85.241.48.10 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: PT Comunicacoes S.A.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Nov 3 REMOVED sshd\[6511\]: Invalid user admin from 85.241.48.10 Nov 3 REMOVED sshd\[6576\]: Invalid user ubuntu from 85.241.48.10 Nov 3 REMOVED sshd\[6607\]: Invalid user pi from 85.241.48.10	2019-11-03 19:43:40

Type

Details

Datetime

attackbotsspam

Nov  3 **REMOVED** sshd\[6511\]: Invalid user admin from 85.241.48.10
Nov  3 **REMOVED** sshd\[6576\]: Invalid user ubuntu from 85.241.48.10
Nov  3 **REMOVED** sshd\[6607\]: Invalid user pi from 85.241.48.10

2019-11-03 19:43:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.241.48.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51984
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.241.48.10.			IN	A

;; AUTHORITY SECTION:
.			2882	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052100 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue May 21 15:31:27 CST 2019
;; MSG SIZE  rcvd: 116

Host info

10.48.241.85.in-addr.arpa domain name pointer bl8-48-10.dsl.telepac.pt.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
10.48.241.85.in-addr.arpa	name = bl8-48-10.dsl.telepac.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.212.138.216	attackspambots	DATE:2020-04-12 05:57:26, IP:120.212.138.216, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-04-12 13:16:46
183.160.213.68	attackbots	Apr 12 05:52:00 prod4 sshd\[23571\]: Failed password for root from 183.160.213.68 port 30151 ssh2 Apr 12 05:56:57 prod4 sshd\[24624\]: Failed password for root from 183.160.213.68 port 33723 ssh2 Apr 12 06:01:50 prod4 sshd\[26444\]: Invalid user su from 183.160.213.68 ...	2020-04-12 13:46:00
69.158.207.141	attackspam	20/4/12@01:19:40: FAIL: IoT-SSH address from=69.158.207.141 ...	2020-04-12 13:31:26
49.88.112.112	attackbotsspam	Apr 12 07:22:21 plex sshd[1362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.112 user=root Apr 12 07:22:23 plex sshd[1362]: Failed password for root from 49.88.112.112 port 45595 ssh2	2020-04-12 13:37:13
87.104.49.5	attackspambots	honeypot 22 port	2020-04-12 13:21:41
196.74.110.1	spam	Used to hack accounts	2020-04-12 13:29:14
77.139.155.46	attack	Apr 12 06:45:24 * sshd[7062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.139.155.46 Apr 12 06:45:26 * sshd[7062]: Failed password for invalid user supervisor from 77.139.155.46 port 59286 ssh2	2020-04-12 13:47:51
175.158.233.135	attack	IP has been reported several times for Honeypot attack, port: 445, Scanning random ports - tries to find possible vulnerable services, Unauthorized connection attempt from IP address 175.158.233.140 on Port 445(SMB) and trying to hack Google accounts	2020-04-12 13:12:20
188.190.221.141	attack	20/4/12@00:53:08: FAIL: Alarm-Network address from=188.190.221.141 20/4/12@00:53:08: FAIL: Alarm-Network address from=188.190.221.141 ...	2020-04-12 13:30:06
101.230.236.177	attack	Invalid user postgres from 101.230.236.177 port 34038	2020-04-12 13:28:31
182.61.175.219	attackspam	Apr 12 07:42:45 markkoudstaal sshd[20157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.175.219 Apr 12 07:42:47 markkoudstaal sshd[20157]: Failed password for invalid user sacerdot from 182.61.175.219 port 36996 ssh2 Apr 12 07:46:52 markkoudstaal sshd[20715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.175.219	2020-04-12 13:47:12
66.42.114.152	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/66.42.114.152/ US - 1H : (16) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN20473 IP : 66.42.114.152 CIDR : 66.42.112.0/20 PREFIX COUNT : 584 UNIQUE IP COUNT : 939776 ATTACKS DETECTED ASN20473 : 1H - 3 3H - 5 6H - 5 12H - 5 24H - 5 DateTime : 2020-04-12 05:56:39 INFO : DNS DENIED Scan Detected and Blocked by ADMIN - data recovery	2020-04-12 13:50:35
49.88.112.71	attack	Apr 12 07:30:40 eventyay sshd[24623]: Failed password for root from 49.88.112.71 port 25337 ssh2 Apr 12 07:30:43 eventyay sshd[24623]: Failed password for root from 49.88.112.71 port 25337 ssh2 Apr 12 07:30:45 eventyay sshd[24623]: Failed password for root from 49.88.112.71 port 25337 ssh2 ...	2020-04-12 13:49:22
175.158.233.140	attack	IP has been reported several times for Honeypot attack, port: 445, Scanning random ports - tries to find possible vulnerable services, Unauthorized connection attempt from IP address 175.158.233.140 on Port 445(SMB) and trying to hack Google accounts	2020-04-12 13:12:41
178.128.144.14	attackbots	Apr 12 07:03:36 markkoudstaal sshd[14462]: Failed password for root from 178.128.144.14 port 40196 ssh2 Apr 12 07:07:31 markkoudstaal sshd[15043]: Failed password for root from 178.128.144.14 port 47644 ssh2	2020-04-12 13:25:22

Recently Reported IPs

122.52.162.230	195.208.30.73	186.215.106.51	186.2.132.93
145.131.21.179	115.79.195.111	113.165.166.144	107.170.202.131
83.172.105.208	31.31.91.111	221.192.132.236	217.199.136.114
217.6.112.20	188.168.31.69	150.95.172.156	121.122.48.49
120.31.131.61	101.99.15.40	94.97.253.141	85.172.54.164