145.239.85.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	...	2020-02-02 01:29:22
attack	Oct 24 14:23:33 vps647732 sshd[32608]: Failed password for root from 145.239.85.55 port 35611 ssh2 ...	2019-10-24 20:30:50
attackbots	Oct 20 05:35:05 sachi sshd\[9165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-speak.pl user=root Oct 20 05:35:08 sachi sshd\[9165\]: Failed password for root from 145.239.85.55 port 52245 ssh2 Oct 20 05:39:02 sachi sshd\[9446\]: Invalid user valentina from 145.239.85.55 Oct 20 05:39:02 sachi sshd\[9446\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-speak.pl Oct 20 05:39:04 sachi sshd\[9446\]: Failed password for invalid user valentina from 145.239.85.55 port 47111 ssh2	2019-10-21 04:00:35
attackbotsspam	2019-09-24 18:24:28,931 fail2ban.actions [818]: NOTICE [sshd] Ban 145.239.85.55 2019-09-24 21:29:51,185 fail2ban.actions [818]: NOTICE [sshd] Ban 145.239.85.55 2019-09-25 00:35:03,469 fail2ban.actions [818]: NOTICE [sshd] Ban 145.239.85.55 ...	2019-10-03 12:33:52
attackspambots	Sep 24 03:56:05 lcprod sshd\[10177\]: Invalid user damares from 145.239.85.55 Sep 24 03:56:05 lcprod sshd\[10177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu Sep 24 03:56:08 lcprod sshd\[10177\]: Failed password for invalid user damares from 145.239.85.55 port 51776 ssh2 Sep 24 04:00:18 lcprod sshd\[10566\]: Invalid user popa3d from 145.239.85.55 Sep 24 04:00:18 lcprod sshd\[10566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu	2019-09-25 03:13:47
attack	Sep 20 10:14:59 lcprod sshd\[22323\]: Invalid user administrator from 145.239.85.55 Sep 20 10:14:59 lcprod sshd\[22323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu Sep 20 10:15:01 lcprod sshd\[22323\]: Failed password for invalid user administrator from 145.239.85.55 port 40955 ssh2 Sep 20 10:19:22 lcprod sshd\[22772\]: Invalid user ftpuser from 145.239.85.55 Sep 20 10:19:22 lcprod sshd\[22772\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu	2019-09-21 04:23:40
attackspambots	Sep 7 23:57:30 SilenceServices sshd[14650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55 Sep 7 23:57:31 SilenceServices sshd[14650]: Failed password for invalid user frappe from 145.239.85.55 port 60183 ssh2 Sep 8 00:01:35 SilenceServices sshd[16169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55	2019-09-08 15:33:00
attackbotsspam	Sep 7 16:14:45 SilenceServices sshd[32259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55 Sep 7 16:14:46 SilenceServices sshd[32259]: Failed password for invalid user developer@123 from 145.239.85.55 port 33667 ssh2 Sep 7 16:19:16 SilenceServices sshd[1467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55	2019-09-07 22:23:04

Comments on same subnet:

