City: unknown
Region: Sverdlovsk
Country: Russia
Internet Service Provider: MTS
Hostname: unknown
Organization: unknown
Usage Type: unknown
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://docs.db.ripe.net/terms-conditions.html
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '91.76.0.0 - 91.79.255.255'
% Abuse contact for '91.76.0.0 - 91.79.255.255' is 'abuse@mtu.ru'
inetnum: 91.76.0.0 - 91.79.255.255
netname: RU-MTU-20060821
country: RU
org: ORG-ZM1-RIPE
admin-c: MTU1-RIPE
tech-c: MTU1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-by: MTU-NOC
mnt-lower: MTU-NOC
mnt-domains: MTU-NOC
mnt-routes: MTU-NOC
created: 2006-08-21T13:31:01Z
last-modified: 2016-05-24T10:41:13Z
source: RIPE # Filtered
organisation: ORG-ZM1-RIPE
org-name: MTS PJSC
country: RU
org-type: LIR
address: Smolenskaya-Sennaya sq., 27 bld 2
address: 119121
address: Moscow
address: RUSSIAN FEDERATION
phone: +74957213499
fax-no: +74992318129
admin-c: LAP-RIPE
admin-c: TABY-RIPE
admin-c: LMUR-RIPE
admin-c: YUF-RIPE
admin-c: RPS-RIPE
abuse-c: MAB8359-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: MTU-NOC
mnt-by: RIPE-NCC-HM-MNT
mnt-by: MTU-NOC
created: 2004-04-17T11:55:44Z
last-modified: 2024-01-16T14:42:44Z
source: RIPE # Filtered
role: MTS backbone NOC
address: PJSC MTS / former CJSC Comstar-Direct
address: Petrovsky blvd 12, bldg 3
address: P.O. BOX 4711 127051
address: Moscow, Russia
remarks: **************************************
remarks: Contact addresses:
remarks: routing & peering noc@mtu.ru
remarks: spam & security abuse@mtu.ru
remarks: mail postmaster@mtu.ru
remarks: ddos reports ddos-reports@mtu.ru
remarks: **************************************
phone: +7 495 721-34-99
fax-no: +7 495 956-07-07
admin-c: EDA-RIPE
admin-c: RPS-RIPE
tech-c: EDA-RIPE
nic-hdl: MTU1-RIPE
mnt-by: MTU-NOC
created: 2002-10-18T13:29:19Z
last-modified: 2022-04-08T13:50:05Z
source: RIPE # Filtered
% Information related to '91.76.0.0/14AS8359'
route: 91.76.0.0/14
descr: ZAO MTU-Intel's Moscow Region Network
descr: ZAO MTU-Intel
descr: Moscow, Russia
origin: AS8359
mnt-by: MTU-NOC
created: 2006-09-13T10:51:37Z
last-modified: 2006-09-13T10:51:37Z
source: RIPE
% This query was served by the RIPE Database Query Service version 1.121.2 (DEXTER); <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.79.200.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;91.79.200.119. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026041300 1800 900 604800 86400
;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 13 19:00:50 CST 2026
;; MSG SIZE rcvd: 106119.200.79.91.in-addr.arpa domain name pointer ppp91-79-200-119.pppoe.mtu-net.ru.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
119.200.79.91.in-addr.arpa name = ppp91-79-200-119.pppoe.mtu-net.ru.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.175.93.19 | attack | 02/06/2020-22:47:25.971515 185.175.93.19 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2020-02-07 06:19:03 |
| 77.236.209.66 | attack | lfd: (smtpauth) Failed SMTP AUTH login from 77.236.209.66 (CZ/Czechia/email.sezemice.cz): 5 in the last 3600 secs - Sun Jul 1 07:07:27 2018 |
2020-02-07 06:09:02 |
| 31.10.129.164 | attack | lfd: (smtpauth) Failed SMTP AUTH login from 31.10.129.164 (CH/Switzerland/-): 5 in the last 3600 secs - Fri Jun 15 16:02:49 2018 |
2020-02-07 06:25:57 |
