Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackspam
...
2020-02-02 01:29:22
attack
Oct 24 14:23:33 vps647732 sshd[32608]: Failed password for root from 145.239.85.55 port 35611 ssh2
...
2019-10-24 20:30:50
attackbots
Oct 20 05:35:05 sachi sshd\[9165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-speak.pl  user=root
Oct 20 05:35:08 sachi sshd\[9165\]: Failed password for root from 145.239.85.55 port 52245 ssh2
Oct 20 05:39:02 sachi sshd\[9446\]: Invalid user valentina from 145.239.85.55
Oct 20 05:39:02 sachi sshd\[9446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-speak.pl
Oct 20 05:39:04 sachi sshd\[9446\]: Failed password for invalid user valentina from 145.239.85.55 port 47111 ssh2
2019-10-21 04:00:35
attackbotsspam
2019-09-24 18:24:28,931 fail2ban.actions        [818]: NOTICE  [sshd] Ban 145.239.85.55
2019-09-24 21:29:51,185 fail2ban.actions        [818]: NOTICE  [sshd] Ban 145.239.85.55
2019-09-25 00:35:03,469 fail2ban.actions        [818]: NOTICE  [sshd] Ban 145.239.85.55
...
2019-10-03 12:33:52
attackspambots
Sep 24 03:56:05 lcprod sshd\[10177\]: Invalid user damares from 145.239.85.55
Sep 24 03:56:05 lcprod sshd\[10177\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu
Sep 24 03:56:08 lcprod sshd\[10177\]: Failed password for invalid user damares from 145.239.85.55 port 51776 ssh2
Sep 24 04:00:18 lcprod sshd\[10566\]: Invalid user popa3d from 145.239.85.55
Sep 24 04:00:18 lcprod sshd\[10566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu
2019-09-25 03:13:47
attack
Sep 20 10:14:59 lcprod sshd\[22323\]: Invalid user administrator from 145.239.85.55
Sep 20 10:14:59 lcprod sshd\[22323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu
Sep 20 10:15:01 lcprod sshd\[22323\]: Failed password for invalid user administrator from 145.239.85.55 port 40955 ssh2
Sep 20 10:19:22 lcprod sshd\[22772\]: Invalid user ftpuser from 145.239.85.55
Sep 20 10:19:22 lcprod sshd\[22772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu
2019-09-21 04:23:40
attackspambots
Sep  7 23:57:30 SilenceServices sshd[14650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55
Sep  7 23:57:31 SilenceServices sshd[14650]: Failed password for invalid user frappe from 145.239.85.55 port 60183 ssh2
Sep  8 00:01:35 SilenceServices sshd[16169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55
2019-09-08 15:33:00
attackbotsspam
Sep  7 16:14:45 SilenceServices sshd[32259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55
Sep  7 16:14:46 SilenceServices sshd[32259]: Failed password for invalid user developer@123 from 145.239.85.55 port 33667 ssh2
Sep  7 16:19:16 SilenceServices sshd[1467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55
2019-09-07 22:23:04
Comments on same subnet:
IP Type Details Datetime
145.239.85.21 attackspambots
20 attempts against mh-ssh on echoip
2020-10-14 04:15:03
145.239.85.21 attackbotsspam
Connection to SSH Honeypot - Detected by HoneypotDB
2020-10-13 19:39:06
145.239.85.21 attack
Oct  3 21:00:30 journals sshd\[67582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Oct  3 21:00:32 journals sshd\[67582\]: Failed password for root from 145.239.85.21 port 59436 ssh2
Oct  3 21:04:15 journals sshd\[67893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Oct  3 21:04:17 journals sshd\[67893\]: Failed password for root from 145.239.85.21 port 34992 ssh2
Oct  3 21:08:01 journals sshd\[68275\]: Invalid user vivek from 145.239.85.21
...
2020-10-04 04:10:04
145.239.85.21 attackbotsspam
2020-10-03T08:37:25.533789amanda2.illicoweb.com sshd\[36012\]: Invalid user ale from 145.239.85.21 port 46395
2020-10-03T08:37:25.540480amanda2.illicoweb.com sshd\[36012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=21.ip-145-239-85.eu
2020-10-03T08:37:27.414005amanda2.illicoweb.com sshd\[36012\]: Failed password for invalid user ale from 145.239.85.21 port 46395 ssh2
2020-10-03T08:44:31.322928amanda2.illicoweb.com sshd\[36531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=21.ip-145-239-85.eu  user=root
2020-10-03T08:44:33.346629amanda2.illicoweb.com sshd\[36531\]: Failed password for root from 145.239.85.21 port 38124 ssh2
...
2020-10-03 20:13:38
145.239.85.21 attack
145.239.85.21 (PL/Poland/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 14 07:13:33 jbs1 sshd[22265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.69  user=root
Sep 14 07:11:58 jbs1 sshd[21850]: Failed password for root from 145.239.85.21 port 42571 ssh2
Sep 14 07:10:57 jbs1 sshd[21506]: Failed password for root from 94.23.9.102 port 58050 ssh2
Sep 14 07:11:47 jbs1 sshd[21791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.212.170  user=root
Sep 14 07:11:50 jbs1 sshd[21791]: Failed password for root from 113.200.212.170 port 3119 ssh2

