Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
2.57.121.104 attack
[N10.H2.VM2] Port Scanner Detected Blocked by UFW
2020-10-14 09:04:46
2.57.121.19 attack
Lines containing failures of 2.57.121.19
Oct  7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=r.r
Oct  7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2
Oct  7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth]
Oct  7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth]
Oct  7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=r.r
Oct  7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2
Oct  7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth]
Oct  7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth]
Oct  7 1........
------------------------------
2020-10-12 02:05:01
2.57.121.19 attack
Lines containing failures of 2.57.121.19
Oct  7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=r.r
Oct  7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2
Oct  7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth]
Oct  7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth]
Oct  7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=r.r
Oct  7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2
Oct  7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth]
Oct  7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth]
Oct  7 1........
------------------------------
2020-10-11 17:54:25
2.57.121.19 attackbotsspam
Oct 10 13:42:24 pixelmemory sshd[3235053]: Failed password for root from 2.57.121.19 port 57924 ssh2
Oct 10 13:44:08 pixelmemory sshd[3252791]: Invalid user abc1234 from 2.57.121.19 port 51694
Oct 10 13:44:08 pixelmemory sshd[3252791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19 
Oct 10 13:44:08 pixelmemory sshd[3252791]: Invalid user abc1234 from 2.57.121.19 port 51694
Oct 10 13:44:10 pixelmemory sshd[3252791]: Failed password for invalid user abc1234 from 2.57.121.19 port 51694 ssh2
...
2020-10-11 04:45:09
2.57.121.19 attackbots
Oct 10 08:18:16 firewall sshd[19785]: Failed password for root from 2.57.121.19 port 33660 ssh2
Oct 10 08:21:57 firewall sshd[19834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=root
Oct 10 08:21:59 firewall sshd[19834]: Failed password for root from 2.57.121.19 port 40284 ssh2
...
2020-10-10 20:44:24
2.57.121.19 attackspam
Lines containing failures of 2.57.121.19
Oct  7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=r.r
Oct  7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2
Oct  7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth]
Oct  7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth]
Oct  7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=r.r
Oct  7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2
Oct  7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth]
Oct  7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth]
Oct  7 1........
------------------------------
2020-10-09 01:30:56
2.57.121.19 attackspambots
Lines containing failures of 2.57.121.19
Oct  7 12:37:11 nextcloud sshd[23963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=r.r
Oct  7 12:37:13 nextcloud sshd[23963]: Failed password for r.r from 2.57.121.19 port 47782 ssh2
Oct  7 12:37:13 nextcloud sshd[23963]: Received disconnect from 2.57.121.19 port 47782:11: Bye Bye [preauth]
Oct  7 12:37:13 nextcloud sshd[23963]: Disconnected from authenticating user r.r 2.57.121.19 port 47782 [preauth]
Oct  7 12:53:35 nextcloud sshd[26770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.121.19  user=r.r
Oct  7 12:53:37 nextcloud sshd[26770]: Failed password for r.r from 2.57.121.19 port 38478 ssh2
Oct  7 12:53:37 nextcloud sshd[26770]: Received disconnect from 2.57.121.19 port 38478:11: Bye Bye [preauth]
Oct  7 12:53:37 nextcloud sshd[26770]: Disconnected from authenticating user r.r 2.57.121.19 port 38478 [preauth]
Oct  7 1........
------------------------------
2020-10-08 17:27:23
2.57.121.112 attack
Port scanning [4 denied]
2020-09-09 01:22:45
2.57.121.112 attack
Port scanning [4 denied]
2020-09-08 16:49:23
2.57.121.203 attackbots
Unauthorized connection attempt detected from IP address 2.57.121.203 to port 23
2020-07-22 22:08:19
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.57.121.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8090
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2.57.121.45.			IN	A

;; AUTHORITY SECTION:
.			117	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 00:29:16 CST 2022
;; MSG SIZE  rcvd: 104
Host info
45.121.57.2.in-addr.arpa domain name pointer smtp45.kcmoa.com.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.121.57.2.in-addr.arpa	name = smtp45.kcmoa.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
170.130.191.8 attackspam
170.130.191.8 has been banned for [spam]
...
2020-09-06 06:56:44
51.77.135.89 attackbotsspam
Sep  6 00:50:22 home sshd[900106]: Failed password for root from 51.77.135.89 port 46066 ssh2
Sep  6 00:50:25 home sshd[900106]: Failed password for root from 51.77.135.89 port 46066 ssh2
Sep  6 00:50:29 home sshd[900106]: Failed password for root from 51.77.135.89 port 46066 ssh2
Sep  6 00:50:32 home sshd[900106]: Failed password for root from 51.77.135.89 port 46066 ssh2
Sep  6 00:50:39 home sshd[900106]: error: maximum authentication attempts exceeded for root from 51.77.135.89 port 46066 ssh2 [preauth]
...
2020-09-06 07:04:16
68.228.215.87 attackbotsspam
Aug 31 07:08:28 h1946882 sshd[20654]: pam_unix(sshd:auth): authenticati=
on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3Dip68=
-228-215-87.ph.ph.cox.net=20
Aug 31 07:08:30 h1946882 sshd[20654]: Failed password for invalid user =
admin from 68.228.215.87 port 49694 ssh2
Aug 31 07:08:30 h1946882 sshd[20654]: Received disconnect from 68.228.2=
15.87: 11: Bye Bye [preauth]
Aug 31 07:08:32 h1946882 sshd[20656]: pam_unix(sshd:auth): authenticati=
on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3Dip68=
-228-215-87.ph.ph.cox.net=20


