91.245.34.140 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: CJSC Telekommunikacii

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[portscan] Port scan	2019-10-14 21:11:35

Comments on same subnet:

IP	Type	Details	Datetime
91.245.34.184	attackspam	[portscan] Port scan	2019-08-03 17:51:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.245.34.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37769
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;91.245.34.140.			IN	A

;; AUTHORITY SECTION:
.			222	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101400 1800 900 604800 86400

;; Query time: 550 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 14 21:11:31 CST 2019
;; MSG SIZE  rcvd: 117

Host info

140.34.245.91.in-addr.arpa domain name pointer host-140-34.pool.t21v.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.34.245.91.in-addr.arpa	name = host-140-34.pool.t21v.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.54.167.9	attackspam	May 9 23:16:20 debian-2gb-nbg1-2 kernel: \[11317854.850042\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.9 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=33826 PROTO=TCP SPT=55840 DPT=42433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-10 05:29:32
101.251.192.61	attackbotsspam	May 9 16:54:05 ny01 sshd[8199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.251.192.61 May 9 16:54:07 ny01 sshd[8199]: Failed password for invalid user tomcat from 101.251.192.61 port 56017 ssh2 May 9 16:55:49 ny01 sshd[8864]: Failed password for root from 101.251.192.61 port 42408 ssh2	2020-05-10 05:21:02
123.126.113.160	attackbots	Automatic report - Banned IP Access	2020-05-10 05:36:03
167.172.148.56	attack	May 9 22:30:15 debian-2gb-nbg1-2 kernel: \[11315089.929289\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=167.172.148.56 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=20155 PROTO=TCP SPT=53356 DPT=4721 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-10 05:27:26
93.186.254.187	attackbots	20/5/9@16:30:17: FAIL: Alarm-Intrusion address from=93.186.254.187 ...	2020-05-10 05:27:08
129.226.50.78	attack	$f2bV_matches	2020-05-10 05:12:30
110.19.108.202	attackspambots	Triggered: repeated knocking on closed ports.	2020-05-10 05:35:24
1.196.4.183	attackspam	Unauthorized connection attempt from IP address 1.196.4.183 on Port 445(SMB)	2020-05-10 05:03:34
154.70.132.24	attackspam	Web scan/attack: detected 1 distinct attempts within a 12-hour window (CGI-BIN)	2020-05-10 05:06:25
222.186.180.142	attackbots	May 9 16:35:32 plusreed sshd[12185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root May 9 16:35:34 plusreed sshd[12185]: Failed password for root from 222.186.180.142 port 50049 ssh2 ...	2020-05-10 05:17:27
49.234.196.215	attackbots	2020-05-09T22:30:34.398992rocketchat.forhosting.nl sshd[5086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.196.215 2020-05-09T22:30:34.394266rocketchat.forhosting.nl sshd[5086]: Invalid user ftpuser from 49.234.196.215 port 43622 2020-05-09T22:30:36.256767rocketchat.forhosting.nl sshd[5086]: Failed password for invalid user ftpuser from 49.234.196.215 port 43622 ssh2 ...	2020-05-10 05:05:36
107.152.151.126	attackspam	(From clinic@advance-digital.net) Hey, I was searching online and came across your clinic https://www.ehschiro.com/articles/hypertension/ . I'm reaching out because there is a lot of people in your area looking for chiropractor now that stay at home orders are lifting and I am looking for a chiropractor to take them on as new patients. Reply with a quick "Yes" with your best phone number if can take on new patients. Reply with a quick "No" if you want to be taken off the list. Thanks	2020-05-10 05:28:39
72.164.246.194	attackspambots	Unauthorized connection attempt from IP address 72.164.246.194 on Port 445(SMB)	2020-05-10 05:21:33
185.176.27.102	attackspam	05/09/2020-16:55:42.549230 185.176.27.102 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-05-10 05:10:20
201.55.158.46	attackbots	Brute forcing email accounts	2020-05-10 05:02:42

Recently Reported IPs

249.226.11.134	188.239.16.144	159.181.178.54	17.66.65.119
228.4.135.35	176.91.171.86	93.23.110.158	57.145.69.111
35.66.148.155	51.77.98.187	174.72.181.235	39.3.204.115
76.208.50.194	110.44.6.165	1.136.99.169	209.206.131.59
154.74.241.103	190.79.238.85	177.33.246.207	123.125.71.97