85.192.74.157 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: Centre de Telecomunicacions i Tecnologies de la Informacio de la Generalitat de Catalunya (CTTI)

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 85.192.74.157 to port 2220 [J]	2020-01-08 14:58:31
attack	Unauthorized connection attempt detected from IP address 85.192.74.157 to port 2220 [J]	2020-01-05 20:16:52

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.192.74.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40470
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.192.74.157.			IN	A

;; AUTHORITY SECTION:
.			332	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010500 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 05 20:16:49 CST 2020
;; MSG SIZE  rcvd: 117

Host info

157.74.192.85.in-addr.arpa domain name pointer esc-maragall-lh.xtec.cat.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
157.74.192.85.in-addr.arpa	name = esc-maragall-lh.xtec.cat.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.38.150.94	attackspam	2020-07-15T17:07:12.658073linuxbox-skyline auth[7308]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=goodluvn rhost=46.38.150.94 ...	2020-07-16 07:09:10
52.255.137.117	attackspambots	Invalid user admin from 52.255.137.117 port 43178	2020-07-16 07:07:18
59.127.25.77	attackbotsspam	Jul 16 00:06:41 debian-2gb-nbg1-2 kernel: \[17109363.548132\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=59.127.25.77 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=51608 PROTO=TCP SPT=5713 DPT=23 WINDOW=1089 RES=0x00 SYN URGP=0	2020-07-16 07:06:37
113.125.155.247	attack	Jul 15 17:02:54 server1 sshd\[10696\]: Invalid user as from 113.125.155.247 Jul 15 17:02:54 server1 sshd\[10696\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.155.247 Jul 15 17:02:56 server1 sshd\[10696\]: Failed password for invalid user as from 113.125.155.247 port 54047 ssh2 Jul 15 17:08:03 server1 sshd\[12169\]: Invalid user firefart from 113.125.155.247 Jul 15 17:08:03 server1 sshd\[12169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.155.247 ...	2020-07-16 07:24:37
52.254.83.94	attackspambots	Jul 16 01:09:00 lnxded64 sshd[22137]: Failed password for root from 52.254.83.94 port 60904 ssh2 Jul 16 01:09:00 lnxded64 sshd[22137]: Failed password for root from 52.254.83.94 port 60904 ssh2	2020-07-16 07:12:05
59.125.160.248	attackbotsspam	1393. On Jul 15 2020 experienced a Brute Force SSH login attempt -> 3 unique times by 59.125.160.248.	2020-07-16 06:51:08
111.231.83.177	attackbotsspam	Jul 16 01:07:04 jane sshd[16308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.83.177 Jul 16 01:07:06 jane sshd[16308]: Failed password for invalid user lo from 111.231.83.177 port 40494 ssh2 ...	2020-07-16 07:08:12
164.132.41.67	attackspam	"fail2ban match"	2020-07-16 07:10:06
52.255.139.168	attackspam	Invalid user admin from 52.255.139.168 port 21745	2020-07-16 07:07:03
104.42.44.206	attackspam	Tried sshing with brute force.	2020-07-16 07:18:15
110.37.223.142	attack	Port Scan ...	2020-07-16 07:01:12
125.65.79.72	attackbotsspam	Jul 15 23:32:09 rocket sshd[14281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.65.79.72 Jul 15 23:32:11 rocket sshd[14281]: Failed password for invalid user rookie from 125.65.79.72 port 44584 ssh2 ...	2020-07-16 06:56:30
54.37.68.191	attackspambots	(sshd) Failed SSH login from 54.37.68.191 (FR/France/191.ip-54-37-68.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 16 01:09:29 srv sshd[14934]: Invalid user liam from 54.37.68.191 port 44478 Jul 16 01:09:31 srv sshd[14934]: Failed password for invalid user liam from 54.37.68.191 port 44478 ssh2 Jul 16 01:18:54 srv sshd[15063]: Invalid user orbit from 54.37.68.191 port 46832 Jul 16 01:18:57 srv sshd[15063]: Failed password for invalid user orbit from 54.37.68.191 port 46832 ssh2 Jul 16 01:22:27 srv sshd[15119]: Invalid user ts from 54.37.68.191 port 60752	2020-07-16 06:56:00
59.102.30.196	attackspam	1391. On Jul 15 2020 experienced a Brute Force SSH login attempt -> 9 unique times by 59.102.30.196.	2020-07-16 06:52:39
195.222.163.54	attackspambots	20 attempts against mh-ssh on echoip	2020-07-16 07:20:09

Recently Reported IPs

61.19.202.166	205.185.119.77	61.184.247.9	58.11.86.213
61.184.247.7	114.99.28.75	94.122.169.128	63.83.78.105
61.184.247.14	61.184.247.2	61.184.247.13	183.166.99.195
117.193.123.41	74.208.31.109	61.177.172.97	61.177.21.226
61.177.172.86	61.177.172.60	88.103.158.95	61.177.172.47