2.57.121.19 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Bunea Telecom SRL

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------	2020-10-12 02:05:01
attack	Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------	2020-10-11 17:54:25
attackbotsspam	Oct 10 13:42:24 pixelmemory sshd[3235053]: Failed password for root from 2.57.121.19 port 57924 ssh2 Oct 10 13:44:08 pixelmemory sshd[3252791]: Invalid user abc1234 from 2.57.121.19 port 51694 Oct 10 13:44:08 pixelmemory sshd[3252791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 Oct 10 13:44:08 pixelmemory sshd[3252791]: Invalid user abc1234 from 2.57.121.19 port 51694 Oct 10 13:44:10 pixelmemory sshd[3252791]: Failed password for invalid user abc1234 from 2.57.121.19 port 51694 ssh2 ...	2020-10-11 04:45:09
attackbots	Oct 10 08:18:16 firewall sshd[19785]: Failed password for root from 2.57.121.19 port 33660 ssh2 Oct 10 08:21:57 firewall sshd[19834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=root Oct 10 08:21:59 firewall sshd[19834]: Failed password for root from 2.57.121.19 port 40284 ssh2 ...	2020-10-10 20:44:24
attackspam	Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------	2020-10-09 01:30:56
attackspambots	Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------	2020-10-08 17:27:23

Comments on same subnet:

IP	Type	Details	Datetime
2.57.121.104	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-14 09:04:46
2.57.121.112	attack	Port scanning [4 denied]	2020-09-09 01:22:45
2.57.121.112	attack	Port scanning [4 denied]	2020-09-08 16:49:23
2.57.121.203	attackbots	Unauthorized connection attempt detected from IP address 2.57.121.203 to port 23	2020-07-22 22:08:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.57.121.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17064
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.57.121.19.			IN	A

;; AUTHORITY SECTION:
.			244	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100800 1800 900 604800 86400

