85.214.138.127

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Strato AG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user iue from 85.214.138.127 port 40236	2020-06-14 06:13:49
attackspam	Jun 10 17:42:44 zn008 sshd[9170]: Failed password for r.r from 85.214.138.127 port 50190 ssh2 Jun 10 17:42:44 zn008 sshd[9170]: Received disconnect from 85.214.138.127: 11: Bye Bye [preauth] Jun 10 17:59:52 zn008 sshd[10756]: Failed password for r.r from 85.214.138.127 port 39336 ssh2 Jun 10 17:59:52 zn008 sshd[10756]: Received disconnect from 85.214.138.127: 11: Bye Bye [preauth] Jun 10 18:03:42 zn008 sshd[11543]: Failed password for r.r from 85.214.138.127 port 58648 ssh2 Jun 10 18:03:42 zn008 sshd[11543]: Received disconnect from 85.214.138.127: 11: Bye Bye [preauth] Jun 10 18:07:25 zn008 sshd[12010]: Invalid user jumper from 85.214.138.127 Jun 10 18:07:28 zn008 sshd[12010]: Failed password for invalid user jumper from 85.214.138.127 port 46638 ssh2 Jun 10 18:07:28 zn008 sshd[12010]: Received disconnect from 85.214.138.127: 11: Bye Bye [preauth] Jun 10 18:11:10 zn008 sshd[12494]: Invalid user penelope from 85.214.138.127 Jun 10 18:11:12 zn008 sshd[12494]: Failed pass........ -------------------------------	2020-06-11 07:41:40

Type

Details

Datetime

attackspambots

Invalid user iue from 85.214.138.127 port 40236

2020-06-14 06:13:49

attackspam

Jun 10 17:42:44 zn008 sshd[9170]: Failed password for r.r from 85.214.138.127 port 50190 ssh2
Jun 10 17:42:44 zn008 sshd[9170]: Received disconnect from 85.214.138.127: 11: Bye Bye [preauth]
Jun 10 17:59:52 zn008 sshd[10756]: Failed password for r.r from 85.214.138.127 port 39336 ssh2
Jun 10 17:59:52 zn008 sshd[10756]: Received disconnect from 85.214.138.127: 11: Bye Bye [preauth]
Jun 10 18:03:42 zn008 sshd[11543]: Failed password for r.r from 85.214.138.127 port 58648 ssh2
Jun 10 18:03:42 zn008 sshd[11543]: Received disconnect from 85.214.138.127: 11: Bye Bye [preauth]
Jun 10 18:07:25 zn008 sshd[12010]: Invalid user jumper from 85.214.138.127
Jun 10 18:07:28 zn008 sshd[12010]: Failed password for invalid user jumper from 85.214.138.127 port 46638 ssh2
Jun 10 18:07:28 zn008 sshd[12010]: Received disconnect from 85.214.138.127: 11: Bye Bye [preauth]
Jun 10 18:11:10 zn008 sshd[12494]: Invalid user penelope from 85.214.138.127
Jun 10 18:11:12 zn008 sshd[12494]: Failed pass........
-------------------------------

2020-06-11 07:41:40

Comments on same subnet:

IP	Type	Details	Datetime
85.214.138.57	attackspam	xmlrpc attack	2019-07-24 05:26:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.214.138.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42060
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.214.138.127.			IN	A

;; AUTHORITY SECTION:
.			231	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061001 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 07:41:35 CST 2020
;; MSG SIZE  rcvd: 118

