91.245.30.75 - IPInfo

Basic Info

City: Vojnuv Mestec

Region: Kraj Vysocina

Country: Czechia

Internet Service Provider: OK COMP s.r.o.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SASL PLAIN auth failed: ruser=...	2020-07-16 08:31:09

Comments on same subnet:

IP	Type	Details	Datetime
91.245.30.150	attackspambots	Sep 11 18:00:30 mail.srvfarm.net postfix/smtps/smtpd[3875317]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Sep 11 18:00:30 mail.srvfarm.net postfix/smtps/smtpd[3875317]: lost connection after AUTH from unknown[91.245.30.150] Sep 11 18:06:45 mail.srvfarm.net postfix/smtps/smtpd[3875620]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Sep 11 18:06:45 mail.srvfarm.net postfix/smtps/smtpd[3875620]: lost connection after AUTH from unknown[91.245.30.150] Sep 11 18:08:32 mail.srvfarm.net postfix/smtpd[3889545]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed:	2020-09-13 01:43:37
91.245.30.150	attackspam	Sep 11 18:00:30 mail.srvfarm.net postfix/smtps/smtpd[3875317]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Sep 11 18:00:30 mail.srvfarm.net postfix/smtps/smtpd[3875317]: lost connection after AUTH from unknown[91.245.30.150] Sep 11 18:06:45 mail.srvfarm.net postfix/smtps/smtpd[3875620]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Sep 11 18:06:45 mail.srvfarm.net postfix/smtps/smtpd[3875620]: lost connection after AUTH from unknown[91.245.30.150] Sep 11 18:08:32 mail.srvfarm.net postfix/smtpd[3889545]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed:	2020-09-12 17:43:32
91.245.30.79	attack	Sep 7 12:09:56 mail.srvfarm.net postfix/smtpd[1050887]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed: Sep 7 12:09:56 mail.srvfarm.net postfix/smtpd[1050887]: lost connection after AUTH from unknown[91.245.30.79] Sep 7 12:14:31 mail.srvfarm.net postfix/smtpd[1050882]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed: Sep 7 12:14:31 mail.srvfarm.net postfix/smtpd[1050882]: lost connection after AUTH from unknown[91.245.30.79] Sep 7 12:15:08 mail.srvfarm.net postfix/smtpd[1039277]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed:	2020-09-12 02:45:11
91.245.30.79	attack	Sep 7 12:09:56 mail.srvfarm.net postfix/smtpd[1050887]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed: Sep 7 12:09:56 mail.srvfarm.net postfix/smtpd[1050887]: lost connection after AUTH from unknown[91.245.30.79] Sep 7 12:14:31 mail.srvfarm.net postfix/smtpd[1050882]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed: Sep 7 12:14:31 mail.srvfarm.net postfix/smtpd[1050882]: lost connection after AUTH from unknown[91.245.30.79] Sep 7 12:15:08 mail.srvfarm.net postfix/smtpd[1039277]: warning: unknown[91.245.30.79]: SASL PLAIN authentication failed:	2020-09-11 18:41:19
91.245.30.71	attackspambots	Brute force attempt	2020-08-31 13:04:59
91.245.30.92	attack	Aug 27 04:21:01 mail.srvfarm.net postfix/smtpd[1314728]: warning: unknown[91.245.30.92]: SASL PLAIN authentication failed: Aug 27 04:21:01 mail.srvfarm.net postfix/smtpd[1314728]: lost connection after AUTH from unknown[91.245.30.92] Aug 27 04:22:47 mail.srvfarm.net postfix/smtpd[1332132]: warning: unknown[91.245.30.92]: SASL PLAIN authentication failed: Aug 27 04:22:47 mail.srvfarm.net postfix/smtpd[1332132]: lost connection after AUTH from unknown[91.245.30.92] Aug 27 04:24:00 mail.srvfarm.net postfix/smtpd[1313892]: warning: unknown[91.245.30.92]: SASL PLAIN authentication failed:	2020-08-28 09:43:43
91.245.30.125	attack	Aug 16 05:14:59 mail.srvfarm.net postfix/smtps/smtpd[1888763]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed: Aug 16 05:14:59 mail.srvfarm.net postfix/smtps/smtpd[1888763]: lost connection after AUTH from unknown[91.245.30.125] Aug 16 05:22:34 mail.srvfarm.net postfix/smtpd[1888825]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed: Aug 16 05:22:34 mail.srvfarm.net postfix/smtpd[1888825]: lost connection after AUTH from unknown[91.245.30.125] Aug 16 05:24:01 mail.srvfarm.net postfix/smtpd[1888504]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed:	2020-08-16 13:05:13