IP Addresses Blocked:

49.88.112.69 (CN/China/-)
2020-09-14 22:29:57
145.239.85.228 attack
Sep 14 06:41:56 vm1 sshd[28715]: Failed password for root from 145.239.85.228 port 51152 ssh2
...
2020-09-14 20:38:09
145.239.85.21 attackspambots
20 attempts against mh-ssh on echoip
2020-09-14 14:21:31
145.239.85.228 attackspambots
Sep 14 01:26:19 firewall sshd[10302]: Failed password for root from 145.239.85.228 port 59706 ssh2
Sep 14 01:30:33 firewall sshd[10380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228  user=root
Sep 14 01:30:35 firewall sshd[10380]: Failed password for root from 145.239.85.228 port 44550 ssh2
...
2020-09-14 12:31:08
145.239.85.21 attackspam
Sep 13 21:47:35 124388 sshd[18328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21
Sep 13 21:47:35 124388 sshd[18328]: Invalid user comercial from 145.239.85.21 port 44258
Sep 13 21:47:37 124388 sshd[18328]: Failed password for invalid user comercial from 145.239.85.21 port 44258 ssh2
Sep 13 21:51:22 124388 sshd[18572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Sep 13 21:51:24 124388 sshd[18572]: Failed password for root from 145.239.85.21 port 49798 ssh2
2020-09-14 06:19:40
145.239.85.228 attackspambots
2020-09-14T02:59:32.705388billing sshd[9349]: Failed password for invalid user dcxz from 145.239.85.228 port 35134 ssh2
2020-09-14T03:03:42.697895billing sshd[13777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-c4e73ddf.vps.ovh.net  user=root
2020-09-14T03:03:44.598033billing sshd[13777]: Failed password for root from 145.239.85.228 port 40290 ssh2
...
2020-09-14 04:32:17
145.239.85.228 attackbots
Aug 31 15:18:37 abendstille sshd\[20475\]: Invalid user splunk from 145.239.85.228
Aug 31 15:18:37 abendstille sshd\[20475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228
Aug 31 15:18:39 abendstille sshd\[20475\]: Failed password for invalid user splunk from 145.239.85.228 port 33214 ssh2
Aug 31 15:22:41 abendstille sshd\[24224\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228  user=root
Aug 31 15:22:44 abendstille sshd\[24224\]: Failed password for root from 145.239.85.228 port 41278 ssh2
...
2020-08-31 22:19:48
145.239.85.21 attackbotsspam
Aug 25 07:49:26 v22019038103785759 sshd\[23015\]: Invalid user fogo from 145.239.85.21 port 41957
Aug 25 07:49:26 v22019038103785759 sshd\[23015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21
Aug 25 07:49:27 v22019038103785759 sshd\[23015\]: Failed password for invalid user fogo from 145.239.85.21 port 41957 ssh2
Aug 25 07:51:02 v22019038103785759 sshd\[23257\]: Invalid user bs from 145.239.85.21 port 60911
Aug 25 07:51:02 v22019038103785759 sshd\[23257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21
...
2020-08-25 15:56:24
145.239.85.21 attackspambots
prod8
...
2020-08-20 22:57:33
145.239.85.21 attackbotsspam
Aug 20 08:13:34 sip sshd[1366228]: Invalid user update from 145.239.85.21 port 57065
Aug 20 08:13:35 sip sshd[1366228]: Failed password for invalid user update from 145.239.85.21 port 57065 ssh2
Aug 20 08:17:25 sip sshd[1366250]: Invalid user etrust from 145.239.85.21 port 60785
...
2020-08-20 15:33:17
145.239.85.21 attack
Aug  9 16:40:25 abendstille sshd\[3210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Aug  9 16:40:26 abendstille sshd\[3210\]: Failed password for root from 145.239.85.21 port 40855 ssh2
Aug  9 16:44:30 abendstille sshd\[6942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Aug  9 16:44:32 abendstille sshd\[6942\]: Failed password for root from 145.239.85.21 port 45442 ssh2
Aug  9 16:48:35 abendstille sshd\[10878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
...
2020-08-10 00:44:49
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.85.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47059
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.239.85.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 22:22:52 CST 2019
;; MSG SIZE  rcvd: 117
Host info
55.85.239.145.in-addr.arpa domain name pointer 55.ip-145-239-85.eu.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
55.85.239.145.in-addr.arpa	name = 55.ip-145-239-85.eu.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
185.137.111.132 attack
Jun 29 00:25:30 mail postfix/smtpd\[29122\]: warning: unknown\[185.137.111.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Jun 29 00:26:42 mail postfix/smtpd\[29553\]: warning: unknown\[185.137.111.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Jun 29 00:27:52 mail postfix/smtpd\[29122\]: warning: unknown\[185.137.111.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Jun 29 00:58:19 mail postfix/smtpd\[30201\]: warning: unknown\[185.137.111.132\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
2019-06-29 07:13:43
82.131.209.179 attack
2019-06-29T01:23:47.739436cavecanem sshd[19125]: Invalid user pul from 82.131.209.179 port 37548
2019-06-29T01:23:47.745735cavecanem sshd[19125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.131.209.179
2019-06-29T01:23:47.739436cavecanem sshd[19125]: Invalid user pul from 82.131.209.179 port 37548
2019-06-29T01:23:49.711089cavecanem sshd[19125]: Failed password for invalid user pul from 82.131.209.179 port 37548 ssh2
2019-06-29T01:25:33.700971cavecanem sshd[19544]: Invalid user unreal from 82.131.209.179 port 54626
2019-06-29T01:25:33.703457cavecanem sshd[19544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.131.209.179
2019-06-29T01:25:33.700971cavecanem sshd[19544]: Invalid user unreal from 82.131.209.179 port 54626
2019-06-29T01:25:36.554958cavecanem sshd[19544]: Failed password for invalid user unreal from 82.131.209.179 port 54626 ssh2
2019-06-29T01:27:18.911846cavecanem sshd[20793]: Invali
...
2019-06-29 07:31:36
58.215.121.36 attackspambots
Jun 25 01:25:00 carla sshd[29480]: Invalid user jacques from 58.215.121.36
Jun 25 01:25:00 carla sshd[29480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.215.121.36 
Jun 25 01:25:02 carla sshd[29480]: Failed password for invalid user jacques from 58.215.121.36 port 50151 ssh2
Jun 25 01:25:03 carla sshd[29481]: Received disconnect from 58.215.121.36: 11: Bye Bye
Jun 25 01:28:40 carla sshd[29496]: Invalid user pnjeri from 58.215.121.36
Jun 25 01:28:40 carla sshd[29496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.215.121.36 
Jun 25 01:28:42 carla sshd[29496]: Failed password for invalid user pnjeri from 58.215.121.36 port 5986 ssh2
Jun 25 01:28:42 carla sshd[29497]: Received disconnect from 58.215.121.36: 11: Bye Bye


