85.245.141.242

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: PT Comunicacoes S.A.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	WordPress XMLRPC scan :: 85.245.141.242 0.096 BYPASS [24/Jul/2019:06:16:44 1000] [censored_1] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"	2019-07-24 07:55:34

Type

Details

Datetime

attackspam

WordPress XMLRPC scan :: 85.245.141.242 0.096 BYPASS [24/Jul/2019:06:16:44  1000] [censored_1] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"

2019-07-24 07:55:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.245.141.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12302
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.245.141.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072304 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 24 07:55:27 CST 2019
;; MSG SIZE  rcvd: 118

Host info

242.141.245.85.in-addr.arpa has no PTR record

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
242.141.245.85.in-addr.arpa	name = bl12-141-242.dsl.telepac.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.36.81.23	attack	2020-03-12T17:20:26.689226linuxbox-skyline auth[1354]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=hr rhost=185.36.81.23 ...	2020-03-13 07:22:13
122.51.213.140	attack	Invalid user sysop from 122.51.213.140 port 53730	2020-03-13 07:06:52
140.143.16.248	attackspambots	2020-03-12T22:10:10.037903 sshd[28360]: Invalid user uehara from 140.143.16.248 port 38212 2020-03-12T22:10:10.051467 sshd[28360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.16.248 2020-03-12T22:10:10.037903 sshd[28360]: Invalid user uehara from 140.143.16.248 port 38212 2020-03-12T22:10:11.946086 sshd[28360]: Failed password for invalid user uehara from 140.143.16.248 port 38212 ssh2 ...	2020-03-13 06:55:01
114.67.171.129	attackspambots	Mar 12 22:02:08 xeon sshd[649]: Failed password for root from 114.67.171.129 port 48890 ssh2	2020-03-13 07:07:15
179.177.43.130	attackspambots	1584047406 - 03/12/2020 22:10:06 Host: 179.177.43.130/179.177.43.130 Port: 445 TCP Blocked	2020-03-13 07:02:10
92.222.232.100	attackbotsspam	12.03.2020 22:09:49 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2020-03-13 07:21:22
45.152.32.158	attackspam	(From eric@talkwithwebvisitor.com) Hey there, I just found your site, quick question… My name’s Eric, I found dalefamilychiropractic.com after doing a quick search – you showed up near the top of the rankings, so whatever you’re doing for SEO, looks like it’s working well. So here’s my question – what happens AFTER someone lands on your site? Anything? Research tells us at least 70% of the people who find your site, after a quick once-over, they disappear… forever. That means that all the work and effort you put into getting them to show up, goes down the tubes. Why would you want all that good work – and the great site you’ve built – go to waste? Because the odds are they’ll just skip over calling or even grabbing their phone, leaving you high and dry. But here’s a thought… what if you could make it super-simple for someone to raise their hand, say, “okay, let’s talk” without requiring them to even pull their cell phone from their pocket? You can – thanks to revolutionary new softw	2020-03-13 07:00:43
177.7.96.166	attackspambots	Port probing on unauthorized port 23	2020-03-13 07:26:14
178.62.23.75	attackspam	(smtpauth) Failed SMTP AUTH login from 178.62.23.75 (GB/United Kingdom/isaleapp.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-03-13 00:39:38 login authenticator failed for isaleapp.com (ADMIN) [178.62.23.75]: 535 Incorrect authentication data (set_id=info@behinshole.com)	2020-03-13 07:22:38
106.13.17.250	attackbotsspam	SSH Brute-Force Attack	2020-03-13 07:30:08
111.229.118.227	attack	Mar 13 00:10:07 hosting sshd[5713]: Invalid user mailtest from 111.229.118.227 port 56270 ...	2020-03-13 06:57:53
198.12.152.199	attackspam	Invalid user user from 198.12.152.199 port 43846	2020-03-13 07:01:07
13.68.130.102	attack	2020-03-12T15:09:31.834836linuxbox-skyline auth[69127]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info rhost=13.68.130.102 ...	2020-03-13 07:27:56
64.225.105.117	attackspam	Invalid user tharani from 64.225.105.117 port 36042	2020-03-13 07:08:27
129.211.62.131	attack	SSH invalid-user multiple login try	2020-03-13 07:06:18

Recently Reported IPs

63.0.115.22	149.206.163.220	113.118.159.128	41.222.88.11
35.225.51.20	27.254.159.157	205.209.174.238	5.194.152.155
45.35.104.64	160.16.204.83	148.70.60.239	88.26.220.8
91.205.71.147	13.250.17.201	128.199.201.131	121.225.79.13
116.202.110.39	77.161.90.107	116.209.141.89	212.98.122.91