92.200.71.99 - IPInfo

Basic Info

City: Aachen

Region: North Rhine-Westphalia

Country: Germany

Internet Service Provider: Plusnet GmbH

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-10-23 08:58:40 1iNAbO-0002Ij-Mf SMTP connection from port-92-200-71-99.dynamic.qsc.de \[92.200.71.99\]:45813 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-10-23 08:58:54 1iNAbd-0002JM-8c SMTP connection from port-92-200-71-99.dynamic.qsc.de \[92.200.71.99\]:45929 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-10-23 08:59:07 1iNAbp-0002Jb-VO SMTP connection from port-92-200-71-99.dynamic.qsc.de \[92.200.71.99\]:46013 I=\[193.107.90.29\]:25 closed by DROP in ACL ...	2020-01-28 05:49:47

Type

Details

Datetime

attack

2019-10-23 08:58:40 1iNAbO-0002Ij-Mf SMTP connection from port-92-200-71-99.dynamic.qsc.de \[92.200.71.99\]:45813 I=\[193.107.90.29\]:25 closed by DROP in ACL
2019-10-23 08:58:54 1iNAbd-0002JM-8c SMTP connection from port-92-200-71-99.dynamic.qsc.de \[92.200.71.99\]:45929 I=\[193.107.90.29\]:25 closed by DROP in ACL
2019-10-23 08:59:07 1iNAbp-0002Jb-VO SMTP connection from port-92-200-71-99.dynamic.qsc.de \[92.200.71.99\]:46013 I=\[193.107.90.29\]:25 closed by DROP in ACL
...

2020-01-28 05:49:47

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.200.71.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59971
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.200.71.99.			IN	A

;; AUTHORITY SECTION:
.			186	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012701 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 05:49:43 CST 2020
;; MSG SIZE  rcvd: 116