IP	Type	Details	Datetime
145.239.85.21	attackspambots	20 attempts against mh-ssh on echoip	2020-10-14 04:15:03
145.239.85.21	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-13 19:39:06
145.239.85.21	attack	Oct 3 21:00:30 journals sshd\[67582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 user=root Oct 3 21:00:32 journals sshd\[67582\]: Failed password for root from 145.239.85.21 port 59436 ssh2 Oct 3 21:04:15 journals sshd\[67893\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 user=root Oct 3 21:04:17 journals sshd\[67893\]: Failed password for root from 145.239.85.21 port 34992 ssh2 Oct 3 21:08:01 journals sshd\[68275\]: Invalid user vivek from 145.239.85.21 ...	2020-10-04 04:10:04
145.239.85.21	attackbotsspam	2020-10-03T08:37:25.533789amanda2.illicoweb.com sshd\[36012\]: Invalid user ale from 145.239.85.21 port 46395 2020-10-03T08:37:25.540480amanda2.illicoweb.com sshd\[36012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=21.ip-145-239-85.eu 2020-10-03T08:37:27.414005amanda2.illicoweb.com sshd\[36012\]: Failed password for invalid user ale from 145.239.85.21 port 46395 ssh2 2020-10-03T08:44:31.322928amanda2.illicoweb.com sshd\[36531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=21.ip-145-239-85.eu user=root 2020-10-03T08:44:33.346629amanda2.illicoweb.com sshd\[36531\]: Failed password for root from 145.239.85.21 port 38124 ssh2 ...	2020-10-03 20:13:38
145.239.85.21	attack	145.239.85.21 (PL/Poland/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 14 07:13:33 jbs1 sshd[22265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.69 user=root Sep 14 07:11:58 jbs1 sshd[21850]: Failed password for root from 145.239.85.21 port 42571 ssh2 Sep 14 07:10:57 jbs1 sshd[21506]: Failed password for root from 94.23.9.102 port 58050 ssh2 Sep 14 07:11:47 jbs1 sshd[21791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.212.170 user=root Sep 14 07:11:50 jbs1 sshd[21791]: Failed password for root from 113.200.212.170 port 3119 ssh2 IP Addresses Blocked: 49.88.112.69 (CN/China/-)	2020-09-14 22:29:57
145.239.85.228	attack	Sep 14 06:41:56 vm1 sshd[28715]: Failed password for root from 145.239.85.228 port 51152 ssh2 ...	2020-09-14 20:38:09
145.239.85.21	attackspambots	20 attempts against mh-ssh on echoip	2020-09-14 14:21:31
145.239.85.228	attackspambots	Sep 14 01:26:19 firewall sshd[10302]: Failed password for root from 145.239.85.228 port 59706 ssh2 Sep 14 01:30:33 firewall sshd[10380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228 user=root Sep 14 01:30:35 firewall sshd[10380]: Failed password for root from 145.239.85.228 port 44550 ssh2 ...	2020-09-14 12:31:08
145.239.85.21	attackspam	Sep 13 21:47:35 124388 sshd[18328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 Sep 13 21:47:35 124388 sshd[18328]: Invalid user comercial from 145.239.85.21 port 44258 Sep 13 21:47:37 124388 sshd[18328]: Failed password for invalid user comercial from 145.239.85.21 port 44258 ssh2 Sep 13 21:51:22 124388 sshd[18572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 user=root Sep 13 21:51:24 124388 sshd[18572]: Failed password for root from 145.239.85.21 port 49798 ssh2	2020-09-14 06:19:40
145.239.85.228	attackspambots	2020-09-14T02:59:32.705388billing sshd[9349]: Failed password for invalid user dcxz from 145.239.85.228 port 35134 ssh2 2020-09-14T03:03:42.697895billing sshd[13777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-c4e73ddf.vps.ovh.net user=root 2020-09-14T03:03:44.598033billing sshd[13777]: Failed password for root from 145.239.85.228 port 40290 ssh2 ...	2020-09-14 04:32:17
145.239.85.228	attackbots	Aug 31 15:18:37 abendstille sshd\[20475\]: Invalid user splunk from 145.239.85.228 Aug 31 15:18:37 abendstille sshd\[20475\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228 Aug 31 15:18:39 abendstille sshd\[20475\]: Failed password for invalid user splunk from 145.239.85.228 port 33214 ssh2 Aug 31 15:22:41 abendstille sshd\[24224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228 user=root Aug 31 15:22:44 abendstille sshd\[24224\]: Failed password for root from 145.239.85.228 port 41278 ssh2 ...	2020-08-31 22:19:48
145.239.85.21	attackbotsspam	Aug 25 07:49:26 v22019038103785759 sshd\[23015\]: Invalid user fogo from 145.239.85.21 port 41957 Aug 25 07:49:26 v22019038103785759 sshd\[23015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 Aug 25 07:49:27 v22019038103785759 sshd\[23015\]: Failed password for invalid user fogo from 145.239.85.21 port 41957 ssh2 Aug 25 07:51:02 v22019038103785759 sshd\[23257\]: Invalid user bs from 145.239.85.21 port 60911 Aug 25 07:51:02 v22019038103785759 sshd\[23257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 ...	2020-08-25 15:56:24
145.239.85.21	attackspambots	prod8 ...	2020-08-20 22:57:33
145.239.85.21	attackbotsspam	Aug 20 08:13:34 sip sshd[1366228]: Invalid user update from 145.239.85.21 port 57065 Aug 20 08:13:35 sip sshd[1366228]: Failed password for invalid user update from 145.239.85.21 port 57065 ssh2 Aug 20 08:17:25 sip sshd[1366250]: Invalid user etrust from 145.239.85.21 port 60785 ...	2020-08-20 15:33:17
145.239.85.21	attack	Aug 9 16:40:25 abendstille sshd\[3210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 user=root Aug 9 16:40:26 abendstille sshd\[3210\]: Failed password for root from 145.239.85.21 port 40855 ssh2 Aug 9 16:44:30 abendstille sshd\[6942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 user=root Aug 9 16:44:32 abendstille sshd\[6942\]: Failed password for root from 145.239.85.21 port 45442 ssh2 Aug 9 16:48:35 abendstille sshd\[10878\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21 user=root ...	2020-08-10 00:44:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.85.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47059
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.239.85.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 22:22:52 CST 2019
;; MSG SIZE  rcvd: 117

