92.191.104.112

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: Jazztel Triple Play Services

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Lines containing failures of 92.191.104.112 Jul 12 19:30:43 mellenthin postfix/smtpd[5345]: connect from 112.104.191.92.dynamic.jazztel.es[92.191.104.112] Jul x@x Jul 12 19:30:43 mellenthin postfix/smtpd[5345]: lost connection after DATA from 112.104.191.92.dynamic.jazztel.es[92.191.104.112] Jul 12 19:30:43 mellenthin postfix/smtpd[5345]: disconnect from 112.104.191.92.dynamic.jazztel.es[92.191.104.112] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jul 13 16:55:47 mellenthin postfix/smtpd[29693]: connect from 112.104.191.92.dynamic.jazztel.es[92.191.104.112] Jul x@x Jul 13 16:55:47 mellenthin postfix/smtpd[29693]: lost connection after DATA from 112.104.191.92.dynamic.jazztel.es[92.191.104.112] Jul 13 16:55:47 mellenthin postfix/smtpd[29693]: disconnect from 112.104.191.92.dynamic.jazztel.es[92.191.104.112] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=92.191.104.112	2019-07-14 06:32:29

Type

Details

Datetime

attack

Lines containing failures of 92.191.104.112
Jul 12 19:30:43 mellenthin postfix/smtpd[5345]: connect from 112.104.191.92.dynamic.jazztel.es[92.191.104.112]
Jul x@x
Jul 12 19:30:43 mellenthin postfix/smtpd[5345]: lost connection after DATA from 112.104.191.92.dynamic.jazztel.es[92.191.104.112]
Jul 12 19:30:43 mellenthin postfix/smtpd[5345]: disconnect from 112.104.191.92.dynamic.jazztel.es[92.191.104.112] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4
Jul 13 16:55:47 mellenthin postfix/smtpd[29693]: connect from 112.104.191.92.dynamic.jazztel.es[92.191.104.112]
Jul x@x
Jul 13 16:55:47 mellenthin postfix/smtpd[29693]: lost connection after DATA from 112.104.191.92.dynamic.jazztel.es[92.191.104.112]
Jul 13 16:55:47 mellenthin postfix/smtpd[29693]: disconnect from 112.104.191.92.dynamic.jazztel.es[92.191.104.112] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=92.191.104.112

2019-07-14 06:32:29

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.191.104.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15831
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.191.104.112.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 06:32:23 CST 2019
;; MSG SIZE  rcvd: 118

Host info

112.104.191.92.in-addr.arpa domain name pointer 112.104.191.92.dynamic.jazztel.es.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
112.104.191.92.in-addr.arpa	name = 112.104.191.92.dynamic.jazztel.es.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.38.84.121	attack	firewall-block, port(s): 22/tcp	2020-02-29 22:47:23
196.37.111.170	attackbots	Unauthorized connection attempt detected from IP address 196.37.111.170 to port 1433 [J]	2020-02-29 22:18:06
14.191.224.71	attack	unauthorized connection attempt	2020-02-29 22:14:52
190.8.80.42	attackspambots	Feb 29 15:27:59 vps647732 sshd[1743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.8.80.42 Feb 29 15:28:01 vps647732 sshd[1743]: Failed password for invalid user shanhong from 190.8.80.42 port 52982 ssh2 ...	2020-02-29 22:45:42
222.186.31.166	attackspam	Feb 29 15:31:26 server sshd[62995]: Failed password for root from 222.186.31.166 port 14400 ssh2 Feb 29 15:31:30 server sshd[62995]: Failed password for root from 222.186.31.166 port 14400 ssh2 Feb 29 15:31:34 server sshd[62995]: Failed password for root from 222.186.31.166 port 14400 ssh2	2020-02-29 22:33:03
45.143.220.171	attack	[2020-02-29 09:28:04] NOTICE[1148] chan_sip.c: Registration from '"2016" ' failed for '45.143.220.171:5661' - Wrong password [2020-02-29 09:28:04] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-29T09:28:04.243-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="2016",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.171/5661",Challenge="42c33599",ReceivedChallenge="42c33599",ReceivedHash="c47c6e6899d7ea0e0d17bd49cc32e1bd" [2020-02-29 09:28:04] NOTICE[1148] chan_sip.c: Registration from '"2016" ' failed for '45.143.220.171:5661' - Wrong password [2020-02-29 09:28:04] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-29T09:28:04.426-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="2016",SessionID="0x7fd82c144298",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-02-29 22:43:39
223.71.167.164	attackspambots	29.02.2020 14:38:32 Connection to port 666 blocked by firewall	2020-02-29 22:53:01
59.20.102.106	attackspambots	unauthorized connection attempt	2020-02-29 22:27:05
124.123.119.130	attack	unauthorized connection attempt	2020-02-29 22:16:28
222.186.175.182	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Failed password for root from 222.186.175.182 port 63818 ssh2 Failed password for root from 222.186.175.182 port 63818 ssh2 Failed password for root from 222.186.175.182 port 63818 ssh2 Failed password for root from 222.186.175.182 port 63818 ssh2	2020-02-29 22:55:30
222.186.15.91	attackbots	Feb 29 15:37:12 [host] sshd[15488]: pam_unix(sshd: Feb 29 15:37:14 [host] sshd[15488]: Failed passwor Feb 29 15:37:16 [host] sshd[15488]: Failed passwor	2020-02-29 22:45:24
51.38.224.84	attackspambots	Feb 29 15:44:30 serwer sshd\[19263\]: Invalid user t from 51.38.224.84 port 53282 Feb 29 15:44:30 serwer sshd\[19263\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.224.84 Feb 29 15:44:32 serwer sshd\[19263\]: Failed password for invalid user t from 51.38.224.84 port 53282 ssh2 ...	2020-02-29 22:46:49
92.63.194.91	attackspam	02/29/2020-09:28:13.871673 92.63.194.91 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-29 22:36:49
218.32.118.16	attackspambots	DATE:2020-02-29 06:34:49, IP:218.32.118.16, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-29 22:27:18
80.17.244.2	attack	Feb 29 15:28:14 localhost sshd\[27861\]: Invalid user azureuser from 80.17.244.2 port 38376 Feb 29 15:28:14 localhost sshd\[27861\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.17.244.2 Feb 29 15:28:15 localhost sshd\[27861\]: Failed password for invalid user azureuser from 80.17.244.2 port 38376 ssh2	2020-02-29 22:32:29

Recently Reported IPs

117.27.40.48	117.241.22.147	217.169.208.70	27.147.206.62
125.41.185.202	114.46.61.92	91.206.15.239	5.74.128.152
209.85.160.194	141.255.0.141	198.80.39.203	208.35.20.66
47.91.57.207	14.230.58.156	217.112.128.126	217.98.219.214
211.106.145.40	112.0.197.41	31.184.238.120	91.223.111.41