85.172.89.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Rostelecom Macroregional Branch South

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 85.172.89.94 on Port 445(SMB)	2020-03-07 01:22:12

Comments on same subnet:

IP	Type	Details	Datetime
85.172.89.212	attackspambots	Port scan on 1 port(s): 445	2020-10-12 01:18:55
85.172.89.212	attackspam	Port scan on 1 port(s): 445	2020-10-11 17:10:35
85.172.89.213	attack	Unauthorized connection attempt from IP address 85.172.89.213 on Port 445(SMB)	2020-08-17 08:23:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.172.89.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63574
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.172.89.94.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030600 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 01:22:07 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 94.89.172.85.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 94.89.172.85.in-addr.arpa.: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
34.93.211.49	attack	SSH Brute-Force reported by Fail2Ban	2020-05-11 23:55:28
138.68.94.142	attackbotsspam	May 11 17:09:51 OPSO sshd\[27570\]: Invalid user deploy from 138.68.94.142 port 39868 May 11 17:09:51 OPSO sshd\[27570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 May 11 17:09:53 OPSO sshd\[27570\]: Failed password for invalid user deploy from 138.68.94.142 port 39868 ssh2 May 11 17:17:34 OPSO sshd\[28725\]: Invalid user support from 138.68.94.142 port 44447 May 11 17:17:34 OPSO sshd\[28725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142	2020-05-11 23:47:28
87.251.74.173	attackbots	firewall-block, port(s): 12027/tcp, 12075/tcp, 12083/tcp, 12105/tcp, 12109/tcp, 12274/tcp, 12285/tcp, 12409/tcp, 12410/tcp, 12524/tcp, 12541/tcp, 12576/tcp, 12802/tcp, 12865/tcp, 12936/tcp	2020-05-12 00:02:38
114.67.105.220	attack	May 11 11:09:48 vps46666688 sshd[8391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.105.220 May 11 11:09:50 vps46666688 sshd[8391]: Failed password for invalid user project from 114.67.105.220 port 51678 ssh2 ...	2020-05-12 00:28:20
37.139.1.197	attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-12 00:00:13
51.91.212.79	attackbotsspam	firewall-block, port(s): 111/tcp, 530/tcp, 6379/tcp, 7474/tcp, 9333/tcp	2020-05-12 00:27:36
185.143.75.81	attack	"fail2ban match"	2020-05-12 00:19:37
59.80.40.147	attackspam	May 11 14:05:36 prox sshd[31032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.80.40.147 May 11 14:05:38 prox sshd[31032]: Failed password for invalid user mat from 59.80.40.147 port 58490 ssh2	2020-05-12 00:05:40
87.251.74.164	attackbotsspam	May 11 17:43:18 debian-2gb-nbg1-2 kernel: \[11470665.522637\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.164 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=19740 PROTO=TCP SPT=59185 DPT=12127 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-11 23:58:02
218.92.0.208	attackbots	May 11 17:29:34 server sshd[1746]: Failed password for root from 218.92.0.208 port 55954 ssh2 May 11 17:29:36 server sshd[1746]: Failed password for root from 218.92.0.208 port 55954 ssh2 May 11 17:29:39 server sshd[1746]: Failed password for root from 218.92.0.208 port 55954 ssh2	2020-05-11 23:52:02
151.101.38.214	attackspambots	05/11/2020-18:20:35.907440 151.101.38.214 Protocol: 6 SURICATA TLS invalid record/traffic	2020-05-12 00:23:55
51.75.66.142	attack	May 11 10:35:01 NPSTNNYC01T sshd[2521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.66.142 May 11 10:35:03 NPSTNNYC01T sshd[2521]: Failed password for invalid user cola from 51.75.66.142 port 51730 ssh2 May 11 10:38:57 NPSTNNYC01T sshd[2923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.66.142 ...	2020-05-12 00:14:27
144.217.86.183	attackbots	May 11 20:55:26 gw1 sshd[30559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.86.183 May 11 20:55:28 gw1 sshd[30559]: Failed password for invalid user line1 from 144.217.86.183 port 39946 ssh2 ...	2020-05-12 00:27:10
165.22.215.163	attack	Lines containing failures of 165.22.215.163 May 11 13:19:42 * sshd[116967]: Invalid user api from 165.22.215.163 port 53050 May 11 13:19:42 * sshd[116967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.215.163 May 11 13:19:45 * sshd[116967]: Failed password for invalid user api from 165.22.215.163 port 53050 ssh2 May 11 13:19:45 * sshd[116967]: Received disconnect from 165.22.215.163 port 53050:11: Bye Bye [preauth] May 11 13:19:45 * sshd[116967]: Disconnected from invalid user api 165.22.215.163 port 53050 [preauth] May 11 13:24:52 * sshd[117471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.215.163 user=r.r May 11 13:24:55 * sshd[117471]: Failed password for r.r from 165.22.215.163 port 57420 ssh2 May 11 13:24:55 * sshd[117471]: Received disconnect from 165.22.215.163 port 57420:11: Bye Bye [preauth] May 11 13:24:55 *** sshd[117471]: Disconnected from aut........ ------------------------------	2020-05-12 00:25:23
125.124.193.237	attackbotsspam	May 11 14:11:05 scw-6657dc sshd[818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.193.237 May 11 14:11:05 scw-6657dc sshd[818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.193.237 May 11 14:11:07 scw-6657dc sshd[818]: Failed password for invalid user weblogic from 125.124.193.237 port 34590 ssh2 ...	2020-05-12 00:04:49

Recently Reported IPs

81.22.30.237	104.129.8.215	213.142.9.110	103.53.45.6
197.51.143.150	176.59.132.49	119.152.196.28	66.175.189.208
39.108.52.114	192.241.225.93	189.60.169.32	178.217.56.163
153.179.91.178	138.219.216.17	81.29.101.140	45.117.67.199
178.234.85.192	2.135.177.248	183.15.120.147	202.141.225.37