46.21.2.140 - IPInfo

Basic Info

City: Rehburg-Loccum

Region: Lower Saxony

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
46.21.249.190	attack	2020-10-10T05:53:50.603150mail.broermann.family sshd[14078]: Failed password for invalid user thinker from 46.21.249.190 port 57074 ssh2 2020-10-10T05:57:44.198392mail.broermann.family sshd[14421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.190 user=root 2020-10-10T05:57:46.273826mail.broermann.family sshd[14421]: Failed password for root from 46.21.249.190 port 60828 ssh2 2020-10-10T06:01:10.015142mail.broermann.family sshd[14790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.190 user=root 2020-10-10T06:01:12.236296mail.broermann.family sshd[14790]: Failed password for root from 46.21.249.190 port 36336 ssh2 ...	2020-10-11 01:44:01
46.21.209.140	attackbotsspam	Autoban 46.21.209.140 AUTH/CONNECT	2020-10-10 04:43:44
46.21.209.140	attackbotsspam	Autoban 46.21.209.140 AUTH/CONNECT	2020-10-09 20:41:41
46.21.209.140	attack	Autoban 46.21.209.140 AUTH/CONNECT	2020-10-09 12:28:42
46.21.209.53	attack	Sep 13 18:37:15 mail.srvfarm.net postfix/smtps/smtpd[1230769]: warning: ip-46-21-209-53.nette.pl[46.21.209.53]: SASL PLAIN authentication failed: Sep 13 18:37:15 mail.srvfarm.net postfix/smtps/smtpd[1230769]: lost connection after AUTH from ip-46-21-209-53.nette.pl[46.21.209.53] Sep 13 18:37:39 mail.srvfarm.net postfix/smtpd[1230212]: warning: ip-46-21-209-53.nette.pl[46.21.209.53]: SASL PLAIN authentication failed: Sep 13 18:37:39 mail.srvfarm.net postfix/smtpd[1230212]: lost connection after AUTH from ip-46-21-209-53.nette.pl[46.21.209.53] Sep 13 18:45:53 mail.srvfarm.net postfix/smtpd[1232278]: warning: ip-46-21-209-53.nette.pl[46.21.209.53]: SASL PLAIN authentication failed:	2020-09-15 03:42:23
46.21.209.53	attackspambots	Sep 13 18:37:15 mail.srvfarm.net postfix/smtps/smtpd[1230769]: warning: ip-46-21-209-53.nette.pl[46.21.209.53]: SASL PLAIN authentication failed: Sep 13 18:37:15 mail.srvfarm.net postfix/smtps/smtpd[1230769]: lost connection after AUTH from ip-46-21-209-53.nette.pl[46.21.209.53] Sep 13 18:37:39 mail.srvfarm.net postfix/smtpd[1230212]: warning: ip-46-21-209-53.nette.pl[46.21.209.53]: SASL PLAIN authentication failed: Sep 13 18:37:39 mail.srvfarm.net postfix/smtpd[1230212]: lost connection after AUTH from ip-46-21-209-53.nette.pl[46.21.209.53] Sep 13 18:45:53 mail.srvfarm.net postfix/smtpd[1232278]: warning: ip-46-21-209-53.nette.pl[46.21.209.53]: SASL PLAIN authentication failed:	2020-09-14 19:39:33
46.21.212.134	attack	failed_logins	2020-09-01 14:20:36
46.21.249.141	attackspambots	Aug 12 04:54:28 ws26vmsma01 sshd[83716]: Failed password for root from 46.21.249.141 port 39162 ssh2 Aug 12 04:54:41 ws26vmsma01 sshd[83716]: error: maximum authentication attempts exceeded for root from 46.21.249.141 port 39162 ssh2 [preauth] ...	2020-08-12 12:56:57
46.21.249.141	attackspambots	SmallBizIT.US 1 packets to tcp(22)	2020-08-10 18:24:24
46.21.249.141	attackbotsspam	ET COMPROMISED Known Compromised or Hostile Host Traffic group 26 - port: 22 proto: tcp cat: Misc Attackbytes: 60	2020-08-10 01:10:14
46.21.249.141	attackspam	Aug 9 11:22:15 lnxded64 sshd[3625]: Failed password for root from 46.21.249.141 port 37090 ssh2 Aug 9 11:22:18 lnxded64 sshd[3625]: Failed password for root from 46.21.249.141 port 37090 ssh2 Aug 9 11:22:20 lnxded64 sshd[3625]: Failed password for root from 46.21.249.141 port 37090 ssh2 Aug 9 11:22:22 lnxded64 sshd[3625]: Failed password for root from 46.21.249.141 port 37090 ssh2	2020-08-09 17:24:09
46.21.249.141	attackspam	Aug 3 22:51:15 xxxxxxx5185820 sshd[12003]: reveeclipse mapping checking getaddrinfo for nalive.ru [46.21.249.141] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 3 22:51:15 xxxxxxx5185820 sshd[12003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.141 user=r.r Aug 3 22:51:17 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:19 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:21 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:23 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:25 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:27 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:27 xxxxxxx5185820 sshd[12003]: error: maximum ........ -------------------------------	2020-08-09 05:18:55
46.21.249.141	attackbotsspam	Aug 8 22:16:01 plg sshd[2759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.141 user=root Aug 8 22:16:02 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:05 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:08 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:11 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:13 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:16 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:16 plg sshd[2759]: error: maximum authentication attempts exceeded for invalid user root from 46.21.249.141 port 57164 ssh2 [preauth] ...	2020-08-09 04:18:13
46.21.249.141	attackspambots	$f2bV_matches	2020-08-08 06:35:45
46.21.249.141	attack	2020-08-07T13:30:29.719535galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:31.927492galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:34.185887galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:36.162360galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:38.082997galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:40.286204galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:40.286394galaxy.wi.uni-potsdam.de sshd[17608]: error: maximum authentication attempts exceeded for root from 46.21.249.141 port 48758 ssh2 [preauth] 2020-08-07T13:30:40.286424galaxy.wi.uni-potsdam.de sshd[17608]: Disconnecting: Too many au ...	2020-08-07 19:40:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.21.2.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40235
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.21.2.140.			IN	A

