193.142.59.135

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Maximilian Kutzner

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Attempted Brute Force (dovecot)	2020-08-01 01:22:21
attackbotsspam	Brute forcing email accounts	2020-07-27 06:31:01

Comments on same subnet:

IP	Type	Details	Datetime
193.142.59.136	spam	Received-SPF: fail (s192.cyberspaceindia.com: domain of xxxx.es does not designate 193.142.59.136 as permitted sender) client-ip=193.142.59.136; envelope-from=domainserver@certest.es; helo=certest.es; X-SPF-Result: s192.cyberspaceindia.com: domain of xxxx.es does not designate 193.142.59.136 as permitted sender X-Sender-Warning: Reverse DNS lookup failed for 193.142.59.136 (failed) X-DKIM-Status: none / / xxxxx.es / / /	2020-09-23 16:06:43
193.142.59.78	attackspam	Sep 14 13:44:57 jane sshd[6641]: Failed password for root from 193.142.59.78 port 44160 ssh2 ...	2020-09-14 21:03:58
193.142.59.78	attackspambots	2020-09-14T05:46:16.496887afi-git.jinr.ru sshd[14604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.142.59.78 2020-09-14T05:46:16.493545afi-git.jinr.ru sshd[14604]: Invalid user jackson from 193.142.59.78 port 58744 2020-09-14T05:46:18.311055afi-git.jinr.ru sshd[14604]: Failed password for invalid user jackson from 193.142.59.78 port 58744 ssh2 2020-09-14T05:49:51.149206afi-git.jinr.ru sshd[16531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.142.59.78 user=root 2020-09-14T05:49:52.813061afi-git.jinr.ru sshd[16531]: Failed password for root from 193.142.59.78 port 42818 ssh2 ...	2020-09-14 12:56:34
193.142.59.78	attackbotsspam	$f2bV_matches	2020-09-14 04:57:58
193.142.59.71	attackspambots	(smtpauth) Failed SMTP AUTH login from 193.142.59.71 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-08-30 17:34:42 dovecot_login authenticator failed for (NyFjjmvvd) [193.142.59.71]:64579: 535 Incorrect authentication data (set_id=pmvgaucha) 2020-08-30 17:35:15 dovecot_login authenticator failed for (NMpM3M) [193.142.59.71]:52834: 535 Incorrect authentication data (set_id=pmvgaucha) 2020-08-30 17:35:48 dovecot_login authenticator failed for (E2mlRhS) [193.142.59.71]:64272: 535 Incorrect authentication data (set_id=pmvgaucha) 2020-08-30 17:36:21 dovecot_login authenticator failed for (VnW0Zg) [193.142.59.71]:60405: 535 Incorrect authentication data (set_id=pmvgaucha) 2020-08-30 17:36:55 dovecot_login authenticator failed for (MdBi3q) [193.142.59.71]:61114: 535 Incorrect authentication data (set_id=pmvgaucha)	2020-08-31 05:41:04
193.142.59.73	attackbotsspam	Attempt to log onto Postfix	2020-08-30 17:43:33
193.142.59.47	attackspambots	(smtpauth) Failed SMTP AUTH login from 193.142.59.47 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: Aug 21 05:41:42 srv postfix/smtpd[31514]: warning: unknown[193.142.59.47]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 21 05:42:01 srv postfix/smtpd[31524]: warning: unknown[193.142.59.47]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 21 05:42:18 srv postfix/smtpd[31524]: warning: unknown[193.142.59.47]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 21 05:46:13 srv postfix/smtpd[31520]: warning: unknown[193.142.59.47]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 21 05:50:29 srv postfix/smtpd[31512]: warning: unknown[193.142.59.47]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-21 18:53:45
193.142.59.136	attackspambots	MAIL: User Login Brute Force Attempt	2020-08-07 06:10:56
193.142.59.136	attackbotsspam	Brute forcing email accounts	2020-08-06 07:27:52
193.142.59.110	attack	Hits on port : 3306	2020-08-02 17:08:19
193.142.59.75	attack	Port probing on unauthorized port 21	2020-08-02 06:54:08
193.142.59.95	attack	5 failed smtp login attempts in 3600s	2020-07-11 21:26:12
193.142.59.30	attackbotsspam	Brute forcing email accounts	2020-06-17 19:59:23
193.142.59.98	attack	$f2bV_matches	2020-06-17 04:10:27
193.142.59.100	attack	Time: Sat May 23 11:58:54 2020 -0300 IP: 193.142.59.100 (NL/Netherlands/-) Failures: 30 (smtpauth) Interval: 3600 seconds Blocked: Permanent Block	2020-05-24 00:04:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.142.59.135
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45743
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.142.59.135.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072601 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 27 06:30:58 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 135.59.142.193.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 135.59.142.193.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.66.142.161	attack	148.66.142.161 - - [23/Oct/2019:23:26:16 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:19 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:20 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:21 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:22 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-24 08:24:57
