109.164.4.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Czech Republic

Internet Service Provider: SITKOM spol. s r.o.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	failed_logins	2020-07-07 17:47:13
attackbots	May 13 14:17:27 mail.srvfarm.net postfix/smtps/smtpd[553478]: warning: unknown[109.164.4.2]: SASL PLAIN authentication failed: May 13 14:17:27 mail.srvfarm.net postfix/smtps/smtpd[553478]: lost connection after AUTH from unknown[109.164.4.2] May 13 14:20:50 mail.srvfarm.net postfix/smtpd[556767]: warning: unknown[109.164.4.2]: SASL PLAIN authentication failed: May 13 14:20:50 mail.srvfarm.net postfix/smtpd[556767]: lost connection after AUTH from unknown[109.164.4.2] May 13 14:24:22 mail.srvfarm.net postfix/smtps/smtpd[553527]: warning: unknown[109.164.4.2]: SASL PLAIN authentication failed:	2020-05-14 02:49:57

Type

Details

Datetime

attackbots

failed_logins

2020-07-07 17:47:13

attackbots

May 13 14:17:27 mail.srvfarm.net postfix/smtps/smtpd[553478]: warning: unknown[109.164.4.2]: SASL PLAIN authentication failed: 
May 13 14:17:27 mail.srvfarm.net postfix/smtps/smtpd[553478]: lost connection after AUTH from unknown[109.164.4.2]
May 13 14:20:50 mail.srvfarm.net postfix/smtpd[556767]: warning: unknown[109.164.4.2]: SASL PLAIN authentication failed: 
May 13 14:20:50 mail.srvfarm.net postfix/smtpd[556767]: lost connection after AUTH from unknown[109.164.4.2]
May 13 14:24:22 mail.srvfarm.net postfix/smtps/smtpd[553527]: warning: unknown[109.164.4.2]: SASL PLAIN authentication failed:

2020-05-14 02:49:57

Comments on same subnet:

IP	Type	Details	Datetime
109.164.4.225	attack	Oct 1 06:39:40 mail.srvfarm.net postfix/smtpd[3729985]: warning: unknown[109.164.4.225]: SASL PLAIN authentication failed: Oct 1 06:39:40 mail.srvfarm.net postfix/smtpd[3729985]: lost connection after AUTH from unknown[109.164.4.225] Oct 1 06:45:56 mail.srvfarm.net postfix/smtps/smtpd[3723925]: warning: unknown[109.164.4.225]: SASL PLAIN authentication failed: Oct 1 06:45:56 mail.srvfarm.net postfix/smtps/smtpd[3723925]: lost connection after AUTH from unknown[109.164.4.225] Oct 1 06:49:19 mail.srvfarm.net postfix/smtps/smtpd[3729482]: warning: unknown[109.164.4.225]: SASL PLAIN authentication failed:	2020-10-02 01:24:00
109.164.4.225	attackbotsspam	Oct 1 06:39:40 mail.srvfarm.net postfix/smtpd[3729985]: warning: unknown[109.164.4.225]: SASL PLAIN authentication failed: Oct 1 06:39:40 mail.srvfarm.net postfix/smtpd[3729985]: lost connection after AUTH from unknown[109.164.4.225] Oct 1 06:45:56 mail.srvfarm.net postfix/smtps/smtpd[3723925]: warning: unknown[109.164.4.225]: SASL PLAIN authentication failed: Oct 1 06:45:56 mail.srvfarm.net postfix/smtps/smtpd[3723925]: lost connection after AUTH from unknown[109.164.4.225] Oct 1 06:49:19 mail.srvfarm.net postfix/smtps/smtpd[3729482]: warning: unknown[109.164.4.225]: SASL PLAIN authentication failed:	2020-10-01 17:30:05
109.164.4.225	attackbotsspam	Aug 7 07:03:03 mailman postfix/smtpd[19854]: warning: unknown[109.164.4.225]: SASL PLAIN authentication failed: authentication failure	2020-08-08 01:33:55
109.164.4.225	attackspambots	SASL PLAIN auth failed: ruser=...	2020-07-16 09:12:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.164.4.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23366
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.164.4.2.			IN	A

;; AUTHORITY SECTION:
.			170	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051301 1800 900 604800 86400