Host info

55.85.239.145.in-addr.arpa domain name pointer 55.ip-145-239-85.eu.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
55.85.239.145.in-addr.arpa	name = 55.ip-145-239-85.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.207.2.120	attackbotsspam	Oct 23 16:12:12 Tower sshd[35040]: Connection from 123.207.2.120 port 42026 on 192.168.10.220 port 22 Oct 23 16:12:14 Tower sshd[35040]: Failed password for root from 123.207.2.120 port 42026 ssh2 Oct 23 16:12:14 Tower sshd[35040]: Received disconnect from 123.207.2.120 port 42026:11: Bye Bye [preauth] Oct 23 16:12:14 Tower sshd[35040]: Disconnected from authenticating user root 123.207.2.120 port 42026 [preauth]	2019-10-24 07:33:15
54.37.68.66	attackspambots	Oct 23 10:25:20 auw2 sshd\[9188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.ip-54-37-68.eu user=root Oct 23 10:25:22 auw2 sshd\[9188\]: Failed password for root from 54.37.68.66 port 57520 ssh2 Oct 23 10:29:16 auw2 sshd\[9505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.ip-54-37-68.eu user=root Oct 23 10:29:18 auw2 sshd\[9505\]: Failed password for root from 54.37.68.66 port 40864 ssh2 Oct 23 10:33:10 auw2 sshd\[9818\]: Invalid user system from 54.37.68.66	2019-10-24 06:58:04
125.130.110.20	attackspambots	Oct 24 00:11:11 ns37 sshd[30201]: Failed password for root from 125.130.110.20 port 39060 ssh2 Oct 24 00:11:11 ns37 sshd[30201]: Failed password for root from 125.130.110.20 port 39060 ssh2	2019-10-24 07:27:44
51.255.161.187	attackspam	xmlrpc attack	2019-10-24 07:13:34
203.138.172.104	attackbots	$f2bV_matches	2019-10-24 07:14:52
51.83.32.232	attackbotsspam	Oct 24 00:04:45 srv206 sshd[23694]: Invalid user djlhc111com from 51.83.32.232 Oct 24 00:04:45 srv206 sshd[23694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=232.ip-51-83-32.eu Oct 24 00:04:45 srv206 sshd[23694]: Invalid user djlhc111com from 51.83.32.232 Oct 24 00:04:48 srv206 sshd[23694]: Failed password for invalid user djlhc111com from 51.83.32.232 port 37592 ssh2 ...	2019-10-24 07:27:13
58.199.164.240	attackbotsspam	2019-10-23T23:18:49.206395abusebot-5.cloudsearch.cf sshd\[11284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.199.164.240 user=root	2019-10-24 07:25:55
129.204.42.58	attackspambots	Oct 23 22:47:51 server sshd\[4982\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.42.58 user=root Oct 23 22:47:52 server sshd\[4982\]: Failed password for root from 129.204.42.58 port 35903 ssh2 Oct 23 22:54:38 server sshd\[6502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.42.58 user=root Oct 23 22:54:40 server sshd\[6502\]: Failed password for root from 129.204.42.58 port 59546 ssh2 Oct 23 23:13:32 server sshd\[11488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.42.58 user=root ...	2019-10-24 07:05:14
213.230.96.243	attack	WordPress brute force	2019-10-24 07:20:46
123.206.219.211	attackbots	2019-10-23T22:48:42.951391abusebot-5.cloudsearch.cf sshd\[10947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.219.211 user=root	2019-10-24 07:10:43
212.47.251.164	attackspambots	Oct 23 10:24:30 kapalua sshd\[12346\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164-251-47-212.rev.cloud.scaleway.com user=root Oct 23 10:24:32 kapalua sshd\[12346\]: Failed password for root from 212.47.251.164 port 34206 ssh2 Oct 23 10:28:11 kapalua sshd\[12795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164-251-47-212.rev.cloud.scaleway.com user=root Oct 23 10:28:13 kapalua sshd\[12795\]: Failed password for root from 212.47.251.164 port 46610 ssh2 Oct 23 10:31:45 kapalua sshd\[13073\]: Invalid user admin from 212.47.251.164	2019-10-24 06:55:17
95.216.14.105	attackspambots	xmlrpc attack	2019-10-24 07:18:02
31.163.130.106	attackspam	" "	2019-10-24 07:29:17
222.186.190.92	attack	Oct 24 00:51:12 minden010 sshd[2652]: Failed password for root from 222.186.190.92 port 34340 ssh2 Oct 24 00:51:30 minden010 sshd[2652]: error: maximum authentication attempts exceeded for root from 222.186.190.92 port 34340 ssh2 [preauth] Oct 24 00:51:41 minden010 sshd[2874]: Failed password for root from 222.186.190.92 port 37352 ssh2 ...	2019-10-24 07:00:20
94.23.50.194	attack	Oct 24 00:43:49 nginx sshd[94064]: Invalid user admin from 94.23.50.194 Oct 24 00:43:49 nginx sshd[94064]: Received disconnect from 94.23.50.194 port 34696:11: Normal Shutdown, Thank you for playing [preauth]	2019-10-24 07:32:18

Recently Reported IPs

115.193.53.141	183.88.75.155	98.168.248.164	78.0.22.230
95.216.137.224	2.177.121.62	223.245.212.241	123.70.159.102
99.152.60.100	195.128.72.5	187.44.224.222	179.104.58.180
173.249.49.99	79.66.87.204	148.235.82.68	15.137.62.213
45.179.161.14	24.221.112.88	171.83.191.11	125.71.136.178