Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Poland

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackspam
...
2020-02-02 01:29:22
attack
Oct 24 14:23:33 vps647732 sshd[32608]: Failed password for root from 145.239.85.55 port 35611 ssh2
...
2019-10-24 20:30:50
attackbots
Oct 20 05:35:05 sachi sshd\[9165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-speak.pl  user=root
Oct 20 05:35:08 sachi sshd\[9165\]: Failed password for root from 145.239.85.55 port 52245 ssh2
Oct 20 05:39:02 sachi sshd\[9446\]: Invalid user valentina from 145.239.85.55
Oct 20 05:39:02 sachi sshd\[9446\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-speak.pl
Oct 20 05:39:04 sachi sshd\[9446\]: Failed password for invalid user valentina from 145.239.85.55 port 47111 ssh2
2019-10-21 04:00:35
attackbotsspam
2019-09-24 18:24:28,931 fail2ban.actions        [818]: NOTICE  [sshd] Ban 145.239.85.55
2019-09-24 21:29:51,185 fail2ban.actions        [818]: NOTICE  [sshd] Ban 145.239.85.55
2019-09-25 00:35:03,469 fail2ban.actions        [818]: NOTICE  [sshd] Ban 145.239.85.55
...
2019-10-03 12:33:52
attackspambots
Sep 24 03:56:05 lcprod sshd\[10177\]: Invalid user damares from 145.239.85.55
Sep 24 03:56:05 lcprod sshd\[10177\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu
Sep 24 03:56:08 lcprod sshd\[10177\]: Failed password for invalid user damares from 145.239.85.55 port 51776 ssh2
Sep 24 04:00:18 lcprod sshd\[10566\]: Invalid user popa3d from 145.239.85.55
Sep 24 04:00:18 lcprod sshd\[10566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu
2019-09-25 03:13:47
attack
Sep 20 10:14:59 lcprod sshd\[22323\]: Invalid user administrator from 145.239.85.55
Sep 20 10:14:59 lcprod sshd\[22323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu
Sep 20 10:15:01 lcprod sshd\[22323\]: Failed password for invalid user administrator from 145.239.85.55 port 40955 ssh2
Sep 20 10:19:22 lcprod sshd\[22772\]: Invalid user ftpuser from 145.239.85.55
Sep 20 10:19:22 lcprod sshd\[22772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.ip-145-239-85.eu
2019-09-21 04:23:40
attackspambots
Sep  7 23:57:30 SilenceServices sshd[14650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55
Sep  7 23:57:31 SilenceServices sshd[14650]: Failed password for invalid user frappe from 145.239.85.55 port 60183 ssh2
Sep  8 00:01:35 SilenceServices sshd[16169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55
2019-09-08 15:33:00
attackbotsspam
Sep  7 16:14:45 SilenceServices sshd[32259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55
Sep  7 16:14:46 SilenceServices sshd[32259]: Failed password for invalid user developer@123 from 145.239.85.55 port 33667 ssh2
Sep  7 16:19:16 SilenceServices sshd[1467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.55
2019-09-07 22:23:04
Comments on same subnet:
IP Type Details Datetime
145.239.85.21 attackspambots
20 attempts against mh-ssh on echoip
2020-10-14 04:15:03
145.239.85.21 attackbotsspam
Connection to SSH Honeypot - Detected by HoneypotDB
2020-10-13 19:39:06
145.239.85.21 attack
Oct  3 21:00:30 journals sshd\[67582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Oct  3 21:00:32 journals sshd\[67582\]: Failed password for root from 145.239.85.21 port 59436 ssh2
Oct  3 21:04:15 journals sshd\[67893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Oct  3 21:04:17 journals sshd\[67893\]: Failed password for root from 145.239.85.21 port 34992 ssh2
Oct  3 21:08:01 journals sshd\[68275\]: Invalid user vivek from 145.239.85.21
...
2020-10-04 04:10:04
145.239.85.21 attackbotsspam
2020-10-03T08:37:25.533789amanda2.illicoweb.com sshd\[36012\]: Invalid user ale from 145.239.85.21 port 46395
2020-10-03T08:37:25.540480amanda2.illicoweb.com sshd\[36012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=21.ip-145-239-85.eu
2020-10-03T08:37:27.414005amanda2.illicoweb.com sshd\[36012\]: Failed password for invalid user ale from 145.239.85.21 port 46395 ssh2
2020-10-03T08:44:31.322928amanda2.illicoweb.com sshd\[36531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=21.ip-145-239-85.eu  user=root
2020-10-03T08:44:33.346629amanda2.illicoweb.com sshd\[36531\]: Failed password for root from 145.239.85.21 port 38124 ssh2
...
2020-10-03 20:13:38
145.239.85.21 attack
145.239.85.21 (PL/Poland/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 14 07:13:33 jbs1 sshd[22265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.69  user=root
Sep 14 07:11:58 jbs1 sshd[21850]: Failed password for root from 145.239.85.21 port 42571 ssh2
Sep 14 07:10:57 jbs1 sshd[21506]: Failed password for root from 94.23.9.102 port 58050 ssh2
Sep 14 07:11:47 jbs1 sshd[21791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.212.170  user=root
Sep 14 07:11:50 jbs1 sshd[21791]: Failed password for root from 113.200.212.170 port 3119 ssh2

