85.99.239.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Turkey

Internet Service Provider: Turk Telekomunikasyon Anonim Sirketi

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08031054)	2019-08-03 21:04:58
attackbots	445/tcp [2019-07-24]1pkt	2019-07-25 04:55:56

Comments on same subnet:

IP	Type	Details	Datetime
85.99.239.56	attackbots	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	2019-07-01 09:21:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.99.239.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5761
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.99.239.34.			IN	A

;; AUTHORITY SECTION:
.			1288	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072401 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 04:55:50 CST 2019
;; MSG SIZE  rcvd: 116

Host info

34.239.99.85.in-addr.arpa domain name pointer 85.99.239.34.static.ttnet.com.tr.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
34.239.99.85.in-addr.arpa	name = 85.99.239.34.static.ttnet.com.tr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
194.44.230.115	attack	proto=tcp . spt=34291 . dpt=25 . (listed on Blocklist de Jul 31) (491)	2019-08-02 00:53:35
84.120.41.118	attack	2019-08-01T17:11:00.083144abusebot-2.cloudsearch.cf sshd\[19453\]: Invalid user francis from 84.120.41.118 port 37412	2019-08-02 01:20:23
1.202.91.252	attack	Aug 1 16:10:43 debian sshd\[9443\]: Invalid user webhost from 1.202.91.252 port 14853 Aug 1 16:10:43 debian sshd\[9443\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.202.91.252 ...	2019-08-01 23:17:28
182.73.47.154	attackspam	Apr 21 04:08:02 vtv3 sshd\[31762\]: Invalid user sftp from 182.73.47.154 port 59442 Apr 21 04:08:02 vtv3 sshd\[31762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.73.47.154 Apr 21 04:08:04 vtv3 sshd\[31762\]: Failed password for invalid user sftp from 182.73.47.154 port 59442 ssh2 Apr 21 04:15:55 vtv3 sshd\[3429\]: Invalid user aleo from 182.73.47.154 port 53360 Apr 21 04:15:55 vtv3 sshd\[3429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.73.47.154 Jul 7 20:40:02 vtv3 sshd\[27072\]: Invalid user nx from 182.73.47.154 port 39316 Jul 7 20:40:02 vtv3 sshd\[27072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.73.47.154 Jul 7 20:40:04 vtv3 sshd\[27072\]: Failed password for invalid user nx from 182.73.47.154 port 39316 ssh2 Jul 7 20:42:19 vtv3 sshd\[28377\]: Invalid user farmacia from 182.73.47.154 port 57934 Jul 7 20:42:19 vtv3 sshd\[28377\]: pam_unix\(ssh	2019-08-02 00:12:16
54.39.148.234	attack	Automatic report - Banned IP Access	2019-08-01 23:44:34
106.13.47.252	attackbots	Aug 1 14:27:50 ip-172-31-1-72 sshd\[17413\]: Invalid user chen from 106.13.47.252 Aug 1 14:27:50 ip-172-31-1-72 sshd\[17413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.47.252 Aug 1 14:27:52 ip-172-31-1-72 sshd\[17413\]: Failed password for invalid user chen from 106.13.47.252 port 38344 ssh2 Aug 1 14:31:15 ip-172-31-1-72 sshd\[17448\]: Invalid user postgres from 106.13.47.252 Aug 1 14:31:15 ip-172-31-1-72 sshd\[17448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.47.252	2019-08-01 23:23:42
23.129.64.185	attackspambots	Aug 1 17:15:04 vpn01 sshd\[15067\]: Invalid user myshake from 23.129.64.185 Aug 1 17:15:04 vpn01 sshd\[15067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.185 Aug 1 17:15:06 vpn01 sshd\[15067\]: Failed password for invalid user myshake from 23.129.64.185 port 47766 ssh2	2019-08-01 23:47:51
46.8.220.126	attack	WordPress wp-login brute force :: 46.8.220.126 0.188 BYPASS [02/Aug/2019:00:33:45 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-01 23:16:16
148.70.84.130	attack	Automatic report - Banned IP Access	2019-08-02 01:27:06
18.138.76.240	attackspambots	Aug 1 15:24:53 MK-Soft-Root2 sshd\[20958\]: Invalid user elbe from 18.138.76.240 port 60534 Aug 1 15:24:53 MK-Soft-Root2 sshd\[20958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.138.76.240 Aug 1 15:24:56 MK-Soft-Root2 sshd\[20958\]: Failed password for invalid user elbe from 18.138.76.240 port 60534 ssh2 ...	2019-08-01 23:40:53
81.22.45.150	attackspam	Aug 1 16:47:50 h2177944 kernel: \[2994807.726073\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.150 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=50563 PROTO=TCP SPT=52686 DPT=9656 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 1 16:52:25 h2177944 kernel: \[2995082.551706\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.150 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=25705 PROTO=TCP SPT=52686 DPT=9447 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 1 16:55:11 h2177944 kernel: \[2995248.701147\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.150 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=54962 PROTO=TCP SPT=52686 DPT=9515 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 1 17:06:42 h2177944 kernel: \[2995939.482974\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.150 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=15233 PROTO=TCP SPT=52686 DPT=9575 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 1 17:12:28 h2177944 kernel: \[2996284.905544\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.150 DST=85.214.117.9 LEN=	2019-08-01 23:45:12
148.70.63.163	attackspambots	2019-08-01T16:26:35.387388abusebot.cloudsearch.cf sshd\[17245\]: Invalid user bush from 148.70.63.163 port 60310	2019-08-02 00:33:02
112.85.42.229	attack	08/01/2019-11:35:23.826608 112.85.42.229 Protocol: 6 SURICATA TCPv4 invalid checksum	2019-08-01 23:36:07
46.166.151.47	attackbots	\[2019-08-01 12:39:56\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-01T12:39:56.288-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00446812111465",SessionID="0x7ff4d00cdaf8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/61269",ACLName="no_extension_match" \[2019-08-01 12:42:21\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-01T12:42:21.060-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="900246812410232",SessionID="0x7ff4d00cdaf8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/58530",ACLName="no_extension_match" \[2019-08-01 12:45:02\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-01T12:45:02.853-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00946406829453",SessionID="0x7ff4d00cdaf8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/60227",ACLName="no_exten	2019-08-02 00:48:41
92.255.197.74	attackspam	proto=tcp . spt=43120 . dpt=25 . (listed on Blocklist de Jul 31) (504)	2019-08-01 23:53:46

Recently Reported IPs

78.164.120.195	46.246.223.26	185.171.24.9	5.125.116.11
186.42.225.99	150.161.8.70	37.38.224.144	189.46.144.48
205.185.116.180	102.115.190.140	73.46.116.251	185.234.218.68
203.81.71.114	207.180.192.52	124.195.168.82	217.58.186.155
171.242.11.115	218.150.220.198	170.130.187.2	138.0.145.192