City: unknown
Region: unknown
Country: Romania
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 2.57.121.104 | attack | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-10-14 09:04:46 |
| 2.57.121.19 | attack | Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------ |
2020-10-12 02:05:01 |
| 2.57.121.19 | attack | Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------ |
2020-10-11 17:54:25 |
| 2.57.121.19 | attackbotsspam | Oct 10 13:42:24 pixelmemory sshd[3235053]: Failed password for root from 2.57.121.19 port 57924 ssh2 Oct 10 13:44:08 pixelmemory sshd[3252791]: Invalid user abc1234 from 2.57.121.19 port 51694 Oct 10 13:44:08 pixelmemory sshd[3252791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 Oct 10 13:44:08 pixelmemory sshd[3252791]: Invalid user abc1234 from 2.57.121.19 port 51694 Oct 10 13:44:10 pixelmemory sshd[3252791]: Failed password for invalid user abc1234 from 2.57.121.19 port 51694 ssh2 ... |
2020-10-11 04:45:09 |
| 2.57.121.19 | attackbots | Oct 10 08:18:16 firewall sshd[19785]: Failed password for root from 2.57.121.19 port 33660 ssh2 Oct 10 08:21:57 firewall sshd[19834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=root Oct 10 08:21:59 firewall sshd[19834]: Failed password for root from 2.57.121.19 port 40284 ssh2 ... |
2020-10-10 20:44:24 |
| 2.57.121.19 | attackspam | Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------ |
2020-10-09 01:30:56 |
| 2.57.121.19 | attackspambots | Lines containing failures of 2.57.121.19 Oct 7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2 Oct 7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth] Oct 7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth] Oct 7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 user=r.r Oct 7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2 Oct 7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth] Oct 7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth] Oct 7 1........ ------------------------------ |
2020-10-08 17:27:23 |
| 2.57.121.112 | attack | Port scanning [4 denied] |
2020-09-09 01:22:45 |
| 2.57.121.112 | attack | Port scanning [4 denied] |
2020-09-08 16:49:23 |
| 2.57.121.203 | attackbots | Unauthorized connection attempt detected from IP address 2.57.121.203 to port 23 |
2020-07-22 22:08:19 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.57.121.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8090
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;2.57.121.45. IN A
;; AUTHORITY SECTION:
. 117 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 00:29:16 CST 2022
;; MSG SIZE rcvd: 104
45.121.57.2.in-addr.arpa domain name pointer smtp45.kcmoa.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
45.121.57.2.in-addr.arpa name = smtp45.kcmoa.com.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 212.3.141.171 | attackbots | Unauthorized connection attempt from IP address 212.3.141.171 on Port 445(SMB) |
2019-06-27 04:40:00 |
| 190.98.105.122 | attack | Wordpress Admin Login attack |
2019-06-27 04:44:21 |
| 84.101.59.42 | attack | Jun 26 15:44:08 m3 sshd[21627]: Invalid user pi from 84.101.59.42 Jun 26 15:44:08 m3 sshd[21629]: Invalid user pi from 84.101.59.42 Jun 26 15:44:10 m3 sshd[21627]: Failed password for invalid user pi from 84.101.59.42 port 60618 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=84.101.59.42 |
2019-06-27 04:33:44 |
| 212.116.169.150 | attackbotsspam | 1561554377 - 06/26/2019 20:06:17 Host: 212.116.169.150.static.012.net.il/212.116.169.150 Port: 23 TCP Blocked ... |
2019-06-27 04:15:12 |
| 115.159.153.135 | attackbots | Honeypot attack, port: 23, PTR: PTR record not found |
2019-06-27 04:26:28 |
| 14.246.205.108 | attackbots | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 09:09:22,338 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.246.205.108) |
2019-06-27 04:39:38 |
| 59.44.9.142 | attackbotsspam | Honeypot hit. |
2019-06-27 04:37:14 |
| 128.106.164.206 | attack | Unauthorized connection attempt from IP address 128.106.164.206 on Port 445(SMB) |
2019-06-27 04:45:13 |
| 188.131.204.154 | attackspam | Jun 26 13:05:46 MK-Soft-VM5 sshd\[10216\]: Invalid user christina from 188.131.204.154 port 48906 Jun 26 13:05:46 MK-Soft-VM5 sshd\[10216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.204.154 Jun 26 13:05:48 MK-Soft-VM5 sshd\[10216\]: Failed password for invalid user christina from 188.131.204.154 port 48906 ssh2 ... |
2019-06-27 04:28:49 |
| 180.93.21.162 | attackbots | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 09:08:49,476 INFO [amun_request_handler] PortScan Detected on Port: 445 (180.93.21.162) |
2019-06-27 04:48:55 |
| 46.229.168.141 | attackbots | Malicious Traffic/Form Submission |
2019-06-27 04:56:54 |
| 72.43.128.190 | attackbotsspam | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 09:09:08,284 INFO [amun_request_handler] PortScan Detected on Port: 445 (72.43.128.190) |
2019-06-27 04:44:40 |
| 178.128.150.158 | attackspam | Jun 26 19:00:48 Proxmox sshd\[28848\]: User www-data from 178.128.150.158 not allowed because not listed in AllowUsers Jun 26 19:00:48 Proxmox sshd\[28848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.150.158 user=www-data Jun 26 19:00:49 Proxmox sshd\[28848\]: Failed password for invalid user www-data from 178.128.150.158 port 53010 ssh2 Jun 26 19:03:50 Proxmox sshd\[31352\]: Invalid user boost from 178.128.150.158 port 59634 Jun 26 19:03:50 Proxmox sshd\[31352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.150.158 Jun 26 19:03:52 Proxmox sshd\[31352\]: Failed password for invalid user boost from 178.128.150.158 port 59634 ssh2 |
2019-06-27 04:51:58 |
| 14.161.11.238 | attackspambots | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 09:09:59,075 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.161.11.238) |
2019-06-27 04:32:51 |
| 217.182.68.146 | attack | Jun 26 16:05:39 srv-4 sshd\[28641\]: Invalid user ftp_user from 217.182.68.146 Jun 26 16:05:39 srv-4 sshd\[28641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.68.146 Jun 26 16:05:41 srv-4 sshd\[28641\]: Failed password for invalid user ftp_user from 217.182.68.146 port 36001 ssh2 ... |
2019-06-27 04:31:40 |