85.214.89.155 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Strato AG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Repeated RDP login failures. Last user: administrator	2020-06-11 23:20:39
attack	Trying ports that it shouldn't be.	2020-02-18 22:33:45

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.214.89.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19872
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.214.89.155.			IN	A

;; AUTHORITY SECTION:
.			395	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021801 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 22:33:37 CST 2020
;; MSG SIZE  rcvd: 117

Host info

155.89.214.85.in-addr.arpa domain name pointer h2830364.stratoserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
155.89.214.85.in-addr.arpa	name = h2830364.stratoserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.188.206.18	attackspambots	Unauthorized connection attempt detected from IP address 5.188.206.18 to port 3391	2020-06-01 01:03:52
36.37.115.106	attack	Port scan denied	2020-06-01 01:31:06
18.188.166.251	attack	mue-Direct access to plugin not allowed	2020-06-01 01:12:13
195.231.3.21	attackbotsspam	May 31 18:47:21 web01.agentur-b-2.de postfix/smtpd[224674]: warning: unknown[195.231.3.21]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 31 18:47:21 web01.agentur-b-2.de postfix/smtpd[224674]: lost connection after AUTH from unknown[195.231.3.21] May 31 18:47:25 web01.agentur-b-2.de postfix/smtpd[227427]: warning: unknown[195.231.3.21]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 31 18:47:25 web01.agentur-b-2.de postfix/smtpd[226711]: warning: unknown[195.231.3.21]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 31 18:47:25 web01.agentur-b-2.de postfix/smtpd[227427]: lost connection after AUTH from unknown[195.231.3.21] May 31 18:47:25 web01.agentur-b-2.de postfix/smtpd[226711]: lost connection after AUTH from unknown[195.231.3.21]	2020-06-01 01:27:28
101.255.65.138	attackbots	May 31 17:09:47 web01 sshd[19745]: Failed password for root from 101.255.65.138 port 52736 ssh2 ...	2020-06-01 01:13:28
89.140.72.140	attack	(mod_security) mod_security (id:210492) triggered by 89.140.72.140 (ES/Spain/dns23.aclassnet.com): 5 in the last 3600 secs	2020-06-01 01:21:14
18.188.105.92	attackspam	TCP (SYN) 18.188.105.92:53954 -> port 23, len 44	2020-06-01 01:02:52
45.91.101.18	attackbotsspam	TCP (SYN) 45.91.101.18:56513 -> port 23, len 44	2020-06-01 01:00:21
91.121.175.61	attackbots	May 31 14:12:28 nas sshd[14452]: Failed password for root from 91.121.175.61 port 58472 ssh2 May 31 14:24:57 nas sshd[14788]: Failed password for root from 91.121.175.61 port 45900 ssh2 ...	2020-06-01 01:25:25
78.176.131.200	attackspam	Unauthorized connection attempt detected from IP address 78.176.131.200 to port 445	2020-06-01 00:51:50
212.129.38.177	attack	May 31 13:09:35 cdc sshd[10111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.38.177 user=root May 31 13:09:37 cdc sshd[10111]: Failed password for invalid user root from 212.129.38.177 port 33304 ssh2	2020-06-01 01:18:27
51.79.57.12	attackspambots	UDP 51.79.57.12:9090 -> port 5060, len 456	2020-06-01 01:23:00
185.121.69.4	attackbotsspam	xmlrpc attack	2020-06-01 01:20:40
218.92.0.165	attack	May 31 20:06:06 ift sshd\[46176\]: Failed password for root from 218.92.0.165 port 35174 ssh2May 31 20:06:10 ift sshd\[46176\]: Failed password for root from 218.92.0.165 port 35174 ssh2May 31 20:06:12 ift sshd\[46176\]: Failed password for root from 218.92.0.165 port 35174 ssh2May 31 20:06:16 ift sshd\[46176\]: Failed password for root from 218.92.0.165 port 35174 ssh2May 31 20:06:19 ift sshd\[46176\]: Failed password for root from 218.92.0.165 port 35174 ssh2 ...	2020-06-01 01:08:24
49.88.112.115	attackspam	2020-06-01T01:45:57.876244vivaldi2.tree2.info sshd[7290]: refused connect from 49.88.112.115 (49.88.112.115) 2020-06-01T01:46:49.181861vivaldi2.tree2.info sshd[7314]: refused connect from 49.88.112.115 (49.88.112.115) 2020-06-01T01:47:38.826115vivaldi2.tree2.info sshd[7338]: refused connect from 49.88.112.115 (49.88.112.115) 2020-06-01T01:48:29.815012vivaldi2.tree2.info sshd[7390]: refused connect from 49.88.112.115 (49.88.112.115) 2020-06-01T01:49:19.709552vivaldi2.tree2.info sshd[7408]: refused connect from 49.88.112.115 (49.88.112.115) ...	2020-06-01 00:58:41

Recently Reported IPs

115.159.52.15	103.122.45.154	99.80.188.8	2a02:1205:500f:df00:d06a:b437:5c8c:aa02
202.134.13.133	103.122.45.149	94.177.240.164	18.190.20.87
202.134.11.149	186.89.224.207	104.248.153.158	103.122.168.90
191.55.195.51	200.84.72.87	176.59.135.226	77.136.116.32
37.29.117.211	103.122.168.18	80.18.113.223	196.158.28.107