85.14.245.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: myLoc managed IT AG

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
85.14.245.40	attack	lfd: (smtpauth) Failed SMTP AUTH login from 85.14.245.40 (srv83039.dus2.fastwebserver.de): 5 in the last 3600 secs - Sun Jul 22 08:27:34 2018	2020-02-24 23:10:49
85.14.245.154	attackbots	Repeated RDP login failures. Last user: alex	2020-02-22 04:57:34
85.14.245.153	attackspam	scan r	2019-11-05 02:14:35
85.14.245.149	attackbots	Honeypot hit.	2019-10-24 06:54:14
85.14.245.156	attack	webserver:80 [09/Oct/2019] "\x03" 400 0 webserver:80 [09/Oct/2019] "\x03" 400 0 webserver:80 [08/Oct/2019] "\x03" 400 0	2019-10-10 04:49:24
85.14.245.221	attackbots	rdp	2019-10-05 00:04:30
85.14.245.149	attack	Many RDP login attempts detected by IDS script	2019-07-18 11:05:40
85.14.245.158	attackbotsspam	Bruteforcing port 3389 (Remote Desktop) - Exceed maximum 10 attempts/hour	2019-07-14 09:35:56
85.14.245.157	attack	3389BruteforceFW22	2019-07-01 03:59:03
85.14.245.221	attackspambots	RDP Brute-Force (Grieskirchen RZ1)	2019-06-23 03:30:05

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.14.245.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52395
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.14.245.124.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040402 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 05:26:36 +08 2019
;; MSG SIZE  rcvd: 117

