91.245.30.75 - IPInfo

Basic Info

City: Vojnuv Mestec

Region: Kraj Vysocina

Country: Czechia

Internet Service Provider: OK COMP s.r.o.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SASL PLAIN auth failed: ruser=...	2020-07-16 08:31:09

Comments on same subnet:

IP	Type	Details	Datetime
91.245.30.150	attackspambots	Sep 11 18:00:30 mail.srvfarm.net postfix/smtps/smtpd[3875317]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Sep 11 18:00:30 mail.srvfarm.net postfix/smtps/smtpd[3875317]: lost connection after AUTH from unknown[91.245.30.150] Sep 11 18:06:45 mail.srvfarm.net postfix/smtps/smtpd[3875620]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Sep 11 18:06:45 mail.srvfarm.net postfix/smtps/smtpd[3875620]: lost connection after AUTH from unknown[91.245.30.150] Sep 11 18:08:32 mail.srvfarm.net postfix/smtpd[3889545]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed:	2020-09-13 01:43:37
91.245.30.150	attackspam	Sep 11 18:00:30 mail.srvfarm.net postfix/smtps/smtpd[3875317]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Sep 11 18:00:30 mail.srvfarm.net postfix/smtps/smtpd[3875317]: lost connection after AUTH from unknown[91.245.30.150] Sep 11 18:06:45 mail.srvfarm.net postfix/smtps/smtpd[3875620]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Sep 11 18:06:45 mail.srvfarm.net postfix/smtps/smtpd[3875620]: lost connection after AUTH from unknown[91.245.30.150] Sep 11 18:08:32 mail.srvfarm.net postfix/smtpd[3889545]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed:	2020-09-12 17:43:32
91.245.30.79	attack	Sep 7 12:09:56 mail.srvfarm.net postfix/smtpd[1050887]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed: Sep 7 12:09:56 mail.srvfarm.net postfix/smtpd[1050887]: lost connection after AUTH from unknown[91.245.30.79] Sep 7 12:14:31 mail.srvfarm.net postfix/smtpd[1050882]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed: Sep 7 12:14:31 mail.srvfarm.net postfix/smtpd[1050882]: lost connection after AUTH from unknown[91.245.30.79] Sep 7 12:15:08 mail.srvfarm.net postfix/smtpd[1039277]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed:	2020-09-12 02:45:11
91.245.30.79	attack	Sep 7 12:09:56 mail.srvfarm.net postfix/smtpd[1050887]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed: Sep 7 12:09:56 mail.srvfarm.net postfix/smtpd[1050887]: lost connection after AUTH from unknown[91.245.30.79] Sep 7 12:14:31 mail.srvfarm.net postfix/smtpd[1050882]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed: Sep 7 12:14:31 mail.srvfarm.net postfix/smtpd[1050882]: lost connection after AUTH from unknown[91.245.30.79] Sep 7 12:15:08 mail.srvfarm.net postfix/smtpd[1039277]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed:	2020-09-11 18:41:19
91.245.30.71	attackspambots	Brute force attempt	2020-08-31 13:04:59
91.245.30.92	attack	Aug 27 04:21:01 mail.srvfarm.net postfix/smtpd[1314728]: warning: unknown[91.245.30.92]: SASL PLAIN authentication failed: Aug 27 04:21:01 mail.srvfarm.net postfix/smtpd[1314728]: lost connection after AUTH from unknown[91.245.30.92] Aug 27 04:22:47 mail.srvfarm.net postfix/smtpd[1332132]: warning: unknown[91.245.30.92]: SASL PLAIN authentication failed: Aug 27 04:22:47 mail.srvfarm.net postfix/smtpd[1332132]: lost connection after AUTH from unknown[91.245.30.92] Aug 27 04:24:00 mail.srvfarm.net postfix/smtpd[1313892]: warning: unknown[91.245.30.92]: SASL PLAIN authentication failed:	2020-08-28 09:43:43
91.245.30.125	attack	Aug 16 05:14:59 mail.srvfarm.net postfix/smtps/smtpd[1888763]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed: Aug 16 05:14:59 mail.srvfarm.net postfix/smtps/smtpd[1888763]: lost connection after AUTH from unknown[91.245.30.125] Aug 16 05:22:34 mail.srvfarm.net postfix/smtpd[1888825]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed: Aug 16 05:22:34 mail.srvfarm.net postfix/smtpd[1888825]: lost connection after AUTH from unknown[91.245.30.125] Aug 16 05:24:01 mail.srvfarm.net postfix/smtpd[1888504]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed:	2020-08-16 13:05:13
