85.159.66.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Turkey

Internet Service Provider: Cizgi Telekomunikasyon Anonim Sirketi

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Port 1433 Scan	2019-12-14 22:35:15

Comments on same subnet:

IP	Type	Details	Datetime
85.159.66.131	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-01-09 13:58:35
85.159.66.239	attackbots	11/23/2019-07:20:40.346008 85.159.66.239 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-23 20:40:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.159.66.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.159.66.252.			IN	A

;; AUTHORITY SECTION:
.			189	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121400 1800 900 604800 86400

;; Query time: 776 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 22:35:09 CST 2019
;; MSG SIZE  rcvd: 117

Host info

252.66.159.85.in-addr.arpa domain name pointer 85-159-66-252.cizgi.net.tr.

Nslookup info:

Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
252.66.159.85.in-addr.arpa	name = 85-159-66-252.cizgi.net.tr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
67.207.94.180	attack	Sep 2 20:32:52 vps333114 sshd[5242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.94.180 Sep 2 20:32:54 vps333114 sshd[5242]: Failed password for invalid user beo from 67.207.94.180 port 47116 ssh2 ...	2020-09-03 03:15:19
198.71.239.50	attackspam	198.71.239.50 - - [01/Sep/2020:18:41:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 38248 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 198.71.239.50 - - [01/Sep/2020:18:41:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 38248 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ...	2020-09-03 03:07:59
162.142.125.51	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-03 02:57:54
193.112.152.93	attackbots	Automatic report - Banned IP Access	2020-09-03 02:58:58
109.236.89.61	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-02T18:05:52Z and 2020-09-02T18:38:57Z	2020-09-03 02:56:03
54.38.134.219	attackspam	54.38.134.219 - - [02/Sep/2020:18:46:04 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.38.134.219 - - [02/Sep/2020:18:46:05 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.38.134.219 - - [02/Sep/2020:18:46:06 +0100] "POST /wp-login.php HTTP/1.1" 200 1856 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-03 03:20:15
45.142.120.144	attack	2020-09-02 21:17:40 dovecot_login authenticator failed for \(User\) \[45.142.120.144\]: 535 Incorrect authentication data \(set_id=lorraine@org.ua\)2020-09-02 21:18:16 dovecot_login authenticator failed for \(User\) \[45.142.120.144\]: 535 Incorrect authentication data \(set_id=newhampshire@org.ua\)2020-09-02 21:18:52 dovecot_login authenticator failed for \(User\) \[45.142.120.144\]: 535 Incorrect authentication data \(set_id=ukr@org.ua\) ...	2020-09-03 02:56:35
194.26.25.97	attackspam	[H1.VM4] Blocked by UFW	2020-09-03 03:06:57
140.213.15.37	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-03 02:58:19
162.247.74.216	attackspam	Sep 2 14:58:49 NPSTNNYC01T sshd[11477]: Failed password for root from 162.247.74.216 port 58566 ssh2 Sep 2 14:58:51 NPSTNNYC01T sshd[11477]: Failed password for root from 162.247.74.216 port 58566 ssh2 Sep 2 14:58:54 NPSTNNYC01T sshd[11477]: Failed password for root from 162.247.74.216 port 58566 ssh2 Sep 2 14:58:56 NPSTNNYC01T sshd[11477]: Failed password for root from 162.247.74.216 port 58566 ssh2 ...	2020-09-03 03:01:38
180.167.225.118	attackbotsspam	Sep 2 15:13:30 ws19vmsma01 sshd[212811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.225.118 Sep 2 15:13:32 ws19vmsma01 sshd[212811]: Failed password for invalid user atul from 180.167.225.118 port 46994 ssh2 ...	2020-09-03 02:59:18
111.67.193.54	attackbots	Sep 2 21:36:23 pkdns2 sshd\[41034\]: Invalid user dines from 111.67.193.54Sep 2 21:36:25 pkdns2 sshd\[41034\]: Failed password for invalid user dines from 111.67.193.54 port 59652 ssh2Sep 2 21:40:30 pkdns2 sshd\[41211\]: Invalid user atul from 111.67.193.54Sep 2 21:40:32 pkdns2 sshd\[41211\]: Failed password for invalid user atul from 111.67.193.54 port 34426 ssh2Sep 2 21:44:39 pkdns2 sshd\[41357\]: Invalid user uftp from 111.67.193.54Sep 2 21:44:42 pkdns2 sshd\[41357\]: Failed password for invalid user uftp from 111.67.193.54 port 37434 ssh2 ...	2020-09-03 02:54:29
45.142.120.89	attackbots	2020-09-02 20:24:10 dovecot_login authenticator failed for \(User\) \[45.142.120.89\]: 535 Incorrect authentication data \(set_id=atlas@no-server.de\) 2020-09-02 20:24:19 dovecot_login authenticator failed for \(User\) \[45.142.120.89\]: 535 Incorrect authentication data \(set_id=atlas@no-server.de\) 2020-09-02 20:24:22 dovecot_login authenticator failed for \(User\) \[45.142.120.89\]: 535 Incorrect authentication data \(set_id=wordpress.www@no-server.de\) 2020-09-02 20:24:23 dovecot_login authenticator failed for \(User\) \[45.142.120.89\]: 535 Incorrect authentication data \(set_id=wordpress.www@no-server.de\) 2020-09-02 20:24:46 dovecot_login authenticator failed for \(User\) \[45.142.120.89\]: 535 Incorrect authentication data \(set_id=wordpress.www@no-server.de\) 2020-09-02 20:24:46 dovecot_login authenticator failed for \(User\) \[45.142.120.89\]: 535 Incorrect authentication data \(set_id=wordpress.www@no-server.de\) ...	2020-09-03 02:45:11
106.8.238.72	attack	2020-09-02T11:02:27.944491devel sshd[17994]: Invalid user www from 106.8.238.72 port 45232 2020-09-02T11:02:29.655992devel sshd[17994]: Failed password for invalid user www from 106.8.238.72 port 45232 ssh2 2020-09-02T11:12:23.631563devel sshd[19017]: Invalid user uftp from 106.8.238.72 port 60616	2020-09-03 02:51:31
115.164.41.108	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-03 03:00:14

Recently Reported IPs

182.180.124.36	142.93.174.86	109.227.63.3	88.235.211.136
57.219.76.120	51.15.79.194	162.170.224.111	189.165.3.222
217.19.154.220	212.106.35.248	110.137.167.106	113.127.209.229
185.216.81.36	35.199.73.100	173.249.12.216	116.111.126.114
105.119.44.219	2.92.27.219	182.253.86.74	197.246.247.89