92.42.47.8 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Zap-Hosting GmbH & Co.KG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Port 22 Scan, PTR: None	2019-12-03 16:30:12

Comments on same subnet:

IP	Type	Details	Datetime
92.42.47.63	attack	$f2bV_matches	2019-12-14 18:57:45
92.42.47.81	attackbotsspam	Port scan	2019-11-13 04:40:15
92.42.47.65	attackbotsspam	Many RDP login attempts detected by IDS script	2019-07-24 12:39:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.42.47.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56720
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.42.47.8.			IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120300 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 03 16:30:08 CST 2019
;; MSG SIZE  rcvd: 114

Host info

8.47.42.92.in-addr.arpa domain name pointer vps-zap459009-2.zap-srv.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
8.47.42.92.in-addr.arpa	name = vps-zap459009-2.zap-srv.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.231.68.235	attack	ENG,WP GET /wp-login.php	2020-02-21 04:13:53
35.198.237.221	attack	[munged]::443 35.198.237.221 - - [20/Feb/2020:19:34:34 +0100] "POST /[munged]: HTTP/1.1" 200 9673 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" [munged]::443 35.198.237.221 - - [20/Feb/2020:19:34:35 +0100] "POST /[munged]: HTTP/1.1" 200 9673 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" [munged]::443 35.198.237.221 - - [20/Feb/2020:19:34:35 +0100] "POST /[munged]: HTTP/1.1" 200 9673 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" [munged]::443 35.198.237.221 - - [20/Feb/2020:19:34:36 +0100] "POST /[munged]: HTTP/1.1" 200 9673 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" [munged]::443 35.198.237.221 - - [20/Feb/2020:19:34:36 +0100] "POST /[munged]: HTTP/1.1" 200 9673 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" [munged]::443 35.198.237.221 - - [20/Feb/2020:19:34:37 +0100] "POST /[munged]: HTTP/1.1" 200 9673 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64;	2020-02-21 03:51:47
51.68.226.159	attackspam	Feb 21 00:47:56 gw1 sshd[22074]: Failed password for list from 51.68.226.159 port 39168 ssh2 Feb 21 00:50:43 gw1 sshd[22147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.226.159 ...	2020-02-21 04:18:31
119.28.73.77	attack	Feb 20 15:29:59 srv-ubuntu-dev3 sshd[73568]: Invalid user jenkins from 119.28.73.77 Feb 20 15:29:59 srv-ubuntu-dev3 sshd[73568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.73.77 Feb 20 15:29:59 srv-ubuntu-dev3 sshd[73568]: Invalid user jenkins from 119.28.73.77 Feb 20 15:30:02 srv-ubuntu-dev3 sshd[73568]: Failed password for invalid user jenkins from 119.28.73.77 port 47558 ssh2 Feb 20 15:33:46 srv-ubuntu-dev3 sshd[73811]: Invalid user huangliang from 119.28.73.77 Feb 20 15:33:46 srv-ubuntu-dev3 sshd[73811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.73.77 Feb 20 15:33:46 srv-ubuntu-dev3 sshd[73811]: Invalid user huangliang from 119.28.73.77 Feb 20 15:33:48 srv-ubuntu-dev3 sshd[73811]: Failed password for invalid user huangliang from 119.28.73.77 port 56788 ssh2 Feb 20 15:37:42 srv-ubuntu-dev3 sshd[74179]: Invalid user user from 119.28.73.77 ...	2020-02-21 03:52:50
223.196.166.140	attackbotsspam	1582204946 - 02/20/2020 14:22:26 Host: 223.196.166.140/223.196.166.140 Port: 445 TCP Blocked	2020-02-21 03:46:30
93.174.93.195	attackspam	93.174.93.195 was recorded 21 times by 11 hosts attempting to connect to the following ports: 41096,41097,41094. Incident counter (4h, 24h, all-time): 21, 136, 5720	2020-02-21 04:00:32
125.124.38.96	attackspam	2020-02-20T19:03:06.794072 sshd[25536]: Invalid user amandabackup from 125.124.38.96 port 52714 2020-02-20T19:03:06.806841 sshd[25536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.38.96 2020-02-20T19:03:06.794072 sshd[25536]: Invalid user amandabackup from 125.124.38.96 port 52714 2020-02-20T19:03:08.990391 sshd[25536]: Failed password for invalid user amandabackup from 125.124.38.96 port 52714 ssh2 ...	2020-02-21 04:10:48
47.103.149.122	attackspam	Unauthorized IMAP connection attempt	2020-02-21 03:47:02
211.254.179.221	attack	Feb 20 08:52:52 hpm sshd\[23317\]: Invalid user informix from 211.254.179.221 Feb 20 08:52:52 hpm sshd\[23317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.254.179.221 Feb 20 08:52:53 hpm sshd\[23317\]: Failed password for invalid user informix from 211.254.179.221 port 46852 ssh2 Feb 20 08:56:00 hpm sshd\[23643\]: Invalid user libuuid from 211.254.179.221 Feb 20 08:56:00 hpm sshd\[23643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.254.179.221	2020-02-21 04:00:45
139.198.189.36	attackspam	Feb 20 18:44:07 gw1 sshd[10076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.189.36 Feb 20 18:44:09 gw1 sshd[10076]: Failed password for invalid user test from 139.198.189.36 port 41696 ssh2 ...	2020-02-21 04:20:52
209.97.129.231	attackbots	209.97.129.231 - - \[20/Feb/2020:18:34:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 7672 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 209.97.129.231 - - \[20/Feb/2020:18:34:33 +0100\] "POST /wp-login.php HTTP/1.0" 200 7502 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 209.97.129.231 - - \[20/Feb/2020:18:34:33 +0100\] "POST /wp-login.php HTTP/1.0" 200 7496 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-21 03:57:02
128.199.204.164	attack	Feb 20 13:22:12 work-partkepr sshd\[21702\]: Invalid user sinusbot from 128.199.204.164 port 46782 Feb 20 13:22:12 work-partkepr sshd\[21702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.204.164 ...	2020-02-21 03:58:17
103.212.135.202	attackbots	Autoban 103.212.135.202 AUTH/CONNECT	2020-02-21 04:19:19
185.176.27.170	attackbots	Feb 20 19:17:41 mail kernel: [813219.646049] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=185.176.27.170 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=20300 PROTO=TCP SPT=55522 DPT=63288 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 20 19:17:42 mail kernel: [813220.454899] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=185.176.27.170 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=60104 PROTO=TCP SPT=55522 DPT=18033 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 20 19:18:08 mail kernel: [813245.989032] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=185.176.27.170 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=20241 PROTO=TCP SPT=55522 DPT=29376 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 20 19:18:49 mail kernel: [813287.111069] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=185.176.27.170 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=5477 PROTO=TCP SPT=55522 DPT=20509 WINDOW=1024 RES=0x00 S	2020-02-21 04:15:30
181.199.157.87	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-02-21 03:48:46

Recently Reported IPs

104.5.194.187	51.14.124.71	106.123.132.120	49.49.31.101
79.220.189.1	63.251.235.21	182.181.82.203	168.58.37.35
158.89.129.57	174.138.188.83	20.46.110.162	5.196.73.40
39.50.173.115	17.30.117.121	118.140.65.121	173.0.28.78
176.239.250.69	5.68.9.224	178.14.43.219	177.92.165.85