91.245.30.150	attackspam	Jul 31 13:44:23 mail.srvfarm.net postfix/smtpd[346670]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Jul 31 13:44:23 mail.srvfarm.net postfix/smtpd[346670]: lost connection after AUTH from unknown[91.245.30.150] Jul 31 13:46:32 mail.srvfarm.net postfix/smtps/smtpd[344849]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Jul 31 13:46:32 mail.srvfarm.net postfix/smtps/smtpd[344849]: lost connection after AUTH from unknown[91.245.30.150] Jul 31 13:49:58 mail.srvfarm.net postfix/smtps/smtpd[348862]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed:	2020-08-01 00:31:18
91.245.30.105	attack	Jul 31 10:41:23 mail.srvfarm.net postfix/smtpd[280510]: warning: unknown[91.245.30.105]: SASL PLAIN authentication failed: Jul 31 10:41:23 mail.srvfarm.net postfix/smtpd[280510]: lost connection after AUTH from unknown[91.245.30.105] Jul 31 10:41:40 mail.srvfarm.net postfix/smtps/smtpd[274710]: warning: unknown[91.245.30.105]: SASL PLAIN authentication failed: Jul 31 10:41:40 mail.srvfarm.net postfix/smtps/smtpd[274710]: lost connection after AUTH from unknown[91.245.30.105] Jul 31 10:48:26 mail.srvfarm.net postfix/smtps/smtpd[278874]: warning: unknown[91.245.30.105]: SASL PLAIN authentication failed:	2020-07-31 17:22:19
91.245.30.146	attack	(smtpauth) Failed SMTP AUTH login from 91.245.30.146 (CZ/Czechia/static30-146.okcomp.cz): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-31 08:23:45 plain authenticator failed for ([91.245.30.146]) [91.245.30.146]: 535 Incorrect authentication data (set_id=a.nasiri)	2020-07-31 14:47:17
91.245.30.107	attack	Jul 29 08:08:18 Host-KEWR-E postfix/smtps/smtpd[30397]: lost connection after AUTH from unknown[91.245.30.107] ...	2020-07-30 02:08:00
91.245.30.100	attackspambots	(smtpauth) Failed SMTP AUTH login from 91.245.30.100 (CZ/Czechia/static30-100.okcomp.cz): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-28 16:35:05 plain authenticator failed for ([91.245.30.100]) [91.245.30.100]: 535 Incorrect authentication data (set_id=nasr)	2020-07-28 23:53:11
91.245.30.147	attackspam	Jul 26 05:47:51 mail.srvfarm.net postfix/smtps/smtpd[1027769]: warning: unknown[91.245.30.147]: SASL PLAIN authentication failed: Jul 26 05:47:51 mail.srvfarm.net postfix/smtps/smtpd[1027769]: lost connection after AUTH from unknown[91.245.30.147] Jul 26 05:50:19 mail.srvfarm.net postfix/smtps/smtpd[1031887]: warning: unknown[91.245.30.147]: SASL PLAIN authentication failed: Jul 26 05:50:19 mail.srvfarm.net postfix/smtps/smtpd[1031887]: lost connection after AUTH from unknown[91.245.30.147] Jul 26 05:52:29 mail.srvfarm.net postfix/smtps/smtpd[1032031]: warning: unknown[91.245.30.147]: SASL PLAIN authentication failed:	2020-07-26 17:32:59
91.245.30.115	attack	Jun 16 05:23:09 mail.srvfarm.net postfix/smtps/smtpd[938143]: warning: unknown[91.245.30.115]: SASL PLAIN authentication failed: Jun 16 05:23:09 mail.srvfarm.net postfix/smtps/smtpd[938143]: lost connection after AUTH from unknown[91.245.30.115] Jun 16 05:26:56 mail.srvfarm.net postfix/smtpd[916111]: warning: unknown[91.245.30.115]: SASL PLAIN authentication failed: Jun 16 05:26:56 mail.srvfarm.net postfix/smtpd[916111]: lost connection after AUTH from unknown[91.245.30.115] Jun 16 05:28:42 mail.srvfarm.net postfix/smtps/smtpd[936248]: warning: unknown[91.245.30.115]: SASL PLAIN authentication failed:	2020-06-16 16:21:02
91.245.30.150	attackspam	Jun 5 18:29:15 mail.srvfarm.net postfix/smtps/smtpd[3174072]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Jun 5 18:29:15 mail.srvfarm.net postfix/smtps/smtpd[3174072]: lost connection after AUTH from unknown[91.245.30.150] Jun 5 18:35:54 mail.srvfarm.net postfix/smtps/smtpd[3174071]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed: Jun 5 18:35:54 mail.srvfarm.net postfix/smtps/smtpd[3174071]: lost connection after AUTH from unknown[91.245.30.150] Jun 5 18:37:37 mail.srvfarm.net postfix/smtps/smtpd[3175482]: warning: unknown[91.245.30.150]: SASL PLAIN authentication failed:	2020-06-07 23:41:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.245.30.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2488
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.245.30.75.			IN	A

