109.252.17.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: PJSC Moscow City Telephone Network

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 109.252.17.42 on Port 445(SMB)	2020-04-02 00:57:40

Comments on same subnet:

IP	Type	Details	Datetime
109.252.175.174	attackbots	Honeypot attack, port: 445, PTR: 109-252-175-174.dynamic.spd-mgts.ru.	2020-05-11 04:08:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.252.17.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40742
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.252.17.42.			IN	A

;; AUTHORITY SECTION:
.			420	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040100 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 02 00:57:32 CST 2020
;; MSG SIZE  rcvd: 117

Host info

42.17.252.109.in-addr.arpa domain name pointer 109-252-17-42.nat.spd-mgts.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.17.252.109.in-addr.arpa	name = 109-252-17-42.nat.spd-mgts.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.175.238.149	attackspambots	Aug 12 07:37:35 srv-4 sshd\[13783\]: Invalid user vicente from 112.175.238.149 Aug 12 07:37:35 srv-4 sshd\[13783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.175.238.149 Aug 12 07:37:37 srv-4 sshd\[13783\]: Failed password for invalid user vicente from 112.175.238.149 port 42278 ssh2 ...	2019-08-12 12:58:32
121.157.229.23	attack	Aug 12 06:49:09 srv-4 sshd\[10057\]: Invalid user pad from 121.157.229.23 Aug 12 06:49:09 srv-4 sshd\[10057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.157.229.23 Aug 12 06:49:11 srv-4 sshd\[10057\]: Failed password for invalid user pad from 121.157.229.23 port 53998 ssh2 ...	2019-08-12 12:35:46
185.234.218.120	attackbots	Aug 12 06:37:55 herz-der-gamer postfix/smtpd[2906]: warning: unknown[185.234.218.120]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 06:51:39 herz-der-gamer postfix/smtpd[3476]: warning: unknown[185.234.218.120]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-12 13:04:09
201.180.70.159	attackbots	BURG,WP GET /wp-login.php	2019-08-12 12:31:27
93.115.241.194	attackspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.115.241.194 user=root Failed password for root from 93.115.241.194 port 33825 ssh2 Failed password for root from 93.115.241.194 port 33825 ssh2 Failed password for root from 93.115.241.194 port 33825 ssh2 Failed password for root from 93.115.241.194 port 33825 ssh2	2019-08-12 12:58:05
213.182.94.121	attackbots	Aug 12 06:20:24 vps647732 sshd[14006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.182.94.121 Aug 12 06:20:25 vps647732 sshd[14006]: Failed password for invalid user odpcache from 213.182.94.121 port 43540 ssh2 ...	2019-08-12 12:29:42
60.254.58.69	attackbotsspam	Automatic report - Port Scan Attack	2019-08-12 12:58:54
106.13.52.74	attackspam	Aug 12 03:43:29 localhost sshd\[97901\]: Invalid user natasa from 106.13.52.74 port 44074 Aug 12 03:43:29 localhost sshd\[97901\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.74 Aug 12 03:43:31 localhost sshd\[97901\]: Failed password for invalid user natasa from 106.13.52.74 port 44074 ssh2 Aug 12 03:45:21 localhost sshd\[97951\]: Invalid user thomas from 106.13.52.74 port 59518 Aug 12 03:45:21 localhost sshd\[97951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.74 ...	2019-08-12 12:36:26