Host info

99.71.200.92.in-addr.arpa domain name pointer port-92-200-71-99.dynamic.as20676.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.71.200.92.in-addr.arpa	name = port-92-200-71-99.dynamic.as20676.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
84.238.55.11	attack	Invalid user ubuntu from 84.238.55.11 port 56249	2020-09-11 08:16:08
129.227.129.174	attack	Multiport scan : 7 ports scanned 84 102 1022 1302 1611 10331 18264	2020-09-11 07:45:20
167.99.88.37	attackspambots	Sep 10 21:58:23 inter-technics sshd[13247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.88.37 user=root Sep 10 21:58:26 inter-technics sshd[13247]: Failed password for root from 167.99.88.37 port 58230 ssh2 Sep 10 22:02:08 inter-technics sshd[13541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.88.37 user=root Sep 10 22:02:10 inter-technics sshd[13541]: Failed password for root from 167.99.88.37 port 43788 ssh2 Sep 10 22:06:01 inter-technics sshd[13733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.88.37 user=root Sep 10 22:06:03 inter-technics sshd[13733]: Failed password for root from 167.99.88.37 port 57568 ssh2 ...	2020-09-11 07:42:26
70.113.6.9	attack	Sep 11 02:03:08 itv-usvr-01 sshd[5004]: Invalid user admin from 70.113.6.9 Sep 11 02:03:08 itv-usvr-01 sshd[5005]: Invalid user admin from 70.113.6.9 Sep 11 02:03:08 itv-usvr-01 sshd[5004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.113.6.9 Sep 11 02:03:08 itv-usvr-01 sshd[5004]: Invalid user admin from 70.113.6.9 Sep 11 02:03:09 itv-usvr-01 sshd[5004]: Failed password for invalid user admin from 70.113.6.9 port 47668 ssh2 Sep 11 02:03:08 itv-usvr-01 sshd[5005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.113.6.9 Sep 11 02:03:08 itv-usvr-01 sshd[5005]: Invalid user admin from 70.113.6.9 Sep 11 02:03:09 itv-usvr-01 sshd[5005]: Failed password for invalid user admin from 70.113.6.9 port 47692 ssh2	2020-09-11 08:14:52
185.220.103.5	attackbots	2020-09-10 18:10:55.631244-0500 localhost sshd[46298]: Failed password for root from 185.220.103.5 port 39232 ssh2	2020-09-11 08:09:52
115.99.72.185	attackbotsspam	/HNAP1/	2020-09-11 07:43:30
61.244.70.248	attackbotsspam	61.244.70.248 - - [11/Sep/2020:00:30:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 61.244.70.248 - - [11/Sep/2020:00:30:52 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 61.244.70.248 - - [11/Sep/2020:00:30:53 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-11 07:58:31
85.99.211.209	attackspam	Icarus honeypot on github	2020-09-11 08:15:51
165.22.27.210	attackspambots	165.22.27.210 - - \[10/Sep/2020:18:54:59 +0200\] "GET /index.php\?id=ausland%5D-%28SELECT%2F%2A\&id=%2A%2F0%2F%2A\&id=%2A%2FWHERE%2F%2A\&id=%2A%2F9047%3D9047%2F%2A\&id=%2A%2FAND%2F%2A\&id=%2A%2F6877%3D%28SELECT%2F%2A\&id=%2A%2F%28CASE%2F%2A\&id=%2A%2FWHEN%2F%2A\&id=%2A%2F%286877%3D5003%29%2F%2A\&id=%2A%2FTHEN%2F%2A\&id=%2A%2F6877%2F%2A\&id=%2A%2FELSE%2F%2A\&id=%2A%2F%28SELECT%2F%2A\&id=%2A%2F5003%2F%2A\&id=%2A%2FUNION%2F%2A\&id=%2A%2FSELECT%2F%2A\&id=%2A%2F5391%29%2F%2A\&id=%2A%2FEND%29%29--%2F%2A\&id=%2A%2FaZBH HTTP/1.1" 200 12305 "http://www.firma-lsf.eu:80/index.php" "Googlebot \(compatible Googlebot/2.1 http://www.google.com/bot.html\)" ...	2020-09-11 08:10:22
123.30.188.213	attackspambots	Icarus honeypot on github	2020-09-11 07:55:41
77.86.112.179	attack	Sep 10 14:42:33 cumulus sshd[29717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.86.112.179 user=r.r Sep 10 14:42:35 cumulus sshd[29717]: Failed password for r.r from 77.86.112.179 port 53982 ssh2 Sep 10 14:42:35 cumulus sshd[29717]: Connection closed by 77.86.112.179 port 53982 [preauth] Sep 10 14:42:42 cumulus sshd[29858]: Invalid user pi from 77.86.112.179 port 40206 Sep 10 14:42:42 cumulus sshd[29857]: Invalid user pi from 77.86.112.179 port 39518 Sep 10 14:42:42 cumulus sshd[29857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.86.112.179 Sep 10 14:42:42 cumulus sshd[29858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.86.112.179 Sep 10 14:42:43 cumulus sshd[29858]: Failed password for invalid user pi from 77.86.112.179 port 40206 ssh2 Sep 10 14:42:43 cumulus sshd[29857]: Failed password for invalid user pi from 77.86.112.179 po........ -------------------------------	2020-09-11 07:47:29
24.51.127.161	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-09-11 07:59:00
188.169.36.83	attackspam	Listed on rbldns-ru also zen-spamhaus and abuseat-org / proto=17 . srcport=11211 . dstport=1027 . (780)	2020-09-11 08:10:41
149.34.0.135	attackspambots	Sep 10 18:55:26 db sshd[26691]: Invalid user osmc from 149.34.0.135 port 33960 ...	2020-09-11 07:47:07
203.163.244.6	attackbotsspam	DATE:2020-09-10 18:54:56, IP:203.163.244.6, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-11 08:12:51

Recently Reported IPs

208.7.242.3	79.121.227.119	42.73.153.87	182.107.225.153
17.27.75.207	200.244.37.254	211.128.105.159	78.131.37.42
92.19.147.164	112.144.201.185	111.206.231.109	70.243.49.139
69.82.200.152	56.65.70.230	200.69.196.232	78.76.75.121
177.137.239.163	113.199.36.12	63.248.190.126	1.141.252.115