85.252.1.201 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Norway

Internet Service Provider: Ventelo Wholesale

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	5555/tcp [2019-06-26]1pkt	2019-06-26 20:46:54

Comments on same subnet:

IP	Type	Details	Datetime
85.252.123.110	attackspam	Brute force attack stopped by firewall	2020-04-05 10:24:40
85.252.123.110	attackspambots	proto=tcp . spt=42657 . dpt=25 . Found on Blocklist de (110)	2020-03-01 19:52:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.252.1.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9044
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.252.1.201.			IN	A

;; AUTHORITY SECTION:
.			2496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062600 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 20:46:44 CST 2019
;; MSG SIZE  rcvd: 116

Host info

201.1.252.85.in-addr.arpa domain name pointer static201.banetele-cust.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
201.1.252.85.in-addr.arpa	name = static201.banetele-cust.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.27.189.46	attackspambots	2020-05-25T04:31:18.748460shield sshd\[30452\]: Invalid user j from 119.27.189.46 port 34230 2020-05-25T04:31:18.752209shield sshd\[30452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.189.46 2020-05-25T04:31:20.953819shield sshd\[30452\]: Failed password for invalid user j from 119.27.189.46 port 34230 ssh2 2020-05-25T04:33:26.898575shield sshd\[31029\]: Invalid user web from 119.27.189.46 port 59126 2020-05-25T04:33:26.905187shield sshd\[31029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.189.46	2020-05-25 15:50:30
40.77.99.237	attackspam	1590378636 - 05/25/2020 05:50:36 Host: 40.77.99.237/40.77.99.237 Port: 8080 TCP Blocked	2020-05-25 16:22:35
69.30.226.234	attackspam	20 attempts against mh-misbehave-ban on ice	2020-05-25 16:16:01
162.243.137.229	attack	srv02 Mass scanning activity detected Target: 18245 ..	2020-05-25 16:04:52
172.81.204.14	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-05-25 16:06:37
45.253.26.216	attackspambots	May 25 10:42:28 itv-usvr-01 sshd[19344]: Invalid user admin from 45.253.26.216 May 25 10:42:28 itv-usvr-01 sshd[19344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.253.26.216 May 25 10:42:28 itv-usvr-01 sshd[19344]: Invalid user admin from 45.253.26.216 May 25 10:42:29 itv-usvr-01 sshd[19344]: Failed password for invalid user admin from 45.253.26.216 port 55504 ssh2 May 25 10:50:26 itv-usvr-01 sshd[19645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.253.26.216 user=root May 25 10:50:28 itv-usvr-01 sshd[19645]: Failed password for root from 45.253.26.216 port 49478 ssh2	2020-05-25 16:25:56
122.51.245.240	attack	$f2bV_matches	2020-05-25 16:03:48
5.9.151.57	attackspambots	20 attempts against mh-misbehave-ban on wave	2020-05-25 15:58:14
206.189.156.198	attackspam	May 25 08:22:35 ArkNodeAT sshd\[11635\]: Invalid user user from 206.189.156.198 May 25 08:22:35 ArkNodeAT sshd\[11635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.156.198 May 25 08:22:37 ArkNodeAT sshd\[11635\]: Failed password for invalid user user from 206.189.156.198 port 46764 ssh2	2020-05-25 16:10:11
113.161.18.63	attack	Unauthorised access (May 25) SRC=113.161.18.63 LEN=52 TTL=115 ID=28624 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-25 16:02:44
93.123.16.126	attackbots	May 24 19:48:25 eddieflores sshd\[22186\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.123.16.126 user=root May 24 19:48:27 eddieflores sshd\[22186\]: Failed password for root from 93.123.16.126 port 36230 ssh2 May 24 19:51:28 eddieflores sshd\[22448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.123.16.126 user=root May 24 19:51:30 eddieflores sshd\[22448\]: Failed password for root from 93.123.16.126 port 55502 ssh2 May 24 19:54:27 eddieflores sshd\[22670\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.123.16.126 user=root	2020-05-25 16:00:19
106.54.40.151	attack	May 25 10:46:52 journals sshd\[18703\]: Invalid user router from 106.54.40.151 May 25 10:46:52 journals sshd\[18703\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.40.151 May 25 10:46:55 journals sshd\[18703\]: Failed password for invalid user router from 106.54.40.151 port 54110 ssh2 May 25 10:49:08 journals sshd\[19105\]: Invalid user voskresenskyi from 106.54.40.151 May 25 10:49:08 journals sshd\[19105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.40.151 ...	2020-05-25 16:22:05
106.12.192.201	attack	May 25 09:43:24 sip sshd[398860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.201 May 25 09:43:24 sip sshd[398860]: Invalid user uftp from 106.12.192.201 port 41956 May 25 09:43:26 sip sshd[398860]: Failed password for invalid user uftp from 106.12.192.201 port 41956 ssh2 ...	2020-05-25 15:57:36
123.14.5.115	attack	Invalid user vedat from 123.14.5.115 port 41100	2020-05-25 16:14:07
142.93.35.169	attack	142.93.35.169 - - \[25/May/2020:08:52:06 +0200\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.35.169 - - \[25/May/2020:08:52:17 +0200\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.93.35.169 - - \[25/May/2020:08:52:18 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-25 16:17:29

Recently Reported IPs

31.170.48.235	1.174.58.222	157.225.174.6	118.170.35.234
201.95.25.193	159.85.37.29	27.246.106.244	223.80.14.62
201.150.88.176	178.127.80.43	125.113.130.31	180.252.134.155
112.114.106.172	79.167.152.171	239.183.178.57	59.133.41.183
60.190.150.59	119.115.97.41	183.92.40.145	120.229.42.59