91.137.25.28 - IPInfo

Basic Info

City: Bad Langensalza

Region: Thüringen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
91.137.251.41	attackbotsspam	Sep 23 18:50:39 mail.srvfarm.net postfix/smtpd[194163]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed: Sep 23 18:50:39 mail.srvfarm.net postfix/smtpd[194163]: lost connection after AUTH from unknown[91.137.251.41] Sep 23 18:54:35 mail.srvfarm.net postfix/smtpd[198463]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed: Sep 23 18:54:35 mail.srvfarm.net postfix/smtpd[198463]: lost connection after AUTH from unknown[91.137.251.41] Sep 23 18:56:59 mail.srvfarm.net postfix/smtpd[194154]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed:	2020-09-24 20:43:07
91.137.251.41	attackbots	Sep 23 18:50:39 mail.srvfarm.net postfix/smtpd[194163]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed: Sep 23 18:50:39 mail.srvfarm.net postfix/smtpd[194163]: lost connection after AUTH from unknown[91.137.251.41] Sep 23 18:54:35 mail.srvfarm.net postfix/smtpd[198463]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed: Sep 23 18:54:35 mail.srvfarm.net postfix/smtpd[198463]: lost connection after AUTH from unknown[91.137.251.41] Sep 23 18:56:59 mail.srvfarm.net postfix/smtpd[194154]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed:	2020-09-24 12:39:32
91.137.251.41	attackbotsspam	Sep 23 18:50:39 mail.srvfarm.net postfix/smtpd[194163]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed: Sep 23 18:50:39 mail.srvfarm.net postfix/smtpd[194163]: lost connection after AUTH from unknown[91.137.251.41] Sep 23 18:54:35 mail.srvfarm.net postfix/smtpd[198463]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed: Sep 23 18:54:35 mail.srvfarm.net postfix/smtpd[198463]: lost connection after AUTH from unknown[91.137.251.41] Sep 23 18:56:59 mail.srvfarm.net postfix/smtpd[194154]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed:	2020-09-24 04:09:56
91.137.251.41	attackspambots	Aug 4 05:18:40 mail.srvfarm.net postfix/smtpd[1212443]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed: Aug 4 05:18:40 mail.srvfarm.net postfix/smtpd[1212443]: lost connection after AUTH from unknown[91.137.251.41] Aug 4 05:19:57 mail.srvfarm.net postfix/smtpd[1212443]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed: Aug 4 05:19:57 mail.srvfarm.net postfix/smtpd[1212443]: lost connection after AUTH from unknown[91.137.251.41] Aug 4 05:26:43 mail.srvfarm.net postfix/smtpd[1214278]: warning: unknown[91.137.251.41]: SASL PLAIN authentication failed:	2020-08-04 16:11:30
91.137.251.108	attackspambots	(smtpauth) Failed SMTP AUTH login from 91.137.251.108 (HU/Hungary/91-137-251-108.digitalnet.co.hu): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-06 03:56:53 plain authenticator failed for ([91.137.251.108]) [91.137.251.108]: 535 Incorrect authentication data (set_id=h.ahmadi@safanicu.com)	2020-07-06 08:06:31
91.137.251.1	attackspambots	May 13 14:14:13 mail.srvfarm.net postfix/smtps/smtpd[553477]: warning: unknown[91.137.251.1]: SASL PLAIN authentication failed: May 13 14:14:13 mail.srvfarm.net postfix/smtps/smtpd[553477]: lost connection after AUTH from unknown[91.137.251.1] May 13 14:18:52 mail.srvfarm.net postfix/smtps/smtpd[553477]: warning: unknown[91.137.251.1]: SASL PLAIN authentication failed: May 13 14:18:52 mail.srvfarm.net postfix/smtps/smtpd[553477]: lost connection after AUTH from unknown[91.137.251.1] May 13 14:19:42 mail.srvfarm.net postfix/smtps/smtpd[553681]: warning: unknown[91.137.251.1]: SASL PLAIN authentication failed:	2020-05-14 02:52:18
91.137.250.39	attackspam	NAME : MEZGANET-HU CIDR : DDoS attack Hungary "" - block certain countries :) IP: 91.137.250.39 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-01 16:02:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.137.25.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64073
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;91.137.25.28.			IN	A

