85.239.48.141 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.239.48.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31993
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;85.239.48.141.			IN	A

;; AUTHORITY SECTION:
.			147	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021102 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 12 12:01:58 CST 2022
;; MSG SIZE  rcvd: 106

Host info

141.48.239.85.in-addr.arpa domain name pointer ns1648.ztomy.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
141.48.239.85.in-addr.arpa	name = ns1648.ztomy.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.108.181.123	attackspambots	[Mon Feb 10 20:41:27.163428 2020] [:error] [pid 26763:tid 139998917191424] [client 95.108.181.123:50201] [client 95.108.181.123] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XkFdh-a54sPagQy5v9zFVgAAAAI"] ...	2020-02-10 22:34:34
181.52.174.220	attackbots	Unauthorised access (Feb 10) SRC=181.52.174.220 LEN=40 TTL=242 ID=55628 TCP DPT=1433 WINDOW=1024 SYN	2020-02-10 22:50:41
156.236.119.151	attackspambots	2020-02-10T15:27:48.208547scmdmz1 sshd[7803]: Invalid user mlg from 156.236.119.151 port 48348 2020-02-10T15:27:48.211437scmdmz1 sshd[7803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.236.119.151 2020-02-10T15:27:48.208547scmdmz1 sshd[7803]: Invalid user mlg from 156.236.119.151 port 48348 2020-02-10T15:27:49.823855scmdmz1 sshd[7803]: Failed password for invalid user mlg from 156.236.119.151 port 48348 ssh2 2020-02-10T15:31:28.157466scmdmz1 sshd[8481]: Invalid user zke from 156.236.119.151 port 44174 ...	2020-02-10 22:59:47
219.143.70.249	attackspambots	ICMP MH Probe, Scan /Distributed -	2020-02-10 22:19:45
211.75.194.85	attackbotsspam	Unauthorised access (Feb 10) SRC=211.75.194.85 LEN=40 TTL=234 ID=36941 TCP DPT=1433 WINDOW=1024 SYN	2020-02-10 22:31:07
27.78.14.83	attack	SSH brute-force: detected 10 distinct usernames within a 24-hour window.	2020-02-10 22:25:15
222.186.31.166	attackspam	Feb 10 11:19:15 server sshd\[5255\]: Failed password for root from 222.186.31.166 port 34620 ssh2 Feb 10 11:19:16 server sshd\[5253\]: Failed password for root from 222.186.31.166 port 58564 ssh2 Feb 10 11:19:17 server sshd\[5255\]: Failed password for root from 222.186.31.166 port 34620 ssh2 Feb 10 17:52:25 server sshd\[7653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Feb 10 17:52:26 server sshd\[7653\]: Failed password for root from 222.186.31.166 port 45670 ssh2 ...	2020-02-10 22:53:56
83.239.87.130	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-10 22:49:50
87.3.92.194	attackbotsspam	Honeypot attack, port: 5555, PTR: host194-92-dynamic.3-87-r.retail.telecomitalia.it.	2020-02-10 22:43:48
176.115.196.74	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-10 22:20:41
219.143.70.243	attack	ICMP MH Probe, Scan /Distributed -	2020-02-10 22:37:30
170.210.136.56	attack	$f2bV_matches	2020-02-10 22:24:18
219.143.126.182	attackspam	ICMP MH Probe, Scan /Distributed -	2020-02-10 22:58:01
204.48.19.178	attackbotsspam	$f2bV_matches	2020-02-10 22:29:25
183.163.167.172	attack	02/10/2020-14:41:22.867510 183.163.167.172 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-10 22:44:34

Recently Reported IPs

85.239.37.157	85.239.55.249	85.239.54.182	85.239.56.202
85.239.56.187	85.239.56.178	85.239.56.67	85.239.56.129
85.239.56.235	85.239.56.71	85.239.57.101	85.239.57.126
85.239.58.201	85.239.58.198	85.239.59.188	85.239.58.251
85.239.59.142	85.239.58.192	85.239.58.92	85.239.59.214