;; AUTHORITY SECTION:
.			305	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071501 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 16 08:31:04 CST 2020
;; MSG SIZE  rcvd: 116

Host info

75.30.245.91.in-addr.arpa domain name pointer static30-075.okcomp.cz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
75.30.245.91.in-addr.arpa	name = static30-075.okcomp.cz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.52.52.23	attackbotsspam	2019-11-09T16:50:49.024157abusebot-5.cloudsearch.cf sshd\[14909\]: Invalid user alice from 103.52.52.23 port 55732	2019-11-10 03:40:35
197.156.72.154	attack	Nov 9 16:55:01 web8 sshd\[17209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.156.72.154 user=root Nov 9 16:55:04 web8 sshd\[17209\]: Failed password for root from 197.156.72.154 port 60396 ssh2 Nov 9 17:00:21 web8 sshd\[19607\]: Invalid user test from 197.156.72.154 Nov 9 17:00:21 web8 sshd\[19607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.156.72.154 Nov 9 17:00:23 web8 sshd\[19607\]: Failed password for invalid user test from 197.156.72.154 port 51608 ssh2	2019-11-10 03:52:06
81.177.139.181	attack	81.177.139.181 - - [09/Nov/2019:17:17:00 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:00 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:01 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 81.177.139.181 - - [09/Nov/2019:17:17:01 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-10 03:38:39
119.27.162.142	attackbotsspam	F2B jail: sshd. Time: 2019-11-09 20:37:28, Reported by: VKReport	2019-11-10 03:48:38
206.189.204.63	attackbots	Nov 9 06:59:42 php1 sshd\[16947\]: Invalid user cp from 206.189.204.63 Nov 9 06:59:42 php1 sshd\[16947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.204.63 Nov 9 06:59:43 php1 sshd\[16947\]: Failed password for invalid user cp from 206.189.204.63 port 60826 ssh2 Nov 9 07:03:36 php1 sshd\[17411\]: Invalid user jhshin from 206.189.204.63 Nov 9 07:03:36 php1 sshd\[17411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.204.63	2019-11-10 03:47:52
123.206.174.26	attack	Nov 9 17:16:20 amit sshd\[16272\]: Invalid user kt from 123.206.174.26 Nov 9 17:16:20 amit sshd\[16272\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.174.26 Nov 9 17:16:22 amit sshd\[16272\]: Failed password for invalid user kt from 123.206.174.26 port 56246 ssh2 ...	2019-11-10 04:02:05
106.75.16.19	attackspam	SSH/22 MH Probe, BF, Hack -	2019-11-10 03:38:25