;; AUTHORITY SECTION:
.			484	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024053002 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 31 10:35:57 CST 2024
;; MSG SIZE  rcvd: 105

Host info

28.25.137.91.in-addr.arpa domain name pointer nat-91-137-25-28.net.encoline.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
28.25.137.91.in-addr.arpa	name = nat-91-137-25-28.net.encoline.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.197.5.191	attack	SSH login attempts.	2020-02-17 13:34:39
42.57.61.116	attack	Portscan detected	2020-02-17 13:38:34
182.148.122.16	attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-02-17 13:33:18
222.186.169.192	attackspam	Feb 17 06:39:51 web sshd[32198]: Failed password for root from 222.186.169.192 port 21254 ssh2 Feb 17 06:40:05 web sshd[32198]: error: maximum authentication attempts exceeded for root from 222.186.169.192 port 21254 ssh2 [preauth] ...	2020-02-17 13:40:26
45.55.157.147	attackbotsspam	Feb 17 06:20:22 MK-Soft-VM4 sshd[8406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.157.147 Feb 17 06:20:25 MK-Soft-VM4 sshd[8406]: Failed password for invalid user ubuntu from 45.55.157.147 port 48063 ssh2 ...	2020-02-17 13:44:40
103.254.198.67	attack	Feb 17 05:32:24 server sshd[259828]: Failed password for root from 103.254.198.67 port 43400 ssh2 Feb 17 05:56:20 server sshd[260374]: Failed password for invalid user user from 103.254.198.67 port 51443 ssh2 Feb 17 05:59:23 server sshd[260463]: Failed password for root from 103.254.198.67 port 37849 ssh2	2020-02-17 13:50:10
104.47.48.36	attackbots	SSH login attempts.	2020-02-17 14:05:15
188.125.72.73	attackspam	SSH login attempts.	2020-02-17 13:28:22
106.54.44.60	attackspam	Feb 16 19:50:46 web1 sshd\[31063\]: Invalid user wildfly from 106.54.44.60 Feb 16 19:50:46 web1 sshd\[31063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.44.60 Feb 16 19:50:48 web1 sshd\[31063\]: Failed password for invalid user wildfly from 106.54.44.60 port 41144 ssh2 Feb 16 19:52:41 web1 sshd\[31243\]: Invalid user ftpuser from 106.54.44.60 Feb 16 19:52:41 web1 sshd\[31243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.44.60	2020-02-17 14:04:25
114.67.75.37	attackbotsspam	Feb 17 05:59:20 sshd\[20134\]: Invalid user hong from 114.67.75.37Feb 17 05:59:22 sshd\[20134\]: Failed password for invalid user hong from 114.67.75.37 port 48488 ssh2 ...	2020-02-17 13:54:17
106.52.93.51	attack	$f2bV_matches	2020-02-17 13:46:16
182.186.120.159	attack	1581915578 - 02/17/2020 05:59:38 Host: 182.186.120.159/182.186.120.159 Port: 445 TCP Blocked	2020-02-17 13:24:29
196.219.184.244	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 13:29:56
36.82.185.138	attackbots	1581915560 - 02/17/2020 05:59:20 Host: 36.82.185.138/36.82.185.138 Port: 445 TCP Blocked	2020-02-17 13:55:10
209.99.64.71	attackspam	SSH login attempts.	2020-02-17 13:40:57

Recently Reported IPs

188.26.249.40	245.237.28.211	104.35.239.57	5.109.41.160
182.225.79.144	248.146.63.201	85.158.225.27	189.26.69.175
178.135.88.193	120.176.206.199	163.248.158.53	85.237.35.122
110.80.22.89	99.214.58.131	215.247.172.30	38.38.39.26
78.250.159.160	27.3.130.235	112.29.168.147	161.208.238.8