158.249.231.85

Basic Info

City: Floreşti

Region: Prahova

Country: Romania

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.249.231.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17021
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;158.249.231.85.			IN	A

;; AUTHORITY SECTION:
.			335	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022072202 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 23 08:55:57 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 85.231.249.158.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 85.231.249.158.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.239.253.145	attack	Nov 29 10:05:29 eola postfix/smtpd[18002]: connect from unknown[116.239.253.145] Nov 29 10:05:29 eola postfix/smtpd[18002]: lost connection after AUTH from unknown[116.239.253.145] Nov 29 10:05:29 eola postfix/smtpd[18002]: disconnect from unknown[116.239.253.145] ehlo=1 auth=0/1 commands=1/2 Nov 29 10:05:30 eola postfix/smtpd[18002]: connect from unknown[116.239.253.145] Nov 29 10:05:33 eola postfix/smtpd[18002]: lost connection after AUTH from unknown[116.239.253.145] Nov 29 10:05:33 eola postfix/smtpd[18002]: disconnect from unknown[116.239.253.145] ehlo=1 auth=0/1 commands=1/2 Nov 29 10:05:34 eola postfix/smtpd[18002]: connect from unknown[116.239.253.145] Nov 29 10:05:37 eola postfix/smtpd[18002]: lost connection after AUTH from unknown[116.239.253.145] Nov 29 10:05:37 eola postfix/smtpd[18002]: disconnect from unknown[116.239.253.145] ehlo=1 auth=0/1 commands=1/2 Nov 29 10:05:38 eola postfix/smtpd[18002]: connect from unknown[116.239.253.145] Nov 29 10:05:39 eola ........ -------------------------------	2019-11-29 23:46:34
217.27.219.14	attackbots	Unauthorized connection attempt from IP address 217.27.219.14 on Port 25(SMTP)	2019-11-29 23:31:30
106.53.75.212	attackbots	Nov 29 16:26:12 legacy sshd[11545]: Failed password for root from 106.53.75.212 port 42034 ssh2 Nov 29 16:32:28 legacy sshd[11671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.75.212 Nov 29 16:32:30 legacy sshd[11671]: Failed password for invalid user goutte from 106.53.75.212 port 45558 ssh2 ...	2019-11-29 23:44:03
63.143.57.30	attackspam	Nov 29 16:12:24 h2177944 kernel: \[7915619.002167\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=10753 DF PROTO=TCP SPT=10127 DPT=8009 WINDOW=512 RES=0x00 SYN URGP=0 Nov 29 16:13:07 h2177944 kernel: \[7915662.666156\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=10753 DF PROTO=TCP SPT=10129 DPT=8013 WINDOW=512 RES=0x00 SYN URGP=0 Nov 29 16:13:22 h2177944 kernel: \[7915677.008298\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=10753 DF PROTO=TCP SPT=10130 DPT=8888 WINDOW=512 RES=0x00 SYN URGP=0 Nov 29 16:13:39 h2177944 kernel: \[7915694.469446\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=10753 DF PROTO=TCP SPT=10131 DPT=16001 WINDOW=512 RES=0x00 SYN URGP=0 Nov 29 16:13:56 h2177944 kernel: \[7915711.025414\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=63.143.57.30 DST=85.214.1	2019-11-29 23:37:48
101.89.166.204	attackbotsspam	Nov 29 15:29:18 124388 sshd[30068]: Invalid user ooi from 101.89.166.204 port 38538 Nov 29 15:29:18 124388 sshd[30068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.166.204 Nov 29 15:29:18 124388 sshd[30068]: Invalid user ooi from 101.89.166.204 port 38538 Nov 29 15:29:21 124388 sshd[30068]: Failed password for invalid user ooi from 101.89.166.204 port 38538 ssh2 Nov 29 15:34:11 124388 sshd[30074]: Invalid user thewalt from 101.89.166.204 port 41888	2019-11-29 23:48:47
185.175.93.19	attackbotsspam	Nov 29 16:10:07 h2177944 kernel: \[7915482.682660\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.175.93.19 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=39469 PROTO=TCP SPT=51897 DPT=3842 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 29 16:11:12 h2177944 kernel: \[7915546.948808\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.175.93.19 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=56060 PROTO=TCP SPT=51897 DPT=3940 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 29 16:11:17 h2177944 kernel: \[7915552.224744\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.175.93.19 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=20194 PROTO=TCP SPT=51897 DPT=3760 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 29 16:11:40 h2177944 kernel: \[7915575.047094\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.175.93.19 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=35982 PROTO=TCP SPT=51897 DPT=4001 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 29 16:14:14 h2177944 kernel: \[7915729.216835\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.175.93.19 DST=85.214.117.9	2019-11-29 23:24:40
