103.252.5.219 - IPInfo

Basic Info

City: Thane

Region: Maharashtra

Country: India

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.252.51.154	attackbotsspam	20 attempts against mh-ssh on pcx	2020-09-23 01:36:58
103.252.51.154	attack	20 attempts against mh-ssh on pcx	2020-09-22 17:39:14
103.252.52.185	attackspambots	Email rejected due to spam filtering	2020-09-08 22:22:36
103.252.52.185	attackspambots	Email rejected due to spam filtering	2020-09-08 14:11:33
103.252.52.185	attack	Email rejected due to spam filtering	2020-09-08 06:42:40
103.252.51.64	attackspam	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 103.252.51.64, Reason:[(mod_security) mod_security (id:210350) triggered by 103.252.51.64 (ID/Indonesia/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-07-29 17:52:56
103.252.53.21	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.252.53.21/ IN - 1H : (48) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN138798 IP : 103.252.53.21 CIDR : 103.252.53.0/24 PREFIX COUNT : 14 UNIQUE IP COUNT : 3584 ATTACKS DETECTED ASN138798 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-23 07:28:47 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 15:50:05
103.252.51.227	attackspambots	Oct 7 21:47:20 dev0-dcde-rnet sshd[31431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.252.51.227 Oct 7 21:47:21 dev0-dcde-rnet sshd[31431]: Failed password for invalid user p4ssw0rd@2017 from 103.252.51.227 port 60866 ssh2 Oct 7 21:51:43 dev0-dcde-rnet sshd[31439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.252.51.227	2019-10-08 05:30:20
103.252.5.183	attackspambots	Automatic report - Port Scan Attack	2019-09-26 01:45:44
103.252.5.93	attackspam	445/tcp [2019-07-10]1pkt	2019-07-11 00:02:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.252.5.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27893
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.252.5.219.			IN	A

;; AUTHORITY SECTION:
.			283	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022001 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 21 11:32:18 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 219.5.252.103.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 219.5.252.103.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.196.169.86	attack	1578575042 - 01/09/2020 14:04:02 Host: 223.196.169.86/223.196.169.86 Port: 445 TCP Blocked	2020-01-10 02:35:54
1.55.19.68	attackspambots	Telnet/23 MH Probe, BF, Hack -	2020-01-10 02:53:50
5.14.77.129	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-10 02:29:25
109.108.213.59	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-10 02:57:00
116.203.127.92	attackspam	fraudulent SSH attempt	2020-01-10 02:20:11
216.218.206.86	attack	Port scan: Attack repeated for 24 hours	2020-01-10 02:30:17
163.172.62.80	attackspam	Jan 9 03:02:10 hanapaa sshd\[19346\]: Invalid user nlf from 163.172.62.80 Jan 9 03:02:10 hanapaa sshd\[19346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.62.80 Jan 9 03:02:12 hanapaa sshd\[19346\]: Failed password for invalid user nlf from 163.172.62.80 port 33510 ssh2 Jan 9 03:04:12 hanapaa sshd\[19571\]: Invalid user pzu from 163.172.62.80 Jan 9 03:04:12 hanapaa sshd\[19571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.62.80	2020-01-10 02:24:33
123.21.170.211	attackspambots	Jan 9 16:00:09 master sshd[30208]: Failed password for invalid user admin from 123.21.170.211 port 41307 ssh2	2020-01-10 02:51:30
222.186.175.216	attackspambots	2020-01-09T18:45:59.215563abusebot.cloudsearch.cf sshd[26224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root 2020-01-09T18:46:00.920153abusebot.cloudsearch.cf sshd[26224]: Failed password for root from 222.186.175.216 port 20078 ssh2 2020-01-09T18:46:04.207263abusebot.cloudsearch.cf sshd[26224]: Failed password for root from 222.186.175.216 port 20078 ssh2 2020-01-09T18:45:59.215563abusebot.cloudsearch.cf sshd[26224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root 2020-01-09T18:46:00.920153abusebot.cloudsearch.cf sshd[26224]: Failed password for root from 222.186.175.216 port 20078 ssh2 2020-01-09T18:46:04.207263abusebot.cloudsearch.cf sshd[26224]: Failed password for root from 222.186.175.216 port 20078 ssh2 2020-01-09T18:45:59.215563abusebot.cloudsearch.cf sshd[26224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= ...	2020-01-10 02:58:38
139.99.165.3	attackspam	2020-01-09 18:25:57 dovecot_login authenticator failed for ip3.ip-139-99-165.net \(ADMIN\) \[139.99.165.3\]: 535 Incorrect authentication data \(set_id=test@nopcommerce.it\) 2020-01-09 18:26:09 dovecot_login authenticator failed for ip3.ip-139-99-165.net \(ADMIN\) \[139.99.165.3\]: 535 Incorrect authentication data \(set_id=test@opso.it\) 2020-01-09 18:27:49 dovecot_login authenticator failed for ip3.ip-139-99-165.net \(ADMIN\) \[139.99.165.3\]: 535 Incorrect authentication data \(set_id=mail@nopcommerce.it\) 2020-01-09 18:28:01 dovecot_login authenticator failed for ip3.ip-139-99-165.net \(ADMIN\) \[139.99.165.3\]: 535 Incorrect authentication data \(set_id=mail@opso.it\) 2020-01-09 18:29:38 dovecot_login authenticator failed for ip3.ip-139-99-165.net \(ADMIN\) \[139.99.165.3\]: 535 Incorrect authentication data \(set_id=info@nopcommerce.it\)	2020-01-10 02:21:32
125.212.159.144	attack	Lines containing failures of 125.212.159.144 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.212.159.144	2020-01-10 02:52:49
116.97.20.235	attack	Jan 9 15:22:23 master sshd[30167]: Failed password for invalid user admin from 116.97.20.235 port 48593 ssh2	2020-01-10 02:57:55
162.241.192.138	attackbots	Jan 9 15:25:42 vps46666688 sshd[5212]: Failed password for root from 162.241.192.138 port 59418 ssh2 ...	2020-01-10 02:34:53
51.79.69.137	attackbots	Jan 9 21:40:28 webhost01 sshd[3943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.69.137 Jan 9 21:40:31 webhost01 sshd[3943]: Failed password for invalid user axr from 51.79.69.137 port 45502 ssh2 ...	2020-01-10 02:46:35
45.119.212.105	attack	k+ssh-bruteforce	2020-01-10 02:26:35

Recently Reported IPs

103.251.86.133	103.251.250.81	103.252.235.97	103.253.135.140
103.253.151.202	103.252.6.68	103.253.24.51	103.253.147.174
103.252.7.24	103.254.208.4	103.253.75.112	103.253.27.46
103.254.56.103	103.253.73.152	103.254.56.223	103.254.56.245
103.254.56.232	172.75.92.194	103.41.25.254	103.41.36.247