85.247.150.173

Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: PT Comunicacoes S.A.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Aug 24 14:34:50 eventyay sshd[28325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.247.150.173 Aug 24 14:34:52 eventyay sshd[28325]: Failed password for invalid user ts3server from 85.247.150.173 port 58102 ssh2 Aug 24 14:40:42 eventyay sshd[28787]: Failed password for root from 85.247.150.173 port 54530 ssh2 ...	2020-08-25 01:33:11
attack	Aug 17 08:03:52 vps647732 sshd[18517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.247.150.173 Aug 17 08:03:54 vps647732 sshd[18517]: Failed password for invalid user xiaohui from 85.247.150.173 port 56768 ssh2 ...	2020-08-17 14:14:22
attackspambots	Aug 13 08:36:37 nextcloud sshd\[22740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.247.150.173 user=root Aug 13 08:36:38 nextcloud sshd\[22740\]: Failed password for root from 85.247.150.173 port 56476 ssh2 Aug 13 08:48:19 nextcloud sshd\[2890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.247.150.173 user=root	2020-08-13 15:45:46
attackbots	Aug 11 18:39:38 firewall sshd[16976]: Failed password for root from 85.247.150.173 port 59514 ssh2 Aug 11 18:43:57 firewall sshd[17129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.247.150.173 user=root Aug 11 18:43:59 firewall sshd[17129]: Failed password for root from 85.247.150.173 port 42586 ssh2 ...	2020-08-12 05:58:23
attackspambots	Aug 6 16:27:57 jane sshd[21404]: Failed password for root from 85.247.150.173 port 60594 ssh2 ...	2020-08-06 23:48:13
attackspam	Jul 24 07:12:34 sip sshd[1059693]: Invalid user jca from 85.247.150.173 port 59644 Jul 24 07:12:37 sip sshd[1059693]: Failed password for invalid user jca from 85.247.150.173 port 59644 ssh2 Jul 24 07:20:49 sip sshd[1059860]: Invalid user demo from 85.247.150.173 port 46640 ...	2020-07-24 13:42:36

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.247.150.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58054
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.247.150.173.			IN	A

;; AUTHORITY SECTION:
.			204	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020063001 1800 900 604800 86400

;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 01 04:38:35 CST 2020
;; MSG SIZE  rcvd: 118

Host info

173.150.247.85.in-addr.arpa domain name pointer bl14-150-173.dsl.telepac.pt.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
173.150.247.85.in-addr.arpa	name = bl14-150-173.dsl.telepac.pt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.110.89.148	attackspambots	frenzy	2019-10-17 03:51:50
125.64.94.212	attackspambots	Port scan: Attack repeated for 24 hours	2019-10-17 03:42:13
182.76.165.75	attack	2019-10-16T19:29:46.073756abusebot-2.cloudsearch.cf sshd\[11897\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.76.165.75 user=root	2019-10-17 03:42:56
45.172.79.232	attackspam	Oct 16 13:36:24 our-server-hostname postfix/smtpd[15335]: connect from unknown[45.172.79.232] Oct x@x Oct x@x Oct x@x Oct x@x Oct 16 13:36:29 our-server-hostname postfix/smtpd[15335]: lost connection after RCPT from unknown[45.172.79.232] Oct 16 13:36:29 our-server-hostname postfix/smtpd[15335]: disconnect from unknown[45.172.79.232] Oct 16 14:44:48 our-server-hostname postfix/smtpd[20452]: connect from unknown[45.172.79.232] Oct x@x Oct x@x Oct x@x Oct x@x Oct x@x Oct 16 14:44:58 our-server-hostname postfix/smtpd[20452]: lost connection after RCPT from unknown[45.172.79.232] Oct 16 14:44:58 our-server-hostname postfix/smtpd[20452]: disconnect from unknown[45.172.79.232] Oct 16 14:51:24 our-server-hostname postfix/smtpd[21800]: connect from unknown[45.172.79.232] Oct x@x Oct x@x Oct x@x Oct x@x Oct 16 14:51:32 our-server-hostname postfix/smtpd[19088]: connect from unknown[45.172.79.232] Oct x@x Oct x@x Oct x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=	2019-10-17 03:54:44
94.47.218.206	attackbots	B: Magento admin pass /admin/ test (wrong country)	2019-10-17 03:56:32
222.186.180.9	attack	Oct 16 16:55:13 firewall sshd[31208]: Failed password for root from 222.186.180.9 port 49198 ssh2 Oct 16 16:55:26 firewall sshd[31208]: error: maximum authentication attempts exceeded for root from 222.186.180.9 port 49198 ssh2 [preauth] Oct 16 16:55:26 firewall sshd[31208]: Disconnecting: Too many authentication failures [preauth] ...	2019-10-17 04:12:49
106.13.144.8	attackbots	Oct 16 22:13:29 server sshd\[31208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 user=root Oct 16 22:13:31 server sshd\[31208\]: Failed password for root from 106.13.144.8 port 52644 ssh2 Oct 16 22:29:37 server sshd\[2834\]: Invalid user timemachine from 106.13.144.8 Oct 16 22:29:37 server sshd\[2834\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 Oct 16 22:29:38 server sshd\[2834\]: Failed password for invalid user timemachine from 106.13.144.8 port 35232 ssh2 ...	2019-10-17 03:46:48
91.208.253.222	attack	Sent mail to address hacked/leaked from Dailymotion	2019-10-17 04:01:54
221.142.135.128	attack	$f2bV_matches	2019-10-17 03:53:06
45.125.66.183	attackbotsspam	Oct 16 21:21:09 vmanager6029 postfix/smtpd\[13417\]: warning: unknown\[45.125.66.183\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 16 21:28:44 vmanager6029 postfix/smtpd\[14103\]: warning: unknown\[45.125.66.183\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-17 04:17:32
93.185.75.61	attackbotsspam	" "	2019-10-17 03:54:00
185.216.140.180	attackspambots	10/16/2019-16:15:57.657366 185.216.140.180 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-17 04:16:25
89.40.122.128	attack	Oct 16 21:42:40 ns381471 sshd[21069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.40.122.128 Oct 16 21:42:42 ns381471 sshd[21069]: Failed password for invalid user p4ssw0rd2017 from 89.40.122.128 port 38066 ssh2 Oct 16 21:45:59 ns381471 sshd[21183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.40.122.128	2019-10-17 03:54:16
51.15.87.74	attackbots	Automatic report - Banned IP Access	2019-10-17 03:41:29
124.205.224.179	attackspam	Lines containing failures of 124.205.224.179 Oct 16 21:22:17 shared09 sshd[17626]: Invalid user mwilheim from 124.205.224.179 port 43942 Oct 16 21:22:17 shared09 sshd[17626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.205.224.179 Oct 16 21:22:19 shared09 sshd[17626]: Failed password for invalid user mwilheim from 124.205.224.179 port 43942 ssh2 Oct 16 21:22:19 shared09 sshd[17626]: Received disconnect from 124.205.224.179 port 43942:11: Bye Bye [preauth] Oct 16 21:22:19 shared09 sshd[17626]: Disconnected from invalid user mwilheim 124.205.224.179 port 43942 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=124.205.224.179	2019-10-17 03:42:41

Recently Reported IPs

121.36.56.246	103.104.119.173	103.207.39.31	182.253.242.68
182.149.162.30	66.113.163.81	120.131.11.49	85.140.92.25
212.139.118.42	157.52.193.110	37.191.71.108	214.14.128.157
91.246.196.220	136.252.191.82	240.96.145.247	228.24.186.137
130.132.223.149	41.211.37.216	130.17.5.69	233.207.245.125