85.208.253.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Iran (ISLAMIC Republic Of)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
85.208.253.171	attackspam	Automatic report - Port Scan Attack	2020-09-01 06:01:50
85.208.253.40	attack	Unauthorized connection attempt from IP address 85.208.253.40 on Port 445(SMB)	2019-11-26 23:46:33
85.208.253.42	attackspambots	Unauthorized connection attempt from IP address 85.208.253.42 on Port 445(SMB)	2019-10-26 23:51:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.208.253.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7920
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;85.208.253.66.			IN	A

;; AUTHORITY SECTION:
.			316	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091500 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 15 17:57:05 CST 2022
;; MSG SIZE  rcvd: 106

Host info

66.253.208.85.in-addr.arpa domain name pointer static.66.253.208.85.clients.irandns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.253.208.85.in-addr.arpa	name = static.66.253.208.85.clients.irandns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.79.90.72	attackspambots	May 6 23:58:49 OPSO sshd\[18814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.79.90.72 user=root May 6 23:58:51 OPSO sshd\[18814\]: Failed password for root from 103.79.90.72 port 48973 ssh2 May 7 00:02:55 OPSO sshd\[19882\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.79.90.72 user=root May 7 00:02:57 OPSO sshd\[19882\]: Failed password for root from 103.79.90.72 port 53112 ssh2 May 7 00:07:06 OPSO sshd\[21420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.79.90.72 user=root	2020-05-07 06:15:29
37.59.102.132	attack	May 6 15:07:08 foo sshd[17323]: Did not receive identification string from 37.59.102.132 May 6 16:08:34 foo sshd[18872]: Address 37.59.102.132 maps to erp.asycom.es, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 6 16:08:34 foo sshd[18872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.102.132 user=r.r May 6 16:08:36 foo sshd[18872]: Failed password for r.r from 37.59.102.132 port 51150 ssh2 May 6 16:08:36 foo sshd[18872]: Received disconnect from 37.59.102.132: 11: Bye Bye [preauth] May 6 16:08:37 foo sshd[18874]: Address 37.59.102.132 maps to erp.asycom.es, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 6 16:08:37 foo sshd[18874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.102.132 user=r.r May 6 16:08:39 foo sshd[18874]: Failed password for r.r from 37.59.102.132 port 52964 ssh2 May 6 16:08:39 foo sshd[18........ -------------------------------	2020-05-07 06:26:26
198.108.67.115	attackspam	firewall-block, port(s): 4506/tcp	2020-05-07 06:38:20
220.228.192.200	attackspambots	sshd jail - ssh hack attempt	2020-05-07 06:46:07
87.251.74.64	attackbotsspam	May 7 00:07:31 debian-2gb-nbg1-2 kernel: \[11061740.019973\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.64 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=52161 PROTO=TCP SPT=54584 DPT=11995 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 06:24:08
211.159.177.227	attackspam	srv02 Mass scanning activity detected Target: 10116 ..	2020-05-07 06:21:06
167.172.24.59	attackspambots	May 6 19:52:36 ntop sshd[10886]: Invalid user dup from 167.172.24.59 port 43090 May 6 19:52:36 ntop sshd[10886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.24.59 May 6 19:52:38 ntop sshd[10886]: Failed password for invalid user dup from 167.172.24.59 port 43090 ssh2 May 6 19:52:39 ntop sshd[10886]: Received disconnect from 167.172.24.59 port 43090:11: Bye Bye [preauth] May 6 19:52:39 ntop sshd[10886]: Disconnected from invalid user dup 167.172.24.59 port 43090 [preauth] May 6 19:58:41 ntop sshd[15070]: Invalid user dup from 167.172.24.59 port 34840 May 6 19:58:41 ntop sshd[15070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.24.59 May 6 19:58:42 ntop sshd[15070]: Failed password for invalid user dup from 167.172.24.59 port 34840 ssh2 May 6 19:58:43 ntop sshd[15070]: Received disconnect from 167.172.24.59 port 34840:11: Bye Bye [preauth] May 6 19:58:43 ntop........ -------------------------------	2020-05-07 06:38:50
59.36.137.105	attackspam	May 7 00:37:55 sshd\[24649\]: User root from 59.36.137.105 not allowed because not listed in AllowUsersMay 7 00:37:57 sshd\[24649\]: Failed password for invalid user root from 59.36.137.105 port 36303 ssh2 ...	2020-05-07 06:49:47
159.65.146.52	attack	firewall-block, port(s): 235/tcp	2020-05-07 06:49:02
221.207.32.250	attackspambots	firewall-block, port(s): 22/tcp	2020-05-07 06:32:11
177.129.191.142	attackspam	May 7 00:19:26 home sshd[3007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.129.191.142 May 7 00:19:28 home sshd[3007]: Failed password for invalid user developer from 177.129.191.142 port 46385 ssh2 May 7 00:23:43 home sshd[4144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.129.191.142 ...	2020-05-07 06:23:55
177.136.212.1	attackbotsspam	May 6 22:04:14 mxgate1 postfix/postscreen[2245]: CONNECT from [177.136.212.1]:51278 to [176.31.12.44]:25 May 6 22:04:14 mxgate1 postfix/dnsblog[2301]: addr 177.136.212.1 listed by domain cbl.abuseat.org as 127.0.0.2 May 6 22:04:14 mxgate1 postfix/dnsblog[2293]: addr 177.136.212.1 listed by domain b.barracudacentral.org as 127.0.0.2 May 6 22:04:14 mxgate1 postfix/dnsblog[2294]: addr 177.136.212.1 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 May 6 22:04:14 mxgate1 postfix/dnsblog[2295]: addr 177.136.212.1 listed by domain zen.spamhaus.org as 127.0.0.4 May 6 22:04:14 mxgate1 postfix/dnsblog[2295]: addr 177.136.212.1 listed by domain zen.spamhaus.org as 127.0.0.3 May 6 22:04:14 mxgate1 postfix/dnsblog[2295]: addr 177.136.212.1 listed by domain zen.spamhaus.org as 127.0.0.11 May 6 22:04:15 mxgate1 postfix/postscreen[2245]: PREGREET 39 after 0.58 from [177.136.212.1]:51278: EHLO 177-136-212-1.user.conectnet.net May 6 22:04:15 mxgate1 postfix/postscreen[2245]: D........ -------------------------------	2020-05-07 06:14:59
185.164.138.21	attackspam	SASL PLAIN auth failed: ruser=...	2020-05-07 06:29:54
179.104.204.174	attackbots	Automatic report - Port Scan Attack	2020-05-07 06:33:52
183.88.243.225	attackbots	Dovecot Invalid User Login Attempt.	2020-05-07 06:27:00

Recently Reported IPs

188.121.121.169	198.46.235.37	121.231.79.110	187.170.173.191
79.253.126.10	47.88.7.13	168.138.21.167	93.81.221.208
117.63.185.133	65.23.170.216	222.188.187.138	102.185.208.89
167.71.61.213	177.74.151.183	85.208.253.225	41.86.19.132
80.88.60.115	118.243.181.237	131.108.74.72	180.115.161.39