2.57.109.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Spain

Internet Service Provider: Xarxes de Telecomunicacions Alternatives SL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2020-06-17 22:43:50.670549-0500 localhost smtpd[40062]: NOQUEUE: reject: RCPT from unknown[2.57.109.149]: 554 5.7.1 Service unavailable; Client host [2.57.109.149] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/2.57.109.149; from= to= proto=ESMTP helo=<2-57-109-149.ipv4.xta.cat>	2020-06-18 19:09:04

Type

Details

Datetime

attack

2020-06-17 22:43:50.670549-0500  localhost smtpd[40062]: NOQUEUE: reject: RCPT from unknown[2.57.109.149]: 554 5.7.1 Service unavailable; Client host [2.57.109.149] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/2.57.109.149; from= to= proto=ESMTP helo=<2-57-109-149.ipv4.xta.cat>

2020-06-18 19:09:04

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.57.109.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14889
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.57.109.149.			IN	A

;; AUTHORITY SECTION:
.			494	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092500 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 25 15:39:15 CST 2019
;; MSG SIZE  rcvd: 116

Host info

149.109.57.2.in-addr.arpa domain name pointer 2-57-109-149.ipv4.xta.cat.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.109.57.2.in-addr.arpa	name = 2-57-109-149.ipv4.xta.cat.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.9.46.228	attack	Automatic report - XMLRPC Attack	2020-06-17 00:49:51
211.112.18.37	attackspambots	Invalid user daniel from 211.112.18.37 port 61722	2020-06-17 00:31:55
218.92.0.221	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2020-06-17 01:13:40
89.133.110.47	attack	UDP 89.133.110.47:12013 -> port 53, len 68	2020-06-17 00:40:04
112.85.42.173	attack	2020-06-16T18:40:56.405774mail.broermann.family sshd[31772]: Failed password for root from 112.85.42.173 port 23010 ssh2 2020-06-16T18:40:59.371219mail.broermann.family sshd[31772]: Failed password for root from 112.85.42.173 port 23010 ssh2 2020-06-16T18:41:02.418271mail.broermann.family sshd[31772]: Failed password for root from 112.85.42.173 port 23010 ssh2 2020-06-16T18:41:02.418449mail.broermann.family sshd[31772]: error: maximum authentication attempts exceeded for root from 112.85.42.173 port 23010 ssh2 [preauth] 2020-06-16T18:41:02.418470mail.broermann.family sshd[31772]: Disconnecting: Too many authentication failures [preauth] ...	2020-06-17 00:54:03
87.246.7.70	attack	Jun 16 18:37:21 v22019058497090703 postfix/smtpd[29289]: warning: unknown[87.246.7.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 16 18:38:09 v22019058497090703 postfix/smtpd[29289]: warning: unknown[87.246.7.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 16 18:38:56 v22019058497090703 postfix/smtpd[29289]: warning: unknown[87.246.7.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-17 00:44:02
167.172.153.137	attackbotsspam	Brute-force attempt banned	2020-06-17 00:50:28
157.230.61.132	attack	Jun 16 16:52:42 ns381471 sshd[15339]: Failed password for root from 157.230.61.132 port 57908 ssh2 Jun 16 16:55:10 ns381471 sshd[15495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.61.132	2020-06-17 00:32:21
120.29.55.20	attackspambots	Jun 16 12:19:30 system,error,critical: login failure for user admin from 120.29.55.20 via telnet Jun 16 12:19:32 system,error,critical: login failure for user root from 120.29.55.20 via telnet Jun 16 12:19:33 system,error,critical: login failure for user root from 120.29.55.20 via telnet Jun 16 12:19:37 system,error,critical: login failure for user root from 120.29.55.20 via telnet Jun 16 12:19:38 system,error,critical: login failure for user root from 120.29.55.20 via telnet Jun 16 12:19:40 system,error,critical: login failure for user root from 120.29.55.20 via telnet Jun 16 12:19:44 system,error,critical: login failure for user administrator from 120.29.55.20 via telnet Jun 16 12:19:45 system,error,critical: login failure for user root from 120.29.55.20 via telnet Jun 16 12:19:47 system,error,critical: login failure for user guest from 120.29.55.20 via telnet Jun 16 12:19:50 system,error,critical: login failure for user root from 120.29.55.20 via telnet	2020-06-17 01:02:04
187.32.161.200	attack	1592310007 - 06/16/2020 14:20:07 Host: 187.32.161.200/187.32.161.200 Port: 445 TCP Blocked	2020-06-17 00:37:48
188.246.235.205	attack	TCP ports : 5911 / 5914 / 5921 / 5926 / 5928 / 5932 / 5941 / 5955 / 5959 / 5997 / 5998 / 6009 / 6014 / 6035 / 6097 / 6099	2020-06-17 00:57:56
117.58.241.69	attackspambots	2020-06-16T12:14:04.454037upcloud.m0sh1x2.com sshd[13883]: Invalid user rameez from 117.58.241.69 port 49728	2020-06-17 01:07:51
62.234.145.195	attackbotsspam	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-06-17 01:14:39
222.186.30.112	attackspam	Jun 16 12:38:39 NPSTNNYC01T sshd[18312]: Failed password for root from 222.186.30.112 port 53185 ssh2 Jun 16 12:38:47 NPSTNNYC01T sshd[18323]: Failed password for root from 222.186.30.112 port 14259 ssh2 ...	2020-06-17 00:55:22
161.35.9.18	attack	Invalid user teamspeak from 161.35.9.18 port 59730	2020-06-17 01:09:12

Recently Reported IPs

1.55.63.154	192.161.173.22	102.65.157.188	36.224.198.24
190.210.225.140	188.104.140.175	187.163.187.176	51.15.122.92
238.253.181.21	104.2.34.156	85.111.28.190	95.14.144.91
94.130.64.96	114.242.84.140	1.255.153.136	185.112.33.202
185.84.181.47	62.151.182.151	37.73.198.131	185.82.220.154