5.148.3.212	attackbotsspam	Nov 29 17:27:53 server sshd\[19242\]: Invalid user hung from 5.148.3.212 port 53264 Nov 29 17:27:53 server sshd\[19242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212 Nov 29 17:27:56 server sshd\[19242\]: Failed password for invalid user hung from 5.148.3.212 port 53264 ssh2 Nov 29 17:32:08 server sshd\[27587\]: Invalid user server from 5.148.3.212 port 43274 Nov 29 17:32:08 server sshd\[27587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.148.3.212	2019-11-29 23:43:07
76.186.81.229	attackbotsspam	2019-11-29T15:13:51.723255abusebot.cloudsearch.cf sshd\[32392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-76-186-81-229.tx.res.rr.com user=root	2019-11-29 23:41:40
114.207.139.203	attack	2019-11-29T15:18:08.145015abusebot-7.cloudsearch.cf sshd\[6011\]: Invalid user santamaria from 114.207.139.203 port 34068	2019-11-29 23:26:24
51.140.60.221	attackspam	\[2019-11-29 10:12:21\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-29T10:12:21.464-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441603976936",SessionID="0x7f26c48e9848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.140.60.221/57260",ACLName="no_extension_match" \[2019-11-29 10:13:54\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-29T10:13:54.215-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442038075093",SessionID="0x7f26c4b0adc8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.140.60.221/53547",ACLName="no_extension_match" \[2019-11-29 10:14:28\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-29T10:14:28.640-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442922550332",SessionID="0x7f26c4a9e0e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.140.60.221/60735",ACLName="no_ex	2019-11-29 23:17:30
5.172.19.21	attackspambots	Nov 25 16:47:57 Aberdeen-m4-Access auth.info sshd[24833]: Invalid user hobby from 5.172.19.21 port 51038 Nov 25 16:47:57 Aberdeen-m4-Access auth.info sshd[24833]: Failed password for invalid user hobby from 5.172.19.21 port 51038 ssh2 Nov 25 16:47:58 Aberdeen-m4-Access auth.info sshd[24833]: Received disconnect from 5.172.19.21 port 51038:11: Bye Bye [preauth] Nov 25 16:47:58 Aberdeen-m4-Access auth.info sshd[24833]: Disconnected from 5.172.19.21 port 51038 [preauth] Nov 25 16:47:58 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "5.172.19.21" on service 100 whostnameh danger 10. Nov 25 16:47:58 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "5.172.19.21" on service 100 whostnameh danger 10. Nov 25 16:47:58 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "5.172.19.21" on service 100 whostnameh danger 10. Nov 25 16:47:58 Aberdeen-m4-Access auth.warn sshguard[12566]: Blocking "5.172.19.21/32" for 240 secs (3 attacks in 0 secs, after 2 a........ ------------------------------	2019-11-29 23:40:17
193.70.36.161	attack	Nov 29 16:24:06 SilenceServices sshd[9984]: Failed password for root from 193.70.36.161 port 33179 ssh2 Nov 29 16:30:54 SilenceServices sshd[11879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.36.161 Nov 29 16:30:56 SilenceServices sshd[11879]: Failed password for invalid user morvan from 193.70.36.161 port 50405 ssh2	2019-11-29 23:40:47
62.110.66.66	attackspam	5x Failed Password	2019-11-29 23:12:11
181.129.182.4	attackspambots	Lines containing failures of 181.129.182.4 (max 1000) Nov 29 16:05:01 server sshd[29257]: Connection from 181.129.182.4 port 36170 on 62.116.165.82 port 22 Nov 29 16:05:04 server sshd[29257]: reveeclipse mapping checking getaddrinfo for adsl-181-129-182-4.une.net.co [181.129.182.4] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 29 16:05:04 server sshd[29257]: Invalid user malachi from 181.129.182.4 port 36170 Nov 29 16:05:04 server sshd[29257]: Received disconnect from 181.129.182.4 port 36170:11: Bye Bye [preauth] Nov 29 16:05:04 server sshd[29257]: Disconnected from 181.129.182.4 port 36170 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.129.182.4	2019-11-29 23:57:09
18.219.251.116	attackspam	Lines containing failures of 18.219.251.116 Nov 29 16:05:49 shared07 sshd[14831]: Invalid user umeh from 18.219.251.116 port 53588 Nov 29 16:05:49 shared07 sshd[14831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.219.251.116 Nov 29 16:05:51 shared07 sshd[14831]: Failed password for invalid user umeh from 18.219.251.116 port 53588 ssh2 Nov 29 16:05:51 shared07 sshd[14831]: Received disconnect from 18.219.251.116 port 53588:11: Bye Bye [preauth] Nov 29 16:05:51 shared07 sshd[14831]: Disconnected from invalid user umeh 18.219.251.116 port 53588 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=18.219.251.116	2019-11-29 23:35:11

Recently Reported IPs

158.249.217.129	158.251.139.204	158.248.31.51	158.25.230.186
158.249.245.249	158.250.94.227	158.253.99.0	158.250.28.119
158.25.166.163	158.25.118.58	158.25.214.3	158.25.103.228
158.249.54.10	158.248.4.241	158.249.17.220	158.249.135.143
158.249.230.83	158.248.41.121	158.248.33.166	158.249.75.90