91.245.30.150	attackspam	Jul 31 13:44:23 mail.srvfarm.net postfix/smtpd[346670]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Jul 31 13:44:23 mail.srvfarm.net postfix/smtpd[346670]: lost connection after AUTH from unknown[91.245.30.150] Jul 31 13:46:32 mail.srvfarm.net postfix/smtps/smtpd[344849]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Jul 31 13:46:32 mail.srvfarm.net postfix/smtps/smtpd[344849]: lost connection after AUTH from unknown[91.245.30.150] Jul 31 13:49:58 mail.srvfarm.net postfix/smtps/smtpd[348862]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed:	2020-08-01 00:31:18
91.245.30.105	attack	Jul 31 10:41:23 mail.srvfarm.net postfix/smtpd[280510]: warning: unknown[91.245.30.105]: SASL PLAIN authentication failed: Jul 31 10:41:23 mail.srvfarm.net postfix/smtpd[280510]: lost connection after AUTH from unknown[91.245.30.105] Jul 31 10:41:40 mail.srvfarm.net postfix/smtps/smtpd[274710]: warning: unknown[91.245.30.105]: SASL PLAIN authentication failed: Jul 31 10:41:40 mail.srvfarm.net postfix/smtps/smtpd[274710]: lost connection after AUTH from unknown[91.245.30.105] Jul 31 10:48:26 mail.srvfarm.net postfix/smtps/smtpd[278874]: warning: unknown[91.245.30.105]: SASL PLAIN authentication failed:	2020-07-31 17:22:19
91.245.30.146	attack	(smtpauth) Failed SMTP AUTH login from 91.245.30.146 (CZ/Czechia/static30-146.okcomp.cz): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-31 08:23:45 plain authenticator failed for ([91.245.30.146]) [91.245.30.146]: 535 Incorrect authentication data (set_id=a.nasiri)	2020-07-31 14:47:17
91.245.30.107	attack	Jul 29 08:08:18 Host-KEWR-E postfix/smtps/smtpd[30397]: lost connection after AUTH from unknown[91.245.30.107] ...	2020-07-30 02:08:00
91.245.30.100	attackspambots	(smtpauth) Failed SMTP AUTH login from 91.245.30.100 (CZ/Czechia/static30-100.okcomp.cz): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-28 16:35:05 plain authenticator failed for ([91.245.30.100]) [91.245.30.100]: 535 Incorrect authentication data (set_id=nasr)	2020-07-28 23:53:11
91.245.30.147	attackspam	Jul 26 05:47:51 mail.srvfarm.net postfix/smtps/smtpd[1027769]: warning: unknown[91.245.30.147]: SASL PLAIN authentication failed: Jul 26 05:47:51 mail.srvfarm.net postfix/smtps/smtpd[1027769]: lost connection after AUTH from unknown[91.245.30.147] Jul 26 05:50:19 mail.srvfarm.net postfix/smtps/smtpd[1031887]: warning: unknown[91.245.30.147]: SASL PLAIN authentication failed: Jul 26 05:50:19 mail.srvfarm.net postfix/smtps/smtpd[1031887]: lost connection after AUTH from unknown[91.245.30.147] Jul 26 05:52:29 mail.srvfarm.net postfix/smtps/smtpd[1032031]: warning: unknown[91.245.30.147]: SASL PLAIN authentication failed:	2020-07-26 17:32:59
91.245.30.115	attack	Jun 16 05:23:09 mail.srvfarm.net postfix/smtps/smtpd[938143]: warning: unknown[91.245.30.115]: SASL PLAIN authentication failed: Jun 16 05:23:09 mail.srvfarm.net postfix/smtps/smtpd[938143]: lost connection after AUTH from unknown[91.245.30.115] Jun 16 05:26:56 mail.srvfarm.net postfix/smtpd[916111]: warning: unknown[91.245.30.115]: SASL PLAIN authentication failed: Jun 16 05:26:56 mail.srvfarm.net postfix/smtpd[916111]: lost connection after AUTH from unknown[91.245.30.115] Jun 16 05:28:42 mail.srvfarm.net postfix/smtps/smtpd[936248]: warning: unknown[91.245.30.115]: SASL PLAIN authentication failed:	2020-06-16 16:21:02
91.245.30.150	attackspam	Jun 5 18:29:15 mail.srvfarm.net postfix/smtps/smtpd[3174072]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Jun 5 18:29:15 mail.srvfarm.net postfix/smtps/smtpd[3174072]: lost connection after AUTH from unknown[91.245.30.150] Jun 5 18:35:54 mail.srvfarm.net postfix/smtps/smtpd[3174071]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Jun 5 18:35:54 mail.srvfarm.net postfix/smtps/smtpd[3174071]: lost connection after AUTH from unknown[91.245.30.150] Jun 5 18:37:37 mail.srvfarm.net postfix/smtps/smtpd[3175482]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed:	2020-06-07 23:41:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.245.30.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2488
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.245.30.75.			IN	A

