91.192.10.53 - IPInfo

Basic Info

City: Klingenberg Am Main

Region: Bayern

Country: Germany

Internet Service Provider: ITP-Solutions UG & Co. KG

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=guest	2020-09-20 22:37:52
attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=guest	2020-09-20 14:28:21
attackbots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=guest	2020-09-20 06:28:04
attackspambots	Sep 3 11:15:57 santamaria sshd\[28838\]: Invalid user nagios from 91.192.10.53 Sep 3 11:15:57 santamaria sshd\[28838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.192.10.53 Sep 3 11:15:59 santamaria sshd\[28838\]: Failed password for invalid user nagios from 91.192.10.53 port 42271 ssh2 ...	2020-09-03 21:07:43
attackspambots	Sep 3 04:36:11 ns381471 sshd[24979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.192.10.53 Sep 3 04:36:13 ns381471 sshd[24979]: Failed password for invalid user anna from 91.192.10.53 port 50768 ssh2	2020-09-03 12:50:46
attack	2020-09-02T21:04:12+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-09-03 05:08:56

Comments on same subnet:

IP	Type	Details	Datetime
91.192.10.119	attackspambots	Unauthorized connection attempt detected from IP address 91.192.10.119 to port 23	2020-08-03 18:32:00
91.192.10.129	attackspam	Unauthorized connection attempt detected from IP address 91.192.10.129 to port 23	2020-07-29 16:45:42
91.192.10.111	attackbots	Port scan denied	2020-07-14 02:59:14
91.192.10.130	attack	37215/tcp 37215/tcp [2020-06-21/24]2pkt	2020-06-25 06:14:09
91.192.10.147	attackbots	Telnetd brute force attack detected by fail2ban	2020-06-24 14:30:43
91.192.10.126	attackbotsspam	Attempted connection to port 11211.	2020-06-20 22:17:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.192.10.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43040
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.192.10.53.			IN	A

;; AUTHORITY SECTION:
.			308	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090201 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 03 05:08:53 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 53.10.192.91.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 53.10.192.91.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.74.47.230	attackbots	Unauthorized connection attempt detected from IP address 125.74.47.230 to port 2220 [J]	2020-01-07 23:23:21
112.85.42.176	attack	Jan 7 12:05:20 server sshd\[28412\]: Failed password for root from 112.85.42.176 port 53411 ssh2 Jan 7 12:05:22 server sshd\[28434\]: Failed password for root from 112.85.42.176 port 8811 ssh2 Jan 7 18:19:03 server sshd\[24581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Jan 7 18:19:04 server sshd\[24581\]: Failed password for root from 112.85.42.176 port 19975 ssh2 Jan 7 18:19:06 server sshd\[24613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root ...	2020-01-07 23:36:36
95.46.153.29	attackspambots	Unauthorized connection attempt from IP address 95.46.153.29 on Port 445(SMB)	2020-01-07 23:47:27
203.147.68.91	attackbotsspam	(imapd) Failed IMAP login from 203.147.68.91 (NC/New Caledonia/host-203-147-68-91.h21.canl.nc): 1 in the last 3600 secs	2020-01-07 23:47:48
94.23.70.116	attackspambots	Jan 7 04:55:09 eddieflores sshd\[13763\]: Invalid user uqg from 94.23.70.116 Jan 7 04:55:09 eddieflores sshd\[13763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.70.116 Jan 7 04:55:12 eddieflores sshd\[13763\]: Failed password for invalid user uqg from 94.23.70.116 port 59287 ssh2 Jan 7 05:04:48 eddieflores sshd\[14542\]: Invalid user cuigj from 94.23.70.116 Jan 7 05:04:48 eddieflores sshd\[14542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.70.116	2020-01-07 23:17:23
122.51.163.237	attackbotsspam	Unauthorized connection attempt detected from IP address 122.51.163.237 to port 2220 [J]	2020-01-07 23:23:44
222.186.180.6	attackspam	Jan 7 16:35:29 jane sshd[12588]: Failed password for root from 222.186.180.6 port 32156 ssh2 Jan 7 16:35:33 jane sshd[12588]: Failed password for root from 222.186.180.6 port 32156 ssh2 ...	2020-01-07 23:45:38
185.164.72.217	attackbotsspam	Unauthorised access (Jan 7) SRC=185.164.72.217 LEN=40 TTL=244 ID=24435 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 6) SRC=185.164.72.217 LEN=40 TTL=244 ID=55080 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jan 5) SRC=185.164.72.217 LEN=40 TTL=244 ID=2332 TCP DPT=3389 WINDOW=1024 SYN	2020-01-07 23:30:31
186.6.159.106	attack	20/1/7@10:28:21: FAIL: Alarm-Network address from=186.6.159.106 ...	2020-01-07 23:43:04
112.3.30.47	attack	Jan 7 05:54:44 web9 sshd\[12191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.3.30.47 user=daemon Jan 7 05:54:46 web9 sshd\[12191\]: Failed password for daemon from 112.3.30.47 port 49434 ssh2 Jan 7 05:58:29 web9 sshd\[12848\]: Invalid user test from 112.3.30.47 Jan 7 05:58:29 web9 sshd\[12848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.3.30.47 Jan 7 05:58:31 web9 sshd\[12848\]: Failed password for invalid user test from 112.3.30.47 port 37786 ssh2	2020-01-08 00:00:49
168.61.176.121	attackspam	Unauthorized connection attempt detected from IP address 168.61.176.121 to port 2220 [J]	2020-01-07 23:31:04
109.175.166.36	attackbotsspam	Jan 7 14:50:08 legacy sshd[11980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.175.166.36 Jan 7 14:50:10 legacy sshd[11980]: Failed password for invalid user mythtv from 109.175.166.36 port 53866 ssh2 Jan 7 14:53:26 legacy sshd[12176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.175.166.36 ...	2020-01-07 23:34:48
167.71.177.207	attack	Unauthorized connection attempt detected from IP address 167.71.177.207 to port 2220 [J]	2020-01-07 23:38:19
166.62.85.53	attackspam	166.62.85.53 - - [07/Jan/2020:14:49:01 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2298 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:03 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:04 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.85.53 - - [07/Jan/2020:14:49:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2273 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-07 23:57:37
106.13.16.205	attackbotsspam	Unauthorized connection attempt detected from IP address 106.13.16.205 to port 2220 [J]	2020-01-07 23:40:27

Recently Reported IPs

65.19.15.155	130.110.101.84	40.6.100.67	173.188.87.44
39.169.172.11	34.233.57.3	128.16.140.6	37.94.70.242
223.205.251.89	27.54.54.64	83.235.174.95	103.173.125.251
190.200.94.36	192.241.227.149	76.184.229.147	40.84.156.241
165.22.32.60	184.54.51.74	37.187.54.143	112.197.139.91