85.13.92.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Czech Republic

Internet Service Provider: Lidos

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Jun 6 06:56:40 mail.srvfarm.net postfix/smtps/smtpd[3565096]: warning: host-85-13-92-54.lidos.cz[85.13.92.54]: SASL PLAIN authentication failed: Jun 6 06:56:40 mail.srvfarm.net postfix/smtps/smtpd[3565096]: lost connection after AUTH from host-85-13-92-54.lidos.cz[85.13.92.54] Jun 6 06:56:44 mail.srvfarm.net postfix/smtps/smtpd[3565095]: lost connection after CONNECT from host-85-13-92-54.lidos.cz[85.13.92.54] Jun 6 07:06:09 mail.srvfarm.net postfix/smtps/smtpd[3565945]: warning: host-85-13-92-54.lidos.cz[85.13.92.54]: SASL PLAIN authentication failed: Jun 6 07:06:09 mail.srvfarm.net postfix/smtps/smtpd[3565945]: lost connection after AUTH from host-85-13-92-54.lidos.cz[85.13.92.54]	2020-06-07 23:43:57

Type

Details

Datetime

attackspambots

Jun  6 06:56:40 mail.srvfarm.net postfix/smtps/smtpd[3565096]: warning: host-85-13-92-54.lidos.cz[85.13.92.54]: SASL PLAIN authentication failed: 
Jun  6 06:56:40 mail.srvfarm.net postfix/smtps/smtpd[3565096]: lost connection after AUTH from host-85-13-92-54.lidos.cz[85.13.92.54]
Jun  6 06:56:44 mail.srvfarm.net postfix/smtps/smtpd[3565095]: lost connection after CONNECT from host-85-13-92-54.lidos.cz[85.13.92.54]
Jun  6 07:06:09 mail.srvfarm.net postfix/smtps/smtpd[3565945]: warning: host-85-13-92-54.lidos.cz[85.13.92.54]: SASL PLAIN authentication failed: 
Jun  6 07:06:09 mail.srvfarm.net postfix/smtps/smtpd[3565945]: lost connection after AUTH from host-85-13-92-54.lidos.cz[85.13.92.54]

2020-06-07 23:43:57

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.13.92.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58643
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.13.92.54.			IN	A

;; AUTHORITY SECTION:
.			172	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060700 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 07 23:43:38 CST 2020
;; MSG SIZE  rcvd: 115

Host info

54.92.13.85.in-addr.arpa domain name pointer host-85-13-92-54.lidos.cz.