;; AUTHORITY SECTION:
.			305	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071501 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 08:31:04 CST 2020
;; MSG SIZE  rcvd: 116

Host info

75.30.245.91.in-addr.arpa domain name pointer static30-075.okcomp.cz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
75.30.245.91.in-addr.arpa	name = static30-075.okcomp.cz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.212.217.214	attackspam	TCP (SYN) 125.212.217.214:29011 -> port 4664, len 44	2020-06-07 22:23:31
170.254.190.2	attackspam	IP 170.254.190.2 attacked honeypot on port: 8080 at 6/7/2020 1:06:29 PM	2020-06-07 22:59:31
114.32.77.20	attackbots	Port Scan detected! ...	2020-06-07 22:33:21
42.115.52.206	attackbots	Automatic report - Banned IP Access	2020-06-07 22:29:47
37.234.46.171	attack	Brute-force attempt banned	2020-06-07 23:01:53
218.92.0.138	attackspam	Jun 7 14:43:09 124388 sshd[14497]: Failed password for root from 218.92.0.138 port 11392 ssh2 Jun 7 14:43:13 124388 sshd[14497]: Failed password for root from 218.92.0.138 port 11392 ssh2 Jun 7 14:43:20 124388 sshd[14497]: error: maximum authentication attempts exceeded for root from 218.92.0.138 port 11392 ssh2 [preauth] Jun 7 14:43:28 124388 sshd[14501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root Jun 7 14:43:30 124388 sshd[14501]: Failed password for root from 218.92.0.138 port 41844 ssh2	2020-06-07 22:44:06
182.122.16.30	attackspam	Jun 6 10:09:13 h1946882 sshd[25586]: reveeclipse mapping checking getaddri= nfo for hn.kd.ny.adsl [182.122.16.30] failed - POSSIBLE BREAK-IN ATTEMP= T! Jun 6 10:09:13 h1946882 sshd[25586]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D182.= 122.16.30 user=3Dr.r Jun 6 10:09:15 h1946882 sshd[25586]: Failed password for r.r from 182= .122.16.30 port 43172 ssh2 Jun 6 10:09:15 h1946882 sshd[25586]: Received disconnect from 182.122.= 16.30: 11: Bye Bye [preauth] Jun 6 10:20:02 h1946882 sshd[25647]: reveeclipse mapping checking getaddri= nfo for hn.kd.ny.adsl [182.122.16.30] failed - POSSIBLE BREAK-IN ATTEMP= T! Jun 6 10:20:02 h1946882 sshd[25647]: pam_unix(sshd:auth): authenticati= on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D182.= 122.16.30 user=3Dr.r Jun 6 10:20:05 h1946882 sshd[25647]: Failed password for r.r from 182= .122.16.30 port 33002 ssh2 Jun 6 10:20:05 h1946882 sshd[25647]: Rece........ -------------------------------	2020-06-07 22:35:54
51.75.28.134	attackspambots	Jun 7 14:07:50 game-panel sshd[16152]: Failed password for root from 51.75.28.134 port 49322 ssh2 Jun 7 14:11:31 game-panel sshd[16460]: Failed password for root from 51.75.28.134 port 52944 ssh2	2020-06-07 22:29:35
191.53.104.186	attackspam	191.53.104.186 (BR/Brazil/191-53-104-186.vga-wr.mastercabo.com.br), 5 distributed smtpauth attacks on account [ichelle.bradleym@phpc.ca] in the last 3600 secs	2020-06-07 22:32:24
191.53.193.167	attackspambots	191.53.193.167 (BR/Brazil/191-53-193-167.dvl-wr.mastercabo.com.br), 5 distributed smtpauth attacks on account [ichelle.bradleym] in the last 3600 secs	2020-06-07 22:24:41
179.183.191.171	attackspambots	Automatic report - Port Scan Attack	2020-06-07 22:47:09
152.136.213.72	attackspambots	...	2020-06-07 22:55:56
144.172.79.8	attackbotsspam	SSH Brute-Force Attack	2020-06-07 22:49:31
94.28.180.170	attackspambots	Unauthorised access (Jun 7) SRC=94.28.180.170 LEN=52 PREC=0x20 TTL=116 ID=3333 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-07 22:54:08
200.39.254.143	attack	[H1.VM4] Blocked by UFW	2020-06-07 22:38:27

Recently Reported IPs

41.148.167.43	89.186.12.91	189.176.82.229	60.28.61.244
89.186.1.106	172.219.169.162	191.0.32.13	88.81.94.41
162.227.176.142	168.122.155.248	221.226.132.80	142.52.219.226
40.108.193.140	80.90.130.24	167.249.23.68	66.228.158.41
200.89.177.81	80.48.210.5	71.75.121.244	81.217.151.32