85.91.64.214 - IPInfo

Basic Info

City: Ourense

Region: Galicia

Country: Spain

Internet Service Provider: Xunta de Galicia

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	wants me to click on http://zip.er.cz/380661 or my mail account will be deleted (fakes that they are my outlook providers) client-ip=85.91.64.214; helo=mta.xunta.es;	2020-03-02 05:50:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.91.64.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24088
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.91.64.214.			IN	A

;; AUTHORITY SECTION:
.			436	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030101 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 05:50:55 CST 2020
;; MSG SIZE  rcvd: 116

Host info

214.64.91.85.in-addr.arpa domain name pointer mta.xunta.es.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
214.64.91.85.in-addr.arpa	name = mta.xunta.es.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.75.207.61	attackspam	Dec 10 16:18:41 markkoudstaal sshd[20805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.207.61 Dec 10 16:18:43 markkoudstaal sshd[20805]: Failed password for invalid user grogans from 51.75.207.61 port 55646 ssh2 Dec 10 16:23:50 markkoudstaal sshd[21291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.207.61	2019-12-10 23:32:58
165.22.61.82	attackspam	Dec 10 15:07:38 web8 sshd\[5118\]: Invalid user filecoupon from 165.22.61.82 Dec 10 15:07:38 web8 sshd\[5118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.61.82 Dec 10 15:07:39 web8 sshd\[5118\]: Failed password for invalid user filecoupon from 165.22.61.82 port 58926 ssh2 Dec 10 15:14:35 web8 sshd\[8579\]: Invalid user johnstad from 165.22.61.82 Dec 10 15:14:35 web8 sshd\[8579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.61.82	2019-12-10 23:37:23
106.243.162.3	attackspambots	2019-12-10T15:27:24.422145abusebot-6.cloudsearch.cf sshd\[28640\]: Invalid user server from 106.243.162.3 port 47729	2019-12-10 23:58:54
125.224.29.160	attackspambots	Unauthorised access (Dec 10) SRC=125.224.29.160 LEN=40 TTL=42 ID=49210 TCP DPT=23 WINDOW=2745 SYN	2019-12-10 23:31:54
167.172.170.133	attack	Dec 10 16:47:31 vpn01 sshd[17206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.170.133 Dec 10 16:47:33 vpn01 sshd[17206]: Failed password for invalid user sueanett from 167.172.170.133 port 55796 ssh2 ...	2019-12-10 23:55:59
192.99.7.175	attackbots	Dec 10 15:52:46 localhost postfix/smtpd\[7970\]: warning: ns508073.ip-192-99-7.net\[192.99.7.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 10 15:52:53 localhost postfix/smtpd\[9382\]: warning: ns508073.ip-192-99-7.net\[192.99.7.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 10 15:53:04 localhost postfix/smtpd\[7970\]: warning: ns508073.ip-192-99-7.net\[192.99.7.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 10 15:53:29 localhost postfix/smtpd\[7970\]: warning: ns508073.ip-192-99-7.net\[192.99.7.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 10 15:53:36 localhost postfix/smtpd\[7970\]: warning: ns508073.ip-192-99-7.net\[192.99.7.175\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-11 00:00:52
144.172.64.111	attackbotsspam	Dec 10 16:09:30 exim[25872]: [1\71] 1ieh8i-0006jI-AH H=server2.webwebmail.info [144.172.64.111] F= rejected after DATA: This message scored 21.7 spam points.	2019-12-10 23:45:23
106.13.11.225	attack	fail2ban	2019-12-10 23:37:56
165.227.203.162	attack	Dec 10 15:30:28 hcbbdb sshd\[8914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.203.162 user=root Dec 10 15:30:30 hcbbdb sshd\[8914\]: Failed password for root from 165.227.203.162 port 44280 ssh2 Dec 10 15:35:46 hcbbdb sshd\[9644\]: Invalid user elisary from 165.227.203.162 Dec 10 15:35:46 hcbbdb sshd\[9644\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.203.162 Dec 10 15:35:48 hcbbdb sshd\[9644\]: Failed password for invalid user elisary from 165.227.203.162 port 51864 ssh2	2019-12-10 23:42:27
196.20.68.81	attack	Unauthorised access (Dec 10) SRC=196.20.68.81 LEN=52 TOS=0x08 PREC=0x20 TTL=108 ID=9818 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-10 23:28:01
5.178.217.227	attackbotsspam	proto=tcp . spt=33903 . dpt=25 . (Found on Dark List de Dec 10) (784)	2019-12-11 00:13:24
112.161.241.30	attackspam	Dec 10 10:43:46 TORMINT sshd\[18050\]: Invalid user vesna from 112.161.241.30 Dec 10 10:43:46 TORMINT sshd\[18050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.161.241.30 Dec 10 10:43:48 TORMINT sshd\[18050\]: Failed password for invalid user vesna from 112.161.241.30 port 56236 ssh2 ...	2019-12-10 23:48:13
58.87.92.153	attackspam	Dec 10 15:17:09 localhost sshd\[7216\]: Invalid user baritone from 58.87.92.153 port 44004 Dec 10 15:17:09 localhost sshd\[7216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.92.153 Dec 10 15:17:11 localhost sshd\[7216\]: Failed password for invalid user baritone from 58.87.92.153 port 44004 ssh2 Dec 10 15:24:52 localhost sshd\[7493\]: Invalid user findley from 58.87.92.153 port 39974 Dec 10 15:24:52 localhost sshd\[7493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.92.153 ...	2019-12-10 23:48:27
211.227.23.193	attack	2019-12-10T15:58:48.652790abusebot-5.cloudsearch.cf sshd\[25560\]: Invalid user admin from 211.227.23.193 port 34548	2019-12-11 00:00:37
112.85.42.175	attackspambots	Dec 10 16:47:47 h2177944 sshd\[12739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.175 user=root Dec 10 16:47:50 h2177944 sshd\[12739\]: Failed password for root from 112.85.42.175 port 51871 ssh2 Dec 10 16:47:54 h2177944 sshd\[12739\]: Failed password for root from 112.85.42.175 port 51871 ssh2 Dec 10 16:47:57 h2177944 sshd\[12739\]: Failed password for root from 112.85.42.175 port 51871 ssh2 ...	2019-12-10 23:49:19

Recently Reported IPs

5.130.72.9	206.47.231.119	5.170.250.125	5.170.240.125
173.137.123.158	5.170.140.125	101.51.40.197	72.156.230.93
123.133.235.188	77.84.222.47	5.170.00.125	50.24.241.219
5.170.05.125	5.170.01.125	191.204.235.182	37.56.93.190
5.170.0.125	67.187.120.39	32.119.236.19	5.170.100.150