106.52.102.190	attack	Nov 9 19:14:58 OneL sshd\[24438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.102.190 user=root Nov 9 19:15:00 OneL sshd\[24438\]: Failed password for root from 106.52.102.190 port 34783 ssh2 Nov 9 19:19:07 OneL sshd\[24489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.102.190 user=root Nov 9 19:19:09 OneL sshd\[24489\]: Failed password for root from 106.52.102.190 port 49637 ssh2 Nov 9 19:23:03 OneL sshd\[24597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.102.190 user=root ...	2019-11-10 03:29:59
121.67.246.132	attackbotsspam	Nov 9 07:03:43 sachi sshd\[2792\]: Invalid user admin from 121.67.246.132 Nov 9 07:03:43 sachi sshd\[2792\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.132 Nov 9 07:03:45 sachi sshd\[2792\]: Failed password for invalid user admin from 121.67.246.132 port 60524 ssh2 Nov 9 07:08:06 sachi sshd\[3116\]: Invalid user design from 121.67.246.132 Nov 9 07:08:06 sachi sshd\[3116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.67.246.132	2019-11-10 03:32:55
51.254.210.53	attackbotsspam	Jan 24 09:44:08 vtv3 sshd\[32611\]: Invalid user alcione from 51.254.210.53 port 50962 Jan 24 09:44:08 vtv3 sshd\[32611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.210.53 Jan 24 09:44:10 vtv3 sshd\[32611\]: Failed password for invalid user alcione from 51.254.210.53 port 50962 ssh2 Jan 24 09:48:03 vtv3 sshd\[1437\]: Invalid user sa from 51.254.210.53 port 53240 Jan 24 09:48:03 vtv3 sshd\[1437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.210.53 Feb 2 17:09:00 vtv3 sshd\[11489\]: Invalid user MELSEC from 51.254.210.53 port 53388 Feb 2 17:09:00 vtv3 sshd\[11489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.210.53 Feb 2 17:09:02 vtv3 sshd\[11489\]: Failed password for invalid user MELSEC from 51.254.210.53 port 53388 ssh2 Feb 2 17:13:08 vtv3 sshd\[12754\]: Invalid user abuild from 51.254.210.53 port 57222 Feb 2 17:13:08 vtv3 sshd\[12754\]: pam	2019-11-10 03:39:04
222.186.175.147	attack	[ssh] SSH attack	2019-11-10 03:46:17
209.33.202.195	attackspambots	TCP Port Scanning	2019-11-10 03:39:32
85.132.100.24	attack	Automatic report - Banned IP Access	2019-11-10 03:52:52
106.13.188.147	attackbotsspam	Nov 9 16:16:22 ms-srv sshd[55629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.188.147 user=root Nov 9 16:16:24 ms-srv sshd[55629]: Failed password for invalid user root from 106.13.188.147 port 49636 ssh2	2019-11-10 04:02:26
94.75.103.54	attackspam	Unauthorized connection attempt from IP address 94.75.103.54 on Port 445(SMB)	2019-11-10 04:03:46

Recently Reported IPs

41.148.167.43	89.186.12.91	189.176.82.229	60.28.61.244
89.186.1.106	172.219.169.162	191.0.32.13	88.81.94.41
162.227.176.142	168.122.155.248	221.226.132.80	142.52.219.226
40.108.193.140	80.90.130.24	167.249.23.68	66.228.158.41
200.89.177.81	80.48.210.5	71.75.121.244	81.217.151.32