85.192.138.149

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC VolgaTelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 20 15:30:27 buvik sshd[29036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Aug 20 15:30:29 buvik sshd[29036]: Failed password for invalid user francis from 85.192.138.149 port 58282 ssh2 Aug 20 15:32:50 buvik sshd[29268]: Invalid user nathan from 85.192.138.149 ...	2020-08-20 21:57:08
attack	Invalid user gk from 85.192.138.149 port 36396	2020-08-20 17:35:45
attackbots	Invalid user gk from 85.192.138.149 port 36396	2020-08-19 15:53:43
attack	Aug 17 20:26:46 lunarastro sshd[18918]: Failed password for mysql from 85.192.138.149 port 54344 ssh2 Aug 17 20:33:15 lunarastro sshd[19211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Aug 17 20:33:17 lunarastro sshd[19211]: Failed password for invalid user cent from 85.192.138.149 port 60262 ssh2	2020-08-18 02:56:54
attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-08-11 04:13:06
attack	Invalid user pgadmin from 85.192.138.149 port 42838	2020-07-29 06:52:19
attack	Invalid user hgrepo from 85.192.138.149 port 54078	2020-07-21 20:19:35
attackbots	SSH Brute-Force attacks	2020-07-17 21:30:50
attackspam	Jun 22 06:38:37 serwer sshd\[1642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 user=root Jun 22 06:38:40 serwer sshd\[1642\]: Failed password for root from 85.192.138.149 port 40988 ssh2 Jun 22 06:47:39 serwer sshd\[3011\]: User ftpuser from 85.192.138.149 not allowed because not listed in AllowUsers Jun 22 06:47:39 serwer sshd\[3011\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 user=ftpuser ...	2020-06-22 15:06:03
attack	2020-06-15 00:34:50,474 fail2ban.actions: WARNING [ssh] Ban 85.192.138.149	2020-06-15 07:27:59
attackbots	Jun 13 05:59:38 dignus sshd[9466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 user=root Jun 13 05:59:40 dignus sshd[9466]: Failed password for root from 85.192.138.149 port 56386 ssh2 Jun 13 06:03:29 dignus sshd[9837]: Invalid user zabbix from 85.192.138.149 port 56164 Jun 13 06:03:29 dignus sshd[9837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Jun 13 06:03:31 dignus sshd[9837]: Failed password for invalid user zabbix from 85.192.138.149 port 56164 ssh2 ...	2020-06-13 21:11:03
attackbotsspam	fail2ban -- 85.192.138.149 ...	2020-06-09 23:58:49
attackspam	Jun 3 11:37:43 inter-technics sshd[3810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 user=root Jun 3 11:37:44 inter-technics sshd[3810]: Failed password for root from 85.192.138.149 port 48698 ssh2 Jun 3 11:41:21 inter-technics sshd[4131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 user=root Jun 3 11:41:24 inter-technics sshd[4131]: Failed password for root from 85.192.138.149 port 51800 ssh2 Jun 3 11:44:58 inter-technics sshd[4310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 user=root Jun 3 11:45:00 inter-technics sshd[4310]: Failed password for root from 85.192.138.149 port 54914 ssh2 ...	2020-06-03 19:59:11
attackspambots	Jun 2 19:17:48 vpn01 sshd[9472]: Failed password for root from 85.192.138.149 port 46486 ssh2 ...	2020-06-03 04:09:18
attackbotsspam	(sshd) Failed SSH login from 85.192.138.149 (RU/Russia/85-192-138-149.dsl.esoo.ru): 5 in the last 3600 secs	2020-05-21 18:25:32
attackbots	fail2ban -- 85.192.138.149 ...	2020-05-09 16:39:16
attack	May 4 11:08:45 scw-6657dc sshd[17004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 May 4 11:08:45 scw-6657dc sshd[17004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 May 4 11:08:47 scw-6657dc sshd[17004]: Failed password for invalid user vhd from 85.192.138.149 port 48326 ssh2 ...	2020-05-04 20:15:34
attack	Apr 15 04:00:02 *** sshd[3870]: User root from 85.192.138.149 not allowed because not listed in AllowUsers	2020-04-15 12:03:15
attackspambots	$f2bV_matches	2020-04-14 05:44:54
attackbotsspam	Invalid user user from 85.192.138.149 port 34888	2020-04-12 17:02:24
attackbotsspam	SSH invalid-user multiple login try	2020-04-08 08:45:43
attackbotsspam	Invalid user mindy from 85.192.138.149 port 38182	2020-04-02 21:54:15
attack	(sshd) Failed SSH login from 85.192.138.149 (RU/Russia/85-192-138-149.dsl.esoo.ru): 5 in the last 3600 secs	2020-03-20 12:34:05
attackbotsspam	fail2ban -- 85.192.138.149 ...	2020-03-18 19:54:27
attack	Mar 17 19:16:42 srv-ubuntu-dev3 sshd[83909]: Invalid user at from 85.192.138.149 Mar 17 19:16:42 srv-ubuntu-dev3 sshd[83909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Mar 17 19:16:42 srv-ubuntu-dev3 sshd[83909]: Invalid user at from 85.192.138.149 Mar 17 19:16:45 srv-ubuntu-dev3 sshd[83909]: Failed password for invalid user at from 85.192.138.149 port 53842 ssh2 Mar 17 19:19:15 srv-ubuntu-dev3 sshd[84298]: Invalid user its from 85.192.138.149 Mar 17 19:19:15 srv-ubuntu-dev3 sshd[84298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Mar 17 19:19:15 srv-ubuntu-dev3 sshd[84298]: Invalid user its from 85.192.138.149 Mar 17 19:19:16 srv-ubuntu-dev3 sshd[84298]: Failed password for invalid user its from 85.192.138.149 port 44510 ssh2 Mar 17 19:21:53 srv-ubuntu-dev3 sshd[84769]: Invalid user remote from 85.192.138.149 ...	2020-03-18 02:48:46
attackbots	Feb 28 17:02:26 v22019058497090703 sshd[6443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Feb 28 17:02:28 v22019058497090703 sshd[6443]: Failed password for invalid user hadoop from 85.192.138.149 port 35718 ssh2 ...	2020-02-29 00:45:17
attackbots	T: f2b ssh aggressive 3x	2020-02-17 00:29:19
attackbotsspam	Feb 9 21:57:37 web9 sshd\[10627\]: Invalid user gte from 85.192.138.149 Feb 9 21:57:37 web9 sshd\[10627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Feb 9 21:57:39 web9 sshd\[10627\]: Failed password for invalid user gte from 85.192.138.149 port 55350 ssh2 Feb 9 21:59:30 web9 sshd\[10873\]: Invalid user kgh from 85.192.138.149 Feb 9 21:59:30 web9 sshd\[10873\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149	2020-02-10 16:48:41
attackbotsspam	Feb 9 08:18:38 sd-53420 sshd\[30386\]: Invalid user knu from 85.192.138.149 Feb 9 08:18:38 sd-53420 sshd\[30386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Feb 9 08:18:40 sd-53420 sshd\[30386\]: Failed password for invalid user knu from 85.192.138.149 port 51662 ssh2 Feb 9 08:21:45 sd-53420 sshd\[30698\]: Invalid user icn from 85.192.138.149 Feb 9 08:21:45 sd-53420 sshd\[30698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 ...	2020-02-09 15:28:26
attackspam	Jan 11 14:19:48 mail sshd[20220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 user=root Jan 11 14:19:50 mail sshd[20220]: Failed password for root from 85.192.138.149 port 42980 ssh2 Jan 11 14:21:34 mail sshd[23329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 user=root Jan 11 14:21:37 mail sshd[23329]: Failed password for root from 85.192.138.149 port 57486 ssh2 Jan 11 14:23:07 mail sshd[25463]: Invalid user test from 85.192.138.149 ...	2020-01-12 01:29:22