IP Addresses Blocked:

49.88.112.69 (CN/China/-)
2020-09-14 22:29:57
145.239.85.228 attack
Sep 14 06:41:56 vm1 sshd[28715]: Failed password for root from 145.239.85.228 port 51152 ssh2
...
2020-09-14 20:38:09
145.239.85.21 attackspambots
20 attempts against mh-ssh on echoip
2020-09-14 14:21:31
145.239.85.228 attackspambots
Sep 14 01:26:19 firewall sshd[10302]: Failed password for root from 145.239.85.228 port 59706 ssh2
Sep 14 01:30:33 firewall sshd[10380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228  user=root
Sep 14 01:30:35 firewall sshd[10380]: Failed password for root from 145.239.85.228 port 44550 ssh2
...
2020-09-14 12:31:08
145.239.85.21 attackspam
Sep 13 21:47:35 124388 sshd[18328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21
Sep 13 21:47:35 124388 sshd[18328]: Invalid user comercial from 145.239.85.21 port 44258
Sep 13 21:47:37 124388 sshd[18328]: Failed password for invalid user comercial from 145.239.85.21 port 44258 ssh2
Sep 13 21:51:22 124388 sshd[18572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Sep 13 21:51:24 124388 sshd[18572]: Failed password for root from 145.239.85.21 port 49798 ssh2
2020-09-14 06:19:40
145.239.85.228 attackspambots
2020-09-14T02:59:32.705388billing sshd[9349]: Failed password for invalid user dcxz from 145.239.85.228 port 35134 ssh2
2020-09-14T03:03:42.697895billing sshd[13777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-c4e73ddf.vps.ovh.net  user=root
2020-09-14T03:03:44.598033billing sshd[13777]: Failed password for root from 145.239.85.228 port 40290 ssh2
...
2020-09-14 04:32:17
145.239.85.228 attackbots
Aug 31 15:18:37 abendstille sshd\[20475\]: Invalid user splunk from 145.239.85.228
Aug 31 15:18:37 abendstille sshd\[20475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228
Aug 31 15:18:39 abendstille sshd\[20475\]: Failed password for invalid user splunk from 145.239.85.228 port 33214 ssh2
Aug 31 15:22:41 abendstille sshd\[24224\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.228  user=root
Aug 31 15:22:44 abendstille sshd\[24224\]: Failed password for root from 145.239.85.228 port 41278 ssh2
...
2020-08-31 22:19:48
145.239.85.21 attackbotsspam
Aug 25 07:49:26 v22019038103785759 sshd\[23015\]: Invalid user fogo from 145.239.85.21 port 41957
Aug 25 07:49:26 v22019038103785759 sshd\[23015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21
Aug 25 07:49:27 v22019038103785759 sshd\[23015\]: Failed password for invalid user fogo from 145.239.85.21 port 41957 ssh2
Aug 25 07:51:02 v22019038103785759 sshd\[23257\]: Invalid user bs from 145.239.85.21 port 60911
Aug 25 07:51:02 v22019038103785759 sshd\[23257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21
...
2020-08-25 15:56:24
145.239.85.21 attackspambots
prod8
...
2020-08-20 22:57:33
145.239.85.21 attackbotsspam
Aug 20 08:13:34 sip sshd[1366228]: Invalid user update from 145.239.85.21 port 57065
Aug 20 08:13:35 sip sshd[1366228]: Failed password for invalid user update from 145.239.85.21 port 57065 ssh2
Aug 20 08:17:25 sip sshd[1366250]: Invalid user etrust from 145.239.85.21 port 60785
...
2020-08-20 15:33:17
145.239.85.21 attack
Aug  9 16:40:25 abendstille sshd\[3210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Aug  9 16:40:26 abendstille sshd\[3210\]: Failed password for root from 145.239.85.21 port 40855 ssh2
Aug  9 16:44:30 abendstille sshd\[6942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
Aug  9 16:44:32 abendstille sshd\[6942\]: Failed password for root from 145.239.85.21 port 45442 ssh2
Aug  9 16:48:35 abendstille sshd\[10878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.85.21  user=root
...
2020-08-10 00:44:49
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.85.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47059
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.239.85.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 22:22:52 CST 2019
;; MSG SIZE  rcvd: 117
Host info