Host info

127.138.214.85.in-addr.arpa domain name pointer h1738054.stratoserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
127.138.214.85.in-addr.arpa	name = h1738054.stratoserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.67.233.74	attackspambots	Invalid user sammy from 114.67.233.74 port 51348	2020-03-24 15:52:56
106.12.108.170	attackbots	Mar 24 07:31:25 dev0-dcde-rnet sshd[27197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.108.170 Mar 24 07:31:27 dev0-dcde-rnet sshd[27197]: Failed password for invalid user oracle from 106.12.108.170 port 60018 ssh2 Mar 24 07:50:49 dev0-dcde-rnet sshd[27493]: Failed password for proxy from 106.12.108.170 port 50920 ssh2	2020-03-24 15:54:12
51.91.122.140	attackbotsspam	Mar 24 02:22:56 ny01 sshd[20424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.122.140 Mar 24 02:22:58 ny01 sshd[20424]: Failed password for invalid user wara from 51.91.122.140 port 44668 ssh2 Mar 24 02:29:00 ny01 sshd[23298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.122.140	2020-03-24 16:09:03
164.132.54.215	attackbotsspam	Invalid user aion from 164.132.54.215 port 55436	2020-03-24 15:41:49
188.125.43.160	attackspambots	Automatic report - Banned IP Access	2020-03-24 16:11:43
180.101.221.152	attackbotsspam	(sshd) Failed SSH login from 180.101.221.152 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 24 08:25:36 srv sshd[17027]: Invalid user user from 180.101.221.152 port 45230 Mar 24 08:25:38 srv sshd[17027]: Failed password for invalid user user from 180.101.221.152 port 45230 ssh2 Mar 24 08:32:30 srv sshd[17224]: Invalid user iliana from 180.101.221.152 port 42376 Mar 24 08:32:32 srv sshd[17224]: Failed password for invalid user iliana from 180.101.221.152 port 42376 ssh2 Mar 24 08:34:09 srv sshd[17235]: Invalid user hsherman from 180.101.221.152 port 36066	2020-03-24 15:51:41
14.205.240.182	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-24 16:15:56
195.70.59.121	attackspam	Mar 24 07:54:15 jane sshd[22118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.70.59.121 Mar 24 07:54:17 jane sshd[22118]: Failed password for invalid user ivory from 195.70.59.121 port 43854 ssh2 ...	2020-03-24 15:40:16
51.83.33.156	attackbotsspam	Mar 24 06:53:09 mailserver sshd\[21404\]: Invalid user zookeeper from 51.83.33.156 ...	2020-03-24 15:59:38
14.207.240.189	attack	Honeypot attack, port: 445, PTR: mx-ll-14.207.240-189.dynamic.3bb.in.th.	2020-03-24 16:11:16
89.238.154.24	attack	(From selwyncato_2007@yahoo.com) Fwd: Suсcеss Stories - Smart Pаssivе Inсоmе. How tо gеnerаtе $10000 a mоnth in раssivе incоme: http://ewtbrhus.workvillage.net/53	2020-03-24 16:07:43
210.186.122.194	attack	Mar 23 20:42:12 web9 sshd\[14144\]: Invalid user gg from 210.186.122.194 Mar 23 20:42:12 web9 sshd\[14144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.186.122.194 Mar 23 20:42:14 web9 sshd\[14144\]: Failed password for invalid user gg from 210.186.122.194 port 59610 ssh2 Mar 23 20:44:29 web9 sshd\[14588\]: Invalid user steam from 210.186.122.194 Mar 23 20:44:29 web9 sshd\[14588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.186.122.194	2020-03-24 16:16:27
5.196.75.178	attackbotsspam	Mar 24 07:53:12 game-panel sshd[25888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.75.178 Mar 24 07:53:14 game-panel sshd[25888]: Failed password for invalid user user from 5.196.75.178 port 43614 ssh2 Mar 24 08:03:05 game-panel sshd[26428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.75.178	2020-03-24 16:10:35
106.13.188.247	attack	Invalid user tex from 106.13.188.247 port 43516	2020-03-24 16:14:40
222.186.175.23	attackspam	DATE:2020-03-24 08:52:08, IP:222.186.175.23, PORT:ssh SSH brute force auth on honeypot server (epe-honey1-hq)	2020-03-24 16:07:10

Recently Reported IPs

80.78.248.218	124.72.152.163	60.106.93.116	62.61.123.13
177.25.117.29	84.237.233.157	72.176.97.242	121.106.126.232
221.159.52.151	186.226.77.72	42.88.164.118	72.216.50.241
104.203.102.245	98.173.195.192	47.20.56.44	182.2.65.171
191.29.34.83	89.155.110.109	50.220.106.205	120.29.12.245