109.164.228.51

Basic Info

City: unknown

Region: unknown

Country: Switzerland

Internet Service Provider: Swisscom AG

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 109.164.228.51 to port 3306 [J]	2020-01-24 22:44:41
attackbotsspam	3389BruteforceFW23	2019-12-12 15:39:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.164.228.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54985
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.164.228.51.			IN	A

;; AUTHORITY SECTION:
.			344	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121200 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 15:39:30 CST 2019
;; MSG SIZE  rcvd: 118

Host info

51.228.164.109.in-addr.arpa domain name pointer 51.228.164.109.static.wline.lns.sme.cust.swisscom.ch.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
51.228.164.109.in-addr.arpa	name = 51.228.164.109.static.wline.lns.sme.cust.swisscom.ch.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
131.221.40.234	attackspam	2019-07-08 23:49:48 1hkbW6-0005A5-HG SMTP connection from \(\[131.221.40.234\]\) \[131.221.40.234\]:27759 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 23:50:02 1hkbWL-0005AC-EX SMTP connection from \(\[131.221.40.234\]\) \[131.221.40.234\]:27860 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-08 23:50:13 1hkbWW-0005C9-1r SMTP connection from \(\[131.221.40.234\]\) \[131.221.40.234\]:27937 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 04:21:57
178.173.144.222	attackspambots	Port 1433 Scan	2020-02-05 04:43:09
119.252.143.68	attack	Unauthorized connection attempt detected from IP address 119.252.143.68 to port 2220 [J]	2020-02-05 04:22:17
14.248.236.205	attackbots	Feb 4 21:01:58 xxxx sshd[31894]: Address 14.248.236.205 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 4 21:01:58 xxxx sshd[31894]: Invalid user admin from 14.248.236.205 Feb 4 21:01:58 xxxx sshd[31894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.248.236.205 Feb 4 21:02:00 xxxx sshd[31894]: Failed password for invalid user admin from 14.248.236.205 port 47092 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.248.236.205	2020-02-05 04:26:58
122.51.253.156	attackbotsspam	Feb 4 17:20:53 ws22vmsma01 sshd[195679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.253.156 Feb 4 17:20:54 ws22vmsma01 sshd[195679]: Failed password for invalid user contribute from 122.51.253.156 port 41350 ssh2 ...	2020-02-05 04:39:42
197.160.30.6	attackbotsspam	Port 1433 Scan	2020-02-05 04:31:02
159.65.19.39	attackbots	Automatic report - XMLRPC Attack	2020-02-05 04:44:40
124.217.230.120	attackbotsspam	124.217.230.120 has been banned for [WebApp Attack] ...	2020-02-05 04:55:07
187.170.82.87	attack	Feb 4 21:26:54 pl1server sshd[4115]: reveeclipse mapping checking getaddrinfo for dsl-187-170-82-87-dyn.prod-infinhostnameum.com.mx [187.170.82.87] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 4 21:26:54 pl1server sshd[4115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.170.82.87 user=r.r Feb 4 21:26:56 pl1server sshd[4115]: Failed password for r.r from 187.170.82.87 port 63684 ssh2 Feb 4 21:26:56 pl1server sshd[4115]: Connection closed by 187.170.82.87 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=187.170.82.87	2020-02-05 04:51:13
174.108.180.254	attackspam	Unauthorized connection attempt detected from IP address 174.108.180.254 to port 445	2020-02-05 04:29:18
106.13.86.236	attack	Feb 4 21:20:57 dedicated sshd[12164]: Invalid user teamspeak from 106.13.86.236 port 54580 Feb 4 21:20:59 dedicated sshd[12164]: Failed password for invalid user teamspeak from 106.13.86.236 port 54580 ssh2 Feb 4 21:20:57 dedicated sshd[12164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.86.236 Feb 4 21:20:57 dedicated sshd[12164]: Invalid user teamspeak from 106.13.86.236 port 54580 Feb 4 21:20:59 dedicated sshd[12164]: Failed password for invalid user teamspeak from 106.13.86.236 port 54580 ssh2	2020-02-05 04:37:57
210.210.128.194	attack	Honeypot attack, port: 445, PTR: static-210-128-194.cbn.net.id.	2020-02-05 04:49:11
49.235.169.15	attackbots	Feb 4 21:02:17 srv-ubuntu-dev3 sshd[58007]: Invalid user cpsrvsid from 49.235.169.15 Feb 4 21:02:17 srv-ubuntu-dev3 sshd[58007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.169.15 Feb 4 21:02:17 srv-ubuntu-dev3 sshd[58007]: Invalid user cpsrvsid from 49.235.169.15 Feb 4 21:02:20 srv-ubuntu-dev3 sshd[58007]: Failed password for invalid user cpsrvsid from 49.235.169.15 port 51344 ssh2 Feb 4 21:05:35 srv-ubuntu-dev3 sshd[58336]: Invalid user rodderick from 49.235.169.15 Feb 4 21:05:35 srv-ubuntu-dev3 sshd[58336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.169.15 Feb 4 21:05:35 srv-ubuntu-dev3 sshd[58336]: Invalid user rodderick from 49.235.169.15 Feb 4 21:05:37 srv-ubuntu-dev3 sshd[58336]: Failed password for invalid user rodderick from 49.235.169.15 port 47772 ssh2 Feb 4 21:08:56 srv-ubuntu-dev3 sshd[58656]: Invalid user tester from 49.235.169.15 ...	2020-02-05 04:16:44
81.28.107.18	attackbotsspam	Feb 4 21:20:56 exim[32447]: [1\51] 1iz4go-0008RL-IQ H=frogs.youavto.com (frogs.procars-shop-pl.com) [81.28.107.18] F= rejected after DATA: This message scored 101.1 spam points.	2020-02-05 04:26:15
188.17.152.30	attack	Brute force attempt	2020-02-05 04:25:45

Recently Reported IPs

182.52.23.163	94.230.243.98	45.93.20.189	211.86.187.62
6.182.189.213	150.95.111.223	184.22.85.134	182.61.15.251
117.4.177.51	189.79.125.205	159.192.67.100	117.207.214.250
113.167.230.184	168.181.50.73	95.105.52.216	180.241.46.197
60.190.125.246	79.120.55.106	200.86.228.10	118.67.223.30