Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Norway

Internet Service Provider: Telenor Norge AS

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:
Type Details Datetime
attackbotsspam
Lines containing failures of 85.164.29.199
/var/log/apache/pucorp.org.log.1:Feb  9 10:02:37 server01 postfix/smtpd[17253]: connect from ti0197a430-0707.bb.online.no[85.164.29.199]
/var/log/apache/pucorp.org.log.1:Feb x@x
/var/log/apache/pucorp.org.log.1:Feb x@x
/var/log/apache/pucorp.org.log.1:Feb  9 10:02:37 server01 postfix/policy-spf[17263]: : Policy action=PREPEND Received-SPF: none (att.net: No applicable sender policy available) receiver=x@x
/var/log/apache/pucorp.org.log.1:Feb x@x
/var/log/apache/pucorp.org.log.1:Feb  9 10:02:40 server01 postfix/smtpd[17253]: lost connection after DATA from ti0197a430-0707.bb.online.no[85.164.29.199]
/var/log/apache/pucorp.org.log.1:Feb  9 10:02:40 server01 postfix/smtpd[17253]: disconnect from ti0197a430-0707.bb.online.no[85.164.29.199]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=85.164.29.199
2020-02-17 02:09:24
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.164.29.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20532
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.164.29.199.			IN	A

;; AUTHORITY SECTION:
.			477	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021600 1800 900 604800 86400

;; Query time: 244 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 02:09:18 CST 2020
;; MSG SIZE  rcvd: 117
Host info
199.29.164.85.in-addr.arpa domain name pointer ti0197a430-0707.bb.online.no.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
199.29.164.85.in-addr.arpa	name = ti0197a430-0707.bb.online.no.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
184.105.139.67 attack
Unauthorized connection attempt detected from IP address 184.105.139.67 to port 3389
2020-04-12 18:13:00
159.65.154.48 attack
2020-04-12 05:49:37,529 fail2ban.actions: WARNING [ssh] Ban 159.65.154.48
2020-04-12 18:31:17
101.234.76.77 attackspam
firewall-block, port(s): 1433/tcp
2020-04-12 18:14:19
59.120.227.134 attackbotsspam
2020-04-12T12:00:45.606711centos sshd[498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.120.227.134  user=root
2020-04-12T12:00:47.884442centos sshd[498]: Failed password for root from 59.120.227.134 port 60744 ssh2
2020-04-12T12:04:23.777608centos sshd[764]: Invalid user UBNT from 59.120.227.134 port 37838
...
2020-04-12 18:37:24
51.15.129.164 attackspambots
$f2bV_matches
2020-04-12 17:59:56
49.145.227.117 attack
scamming impersonating piece of useless 30 virgin. only thing can do is hack steam accounts and steal people's items.
2020-04-12 18:13:34
49.149.255.4 attackbotsspam
Unauthorized connection attempt detected from IP address 49.149.255.4 to port 445
2020-04-12 17:59:20
122.224.220.140 attackspambots
prod3
...
2020-04-12 18:39:13
141.98.81.99 attackbots
2020-04-11 UTC: (3x) - Administrator(2x),root
2020-04-12 17:56:19
162.243.131.31 attack
firewall-block, port(s): 102/tcp
2020-04-12 18:13:59
173.252.87.3 attack
[Sun Apr 12 10:50:15.307549 2020] [:error] [pid 3625:tid 140295004800768] [client 173.252.87.3:48640] [client 173.252.87.3] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/IcoMoon.woff"] [unique_id "XpKP96LL@8cf6BWsPUlIZwAAAAE"]
...
2020-04-12 18:05:31
148.228.19.2 attack
Apr 12 12:24:40 prod4 sshd\[2560\]: Invalid user ftp_user from 148.228.19.2
Apr 12 12:24:43 prod4 sshd\[2560\]: Failed password for invalid user ftp_user from 148.228.19.2 port 38834 ssh2
Apr 12 12:29:14 prod4 sshd\[3853\]: Failed password for root from 148.228.19.2 port 46698 ssh2
...
2020-04-12 18:34:28
177.44.208.107 attackbots
Apr 12 09:47:28 powerpi2 sshd[21384]: Failed password for invalid user layer from 177.44.208.107 port 37480 ssh2
Apr 12 09:53:55 powerpi2 sshd[21736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.44.208.107  user=root
Apr 12 09:53:57 powerpi2 sshd[21736]: Failed password for root from 177.44.208.107 port 45032 ssh2
...
2020-04-12 18:21:23
104.236.33.155 attackspam
2020-04-11 UTC: (40x) - 1q2w3e4r5t6y,admin,dasusr1,http,kathy,knilesh,mirror,mysql,perriman,root(28x),rubira,su,uucp
2020-04-12 18:33:21
180.76.236.65 attackbotsspam
Apr 12 09:08:00 marvibiene sshd[18406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.236.65  user=root
Apr 12 09:08:02 marvibiene sshd[18406]: Failed password for root from 180.76.236.65 port 53946 ssh2
Apr 12 09:22:48 marvibiene sshd[18560]: Invalid user mzi from 180.76.236.65 port 35430
...
2020-04-12 17:58:45

Recently Reported IPs

116.9.99.103 10.192.15.69 31.9.8.216 2.23.250.111
0.232.8.120 51.178.151.50 138.9.213.11 187.32.242.217
172.230.29.64 185.103.255.37 111.251.45.102 192.241.233.164
185.103.255.190 50.62.177.231 182.113.186.229 222.52.99.155
183.235.185.207 185.103.254.82 72.130.219.49 185.103.248.158