92.42.44.97 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Zap-Hosting GmbH & Co.KG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-08-25T12:15:34.664269abusebot.cloudsearch.cf sshd\[15856\]: Invalid user a1b2c3 from 92.42.44.97 port 37894 2019-08-25T12:15:34.670086abusebot.cloudsearch.cf sshd\[15856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.42.44.97	2019-08-25 20:26:09

Type

Details

Datetime

attack

2019-08-25T12:15:34.664269abusebot.cloudsearch.cf sshd\[15856\]: Invalid user a1b2c3 from 92.42.44.97 port 37894
2019-08-25T12:15:34.670086abusebot.cloudsearch.cf sshd\[15856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.42.44.97

2019-08-25 20:26:09

Comments on same subnet:

IP	Type	Details	Datetime
92.42.44.187	attackspam	22 attempts against mh-ssh on pine	2020-03-03 09:46:54
92.42.44.142	attackspambots	Unauthorized connection attempt detected from IP address 92.42.44.142 to port 2220 [J]	2020-02-03 13:55:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.42.44.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53215
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.42.44.97.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082500 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 25 20:26:01 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 97.44.42.92.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 97.44.42.92.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.253.175.60	attack	20/5/22@00:21:06: FAIL: Alarm-Network address from=182.253.175.60 20/5/22@00:21:06: FAIL: Alarm-Network address from=182.253.175.60 ...	2020-05-22 14:55:31
165.22.31.24	attackspambots	165.22.31.24 - - [22/May/2020:05:55:46 +0200] "GET /wp-login.php HTTP/1.1" 200 6702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.31.24 - - [22/May/2020:05:55:48 +0200] "POST /wp-login.php HTTP/1.1" 200 6953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.31.24 - - [22/May/2020:05:55:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-22 14:33:58
222.186.175.212	attackspambots	Failed password for invalid user from 222.186.175.212 port 62010 ssh2	2020-05-22 14:31:28
182.150.44.41	attack	Lines containing failures of 182.150.44.41 May 22 05:50:40 * sshd[98784]: Invalid user xxx from 182.150.44.41 port 39790 May 22 05:50:40 * sshd[98784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.150.44.41 May 22 05:50:42 * sshd[98784]: Failed password for invalid user xxx from 182.150.44.41 port 39790 ssh2 May 22 05:50:42 * sshd[98784]: Received disconnect from 182.150.44.41 port 39790:11: Bye Bye [preauth] May 22 05:50:42 * sshd[98784]: Disconnected from invalid user xxx 182.150.44.41 port 39790 [preauth] May 22 05:53:22 * sshd[99091]: Invalid user upo from 182.150.44.41 port 52872 May 22 05:53:22 *** sshd[99091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.150.44.41 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=182.150.44.41	2020-05-22 14:51:04
106.13.26.67	attackbots	ssh intrusion attempt	2020-05-22 15:05:42
223.113.74.54	attack	May 22 08:57:33 Ubuntu-1404-trusty-64-minimal sshd\[11252\]: Invalid user unk from 223.113.74.54 May 22 08:57:33 Ubuntu-1404-trusty-64-minimal sshd\[11252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.113.74.54 May 22 08:57:36 Ubuntu-1404-trusty-64-minimal sshd\[11252\]: Failed password for invalid user unk from 223.113.74.54 port 46646 ssh2 May 22 09:06:17 Ubuntu-1404-trusty-64-minimal sshd\[23132\]: Invalid user rtk from 223.113.74.54 May 22 09:06:17 Ubuntu-1404-trusty-64-minimal sshd\[23132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.113.74.54	2020-05-22 15:10:48
75.144.73.145	attack	May 22 06:11:47 ns392434 sshd[15283]: Invalid user qdl from 75.144.73.145 port 42584 May 22 06:11:47 ns392434 sshd[15283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.144.73.145 May 22 06:11:47 ns392434 sshd[15283]: Invalid user qdl from 75.144.73.145 port 42584 May 22 06:11:49 ns392434 sshd[15283]: Failed password for invalid user qdl from 75.144.73.145 port 42584 ssh2 May 22 06:26:43 ns392434 sshd[15538]: Invalid user zix from 75.144.73.145 port 41266 May 22 06:26:43 ns392434 sshd[15538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.144.73.145 May 22 06:26:43 ns392434 sshd[15538]: Invalid user zix from 75.144.73.145 port 41266 May 22 06:26:45 ns392434 sshd[15538]: Failed password for invalid user zix from 75.144.73.145 port 41266 ssh2 May 22 06:30:57 ns392434 sshd[15714]: Invalid user xff from 75.144.73.145 port 48538	2020-05-22 14:47:51
220.129.50.137	attack	scan z	2020-05-22 14:53:01
117.69.46.169	attackbots	May 22 05:54:47 icecube postfix/smtpd[88611]: NOQUEUE: reject: RCPT from unknown[117.69.46.169]: 554 5.7.1 Service unavailable; Client host [117.69.46.169] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/117.69.46.169 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-05-22 15:10:24
210.21.9.252	attackbotsspam	May 22 07:59:05 santamaria sshd\[28574\]: Invalid user rth from 210.21.9.252 May 22 07:59:05 santamaria sshd\[28574\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.21.9.252 May 22 07:59:07 santamaria sshd\[28574\]: Failed password for invalid user rth from 210.21.9.252 port 38523 ssh2 ...	2020-05-22 14:57:23
31.163.135.74	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-22 14:50:06
212.64.7.134	attack	Invalid user kgv from 212.64.7.134 port 39440	2020-05-22 15:02:10
87.251.74.56	attackbotsspam	...	2020-05-22 14:56:32
128.14.134.134	attackspam	port scan and connect, tcp 443 (https)	2020-05-22 14:30:28
201.22.95.52	attackbotsspam	Invalid user krk from 201.22.95.52 port 50134	2020-05-22 14:54:06

Recently Reported IPs

135.108.41.128	102.115.147.245	108.29.101.125	63.147.113.157
103.15.247.150	65.214.200.173	168.218.96.19	125.194.63.201
15.111.136.154	140.95.232.220	166.97.247.200	2.75.41.213
105.87.203.102	205.34.38.12	51.81.18.67	48.208.129.92
109.225.249.162	103.85.8.65	13.67.35.115	83.50.226.10