Host info

124.245.14.85.in-addr.arpa domain name pointer srv84043.dus2.fastwebserver.de.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
124.245.14.85.in-addr.arpa	name = srv84043.dus2.fastwebserver.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
208.80.162.121	attack	Jul 1 23:42:01 **** sshd[25940]: User mysql from 208.80.162.121 not allowed because not listed in AllowUsers	2019-07-02 07:56:42
185.101.160.67	attackbots	NAME : ES-IPONET-20150526 CIDR : 185.101.160.0/22 DDoS attack Spain - block certain countries :) IP: 185.101.160.67 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-02 08:07:10
190.113.142.197	attack	Jul 2 00:08:58 mail sshd\[325\]: Invalid user mwang2 from 190.113.142.197 port 59849 Jul 2 00:08:58 mail sshd\[325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.113.142.197 ...	2019-07-02 08:19:04
37.187.127.13	attackbotsspam	Jul 2 01:09:31 v22018076622670303 sshd\[16105\]: Invalid user sy from 37.187.127.13 port 43458 Jul 2 01:09:31 v22018076622670303 sshd\[16105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.127.13 Jul 2 01:09:33 v22018076622670303 sshd\[16105\]: Failed password for invalid user sy from 37.187.127.13 port 43458 ssh2 ...	2019-07-02 08:05:26
159.203.179.230	attackbots	Jul 2 01:08:54 icinga sshd[28850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.179.230 Jul 2 01:08:56 icinga sshd[28850]: Failed password for invalid user yv from 159.203.179.230 port 53164 ssh2 ...	2019-07-02 08:20:28
109.51.41.148	attack	SS5,WP GET /wp-login.php	2019-07-02 08:10:26
118.41.132.101	attackspambots	Jul 1 22:15:14 pi01 sshd[27132]: Connection from 118.41.132.101 port 50580 on 192.168.1.10 port 22 Jul 1 22:15:15 pi01 sshd[27132]: Invalid user changeme from 118.41.132.101 port 50580 Jul 1 22:15:15 pi01 sshd[27132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.41.132.101 Jul 1 22:15:17 pi01 sshd[27132]: Failed password for invalid user changeme from 118.41.132.101 port 50580 ssh2 Jul 1 22:15:17 pi01 sshd[27132]: Connection closed by 118.41.132.101 port 50580 [preauth] Jul 1 22:51:40 pi01 sshd[28159]: Connection from 118.41.132.101 port 59892 on 192.168.1.10 port 22 Jul 1 22:51:41 pi01 sshd[28159]: Invalid user admin from 118.41.132.101 port 59892 Jul 1 22:51:42 pi01 sshd[28159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.41.132.101 Jul 1 22:51:44 pi01 sshd[28159]: Failed password for invalid user admin from 118.41.132.101 port 59892 ssh2 Jul 1 22:51:44 pi01 sshd[2........ -------------------------------	2019-07-02 08:22:05
159.203.77.51	attack	Jul 2 01:58:31 v22018076622670303 sshd\[16426\]: Invalid user alien from 159.203.77.51 port 60760 Jul 2 01:58:31 v22018076622670303 sshd\[16426\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.77.51 Jul 2 01:58:33 v22018076622670303 sshd\[16426\]: Failed password for invalid user alien from 159.203.77.51 port 60760 ssh2 ...	2019-07-02 08:01:47
202.155.234.28	attack	Jul 1 19:56:47 vps200512 sshd\[4359\]: Invalid user servers from 202.155.234.28 Jul 1 19:56:47 vps200512 sshd\[4359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.155.234.28 Jul 1 19:56:49 vps200512 sshd\[4359\]: Failed password for invalid user servers from 202.155.234.28 port 58977 ssh2 Jul 1 20:06:17 vps200512 sshd\[4576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.155.234.28 user=root Jul 1 20:06:20 vps200512 sshd\[4576\]: Failed password for root from 202.155.234.28 port 48119 ssh2	2019-07-02 08:17:47
192.227.248.55	attackbotsspam	1,14-04/04 concatform PostRequest-Spammer scoring: Dodoma	2019-07-02 08:26:32
104.40.150.218	attackspam	Jul 2 01:58:20 meumeu sshd[8877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.40.150.218 Jul 2 01:58:22 meumeu sshd[8877]: Failed password for invalid user mao from 104.40.150.218 port 37220 ssh2 Jul 2 02:00:58 meumeu sshd[9410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.40.150.218 ...	2019-07-02 08:27:19
104.248.65.180	attack	Jul 1 18:43:19 aat-srv002 sshd[17128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.65.180 Jul 1 18:43:21 aat-srv002 sshd[17128]: Failed password for invalid user riley from 104.248.65.180 port 49702 ssh2 Jul 1 18:45:37 aat-srv002 sshd[17164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.65.180 Jul 1 18:45:39 aat-srv002 sshd[17164]: Failed password for invalid user ja from 104.248.65.180 port 46874 ssh2 ...	2019-07-02 07:51:23
74.208.24.100	attack	Jul 1 19:45:06 * sshd[13330]: Invalid user deploy from 74.208.24.100 port 53328 Jul 1 19:45:08 * sshd[13330]: Failed password for invalid user deploy from 74.208.24.100 port 53328 ssh2 Jul 1 19:45:08 * sshd[13330]: Received disconnect from 74.208.24.100 port 53328:11: Bye Bye [preauth] Jul 1 19:45:08 * sshd[13330]: Disconnected from 74.208.24.100 port 53328 [preauth] Jul 1 19:45:12 * sshd[13428]: Invalid user deploy from 74.208.24.100 port 50838 Jul 1 19:45:14 * sshd[13428]: Failed password for invalid user deploy from 74.208.24.100 port 50838 ssh2 Jul 1 19:45:14 * sshd[13428]: Received disconnect from 74.208.24.100 port 50838:11: Bye Bye [preauth] Jul 1 19:45:14 * sshd[13428]: Disconnected from 74.208.24.100 port 50838 [preauth] Jul 1 19:47:22 * sshd[15919]: Invalid user sammy from 74.208.24.100 port 48666 Jul 1 19:47:25 * sshd[15919]: Failed password for invalid user sammy from 74.208.24.100 port 48666 ssh2 Jul 1 19:47:25 *** sshd[15919]........ -------------------------------	2019-07-02 08:11:40
106.12.5.96	attackspam	Jul 2 01:50:29 ns41 sshd[31788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.5.96	2019-07-02 07:58:47
45.106.169.243	attackspambots	Trying to deliver email spam, but blocked by RBL	2019-07-02 08:25:18

Recently Reported IPs

178.60.39.61	185.154.23.144	83.220.168.142	105.225.101.118
183.129.230.78	37.255.249.158	219.151.22.48	89.250.82.53
61.223.168.58	54.165.122.34	198.108.67.62	181.84.77.220
196.28.229.35	195.120.134.15	18.228.38.158	185.186.77.105
192.241.159.27	177.184.192.50	149.200.220.103	146.0.134.242