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=58.215.121.36
2019-06-29 07:32:00
118.122.102.74 attack
SMB Server BruteForce Attack
2019-06-29 06:58:52
111.75.214.57 attackspam
Unauthorized connection attempt from IP address 111.75.214.57 on Port 445(SMB)
2019-06-29 07:25:14
81.214.187.194 attackbots
Unauthorized connection attempt from IP address 81.214.187.194 on Port 445(SMB)
2019-06-29 07:21:55
106.12.193.160 attackspam
Brute force attempt
2019-06-29 07:00:33
172.82.144.165 attackbotsspam
Unauthorized connection attempt from IP address 172.82.144.165 on Port 445(SMB)
2019-06-29 07:07:20
60.172.230.184 attack
'IP reached maximum auth failures for a one day block'
2019-06-29 06:54:44
82.194.11.37 attack
Telnet Server BruteForce Attack
2019-06-29 07:04:08
59.180.230.148 attack
Jun 28 23:50:58 mail sshd[20845]: Invalid user gitolite3 from 59.180.230.148
Jun 28 23:50:58 mail sshd[20845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.180.230.148
Jun 28 23:50:58 mail sshd[20845]: Invalid user gitolite3 from 59.180.230.148
Jun 28 23:51:00 mail sshd[20845]: Failed password for invalid user gitolite3 from 59.180.230.148 port 57324 ssh2
Jun 29 00:04:37 mail sshd[380]: Invalid user jct_txn from 59.180.230.148
...
2019-06-29 06:44:56
177.23.59.180 attackbots
SMTP-sasl brute force
...
2019-06-29 07:23:14
91.134.241.32 attack
Jun 28 13:28:59 ip-172-31-1-72 sshd\[31312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.241.32  user=news
Jun 28 13:29:01 ip-172-31-1-72 sshd\[31312\]: Failed password for news from 91.134.241.32 port 36058 ssh2
Jun 28 13:30:54 ip-172-31-1-72 sshd\[31319\]: Invalid user testuser from 91.134.241.32
Jun 28 13:30:54 ip-172-31-1-72 sshd\[31319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.241.32
Jun 28 13:30:55 ip-172-31-1-72 sshd\[31319\]: Failed password for invalid user testuser from 91.134.241.32 port 58472 ssh2
2019-06-29 07:27:57
223.27.234.253 attackbotsspam
Jun 29 00:23:53 vps647732 sshd[11578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.27.234.253
Jun 29 00:23:56 vps647732 sshd[11578]: Failed password for invalid user user from 223.27.234.253 port 60448 ssh2
...
2019-06-29 07:24:03
105.112.112.242 attackbots
Unauthorized connection attempt from IP address 105.112.112.242 on Port 445(SMB)
2019-06-29 07:17:32

Recently Reported IPs

115.193.53.141 183.88.75.155 98.168.248.164 78.0.22.230
95.216.137.224 2.177.121.62 223.245.212.241 123.70.159.102
99.152.60.100 195.128.72.5 187.44.224.222 179.104.58.180
173.249.49.99 79.66.87.204 148.235.82.68 15.137.62.213
45.179.161.14 24.221.112.88 171.83.191.11 125.71.136.178