201.217.4.220	attack	Aug 12 00:10:43 xtremcommunity sshd\[25179\]: Invalid user ana from 201.217.4.220 port 45420 Aug 12 00:10:43 xtremcommunity sshd\[25179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.217.4.220 Aug 12 00:10:45 xtremcommunity sshd\[25179\]: Failed password for invalid user ana from 201.217.4.220 port 45420 ssh2 Aug 12 00:17:02 xtremcommunity sshd\[25356\]: Invalid user anathan from 201.217.4.220 port 64086 Aug 12 00:17:02 xtremcommunity sshd\[25356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.217.4.220 ...	2019-08-12 12:22:11
198.89.121.71	attackbotsspam	Aug 12 04:11:09 giraffe sshd[25342]: Invalid user bad from 198.89.121.71 Aug 12 04:11:09 giraffe sshd[25342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.89.121.71 Aug 12 04:11:10 giraffe sshd[25342]: Failed password for invalid user bad from 198.89.121.71 port 52764 ssh2 Aug 12 04:11:11 giraffe sshd[25342]: Received disconnect from 198.89.121.71 port 52764:11: Normal Shutdown, Thank you for playing [preauth] Aug 12 04:11:11 giraffe sshd[25342]: Disconnected from 198.89.121.71 port 52764 [preauth] Aug 12 04:11:17 giraffe sshd[25344]: Invalid user testdev from 198.89.121.71 Aug 12 04:11:17 giraffe sshd[25344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.89.121.71 Aug 12 04:11:19 giraffe sshd[25344]: Failed password for invalid user testdev from 198.89.121.71 port 53014 ssh2 Aug 12 04:11:19 giraffe sshd[25344]: Received disconnect from 198.89.121.71 port 53014:11: Normal Shutdo........ -------------------------------	2019-08-12 12:45:39
68.105.28.11	attack	[DoS Attack: TCP/UDP Echo] from source: 68.105.28.11, port 53, Sunday, August 11, 2019	2019-08-12 13:04:08
51.83.76.139	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.76.139 user=root Failed password for root from 51.83.76.139 port 49924 ssh2 Failed password for root from 51.83.76.139 port 49924 ssh2 Failed password for root from 51.83.76.139 port 49924 ssh2 Failed password for root from 51.83.76.139 port 49924 ssh2	2019-08-12 12:39:09
139.155.105.217	attack	Aug 12 07:08:05 pkdns2 sshd\[52826\]: Invalid user cod2 from 139.155.105.217Aug 12 07:08:07 pkdns2 sshd\[52826\]: Failed password for invalid user cod2 from 139.155.105.217 port 37148 ssh2Aug 12 07:09:55 pkdns2 sshd\[52870\]: Invalid user maurice from 139.155.105.217Aug 12 07:09:57 pkdns2 sshd\[52870\]: Failed password for invalid user maurice from 139.155.105.217 port 50428 ssh2Aug 12 07:11:45 pkdns2 sshd\[52975\]: Failed password for root from 139.155.105.217 port 35244 ssh2Aug 12 07:13:31 pkdns2 sshd\[53047\]: Invalid user , from 139.155.105.217 ...	2019-08-12 13:00:24
218.92.0.174	attackbots	Aug 12 06:22:11 mail sshd\[4936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.174 user=root Aug 12 06:22:13 mail sshd\[4936\]: Failed password for root from 218.92.0.174 port 28429 ssh2 Aug 12 06:22:16 mail sshd\[4936\]: Failed password for root from 218.92.0.174 port 28429 ssh2 Aug 12 06:22:18 mail sshd\[4936\]: Failed password for root from 218.92.0.174 port 28429 ssh2 Aug 12 06:22:21 mail sshd\[4936\]: Failed password for root from 218.92.0.174 port 28429 ssh2	2019-08-12 12:31:47
194.204.208.10	attack	2019-08-12T04:47:54.902189abusebot-8.cloudsearch.cf sshd\[27002\]: Invalid user vpnuser1 from 194.204.208.10 port 60654	2019-08-12 12:55:10

Recently Reported IPs

178.14.193.187	70.100.115.154	99.7.174.204	60.216.27.127
197.59.15.250	41.75.140.15	131.42.219.17	145.192.212.72
182.116.178.110	201.87.156.34	35.2.227.54	18.80.52.24
223.204.19.134	4.122.218.94	201.6.248.104	61.20.230.171
192.71.225.127	212.29.196.165	146.234.243.104	159.194.136.159