55.85.239.145.in-addr.arpa domain name pointer 55.ip-145-239-85.eu.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
55.85.239.145.in-addr.arpa	name = 55.ip-145-239-85.eu.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
122.224.203.228 attackbotsspam
Nov 20 07:24:53 vps01 sshd[26617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.203.228
Nov 20 07:24:55 vps01 sshd[26617]: Failed password for invalid user turbid from 122.224.203.228 port 45716 ssh2
Nov 20 07:29:37 vps01 sshd[26632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.203.228
2019-11-20 15:55:39
46.38.144.57 attack
Nov 20 08:45:26 relay postfix/smtpd\[13454\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Nov 20 08:45:44 relay postfix/smtpd\[12103\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Nov 20 08:46:03 relay postfix/smtpd\[13454\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Nov 20 08:46:21 relay postfix/smtpd\[12103\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Nov 20 08:46:38 relay postfix/smtpd\[15952\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...
2019-11-20 16:01:55
133.130.123.238 attackspam
SSH Brute-Force reported by Fail2Ban
2019-11-20 15:25:41
106.5.123.43 attack
badbot
2019-11-20 15:44:55
34.218.47.114 attackspambots
20.11.2019 07:30:50 - Bad Robot 
Ignore Robots.txt
2019-11-20 15:32:45
114.234.163.185 attack
badbot
2019-11-20 15:44:08
180.121.74.11 attackbots
badbot
2019-11-20 15:59:26
183.166.124.31 attackspambots
badbot
2019-11-20 15:37:28
63.88.23.249 attackspam
63.88.23.249 was recorded 15 times by 7 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 15, 89, 342
2019-11-20 15:56:36
212.156.90.118 attackbots
Nov 19 15:56:00 our-server-hostname postfix/smtpd[12812]: connect from unknown[212.156.90.118]
Nov 19 15:56:02 our-server-hostname postfix/smtpd[12812]: NOQUEUE: reject: RCPT from unknown[212.156.90.118]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Nov 19 15:56:03 our-server-hostname postfix/smtpd[12812]: NOQUEUE: reject: RCPT from unknown[212.156.90.118]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Nov 19 15:56:04 our-server-hostname postfix/smtpd[12812]: NOQUEUE: reject: RCPT from unknown[212.156.90.118]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Nov 19 15:56:06 our-server-hostname postfix/smtpd[12812]: NOQUEUE: reject: RCPT from unknown[212.156.90.118]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Nov 19 15:56:06 our-server-hostname postfix/s........
-------------------------------
2019-11-20 15:57:05
198.108.67.46 attackspam
198.108.67.46 was recorded 5 times by 4 hosts attempting to connect to the following ports: 555,8990,6003,554,9999. Incident counter (4h, 24h, all-time): 5, 18, 190
2019-11-20 15:41:45
106.12.85.28 attack
Nov 20 08:15:33 SilenceServices sshd[21193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.28
Nov 20 08:15:35 SilenceServices sshd[21193]: Failed password for invalid user mediatomb from 106.12.85.28 port 57998 ssh2
Nov 20 08:19:59 SilenceServices sshd[22445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.28
2019-11-20 15:27:33
49.234.79.176 attack
frenzy
2019-11-20 15:30:21
63.88.23.131 attackspambots
63.88.23.131 was recorded 7 times by 5 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 7, 76, 355
2019-11-20 15:44:23
213.157.48.133 attack
Nov 20 08:32:12 vmanager6029 sshd\[21906\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.157.48.133  user=root
Nov 20 08:32:14 vmanager6029 sshd\[21906\]: Failed password for root from 213.157.48.133 port 38870 ssh2
Nov 20 08:36:29 vmanager6029 sshd\[21987\]: Invalid user aimax from 213.157.48.133 port 47692
2019-11-20 15:46:25

Recently Reported IPs

115.193.53.141 183.88.75.155 98.168.248.164 78.0.22.230
95.216.137.224 2.177.121.62 223.245.212.241 123.70.159.102
99.152.60.100 195.128.72.5 187.44.224.222 179.104.58.180
173.249.49.99 79.66.87.204 148.235.82.68 15.137.62.213
45.179.161.14 24.221.112.88 171.83.191.11 125.71.136.178