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.192.138.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51818
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.192.138.149.			IN	A

;; AUTHORITY SECTION:
.			214	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121800 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 18 14:01:05 CST 2019
;; MSG SIZE  rcvd: 118

Host info

149.138.192.85.in-addr.arpa domain name pointer 85-192-138-149.dsl.esoo.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.138.192.85.in-addr.arpa	name = 85-192-138-149.dsl.esoo.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
47.206.92.216	attackspam	Brute Force attempt on usernames and passwords	2020-09-16 22:17:52
119.45.130.236	attack	Repeated RDP login failures. Last user: Remoto	2020-09-16 22:28:18
179.209.101.93	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-16 22:11:38
152.136.110.35	attackbotsspam	Lines containing failures of 152.136.110.35 Sep 15 18:31:49 shared12 sshd[9453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.110.35 user=r.r Sep 15 18:31:51 shared12 sshd[9453]: Failed password for r.r from 152.136.110.35 port 36258 ssh2 Sep 15 18:31:52 shared12 sshd[9453]: Received disconnect from 152.136.110.35 port 36258:11: Bye Bye [preauth] Sep 15 18:31:52 shared12 sshd[9453]: Disconnected from authenticating user r.r 152.136.110.35 port 36258 [preauth] Sep 15 18:42:38 shared12 sshd[13095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.110.35 user=r.r Sep 15 18:42:40 shared12 sshd[13095]: Failed password for r.r from 152.136.110.35 port 54240 ssh2 Sep 15 18:42:41 shared12 sshd[13095]: Received disconnect from 152.136.110.35 port 54240:11: Bye Bye [preauth] Sep 15 18:42:41 shared12 sshd[13095]: Disconnected from authenticating user r.r 152.136.110.35 port 54240 [pr........ ------------------------------	2020-09-16 22:25:49
200.58.79.209	attackbots	Repeated RDP login failures. Last user: Tablet	2020-09-16 22:37:13
74.62.86.11	attackspam	Brute Force attempt on usernames and passwords	2020-09-16 22:33:28
189.5.4.159	attackspam	Repeated RDP login failures. Last user: Administrador	2020-09-16 22:21:10
113.160.148.86	attack	RDP Bruteforce	2020-09-16 22:29:10
103.111.81.58	attack	RDPBrutePap24	2020-09-16 22:30:55
89.248.171.134	attack	Port-scan: detected 367 distinct ports within a 24-hour window.	2020-09-16 22:06:36
181.67.128.251	attack	RDP Bruteforce	2020-09-16 22:23:18
164.90.208.135	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-16 21:59:58
61.84.196.50	attackbots	Invalid user linux from 61.84.196.50 port 44964	2020-09-16 21:59:11
149.56.28.100	attack	Port scan denied	2020-09-16 22:03:52
190.152.245.102	attackbotsspam	RDP Bruteforce	2020-09-16 22:40:07

Recently Reported IPs

3.209.83.101	123.185.123.30	18.232.1.62	184.75.208.140
146.185.152.182	70.161.255.146	153.139.239.41	217.8.44.38
197.216.4.34	185.158.9.91	51.252.194.123	189.107.193.158
178.125.154.111	159.192.218.45	113.137.33.40	112.85.199.83
123.71.1.49	41.221.161.14	178.44.230.138	201.175.202.254