85.138.251.189

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.138.251.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20937
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;85.138.251.189.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020400 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 15:08:01 CST 2025
;; MSG SIZE  rcvd: 107

Host info

189.251.138.85.in-addr.arpa domain name pointer a85-138-251-189.cpe.netcabo.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
189.251.138.85.in-addr.arpa	name = a85-138-251-189.cpe.netcabo.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
147.75.199.49	attack	Nov 6 12:03:00 new sshd[7035]: reveeclipse mapping checking getaddrinfo for virl-03 [147.75.199.49] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 6 12:03:00 new sshd[7035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.75.199.49 user=r.r Nov 6 12:03:02 new sshd[7035]: Failed password for r.r from 147.75.199.49 port 33058 ssh2 Nov 6 12:03:02 new sshd[7035]: Received disconnect from 147.75.199.49: 11: Bye Bye [preauth] Nov 6 12:18:14 new sshd[11067]: reveeclipse mapping checking getaddrinfo for virl-03 [147.75.199.49] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 6 12:18:14 new sshd[11067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.75.199.49 user=r.r Nov 6 12:18:16 new sshd[11067]: Failed password for r.r from 147.75.199.49 port 50552 ssh2 Nov 6 12:18:16 new sshd[11067]: Received disconnect from 147.75.199.49: 11: Bye Bye [preauth] Nov 6 12:21:58 new sshd[12174]: reveeclipse map........ -------------------------------	2019-11-08 17:34:06
104.155.47.43	attackbotsspam	POST /wp-login.php HTTP/1.1 200 1827 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0	2019-11-08 17:39:44
116.196.93.89	attack	Nov 8 10:12:06 ovpn sshd\[19902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.93.89 user=root Nov 8 10:12:09 ovpn sshd\[19902\]: Failed password for root from 116.196.93.89 port 32880 ssh2 Nov 8 10:22:04 ovpn sshd\[21866\]: Invalid user markes from 116.196.93.89 Nov 8 10:22:04 ovpn sshd\[21866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.93.89 Nov 8 10:22:05 ovpn sshd\[21866\]: Failed password for invalid user markes from 116.196.93.89 port 37794 ssh2	2019-11-08 18:01:40
142.93.201.168	attackspam	SSH Bruteforce attempt	2019-11-08 17:31:39
213.149.103.132	attackbots	masters-of-media.de 213.149.103.132 \[08/Nov/2019:07:56:40 +0100\] "POST /wp-login.php HTTP/1.1" 200 5855 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" masters-of-media.de 213.149.103.132 \[08/Nov/2019:07:56:40 +0100\] "POST /wp-login.php HTTP/1.1" 200 5811 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-08 17:49:29
49.235.84.51	attackbots	2019-11-08T07:47:51.513084shield sshd\[8325\]: Invalid user HWbss123 from 49.235.84.51 port 39900 2019-11-08T07:47:51.517461shield sshd\[8325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.84.51 2019-11-08T07:47:53.531969shield sshd\[8325\]: Failed password for invalid user HWbss123 from 49.235.84.51 port 39900 ssh2 2019-11-08T07:51:46.358684shield sshd\[9013\]: Invalid user P4rol41qaz from 49.235.84.51 port 45616 2019-11-08T07:51:46.364945shield sshd\[9013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.84.51	2019-11-08 17:33:22
117.6.128.23	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-08 17:58:31
189.8.68.56	attack	Nov 8 10:12:22 icinga sshd[14826]: Failed password for root from 189.8.68.56 port 43070 ssh2 ...	2019-11-08 17:51:18
38.105.230.91	attack	3389BruteforceStormFW22	2019-11-08 18:02:28
193.70.32.148	attack	2019-11-08T07:53:20.250401shield sshd\[9231\]: Invalid user Gabrielle from 193.70.32.148 port 52494 2019-11-08T07:53:20.254715shield sshd\[9231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3058468.ip-193-70-32.eu 2019-11-08T07:53:21.774473shield sshd\[9231\]: Failed password for invalid user Gabrielle from 193.70.32.148 port 52494 ssh2 2019-11-08T07:56:51.323757shield sshd\[9627\]: Invalid user senate from 193.70.32.148 port 34028 2019-11-08T07:56:51.328342shield sshd\[9627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3058468.ip-193-70-32.eu	2019-11-08 18:04:31
103.14.111.18	attackbotsspam	Nov 6 07:32:11 mxgate1 postfix/postscreen[20497]: CONNECT from [103.14.111.18]:56770 to [176.31.12.44]:25 Nov 6 07:32:11 mxgate1 postfix/dnsblog[20502]: addr 103.14.111.18 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 6 07:32:11 mxgate1 postfix/dnsblog[20499]: addr 103.14.111.18 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 6 07:32:11 mxgate1 postfix/dnsblog[20500]: addr 103.14.111.18 listed by domain bl.spamcop.net as 127.0.0.2 Nov 6 07:32:11 mxgate1 postfix/dnsblog[20498]: addr 103.14.111.18 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 6 07:32:11 mxgate1 postfix/dnsblog[20501]: addr 103.14.111.18 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 6 07:32:12 mxgate1 postfix/postscreen[20497]: PREGREET 22 after 0.28 from [103.14.111.18]:56770: EHLO [103.14.111.18] Nov 6 07:32:12 mxgate1 postfix/postscreen[20497]: DNSBL rank 6 for [103.14.111.18]:56770 Nov x@x Nov 6 07:32:12 mxgate1 postfix/postscreen[20497]: HANGUP after 0.87 from [103......... -------------------------------	2019-11-08 17:28:43
102.152.28.111	attack	Nov 7 02:32:37 rdssrv1 sshd[11613]: Failed password for r.r from 102.152.28.111 port 51080 ssh2 Nov 7 02:32:40 rdssrv1 sshd[11613]: Failed password for r.r from 102.152.28.111 port 51080 ssh2 Nov 7 02:32:42 rdssrv1 sshd[11613]: Failed password for r.r from 102.152.28.111 port 51080 ssh2 Nov 7 02:32:43 rdssrv1 sshd[11613]: Failed password for r.r from 102.152.28.111 port 51080 ssh2 Nov 7 02:32:46 rdssrv1 sshd[11613]: Failed password for r.r from 102.152.28.111 port 51080 ssh2 Nov 7 02:32:48 rdssrv1 sshd[11613]: Failed password for r.r from 102.152.28.111 port 51080 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=102.152.28.111	2019-11-08 18:05:00
178.128.255.8	attackbotsspam	178.128.255.8 was recorded 5 times by 5 hosts attempting to connect to the following ports: 1597. Incident counter (4h, 24h, all-time): 5, 31, 99	2019-11-08 17:52:15
159.89.169.109	attackspambots	2019-11-08T06:27:19.956337abusebot-5.cloudsearch.cf sshd\[28609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.169.109 user=root	2019-11-08 17:32:00
179.181.248.74	attackspambots	Honeypot attack, port: 23, PTR: 179.181.248.74.dynamic.adsl.gvt.net.br.	2019-11-08 17:41:15

Recently Reported IPs

231.94.195.30	230.132.173.128	188.245.148.14	160.42.75.150
30.12.244.228	28.192.160.138	155.137.83.6	188.129.111.39
216.14.148.137	99.197.228.68	206.184.228.92	40.72.176.97
214.33.101.200	130.162.119.4	108.173.243.120	157.42.207.62
132.52.183.104	44.101.81.58	98.39.41.169	139.158.50.49