83	2019-07-12 13:27:07
185.153.196.191	attack	Port scan on 1 port(s): 18448	2019-07-12 14:04:15
209.105.243.230	attackspam	2019-07-12T08:04:42.434479scmdmz1 sshd\[18065\]: Invalid user secret from 209.105.243.230 port 54398 2019-07-12T08:04:42.438216scmdmz1 sshd\[18065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.105.243.230 2019-07-12T08:04:44.203103scmdmz1 sshd\[18065\]: Failed password for invalid user secret from 209.105.243.230 port 54398 ssh2 ...	2019-07-12 14:09:19
185.126.199.90	attack	[ ?? ] From bounce5@corretor-10-online.com.br Thu Jul 11 20:57:12 2019 Received: from host6.corretor-10-online.com.br ([185.126.199.90]:35770)	2019-07-12 14:12:41
153.36.236.151	attackbotsspam	Jul 12 11:57:02 areeb-Workstation sshd\[25321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.151 user=root Jul 12 11:57:05 areeb-Workstation sshd\[25321\]: Failed password for root from 153.36.236.151 port 29433 ssh2 Jul 12 11:57:12 areeb-Workstation sshd\[25339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.151 user=root ...	2019-07-12 14:33:37

Recently Reported IPs

103.89.89.122	125.162.61.71	153.231.2.1	14.160.33.254
183.177.103.138	27.150.86.237	60.184.201.139	122.52.148.219
69.85.92.129	52.197.224.81	49.149.69.101	43.254.156.22
190.216.124.134	51.83.171.4	83.234.168.34	14.176.157.11
180.254.120.235	103.222.22.88	118.70.43.195	61.180.36.145