;; AUTHORITY SECTION:
.			342	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101300 1800 900 604800 86400

;; Query time: 481 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 14 03:07:16 CST 2019
;; MSG SIZE  rcvd: 115

Host info

140.2.21.46.in-addr.arpa domain name pointer no-reverse.nexiu.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.2.21.46.in-addr.arpa	name = no-reverse.nexiu.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.64.253.40	attackbots	Oct 25 05:53:57 OPSO sshd\[20349\]: Invalid user ana from 87.64.253.40 port 50062 Oct 25 05:53:57 OPSO sshd\[20349\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.64.253.40 Oct 25 05:53:59 OPSO sshd\[20349\]: Failed password for invalid user ana from 87.64.253.40 port 50062 ssh2 Oct 25 05:54:18 OPSO sshd\[20389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.64.253.40 user=root Oct 25 05:54:20 OPSO sshd\[20389\]: Failed password for root from 87.64.253.40 port 33050 ssh2	2019-10-25 14:36:03
89.248.168.176	attackspam	10/25/2019-06:16:33.693976 89.248.168.176 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-25 14:24:15
171.244.68.9	attack	8728/tcp 22/tcp 8291/tcp... [2019-10-17/25]18pkt,3pt.(tcp)	2019-10-25 14:28:59
118.97.194.110	attack	1433/tcp 445/tcp... [2019-08-27/10-25]13pkt,2pt.(tcp)	2019-10-25 14:13:52
45.136.109.47	attackbotsspam	Port scan on 21 port(s): 3425 3935 3978 4054 4069 4126 4195 4330 4881 4889 5025 5106 5130 5241 5248 5288 5292 5343 5856 6554 6589	2019-10-25 14:11:28
139.59.169.103	attackbotsspam	Oct 25 06:41:59 server sshd\[30413\]: Invalid user username from 139.59.169.103 Oct 25 06:41:59 server sshd\[30413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 Oct 25 06:42:01 server sshd\[30413\]: Failed password for invalid user username from 139.59.169.103 port 54560 ssh2 Oct 25 06:54:35 server sshd\[562\]: Invalid user simona from 139.59.169.103 Oct 25 06:54:35 server sshd\[562\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.169.103 ...	2019-10-25 14:26:43
222.186.175.169	attackbots	Oct 25 08:26:40 srv206 sshd[30405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.169 user=root Oct 25 08:26:42 srv206 sshd[30405]: Failed password for root from 222.186.175.169 port 47082 ssh2 ...	2019-10-25 14:28:12
221.226.63.54	attackbotsspam	Invalid user weng from 221.226.63.54 port 15935	2019-10-25 14:06:14
58.217.157.90	attackspambots	1433/tcp 1433/tcp 1433/tcp [2019-10-19/25]3pkt	2019-10-25 14:39:25
220.133.225.5	attackbots	23/tcp 60001/tcp... [2019-09-06/10-25]42pkt,2pt.(tcp)	2019-10-25 14:18:42
41.32.145.233	attackspambots	SMTP-SASL bruteforce attempt	2019-10-25 14:06:01
185.176.27.254	attackspam	10/25/2019-02:09:23.873401 185.176.27.254 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-25 14:17:29
123.25.11.31	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-09-26/10-25]4pkt,1pt.(tcp)	2019-10-25 14:00:15
221.236.15.48	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/221.236.15.48/ CN - 1H : (1880) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN38283 IP : 221.236.15.48 CIDR : 221.236.15.0/24 PREFIX COUNT : 439 UNIQUE IP COUNT : 206080 ATTACKS DETECTED ASN38283 : 1H - 3 3H - 8 6H - 14 12H - 21 24H - 23 DateTime : 2019-10-25 05:54:54 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 14:08:42
36.36.200.181	attack	Brute force SMTP login attempted. ...	2019-10-25 14:35:48

Recently Reported IPs

167.128.51.14	82.68.107.48	95.173.186.10	32.241.176.152
182.138.158.233	153.91.106.96	60.76.158.46	181.94.194.150
84.166.114.250	52.221.202.84	178.216.26.179	223.211.215.66
178.208.162.101	219.116.147.200	203.214.47.255	123.210.127.98
177.4.188.99	209.186.224.41	65.54.112.47	97.218.155.133