85.43.48.68 - IPInfo

Basic Info

City: Rome

Region: Regione Lazio

Country: Italy

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.43.48.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10308
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;85.43.48.68.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022602 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 27 12:57:13 CST 2025
;; MSG SIZE  rcvd: 104

Host info

68.48.43.85.in-addr.arpa domain name pointer host-85-43-48-68.business.telecomitalia.it.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
68.48.43.85.in-addr.arpa	name = host-85-43-48-68.business.telecomitalia.it.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.44.246.156	attack	2020-09-19 UTC: (21x) - root(21x)	2020-09-20 17:56:53
160.153.154.5	attack	[SatSep1918:58:56.6068162020][:error][pid27420:tid47839007840000][client160.153.154.5:47824][client160.153.154.5]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$wp-$\?config\\\\\\\\.$php$\?\\\\\\\\.$\?:bac\?k\\|o\(\?:ld\\|rig$\\|copy\\|tmp\\|s$\?:ave\\|wp$\\|vim\?\\\\\\\\.\\|~\)"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"1254"][id"390597"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-DataLeakage-attempttoaccessbackupsystem/applicationconfigfile$disablethisruleonlyifyouwanttoallowanyoneaccesstothesebackupfiles$"][severity"CRITICAL"][hostname"lacasadeitesori.com"][uri"/wp-config.php.orig"][unique_id"X2Y40IJwH12FE-nGHZxAwwAAAQ8"][SatSep1918:59:02.9125922020][:error][pid2802:tid47839018346240][client160.153.154.5:48192][client160.153.154.5]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$wp-$\?config\\\\\\\\.$php$\?\\\\\\\\.$\?:bac\?k\\|o\(\?:ld\\|rig$\\|copy\\|tmp\\|s$\?:ave\\|wp$\\|vim\?\\\\\\\\.\\|~\)"atREQUEST_FILENAME.[	2020-09-20 18:28:32
76.175.254.238	attack	Automatic report - Port Scan Attack	2020-09-20 17:55:44
124.156.55.21	attackspam	Found on CINS badguys / proto=17 . srcport=55865 . dstport=161 . (2282)	2020-09-20 18:30:34
74.82.47.55	attackspam	Unauthorized connection attempt from IP address 74.82.47.55 on Port 3389(RDP)	2020-09-20 18:15:06
60.169.81.229	attack	SIP/5060 Probe, BF, Hack -	2020-09-20 18:10:53
205.185.117.149	attackbotsspam	(sshd) Failed SSH login from 205.185.117.149 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 03:42:02 server2 sshd[21569]: Failed password for root from 205.185.117.149 port 58628 ssh2 Sep 20 03:42:05 server2 sshd[21569]: Failed password for root from 205.185.117.149 port 58628 ssh2 Sep 20 03:42:07 server2 sshd[21569]: Failed password for root from 205.185.117.149 port 58628 ssh2 Sep 20 03:42:10 server2 sshd[21569]: Failed password for root from 205.185.117.149 port 58628 ssh2 Sep 20 03:42:13 server2 sshd[21569]: Failed password for root from 205.185.117.149 port 58628 ssh2	2020-09-20 18:27:16
192.144.129.98	attack	Sep 20 11:47:46 piServer sshd[23060]: Failed password for root from 192.144.129.98 port 47424 ssh2 Sep 20 11:50:27 piServer sshd[23392]: Failed password for root from 192.144.129.98 port 48652 ssh2 ...	2020-09-20 17:57:48
128.14.226.159	attackspam	web-1 [ssh] SSH Attack	2020-09-20 17:52:16
187.200.48.44	attackspam	Failed password for invalid user root from 187.200.48.44 port 51572 ssh2	2020-09-20 17:54:28
188.50.200.70	attackspambots	1600534765 - 09/19/2020 18:59:25 Host: 188.50.200.70/188.50.200.70 Port: 445 TCP Blocked	2020-09-20 18:08:42
111.72.196.154	attackbots	Sep 19 20:27:41 srv01 postfix/smtpd\[25017\]: warning: unknown\[111.72.196.154\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 20:27:52 srv01 postfix/smtpd\[25017\]: warning: unknown\[111.72.196.154\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 20:28:08 srv01 postfix/smtpd\[25017\]: warning: unknown\[111.72.196.154\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 20:28:28 srv01 postfix/smtpd\[25017\]: warning: unknown\[111.72.196.154\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 20:28:40 srv01 postfix/smtpd\[25017\]: warning: unknown\[111.72.196.154\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-20 18:09:04
105.163.44.211	attackbots	$f2bV_matches	2020-09-20 18:02:21
180.166.240.99	attack	Sep 20 06:28:32 ns382633 sshd\[18968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 user=root Sep 20 06:28:34 ns382633 sshd\[18968\]: Failed password for root from 180.166.240.99 port 59174 ssh2 Sep 20 06:43:01 ns382633 sshd\[21707\]: Invalid user admin1 from 180.166.240.99 port 50238 Sep 20 06:43:01 ns382633 sshd\[21707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 Sep 20 06:43:03 ns382633 sshd\[21707\]: Failed password for invalid user admin1 from 180.166.240.99 port 50238 ssh2	2020-09-20 18:12:33
14.161.45.187	attackbots	Invalid user tester from 14.161.45.187 port 35104	2020-09-20 18:04:22

Recently Reported IPs

86.208.76.210	185.153.219.228	24.130.253.123	127.199.31.244
32.153.115.216	209.93.151.69	116.179.181.159	130.145.29.208
73.242.29.231	140.17.53.192	217.231.242.81	64.196.76.164
55.141.240.242	247.182.170.81	169.93.180.102	137.120.192.111
124.29.212.187	52.29.65.114	220.107.181.195	28.189.227.231