85.25.91.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Host Europe GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	2020-05-08T06:14:52.747944linuxbox-skyline sshd[21728]: Invalid user dev from 85.25.91.142 port 20745 ...	2020-05-08 21:48:54
attackspambots	May 8 10:31:00 ns3164893 sshd[23165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.25.91.142 May 8 10:31:02 ns3164893 sshd[23165]: Failed password for invalid user dev from 85.25.91.142 port 53001 ssh2 ...	2020-05-08 17:36:41

Type

Details

Datetime

attackbots

2020-05-08T06:14:52.747944linuxbox-skyline sshd[21728]: Invalid user dev from 85.25.91.142 port 20745
...

2020-05-08 21:48:54

attackspambots

May  8 10:31:00 ns3164893 sshd[23165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.25.91.142
May  8 10:31:02 ns3164893 sshd[23165]: Failed password for invalid user dev from 85.25.91.142 port 53001 ssh2
...

2020-05-08 17:36:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.25.91.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48439
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.25.91.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050101 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 11:27:17 +08 2019
;; MSG SIZE  rcvd: 116

Host info

142.91.25.85.in-addr.arpa domain name pointer mail.lexxunity.de.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
142.91.25.85.in-addr.arpa	name = mail.lexxunity.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.37.12.106	attackbots	19/7/9@13:56:44: FAIL: IoT-Telnet address from=51.37.12.106 ...	2019-07-10 05:00:07
222.239.225.115	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-10 04:52:13
108.166.34.250	attackspambots	Spam	2019-07-10 05:08:54
90.184.153.35	attackbotsspam	Honeypot attack, port: 23, PTR: 0206702031.0.fullrate.ninja.	2019-07-10 05:04:48
115.248.117.84	attackbots	DATE:2019-07-09 15:26:00, IP:115.248.117.84, PORT:ssh brute force auth on SSH service (patata)	2019-07-10 05:28:38
54.39.145.59	attackspam	Jul 9 16:39:22 vps647732 sshd[5455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.145.59 Jul 9 16:39:25 vps647732 sshd[5455]: Failed password for invalid user alexk from 54.39.145.59 port 39950 ssh2 ...	2019-07-10 05:37:50
126.72.82.173	attackspambots	Brute force attempt	2019-07-10 05:38:33
188.166.1.123	attackbotsspam	Jul 9 23:49:28 srv-4 sshd\[25040\]: Invalid user holland from 188.166.1.123 Jul 9 23:49:28 srv-4 sshd\[25040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.1.123 Jul 9 23:49:30 srv-4 sshd\[25040\]: Failed password for invalid user holland from 188.166.1.123 port 47948 ssh2 ...	2019-07-10 05:34:35
185.220.101.31	attack	2019-07-09T20:47:15.250412scmdmz1 sshd\[26165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.31 user=root 2019-07-09T20:47:16.790797scmdmz1 sshd\[26165\]: Failed password for root from 185.220.101.31 port 42337 ssh2 2019-07-09T20:47:19.323059scmdmz1 sshd\[26165\]: Failed password for root from 185.220.101.31 port 42337 ssh2 ...	2019-07-10 05:12:40
193.169.252.142	attackbots	Jul 9 21:53:01 mail postfix/smtpd\[20221\]: warning: unknown\[193.169.252.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 9 22:31:47 mail postfix/smtpd\[20948\]: warning: unknown\[193.169.252.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 9 22:51:12 mail postfix/smtpd\[21440\]: warning: unknown\[193.169.252.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 9 23:10:50 mail postfix/smtpd\[21831\]: warning: unknown\[193.169.252.142\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-07-10 05:22:11
183.129.160.229	attackbots	firewall-block, port(s): 51684/tcp	2019-07-10 05:16:09
185.220.101.34	attackbots	Jul 9 19:51:21 km20725 sshd\[1608\]: Failed password for root from 185.220.101.34 port 45008 ssh2Jul 9 19:51:24 km20725 sshd\[1608\]: Failed password for root from 185.220.101.34 port 45008 ssh2Jul 9 19:51:26 km20725 sshd\[1608\]: Failed password for root from 185.220.101.34 port 45008 ssh2Jul 9 19:51:29 km20725 sshd\[1608\]: Failed password for root from 185.220.101.34 port 45008 ssh2 ...	2019-07-10 05:29:05
162.243.136.28	attackspambots	Port scan attempt detected by AWS-CCS, CTS, India	2019-07-10 05:15:12
5.126.123.129	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 16:19:25,476 INFO [shellcode_manager] (5.126.123.129) no match, writing hexdump (1b2c9fcb828a6ac7a2ca7e05b800aa4b :2114652) - MS17010 (EternalBlue)	2019-07-10 05:32:32
223.133.243.28	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-10 05:27:24

Recently Reported IPs

31.145.150.194	125.227.91.97	207.180.222.104	5.157.96.66
212.47.228.121	235.230.33.3	186.74.190.46	191.113.168.101
78.56.102.89	140.149.185.140	114.5.147.207	36.70.175.50
54.109.215.195	113.184.21.80	31.171.157.129	125.24.156.81
113.160.182.240	58.113.216.47	182.74.216.234	115.74.210.81