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
54.92.13.85.in-addr.arpa	name = host-85-13-92-54.lidos.cz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.250.202.89	attackbotsspam	(sshd) Failed SSH login from 183.250.202.89 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 22 12:46:12 server sshd[1799]: Invalid user user8 from 183.250.202.89 port 65178 Sep 22 12:46:13 server sshd[1799]: Failed password for invalid user user8 from 183.250.202.89 port 65178 ssh2 Sep 22 12:57:49 server sshd[5149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.250.202.89 user=root Sep 22 12:57:52 server sshd[5149]: Failed password for root from 183.250.202.89 port 9117 ssh2 Sep 22 13:01:47 server sshd[6336]: Invalid user suporte from 183.250.202.89 port 36964	2020-09-23 17:34:39
120.150.216.161	attackspam	Sep 22 20:04:12 server sshd[16329]: Failed password for invalid user devopsuser from 120.150.216.161 port 53648 ssh2 Sep 22 20:09:01 server sshd[18950]: Failed password for root from 120.150.216.161 port 36918 ssh2 Sep 22 20:13:47 server sshd[21396]: Failed password for invalid user oracle from 120.150.216.161 port 48426 ssh2	2020-09-23 17:59:34
51.210.43.189	attack	Sep 23 11:13:19 buvik sshd[3897]: Invalid user minecraft from 51.210.43.189 Sep 23 11:13:19 buvik sshd[3897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.43.189 Sep 23 11:13:20 buvik sshd[3897]: Failed password for invalid user minecraft from 51.210.43.189 port 48908 ssh2 ...	2020-09-23 17:21:01
192.119.71.147	attackspambots	Phishing	2020-09-23 17:37:28
46.162.118.210	attackspambots	Brute-force attempt banned	2020-09-23 17:32:36
3.104.13.187	attackbotsspam	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=443 . dstport=21633 . (3058)	2020-09-23 17:27:40
96.114.71.147	attackbotsspam	Sep 22 21:22:32 124388 sshd[2800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.114.71.147 Sep 22 21:22:32 124388 sshd[2800]: Invalid user administrator from 96.114.71.147 port 38028 Sep 22 21:22:34 124388 sshd[2800]: Failed password for invalid user administrator from 96.114.71.147 port 38028 ssh2 Sep 22 21:25:43 124388 sshd[2935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.114.71.147 user=root Sep 22 21:25:45 124388 sshd[2935]: Failed password for root from 96.114.71.147 port 42356 ssh2	2020-09-23 17:54:55
116.74.135.168	attackspambots	DATE:2020-09-22 18:59:48, IP:116.74.135.168, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-23 17:42:17
124.160.96.249	attack	Sep 23 09:17:25 vps-51d81928 sshd[324532]: Invalid user david from 124.160.96.249 port 51497 Sep 23 09:17:26 vps-51d81928 sshd[324532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.96.249 Sep 23 09:17:25 vps-51d81928 sshd[324532]: Invalid user david from 124.160.96.249 port 51497 Sep 23 09:17:28 vps-51d81928 sshd[324532]: Failed password for invalid user david from 124.160.96.249 port 51497 ssh2 Sep 23 09:22:17 vps-51d81928 sshd[324656]: Invalid user student1 from 124.160.96.249 port 49168 ...	2020-09-23 17:38:32
189.137.90.111	attackbots	20/9/22@13:01:40: FAIL: Alarm-Network address from=189.137.90.111 ...	2020-09-23 17:49:36
45.129.33.8	attackbots	TCP (SYN) 45.129.33.8:53014 -> port 33245, len 44	2020-09-23 17:58:29
103.74.72.249	attack	Unauthorized connection attempt from IP address 103.74.72.249 on Port 445(SMB)	2020-09-23 17:54:01
39.128.250.210	attackspam	Lines containing failures of 39.128.250.210 (max 1000) Sep 22 08:56:27 ks3370873 sshd[314984]: Invalid user admin from 39.128.250.210 port 4271 Sep 22 08:56:27 ks3370873 sshd[314984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.128.250.210 Sep 22 08:56:29 ks3370873 sshd[314984]: Failed password for invalid user admin from 39.128.250.210 port 4271 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=39.128.250.210	2020-09-23 17:25:29
176.111.176.71	attackbots	Sep 22 17:01:45 ssh2 sshd[20502]: User root from 176.111.176.71 not allowed because not listed in AllowUsers Sep 22 17:01:45 ssh2 sshd[20502]: Failed password for invalid user root from 176.111.176.71 port 36688 ssh2 Sep 22 17:01:45 ssh2 sshd[20502]: Connection closed by invalid user root 176.111.176.71 port 36688 [preauth] ...	2020-09-23 17:28:10
2.187.37.43	attackbots	Port probing on unauthorized port 445	2020-09-23 17:43:12

Recently Reported IPs

195.158.227.51	191.53.221.214	191.53.220.113	191.53.193.218
189.91.3.46	177.154.230.21	177.137.195.236	177.8.196.81
138.122.97.156	131.196.93.95	103.237.57.102	103.198.80.45
103.77.228.121	93.99.134.46	91.222.58.125	69.94.131.46
63.82.52.87	63.82.48.254	63.82.48.200	46.45.109.3