85.94.0.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
85.94.0.108	attackspambots	20/6/26@07:23:47: FAIL: Alarm-Network address from=85.94.0.108 ...	2020-06-27 02:22:38
85.94.0.145	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-14 02:21:41
85.94.0.119	attackspambots	Unauthorized connection attempt detected from IP address 85.94.0.119 to port 445	2019-12-27 21:16:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.94.0.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41183
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;85.94.0.149.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 06:51:20 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 149.0.94.85.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.0.94.85.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.22.45.148	attackbots	Splunk® : port scan detected: Aug 15 16:19:25 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=81.22.45.148 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=59416 PROTO=TCP SPT=53673 DPT=3253 WINDOW=1024 RES=0x00 SYN URGP=0	2019-08-16 04:19:40
213.4.33.11	attack	Aug 15 21:11:06 h2177944 sshd\[1102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.4.33.11 Aug 15 21:11:08 h2177944 sshd\[1102\]: Failed password for invalid user test from 213.4.33.11 port 40994 ssh2 Aug 15 22:11:32 h2177944 sshd\[3401\]: Invalid user jesse from 213.4.33.11 port 37414 Aug 15 22:11:32 h2177944 sshd\[3401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.4.33.11 ...	2019-08-16 04:16:06
77.247.110.53	attackspambots	Aug 15 08:14:14 spiceship sshd\[41267\]: Invalid user admin from 77.247.110.53 Aug 15 08:14:14 spiceship sshd\[41267\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.247.110.53 ...	2019-08-16 04:13:42
27.109.17.18	attack	Aug 15 21:36:06 www sshd\[29120\]: Invalid user zini from 27.109.17.18 port 51396 ...	2019-08-16 03:56:03
61.147.80.222	attackspam	Aug 15 16:16:31 XXXXXX sshd[18801]: Invalid user brightcorea from 61.147.80.222 port 56559	2019-08-16 03:58:48
18.184.103.46	attackspambots	Aug 15 18:26:11 www sshd\[16571\]: Invalid user kafka from 18.184.103.46 Aug 15 18:26:11 www sshd\[16571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.184.103.46 Aug 15 18:26:13 www sshd\[16571\]: Failed password for invalid user kafka from 18.184.103.46 port 36714 ssh2 ...	2019-08-16 04:13:17
178.32.46.58	attackspam	Remote code execution	2019-08-16 04:07:38
106.12.92.88	attack	SSH Brute-Force reported by Fail2Ban	2019-08-16 03:49:51
58.87.109.107	attack	Aug 15 17:21:31 vps sshd[24941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.109.107 Aug 15 17:21:33 vps sshd[24941]: Failed password for invalid user alex from 58.87.109.107 port 45992 ssh2 Aug 15 17:52:54 vps sshd[26274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.109.107 ...	2019-08-16 04:16:35
96.67.115.46	attackspambots	Aug 15 18:57:36 ip-172-31-62-245 sshd\[32203\]: Invalid user jenkins from 96.67.115.46\ Aug 15 18:57:37 ip-172-31-62-245 sshd\[32203\]: Failed password for invalid user jenkins from 96.67.115.46 port 52692 ssh2\ Aug 15 19:01:40 ip-172-31-62-245 sshd\[32223\]: Invalid user tb from 96.67.115.46\ Aug 15 19:01:41 ip-172-31-62-245 sshd\[32223\]: Failed password for invalid user tb from 96.67.115.46 port 34734 ssh2\ Aug 15 19:05:26 ip-172-31-62-245 sshd\[32272\]: Invalid user amavis from 96.67.115.46\	2019-08-16 03:44:01
37.44.253.159	attackbots	[ThuAug1511:18:49.5097422019][:error][pid8285:tid47981877352192][client37.44.253.159:30928][client37.44.253.159]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"211"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"filarmonicagorduno.ch"][uri"/"][unique_id"XVUjeVzgGchgGbVUDsWw8QAAABU"][ThuAug1511:18:50.2173122019][:error][pid28172:tid47981858440960][client37.44.253.159:45360][client37.44.253.159]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"211"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][h	2019-08-16 04:01:02
177.170.242.108	attackspam	Aug 15 09:59:51 hanapaa sshd\[14709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.170.242.108 user=root Aug 15 09:59:52 hanapaa sshd\[14709\]: Failed password for root from 177.170.242.108 port 57294 ssh2 Aug 15 10:05:49 hanapaa sshd\[15163\]: Invalid user cathy from 177.170.242.108 Aug 15 10:05:49 hanapaa sshd\[15163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.170.242.108 Aug 15 10:05:51 hanapaa sshd\[15163\]: Failed password for invalid user cathy from 177.170.242.108 port 40926 ssh2	2019-08-16 04:19:01
42.159.10.104	attackspam	Aug 16 01:27:11 areeb-Workstation sshd\[9537\]: Invalid user mariajose from 42.159.10.104 Aug 16 01:27:11 areeb-Workstation sshd\[9537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.10.104 Aug 16 01:27:14 areeb-Workstation sshd\[9537\]: Failed password for invalid user mariajose from 42.159.10.104 port 56110 ssh2 ...	2019-08-16 04:08:23
94.191.43.58	attackbots	SSH Brute Force, server-1 sshd[21496]: Failed password for invalid user just from 94.191.43.58 port 38500 ssh2	2019-08-16 03:37:14
86.104.220.20	attackspambots	Aug 15 14:31:03 mail sshd\[1914\]: Failed password for root from 86.104.220.20 port 52905 ssh2 Aug 15 14:50:41 mail sshd\[2434\]: Invalid user milan from 86.104.220.20 port 26329 Aug 15 14:50:41 mail sshd\[2434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.104.220.20 ...	2019-08-16 04:11:56

Recently Reported IPs

202.126.92.99	116.72.91.208	88.144.52.249	213.59.151.144
165.227.227.95	37.187.20.152	212.49.87.207	185.195.19.195
212.119.40.99	36.67.14.195	143.198.41.154	45.201.192.196
116.32.171.226	49.205.117.1	175.5.6.186	187.163.139.43
124.107.159.75	95.46.157.167	181.49.22.113	200.122.249.82