85.25.91.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Host Europe GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	2020-05-08T06:14:52.747944linuxbox-skyline sshd[21728]: Invalid user dev from 85.25.91.142 port 20745 ...	2020-05-08 21:48:54
attackspambots	May 8 10:31:00 ns3164893 sshd[23165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.25.91.142 May 8 10:31:02 ns3164893 sshd[23165]: Failed password for invalid user dev from 85.25.91.142 port 53001 ssh2 ...	2020-05-08 17:36:41

Type

Details

Datetime

attackbots

2020-05-08T06:14:52.747944linuxbox-skyline sshd[21728]: Invalid user dev from 85.25.91.142 port 20745
...

2020-05-08 21:48:54

attackspambots

May  8 10:31:00 ns3164893 sshd[23165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.25.91.142
May  8 10:31:02 ns3164893 sshd[23165]: Failed password for invalid user dev from 85.25.91.142 port 53001 ssh2
...

2020-05-08 17:36:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.25.91.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48439
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.25.91.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050101 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 11:27:17 +08 2019
;; MSG SIZE  rcvd: 116

Host info

142.91.25.85.in-addr.arpa domain name pointer mail.lexxunity.de.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
142.91.25.85.in-addr.arpa	name = mail.lexxunity.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.22.158.46	attackspam	445/tcp 445/tcp 445/tcp [2019-06-08/07-04]3pkt	2019-07-04 16:21:46
186.96.125.115	attackbots	proto=tcp . spt=58085 . dpt=25 . (listed on Blocklist de Jul 03) (430)	2019-07-04 15:59:25
104.207.159.104	attack	Automatic report - Web App Attack	2019-07-04 16:27:21
132.232.39.15	attackbots	Jul 4 08:14:01 fr01 sshd[3731]: Invalid user billy from 132.232.39.15 Jul 4 08:14:01 fr01 sshd[3731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.39.15 Jul 4 08:14:01 fr01 sshd[3731]: Invalid user billy from 132.232.39.15 Jul 4 08:14:03 fr01 sshd[3731]: Failed password for invalid user billy from 132.232.39.15 port 55762 ssh2 ...	2019-07-04 16:36:35
107.170.192.236	attackbotsspam	Port scan: Attack repeated for 24 hours	2019-07-04 16:02:34
186.248.175.2	attackspambots	proto=tcp . spt=36263 . dpt=25 . (listed on Blocklist de Jul 03) (433)	2019-07-04 15:52:08
185.36.81.173	attackbots	Rude login attack (6 tries in 1d)	2019-07-04 15:58:58
37.191.209.83	attackspambots	2323/tcp 23/tcp... [2019-06-05/07-04]5pkt,2pt.(tcp)	2019-07-04 16:33:35
190.216.64.2	attackspam	Jul 4 08:15:14 mail postfix/smtpd\[27797\]: NOQUEUE: reject: RCPT from unknown\[190.216.64.2\]: 554 5.7.1 Service unavailable\; Client host \[190.216.64.2\] blocked using zen.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/190.216.64.2\; from=\ to=\ proto=ESMTP helo=\<201-234-146-44.static.impsat.net.ar\>\	2019-07-04 15:54:56
45.218.220.242	attack	Web Probe / Attack	2019-07-04 16:12:35
170.247.41.25	attack	2019-07-03T09:58:07.315629stt-1.[munged] kernel: [6193910.654327] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=170.247.41.25 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=48338 PROTO=TCP SPT=31380 DPT=37215 WINDOW=24972 RES=0x00 SYN URGP=0 2019-07-03T11:03:42.030132stt-1.[munged] kernel: [6197845.356400] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=170.247.41.25 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=39349 PROTO=TCP SPT=31380 DPT=37215 WINDOW=24972 RES=0x00 SYN URGP=0 2019-07-04T02:14:41.762077stt-1.[munged] kernel: [6252504.914084] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=170.247.41.25 DST=[mungedIP1] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=27367 PROTO=TCP SPT=31380 DPT=37215 WINDOW=24972 RES=0x00 SYN URGP=0	2019-07-04 16:16:13
216.155.93.77	attack	Unauthorized SSH login attempts	2019-07-04 16:14:04
46.22.138.127	attack	404 NOT FOUND	2019-07-04 15:54:41
37.1.202.186	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-06-24/07-04]5pkt,1pt.(tcp)	2019-07-04 15:53:39
113.20.99.193	attackbots	445/tcp 445/tcp [2019-06-21/07-04]2pkt	2019-07-04 15:47:43

Recently Reported IPs

31.145.150.194	125.227.91.97	207.180.222.104	5.157.96.66
212.47.228.121	235.230.33.3	186.74.190.46	191.113.168.101
78.56.102.89	140.149.185.140	114.5.147.207	36.70.175.50
54.109.215.195	113.184.21.80	31.171.157.129	125.24.156.81
113.160.182.240	58.113.216.47	182.74.216.234	115.74.210.81