2.57.121.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
2.57.121.104	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-14 09:04:46
2.57.121.19	attack	Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------	2020-10-12 02:05:01
2.57.121.19	attack	Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------	2020-10-11 17:54:25
2.57.121.19	attackbotsspam	Oct 10 13:42:24 pixelmemory sshd[3235053]: Failed password for root from 2.57.121.19 port 57924 ssh2 Oct 10 13:44:08 pixelmemory sshd[3252791]: Invalid user abc1234 from 2.57.121.19 port 51694 Oct 10 13:44:08 pixelmemory sshd[3252791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 Oct 10 13:44:08 pixelmemory sshd[3252791]: Invalid user abc1234 from 2.57.121.19 port 51694 Oct 10 13:44:10 pixelmemory sshd[3252791]: Failed password for invalid user abc1234 from 2.57.121.19 port 51694 ssh2 ...	2020-10-11 04:45:09
2.57.121.19	attackbots	Oct 10 08:18:16 firewall sshd[19785]: Failed password for root from 2.57.121.19 port 33660 ssh2 Oct 10 08:21:57 firewall sshd[19834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=root Oct 10 08:21:59 firewall sshd[19834]: Failed password for root from 2.57.121.19 port 40284 ssh2 ...	2020-10-10 20:44:24
2.57.121.19	attackspam	Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------	2020-10-09 01:30:56
2.57.121.19	attackspambots	Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------	2020-10-08 17:27:23
2.57.121.112	attack	Port scanning [4 denied]	2020-09-09 01:22:45
2.57.121.112	attack	Port scanning [4 denied]	2020-09-08 16:49:23
2.57.121.203	attackbots	Unauthorized connection attempt detected from IP address 2.57.121.203 to port 23	2020-07-22 22:08:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.57.121.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8090
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2.57.121.45.			IN	A

;; AUTHORITY SECTION:
.			117	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 00:29:16 CST 2022
;; MSG SIZE  rcvd: 104

Host info

45.121.57.2.in-addr.arpa domain name pointer smtp45.kcmoa.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.121.57.2.in-addr.arpa	name = smtp45.kcmoa.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
197.253.6.249	attackbots	failed root login	2019-07-29 06:28:08
89.96.209.146	attack	Jul 29 01:25:27 yabzik sshd[21787]: Failed password for root from 89.96.209.146 port 55294 ssh2 Jul 29 01:29:53 yabzik sshd[22910]: Failed password for root from 89.96.209.146 port 47464 ssh2 Jul 29 01:34:21 yabzik sshd[24401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.96.209.146	2019-07-29 06:56:07
181.198.35.108	attackspambots	2019-07-28T22:05:03.664644abusebot-8.cloudsearch.cf sshd\[1000\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.198.35.108 user=root	2019-07-29 06:14:57
190.3.201.17	attackspambots	firewall-block, port(s): 2323/tcp	2019-07-29 07:04:29
149.202.56.54	attackspam	Jul 29 00:12:43 mail sshd\[15539\]: Invalid user tianshui from 149.202.56.54\ Jul 29 00:12:45 mail sshd\[15539\]: Failed password for invalid user tianshui from 149.202.56.54 port 50138 ssh2\ Jul 29 00:16:47 mail sshd\[15572\]: Invalid user cn from 149.202.56.54\ Jul 29 00:16:49 mail sshd\[15572\]: Failed password for invalid user cn from 149.202.56.54 port 45486 ssh2\ Jul 29 00:21:00 mail sshd\[15592\]: Invalid user thvmxmrkwhr from 149.202.56.54\ Jul 29 00:21:02 mail sshd\[15592\]: Failed password for invalid user thvmxmrkwhr from 149.202.56.54 port 40846 ssh2\	2019-07-29 06:49:04
178.128.125.61	attack	Jul 29 01:19:39 yabzik sshd[19717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.125.61 Jul 29 01:19:40 yabzik sshd[19717]: Failed password for invalid user ruan from 178.128.125.61 port 51226 ssh2 Jul 29 01:24:41 yabzik sshd[21281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.125.61	2019-07-29 06:25:24
109.205.44.9	attack	2019-07-28T21:33:58.638172abusebot-7.cloudsearch.cf sshd\[17964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mailadmin.tsu.ge user=root	2019-07-29 06:27:17
5.45.137.250	attackbotsspam	Repeated attempts against wp-login	2019-07-29 06:16:09
91.122.220.2	attackspambots	28.07.2019 23:33:17 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F	2019-07-29 06:41:49
23.129.64.154	attackbots	SSH bruteforce	2019-07-29 06:34:45
52.230.1.248	attackspam	Jul 28 23:37:33 heissa sshd\[11026\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.230.1.248 user=root Jul 28 23:37:35 heissa sshd\[11026\]: Failed password for root from 52.230.1.248 port 54096 ssh2 Jul 28 23:42:23 heissa sshd\[11606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.230.1.248 user=root Jul 28 23:42:25 heissa sshd\[11606\]: Failed password for root from 52.230.1.248 port 50168 ssh2 Jul 28 23:47:15 heissa sshd\[12100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.230.1.248 user=root	2019-07-29 06:37:29
46.101.88.10	attackspam	Jul 28 14:25:11 Ubuntu-1404-trusty-64-minimal sshd\[25978\]: Invalid user support from 46.101.88.10 Jul 28 14:25:11 Ubuntu-1404-trusty-64-minimal sshd\[25978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.88.10 Jul 28 14:25:13 Ubuntu-1404-trusty-64-minimal sshd\[25978\]: Failed password for invalid user support from 46.101.88.10 port 23328 ssh2 Jul 29 00:06:35 Ubuntu-1404-trusty-64-minimal sshd\[10738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.88.10 user=root Jul 29 00:06:37 Ubuntu-1404-trusty-64-minimal sshd\[10738\]: Failed password for root from 46.101.88.10 port 14387 ssh2	2019-07-29 06:15:34
192.81.218.186	attackbots	2019/07/28 23:32:43 [error] 1240#1240: 1047 FastCGI sent in stderr: "PHP message: [192.81.218.186] user 9had: authentication failure for "https://nihad.dk/wp-admin/": Password Mismatch" while reading response header from upstream, client: 192.81.218.186, server: nihad.dk, request: "POST /wp-login.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm-nihad.dk.sock:", host: "nihad.dk" 2019/07/28 23:32:44 [error] 1240#1240: 1049 FastCGI sent in stderr: "PHP message: [192.81.218.186] user [login]: authentication failure for "https://nihad.dk/wp-admin/": Password Mismatch" while reading response header from upstream, client: 192.81.218.186, server: nihad.dk, request: "POST /xmlrpc.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm-nihad.dk.sock:", host: "nihad.dk" ...	2019-07-29 06:53:55
188.128.39.130	attackspambots	[Aegis] @ 2019-07-28 22:33:13 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-07-29 06:36:04
77.42.123.22	attack	Automatic report - Port Scan Attack	2019-07-29 06:28:39

Recently Reported IPs

82.157.167.43	140.250.40.105	134.236.18.210	170.80.32.221
105.72.6.206	65.111.109.108	164.77.176.170	38.7.95.106
185.180.131.71	192.241.179.204	103.114.53.2	212.156.90.186
59.110.213.204	200.194.7.195	178.128.223.187	162.250.161.13
37.157.173.52	117.251.18.117	189.50.42.93	175.139.200.17