;; Query time: 179 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 14 02:49:53 CST 2020
;; MSG SIZE  rcvd: 115

Host info

2.4.164.109.in-addr.arpa domain name pointer 2-4-164-109.cust.sitkom.cz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.4.164.109.in-addr.arpa	name = 2-4-164-109.cust.sitkom.cz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.164.8.244	attackbots	2020-03-27T04:01:40.576105shield sshd\[9166\]: Invalid user sports from 45.164.8.244 port 36272 2020-03-27T04:01:40.585345shield sshd\[9166\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.164.8.244 2020-03-27T04:01:42.999987shield sshd\[9166\]: Failed password for invalid user sports from 45.164.8.244 port 36272 ssh2 2020-03-27T04:05:54.966728shield sshd\[10586\]: Invalid user josh from 45.164.8.244 port 50424 2020-03-27T04:05:54.975611shield sshd\[10586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.164.8.244	2020-03-27 17:06:10
80.82.77.235	attackspam	03/27/2020-00:02:20.466562 80.82.77.235 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-27 17:11:39
101.255.81.91	attackspam	2020-03-27T09:56:13.615065vps751288.ovh.net sshd\[31029\]: Invalid user lkj from 101.255.81.91 port 41254 2020-03-27T09:56:13.624344vps751288.ovh.net sshd\[31029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.255.81.91 2020-03-27T09:56:15.566120vps751288.ovh.net sshd\[31029\]: Failed password for invalid user lkj from 101.255.81.91 port 41254 ssh2 2020-03-27T09:59:37.508045vps751288.ovh.net sshd\[31055\]: Invalid user ftpuser from 101.255.81.91 port 39270 2020-03-27T09:59:37.515331vps751288.ovh.net sshd\[31055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.255.81.91	2020-03-27 17:22:43
128.199.138.31	attackbotsspam	Mar 27 06:03:17 vps46666688 sshd[11096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.138.31 Mar 27 06:03:19 vps46666688 sshd[11096]: Failed password for invalid user znx from 128.199.138.31 port 36492 ssh2 ...	2020-03-27 17:29:24
70.231.19.203	attackbotsspam	Invalid user jtrejo from 70.231.19.203 port 51406	2020-03-27 17:26:53
51.91.56.222	attackspam	Automatic report - Banned IP Access	2020-03-27 17:31:27
194.26.29.119	attackspam	Fail2Ban Ban Triggered	2020-03-27 17:33:31
189.57.140.10	attackbots	SSH Brute-Force Attack	2020-03-27 17:14:32
185.98.87.158	attackspambots	firewall-block, port(s): 11000/tcp	2020-03-27 17:38:43
200.54.51.124	attack	$f2bV_matches	2020-03-27 17:00:49
87.251.74.15	attackbotsspam	firewall-block, port(s): 2274/tcp, 2384/tcp, 2698/tcp	2020-03-27 17:48:34
51.159.55.44	attackspam	2020-03-27 08:07:50,069 fail2ban.actions: WARNING [ssh] Ban 51.159.55.44	2020-03-27 17:12:43
194.26.29.120	attackbotsspam	176 packets to ports 4001 4005 4006 4015 4017 4018 4032 4038 4042 4044 4048 4049 4055 4060 4061 4068 4074 4076 4083 4084 4087 4090 4091 4099 4118 4121 4131 4143 4146 4156 4157 4159 4171 4181 4183 4185 4193 4197 4206 4214 4220 4223 4231 4237 4248 4253 4260 4262, etc.	2020-03-27 17:33:04
223.207.238.166	attackbots	1585280932 - 03/27/2020 04:48:52 Host: 223.207.238.166/223.207.238.166 Port: 445 TCP Blocked	2020-03-27 17:15:06
46.101.249.232	attackbotsspam	Invalid user cdr from 46.101.249.232 port 54824	2020-03-27 17:11:53

Recently Reported IPs

52.255.142.30	178.79.32.15	170.130.69.188	78.188.168.64
90.53.122.154	187.240.206.174	215.239.112.43	90.189.229.9
142.93.124.210	45.66.208.247	78.189.190.149	171.246.211.113
18.215.254.243	106.53.8.137	179.189.19.133	69.167.40.150
150.107.242.91	8.238.23.126	106.74.36.68	86.74.26.166