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=68.228.215.87
2020-09-06 07:04:57
51.77.220.127 attackbots
51.77.220.127 - - [06/Sep/2020:02:19:22 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2"
...
2020-09-06 06:55:15
222.186.42.213 attackspambots
Sep  6 01:10:05 OPSO sshd\[23123\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.213  user=root
Sep  6 01:10:07 OPSO sshd\[23123\]: Failed password for root from 222.186.42.213 port 43549 ssh2
Sep  6 01:10:09 OPSO sshd\[23123\]: Failed password for root from 222.186.42.213 port 43549 ssh2
Sep  6 01:10:12 OPSO sshd\[23123\]: Failed password for root from 222.186.42.213 port 43549 ssh2
Sep  6 01:10:14 OPSO sshd\[23191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.213  user=root
2020-09-06 07:11:05
92.63.197.71 attackspam
firewall-block, port(s): 3397/tcp
2020-09-06 07:08:30
104.206.119.2 attackspam
Aug 31 06:40:58 mxgate1 postfix/postscreen[24409]: CONNECT from [104.206.119.2]:60811 to [176.31.12.44]:25
Aug 31 06:41:04 mxgate1 postfix/postscreen[24409]: PASS NEW [104.206.119.2]:60811
Aug 31 06:41:04 mxgate1 postfix/smtpd[24410]: warning: hostname iseedragon.com does not resolve to address 104.206.119.2: Name or service not known
Aug 31 06:41:04 mxgate1 postfix/smtpd[24410]: connect from unknown[104.206.119.2]
Aug 31 06:41:04 mxgate1 postfix/smtpd[24410]: DEA36A03F4: client=unknown[104.206.119.2]
Aug 31 06:41:08 mxgate1 postfix/smtpd[24410]: disconnect from unknown[104.206.119.2] ehlo=1 mail=1 rcpt=1 data=1 quhostname=1 commands=5
Aug 31 06:41:08 mxgate1 postfix/postscreen[24409]: CONNECT from [104.206.119.2]:51121 to [176.31.12.44]:25
Aug 31 06:41:08 mxgate1 postfix/postscreen[24409]: PASS OLD [104.206.119.2]:51121
Aug 31 06:41:08 mxgate1 postfix/smtpd[24410]: warning: hostname iseedragon.com does not resolve to address 104.206.119.2: Name or service not known
Aug........
-------------------------------
2020-09-06 06:51:07
128.134.0.72 attackspam
port scan and connect, tcp 23 (telnet)
2020-09-06 07:24:07
145.239.80.14 attackspambots
Sep  6 00:00:51 markkoudstaal sshd[19338]: Failed password for root from 145.239.80.14 port 47432 ssh2
Sep  6 00:04:41 markkoudstaal sshd[28362]: Failed password for root from 145.239.80.14 port 53272 ssh2
...
2020-09-06 07:12:54
89.47.62.88 attack
(smtpauth) Failed SMTP AUTH login from 89.47.62.88 (GB/United Kingdom/-): 5 in the last 3600 secs
2020-09-06 07:22:09
74.120.14.35 attackspambots
Sep  5 22:05:25 baraca inetd[50010]: refused connection from scanner-06.ch1.censys-scanner.com, service sshd (tcp)
Sep  5 22:05:27 baraca inetd[50011]: refused connection from scanner-06.ch1.censys-scanner.com, service sshd (tcp)
Sep  5 22:05:28 baraca inetd[50012]: refused connection from scanner-06.ch1.censys-scanner.com, service sshd (tcp)
...
2020-09-06 06:49:27
125.94.150.141 attack
Icarus honeypot on github
2020-09-06 06:59:56
85.209.0.251 attackspambots
vps:pam-generic
2020-09-06 07:05:26
167.71.134.241 attackspambots
2020-09-05T10:47:17.265730correo.[domain] sshd[43601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.134.241 2020-09-05T10:47:17.259493correo.[domain] sshd[43601]: Invalid user webadm from 167.71.134.241 port 57038 2020-09-05T10:47:19.488247correo.[domain] sshd[43601]: Failed password for invalid user webadm from 167.71.134.241 port 57038 ssh2 ...
2020-09-06 07:20:17
171.13.47.75 attackbots
Lines containing failures of 171.13.47.75 (max 1000)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=171.13.47.75
2020-09-06 07:15:41

Recently Reported IPs

82.157.167.43 140.250.40.105 134.236.18.210 170.80.32.221
105.72.6.206 65.111.109.108 164.77.176.170 38.7.95.106
185.180.131.71 192.241.179.204 103.114.53.2 212.156.90.186
59.110.213.204 200.194.7.195 178.128.223.187 162.250.161.13
37.157.173.52 117.251.18.117 189.50.42.93 175.139.200.17