45.55.158.8	attackspam	Oct 22 08:18:15 odroid64 sshd\[1604\]: User root from 45.55.158.8 not allowed because not listed in AllowUsers Oct 22 08:18:15 odroid64 sshd\[1604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.158.8 user=root Oct 22 08:18:17 odroid64 sshd\[1604\]: Failed password for invalid user root from 45.55.158.8 port 50934 ssh2 Oct 22 08:18:15 odroid64 sshd\[1604\]: User root from 45.55.158.8 not allowed because not listed in AllowUsers Oct 22 08:18:15 odroid64 sshd\[1604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.158.8 user=root Oct 22 08:18:17 odroid64 sshd\[1604\]: Failed password for invalid user root from 45.55.158.8 port 50934 ssh2 Oct 22 08:18:15 odroid64 sshd\[1604\]: User root from 45.55.158.8 not allowed because not listed in AllowUsers Oct 22 08:18:15 odroid64 sshd\[1604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.158.8 ...	2019-10-24 08:23:45
5.196.110.170	attackbots	Invalid user support from 5.196.110.170 port 39538	2019-10-24 08:12:44
147.135.133.29	attack	Oct 24 03:52:17 localhost sshd\[113631\]: Invalid user lithium from 147.135.133.29 port 48192 Oct 24 03:52:17 localhost sshd\[113631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.133.29 Oct 24 03:52:19 localhost sshd\[113631\]: Failed password for invalid user lithium from 147.135.133.29 port 48192 ssh2 Oct 24 03:55:58 localhost sshd\[113746\]: Invalid user shanghaitan from 147.135.133.29 port 59392 Oct 24 03:55:58 localhost sshd\[113746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.133.29 ...	2019-10-24 12:07:14
180.121.84.90	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/180.121.84.90/ CN - 1H : (484) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 180.121.84.90 CIDR : 180.120.0.0/14 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 11 3H - 30 6H - 69 12H - 147 24H - 227 DateTime : 2019-10-23 22:11:29 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-24 08:23:30
61.148.29.198	attack	dovecot jail - smtp auth [ma]	2019-10-24 12:16:43
46.127.9.168	attackspambots	Invalid user butter from 46.127.9.168 port 41846	2019-10-24 08:17:40
106.52.88.211	attackspambots	Oct 24 06:48:19 vtv3 sshd\[10628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.88.211 user=root Oct 24 06:48:20 vtv3 sshd\[10628\]: Failed password for root from 106.52.88.211 port 37994 ssh2 Oct 24 06:55:34 vtv3 sshd\[14284\]: Invalid user invoices from 106.52.88.211 port 33654 Oct 24 06:55:34 vtv3 sshd\[14284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.88.211 Oct 24 06:55:36 vtv3 sshd\[14284\]: Failed password for invalid user invoices from 106.52.88.211 port 33654 ssh2 Oct 24 07:09:45 vtv3 sshd\[21000\]: Invalid user teresa from 106.52.88.211 port 37392 Oct 24 07:09:45 vtv3 sshd\[21000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.88.211 Oct 24 07:09:47 vtv3 sshd\[21000\]: Failed password for invalid user teresa from 106.52.88.211 port 37392 ssh2 Oct 24 07:14:37 vtv3 sshd\[23484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid	2019-10-24 12:19:19
176.58.124.134	attackspambots	Src. IP 176.58.124.134 Src. Port 38788 Dst. Port 443 HTTPS Handshake: SSL Handshake failure with error 252	2019-10-24 08:07:41
62.173.151.74	attackspam	firewall-block, port(s): 5060/udp	2019-10-24 08:18:42
49.234.44.48	attack	Oct 24 00:55:09 icinga sshd[9996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.44.48 Oct 24 00:55:11 icinga sshd[9996]: Failed password for invalid user mcollins from 49.234.44.48 port 55983 ssh2 Oct 24 00:59:41 icinga sshd[13229]: Failed password for root from 49.234.44.48 port 46281 ssh2 ...	2019-10-24 08:15:17
194.37.92.48	attackbotsspam	Oct 24 05:57:03 mail sshd[5669]: Failed password for root from 194.37.92.48 port 33523 ssh2 Oct 24 06:01:02 mail sshd[7802]: Failed password for root from 194.37.92.48 port 52874 ssh2	2019-10-24 12:20:12
45.7.164.5	attackbotsspam	Oct 21 18:25:52 odroid64 sshd\[29574\]: Invalid user admin from 45.7.164.5 Oct 21 18:25:52 odroid64 sshd\[29574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.7.164.5 Oct 21 18:25:54 odroid64 sshd\[29574\]: Failed password for invalid user admin from 45.7.164.5 port 61463 ssh2 Oct 21 18:25:52 odroid64 sshd\[29574\]: Invalid user admin from 45.7.164.5 Oct 21 18:25:52 odroid64 sshd\[29574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.7.164.5 Oct 21 18:25:54 odroid64 sshd\[29574\]: Failed password for invalid user admin from 45.7.164.5 port 61463 ssh2 Oct 21 18:25:52 odroid64 sshd\[29574\]: Invalid user admin from 45.7.164.5 Oct 21 18:25:52 odroid64 sshd\[29574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.7.164.5 Oct 21 18:25:54 odroid64 sshd\[29574\]: Failed password for invalid user admin from 45.7.164.5 port 61463 ssh2 ...	2019-10-24 08:22:31
46.101.88.10	attackspam	Oct 24 02:07:45 pornomens sshd\[9045\]: Invalid user jboss from 46.101.88.10 port 32602 Oct 24 02:07:45 pornomens sshd\[9045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.88.10 Oct 24 02:07:47 pornomens sshd\[9045\]: Failed password for invalid user jboss from 46.101.88.10 port 32602 ssh2 ...	2019-10-24 08:18:03
116.7.176.146	attack	Oct 24 05:55:50 jane sshd[16705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.7.176.146 Oct 24 05:55:52 jane sshd[16705]: Failed password for invalid user adm from 116.7.176.146 port 53334 ssh2 ...	2019-10-24 12:11:55

Recently Reported IPs

102.68.178.226	180.117.112.240	193.1.19.65	51.43.82.91
45.190.146.47	130.166.190.13	25.234.231.169	184.225.219.78
251.140.95.41	170.130.212.81	136.144.48.145	41.136.91.137
97.235.46.11	24.1.6.119	67.118.179.97	27.19.91.229
33.116.227.189	65.17.20.169	26.240.215.76	184.161.241.19