85.214.66.254 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
85.214.66.94	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-09 20:16:51
85.214.66.94	attack	85.214.66.94 - - \[09/Sep/2020:03:10:59 +0200\] "POST /wp-login.php HTTP/1.0" 200 8625 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 85.214.66.94 - - \[09/Sep/2020:03:11:00 +0200\] "POST /wp-login.php HTTP/1.0" 200 8409 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 85.214.66.94 - - \[09/Sep/2020:03:11:00 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-09 14:14:09
85.214.66.94	attack	xmlrpc attack	2020-09-09 06:25:22
85.214.66.156	attackbots	85.214.66.156 - - \[01/Sep/2020:00:04:49 +0200\] "POST /wp-login.php HTTP/1.1" 200 12822 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 85.214.66.156 - - \[01/Sep/2020:00:04:49 +0200\] "POST /wp-login.php HTTP/1.1" 200 12657 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2020-09-01 06:26:23
85.214.66.157	attack	Apr 11 21:42:07 debian-2gb-nbg1-2 kernel: \[8893129.116318\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=85.214.66.157 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=17374 PROTO=TCP SPT=56279 DPT=43389 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-12 04:57:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.214.66.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38386
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;85.214.66.254.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025011200 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 20:36:30 CST 2025
;; MSG SIZE  rcvd: 106

Host info

254.66.214.85.in-addr.arpa domain name pointer h2883945.stratoserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
254.66.214.85.in-addr.arpa	name = h2883945.stratoserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.164.196	attackbots	xmlrpc attack	2019-12-04 06:48:13
180.76.119.34	attackspam	Dec 3 18:06:39 MK-Soft-Root2 sshd[23654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.119.34 Dec 3 18:06:41 MK-Soft-Root2 sshd[23654]: Failed password for invalid user singleton from 180.76.119.34 port 60538 ssh2 ...	2019-12-04 06:30:23
114.98.225.210	attackspambots	Dec 3 23:36:14 v22018086721571380 sshd[9452]: Failed password for invalid user mysql from 114.98.225.210 port 37762 ssh2 Dec 3 23:44:12 v22018086721571380 sshd[10437]: Failed password for invalid user deng from 114.98.225.210 port 46953 ssh2	2019-12-04 06:49:57
157.245.182.105	attackspam	DATE:2019-12-03 15:22:59, IP:157.245.182.105, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-12-04 06:28:24
152.136.102.131	attackspam	Dec 3 23:16:01 mail sshd[3388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.102.131 Dec 3 23:16:04 mail sshd[3388]: Failed password for invalid user scatena from 152.136.102.131 port 52042 ssh2 Dec 3 23:21:46 mail sshd[5951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.102.131	2019-12-04 06:31:52
202.106.93.46	attack	Dec 3 22:36:12 MK-Soft-VM6 sshd[21586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.106.93.46 Dec 3 22:36:14 MK-Soft-VM6 sshd[21586]: Failed password for invalid user rich from 202.106.93.46 port 47010 ssh2 ...	2019-12-04 06:26:04
106.12.13.138	attackspam	Dec 3 17:25:10 linuxvps sshd\[63730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.138 user=root Dec 3 17:25:12 linuxvps sshd\[63730\]: Failed password for root from 106.12.13.138 port 40986 ssh2 Dec 3 17:32:00 linuxvps sshd\[2582\]: Invalid user alan from 106.12.13.138 Dec 3 17:32:00 linuxvps sshd\[2582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.138 Dec 3 17:32:02 linuxvps sshd\[2582\]: Failed password for invalid user alan from 106.12.13.138 port 50022 ssh2	2019-12-04 06:46:08
128.199.133.114	attack	128.199.133.114 - - \[03/Dec/2019:23:32:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 128.199.133.114 - - \[03/Dec/2019:23:32:11 +0100\] "POST /wp-login.php HTTP/1.0" 200 3955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 128.199.133.114 - - \[03/Dec/2019:23:32:13 +0100\] "POST /wp-login.php HTTP/1.0" 200 3952 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-12-04 06:35:02
73.26.171.198	attack	Dec 3 21:50:23 vtv3 sshd[22260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.26.171.198 Dec 3 21:50:25 vtv3 sshd[22260]: Failed password for invalid user haugen from 73.26.171.198 port 35362 ssh2 Dec 3 21:56:34 vtv3 sshd[25158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.26.171.198 Dec 3 22:12:01 vtv3 sshd[554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.26.171.198 Dec 3 22:12:03 vtv3 sshd[554]: Failed password for invalid user jamiece from 73.26.171.198 port 60688 ssh2 Dec 3 22:17:50 vtv3 sshd[3406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.26.171.198 Dec 3 22:30:58 vtv3 sshd[9886]: Failed password for root from 73.26.171.198 port 40132 ssh2 Dec 3 22:36:57 vtv3 sshd[13295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.26.171.198 Dec 3 22:36:59 vtv3 sshd[13295]	2019-12-04 06:35:15
217.61.15.38	attackspam	F2B jail: sshd. Time: 2019-12-03 23:32:17, Reported by: VKReport	2019-12-04 06:33:24
51.38.83.164	attackspam	Dec 3 23:26:00 meumeu sshd[27676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.83.164 Dec 3 23:26:02 meumeu sshd[27676]: Failed password for invalid user mercat from 51.38.83.164 port 39162 ssh2 Dec 3 23:35:16 meumeu sshd[29096]: Failed password for root from 51.38.83.164 port 52760 ssh2 ...	2019-12-04 06:47:47
118.24.56.143	attackbots	Dec 3 23:16:57 localhost sshd[39677]: Failed password for invalid user server from 118.24.56.143 port 60782 ssh2 Dec 3 23:24:44 localhost sshd[39942]: Failed password for invalid user wen from 118.24.56.143 port 48730 ssh2 Dec 3 23:32:00 localhost sshd[40299]: Failed password for invalid user ts3 from 118.24.56.143 port 58296 ssh2	2019-12-04 06:48:40
149.56.131.73	attackbots	Dec 4 03:32:15 gw1 sshd[19108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.131.73 Dec 4 03:32:17 gw1 sshd[19108]: Failed password for invalid user ed from 149.56.131.73 port 60984 ssh2 ...	2019-12-04 06:34:14
40.127.187.136	attack	TCP Port Scanning	2019-12-04 06:35:55
143.0.52.117	attackspam	2019-12-03T22:32:09.304641abusebot-8.cloudsearch.cf sshd\[21466\]: Invalid user kohaku from 143.0.52.117 port 55994	2019-12-04 06:41:29

Recently Reported IPs

136.110.37.159	142.17.31.255	20.237.132.106	50.196.69.116
106.14.77.122	151.153.124.140	9.228.65.128	80.65.51.69
111.206.210.48	132.0.152.195	146.56.235.167	34.124.195.163
87.242.44.134	196.250.34.148	147.96.78.26	238.59.154.130
77.238.182.48	162.129.121.15	23.199.56.80	108.37.172.11