92.50.74.158 - IPInfo

Basic Info

City: Köln

Region: North Rhine-Westphalia

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.50.74.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58934
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.50.74.158.			IN	A

;; AUTHORITY SECTION:
.			390	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120402 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 05 07:59:06 CST 2019
;; MSG SIZE  rcvd: 116

Host info

158.74.50.92.in-addr.arpa domain name pointer vpn.cad-spanke.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
158.74.50.92.in-addr.arpa	name = vpn.cad-spanke.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.5.99.74	attack	srvr1: (mod_security) mod_security (id:942100) triggered by 114.5.99.74 (ID/-/114-5-99-74.resources.indosat.com): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:03:49 [error] 482759#0: 840346 [client 114.5.99.74] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801142960.006450"] [ref ""], client: 114.5.99.74, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+OR+++7914+%3D+0 HTTP/1.1" [redacted]	2020-08-22 00:31:48
117.50.49.57	attackbots	Aug 21 17:41:22 OPSO sshd\[5566\]: Invalid user @test from 117.50.49.57 port 54388 Aug 21 17:41:22 OPSO sshd\[5566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.49.57 Aug 21 17:41:25 OPSO sshd\[5566\]: Failed password for invalid user @test from 117.50.49.57 port 54388 ssh2 Aug 21 17:44:34 OPSO sshd\[6054\]: Invalid user zk from 117.50.49.57 port 46060 Aug 21 17:44:34 OPSO sshd\[6054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.49.57	2020-08-22 00:11:24
222.239.28.177	attackspambots	SSH Brute Force	2020-08-22 00:09:11
170.130.165.208	attack	Return-Path: Received: from retreatglance.cyou (170.130.165.208) by sureserver.com with SMTP; 21 Aug 2020 10:28:17 -0000 From: "Luxuary Smartwatch" Date: Fri, 21 Aug 2020 05:24:00 -0500 MIME-Version: 1.0 Subject: Monitor your health with the new GX Smartwatch To: <> Message-ID: <5Klc9Zvear5ZRoIQbkZ_0HVc1mE4	2020-08-22 00:17:44
213.55.95.203	attackspambots	Unauthorized IMAP connection attempt	2020-08-21 23:59:23
178.128.123.111	attack	Aug 21 14:57:50 h2779839 sshd[28386]: Invalid user hduser from 178.128.123.111 port 58338 Aug 21 14:57:50 h2779839 sshd[28386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.123.111 Aug 21 14:57:50 h2779839 sshd[28386]: Invalid user hduser from 178.128.123.111 port 58338 Aug 21 14:57:52 h2779839 sshd[28386]: Failed password for invalid user hduser from 178.128.123.111 port 58338 ssh2 Aug 21 15:02:09 h2779839 sshd[28496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.123.111 user=root Aug 21 15:02:11 h2779839 sshd[28496]: Failed password for root from 178.128.123.111 port 37308 ssh2 Aug 21 15:06:22 h2779839 sshd[28570]: Invalid user ubuntu from 178.128.123.111 port 44494 Aug 21 15:06:22 h2779839 sshd[28570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.123.111 Aug 21 15:06:22 h2779839 sshd[28570]: Invalid user ubuntu from 178.128.123.111 ...	2020-08-22 00:23:40
222.186.180.41	attackspam	Aug 21 18:33:09 marvibiene sshd[16692]: Failed password for root from 222.186.180.41 port 39858 ssh2 Aug 21 18:33:14 marvibiene sshd[16692]: Failed password for root from 222.186.180.41 port 39858 ssh2	2020-08-22 00:34:34
165.90.3.122	attackspambots	[Fri Aug 21 19:03:51.463660 2020] [:error] [pid 11444:tid 140428577859328] [client 165.90.3.122:65500] [client 165.90.3.122] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "Xz@4J2zVrdkLLzftrVWKuAAAAh0"] ...	2020-08-22 00:31:01
27.106.84.186	attack	Dovecot Invalid User Login Attempt.	2020-08-22 00:34:14
203.195.198.235	attackbotsspam	Aug 21 15:17:06 myvps sshd[2639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.198.235 Aug 21 15:17:08 myvps sshd[2639]: Failed password for invalid user zimbra from 203.195.198.235 port 59234 ssh2 Aug 21 15:35:55 myvps sshd[14183]: Failed password for root from 203.195.198.235 port 39268 ssh2 ...	2020-08-22 00:39:12
103.19.110.39	attackspambots	Invalid user rp from 103.19.110.39 port 48152	2020-08-22 00:25:59
115.84.99.249	attackbots	Dovecot Invalid User Login Attempt.	2020-08-22 00:06:08
62.112.11.8	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-21T14:04:59Z and 2020-08-21T15:50:04Z	2020-08-22 00:12:27
183.87.70.210	attackbotsspam	srvr1: (mod_security) mod_security (id:942100) triggered by 183.87.70.210 (IN/-/210-70-87-183.mysipl.com): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:03:50 [error] 482759#0: 840349 [client 183.87.70.210] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801143029.376251"] [ref ""], client: 183.87.70.210, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+OR+++8347+%3D+8347 HTTP/1.1" [redacted]	2020-08-22 00:29:07
105.186.226.87	attackbotsspam	Unauthorized connection attempt from IP address 105.186.226.87 on Port 445(SMB)	2020-08-22 00:32:15

Recently Reported IPs

123.225.65.108	12.36.120.252	143.204.89.70	122.51.98.119
95.232.162.186	62.93.62.230	155.53.3.190	179.171.137.20
125.239.38.250	86.51.142.56	45.133.18.250	145.9.68.235
120.233.44.36	144.152.119.134	111.172.204.40	141.136.64.143
41.32.113.42	114.237.184.103	236.137.30.45	79.26.225.174