;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 08 17:27:20 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 19.121.57.2.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.121.57.2.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
108.12.225.85	attackbotsspam	Invalid user fabrizio from 108.12.225.85 port 41828	2020-06-26 13:23:05
218.92.0.223	attack	Jun 26 07:21:51 server sshd[16648]: Failed none for root from 218.92.0.223 port 8751 ssh2 Jun 26 07:21:54 server sshd[16648]: Failed password for root from 218.92.0.223 port 8751 ssh2 Jun 26 07:21:59 server sshd[16648]: Failed password for root from 218.92.0.223 port 8751 ssh2	2020-06-26 13:26:54
51.83.76.25	attackspam	Jun 26 05:42:31 ovpn sshd\[18026\]: Invalid user appltest from 51.83.76.25 Jun 26 05:42:31 ovpn sshd\[18026\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.76.25 Jun 26 05:42:33 ovpn sshd\[18026\]: Failed password for invalid user appltest from 51.83.76.25 port 33434 ssh2 Jun 26 05:55:44 ovpn sshd\[21152\]: Invalid user rabbitmq from 51.83.76.25 Jun 26 05:55:44 ovpn sshd\[21152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.76.25	2020-06-26 13:23:32
14.17.114.65	attackspam	Jun 25 21:51:26 dignus sshd[3177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.17.114.65 user=root Jun 25 21:51:29 dignus sshd[3177]: Failed password for root from 14.17.114.65 port 57224 ssh2 Jun 25 21:53:35 dignus sshd[3385]: Invalid user rti from 14.17.114.65 port 51526 Jun 25 21:53:35 dignus sshd[3385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.17.114.65 Jun 25 21:53:36 dignus sshd[3385]: Failed password for invalid user rti from 14.17.114.65 port 51526 ssh2 ...	2020-06-26 12:56:48
140.86.12.31	attackspam	Jun 26 06:52:35 journals sshd\[1199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.86.12.31 user=root Jun 26 06:52:36 journals sshd\[1199\]: Failed password for root from 140.86.12.31 port 20961 ssh2 Jun 26 06:56:16 journals sshd\[1566\]: Invalid user dva from 140.86.12.31 Jun 26 06:56:16 journals sshd\[1566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.86.12.31 Jun 26 06:56:18 journals sshd\[1566\]: Failed password for invalid user dva from 140.86.12.31 port 47123 ssh2 ...	2020-06-26 12:45:16
64.227.101.102	attackbotsspam	2020-06-26T06:32:39.061043galaxy.wi.uni-potsdam.de sshd[27264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.101.102 2020-06-26T06:32:39.058677galaxy.wi.uni-potsdam.de sshd[27264]: Invalid user alice from 64.227.101.102 port 38762 2020-06-26T06:32:41.265453galaxy.wi.uni-potsdam.de sshd[27264]: Failed password for invalid user alice from 64.227.101.102 port 38762 ssh2 2020-06-26T06:34:51.742046galaxy.wi.uni-potsdam.de sshd[27515]: Invalid user test1 from 64.227.101.102 port 47460 2020-06-26T06:34:51.744434galaxy.wi.uni-potsdam.de sshd[27515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.101.102 2020-06-26T06:34:51.742046galaxy.wi.uni-potsdam.de sshd[27515]: Invalid user test1 from 64.227.101.102 port 47460 2020-06-26T06:34:53.737910galaxy.wi.uni-potsdam.de sshd[27515]: Failed password for invalid user test1 from 64.227.101.102 port 47460 ssh2 2020-06-26T06:37:04.424284galaxy.wi.uni-potsda ...	2020-06-26 12:38:19
14.251.178.91	attackbotsspam	Icarus honeypot on github	2020-06-26 12:53:20
75.140.138.98	attackbots	Brute forcing email accounts	2020-06-26 13:05:33
189.209.27.12	attack	Port scan on 1 port(s): 23	2020-06-26 13:18:37
45.252.250.64	attackbots	firewall-block, port(s): 18148/tcp	2020-06-26 12:42:00
123.201.67.137	attackbots	IP 123.201.67.137 attacked honeypot on port: 8080 at 6/25/2020 8:55:46 PM	2020-06-26 13:12:20
46.38.150.191	attackspam	2020-06-26 04:26:19 auth_plain authenticator failed for (User) [46.38.150.191]: 535 Incorrect authentication data (set_id=pier@csmailer.org) 2020-06-26 04:26:59 auth_plain authenticator failed for (User) [46.38.150.191]: 535 Incorrect authentication data (set_id=niagara@csmailer.org) 2020-06-26 04:27:39 auth_plain authenticator failed for (User) [46.38.150.191]: 535 Incorrect authentication data (set_id=dev12@csmailer.org) 2020-06-26 04:28:17 auth_plain authenticator failed for (User) [46.38.150.191]: 535 Incorrect authentication data (set_id=gdm-japan-19q1@csmailer.org) 2020-06-26 04:28:57 auth_plain authenticator failed for (User) [46.38.150.191]: 535 Incorrect authentication data (set_id=u24@csmailer.org) ...	2020-06-26 12:38:41
40.73.6.36	attackspambots	Jun 26 01:02:53 Tower sshd[13092]: Connection from 40.73.6.36 port 31575 on 192.168.10.220 port 22 rdomain "" Jun 26 01:02:55 Tower sshd[13092]: Failed password for root from 40.73.6.36 port 31575 ssh2 Jun 26 01:02:56 Tower sshd[13092]: Received disconnect from 40.73.6.36 port 31575:11: Client disconnecting normally [preauth] Jun 26 01:02:56 Tower sshd[13092]: Disconnected from authenticating user root 40.73.6.36 port 31575 [preauth]	2020-06-26 13:09:20
134.122.106.228	attackbots	Invalid user apache2 from 134.122.106.228 port 37150	2020-06-26 13:16:20
114.67.171.58	attack	Jun 26 06:14:15 vps687878 sshd\[18479\]: Failed password for invalid user snow from 114.67.171.58 port 41746 ssh2 Jun 26 06:16:10 vps687878 sshd\[18687\]: Invalid user pavbras from 114.67.171.58 port 35060 Jun 26 06:16:10 vps687878 sshd\[18687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.171.58 Jun 26 06:16:11 vps687878 sshd\[18687\]: Failed password for invalid user pavbras from 114.67.171.58 port 35060 ssh2 Jun 26 06:18:03 vps687878 sshd\[18832\]: Invalid user aga from 114.67.171.58 port 56612 Jun 26 06:18:03 vps687878 sshd\[18832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.171.58 ...	2020-06-26 12:58:18

Recently Reported IPs

82.165.103.118	157.231.102.250	109.236.54.149	80.7.188.191
79.184.190.169	3.37.32.6	180.211.106.219	215.9.86.203
33.177.39.73	77.40.3.141	178.155.15.107	113.105.66.154
240.60.176.110	182.122.12.218	13.12.125.232	4.165.95.45
155.32.29.51	203.181.129.62	148.90.113.145	60.215.99.142