| 121.254.133.205 | attack | Since 5 days trying to login with various account names about every 30 minutes. Tried to use following account names so far: "ntps" "ntpo" "bin" "root" "webdev" "nologin" "vagrant" "redapp" "git" "test" "user" "guest" "mysql" "oracle" "postgres" "mythtv" "info" "mqm" "db2inst1" "db2fenc1" "ts3" "vyatta" "ubuntu" "steam" "jenkins" "ftpuser" "tomcat" "scanner" "service" "web" "www" "marcin" "robert" "odoo" "minecraft" "demo" and "usuario" |
2020-02-07 06:26:19 |
| 24.242.164.6 | attackspambots | lfd: (smtpauth) Failed SMTP AUTH login from 24.242.164.6 (US/United States/rrcs-24-242-164-6.sw.biz.rr.com): 5 in the last 3600 secs - Thu Jun 21 13:15:04 2018 |
2020-02-07 06:20:40 |
| 112.35.27.98 | attackbotsspam | Failed password for invalid user avh from 112.35.27.98 port 34318 ssh2 Invalid user qhp from 112.35.27.98 port 49352 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.35.27.98 Failed password for invalid user qhp from 112.35.27.98 port 49352 ssh2 Invalid user dtz from 112.35.27.98 port 36158 |
2020-02-07 06:15:57 |
| 114.37.127.144 | attackbotsspam | lfd: (smtpauth) Failed SMTP AUTH login from 114.37.127.144 (TW/Taiwan/114-37-127-144.dynamic-ip.hinet.net): 5 in the last 3600 secs - Thu Jun 28 12:21:40 2018 |
2020-02-07 06:12:17 |
| 218.92.0.168 | attackbotsspam | Feb 6 19:15:11 firewall sshd[8394]: Failed password for root from 218.92.0.168 port 38054 ssh2 Feb 6 19:15:25 firewall sshd[8394]: error: maximum authentication attempts exceeded for root from 218.92.0.168 port 38054 ssh2 [preauth] Feb 6 19:15:25 firewall sshd[8394]: Disconnecting: Too many authentication failures [preauth] ... |
2020-02-07 06:23:12 |
| 185.109.172.246 | attackbotsspam | /index.php%3Fs=/index/ |
2020-02-07 06:27:35 |
| 125.79.237.92 | attackspambots | lfd: (smtpauth) Failed SMTP AUTH login from 125.79.237.92 (CN/China/92.237.79.125.broad.np.fj.dynamic.163data.com.cn): 5 in the last 3600 secs - Mon May 21 22:32:47 2018 |
2020-02-07 06:36:52 |
| 154.70.200.192 | attack | lfd: (smtpauth) Failed SMTP AUTH login from 154.70.200.192 (MA/Morocco/-): 5 in the last 3600 secs - Fri Jun 29 15:26:00 2018 |
2020-02-07 06:08:32 |
| 121.204.148.98 | attackspambots | Feb 6 11:42:20 hpm sshd\[25640\]: Invalid user vkj from 121.204.148.98 Feb 6 11:42:20 hpm sshd\[25640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.148.98 Feb 6 11:42:22 hpm sshd\[25640\]: Failed password for invalid user vkj from 121.204.148.98 port 46536 ssh2 Feb 6 11:45:48 hpm sshd\[26017\]: Invalid user ogw from 121.204.148.98 Feb 6 11:45:48 hpm sshd\[26017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.148.98 |
2020-02-07 06:06:00 |
| 125.121.114.244 | attackspambots | lfd: (smtpauth) Failed SMTP AUTH login from 125.121.114.244 (CN/China/-): 5 in the last 3600 secs - Fri May 25 19:23:52 2018 |
2020-02-07 06:34:27 |
| 183.89.212.76 | attack | 2020-02-0620:54:201iznEB-0004WB-Vl\<=info@whatsup2013.chH=hrw-35-132.ideay.net.ni\(localhost\)[186.1.35.132]:43642P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2124id=AAAF194A4195BB08D4D19820D4166C44@whatsup2013.chT="Iwantsomethingbeautiful"fordavidparziale65@gmail.com2020-02-0620:53:551iznDm-0004VU-Q5\<=info@whatsup2013.chH=\(localhost\)[123.24.5.233]:42064P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2081id=6F6ADC8F84507ECD11145DE511ED1113@whatsup2013.chT="lonelinessisnothappy"forsanchez.bryanlee2018@gmail.com2020-02-0620:55:231iznFC-0004YG-Nn\<=info@whatsup2013.chH=\(localhost\)[41.40.7.41]:48080P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2251id=E1E452010ADEF0439F9AD36B9FF7D545@whatsup2013.chT="Iwantsomethingbeautiful"forblackraven2786@gmail.com2020-02-0620:54:511iznEg-0004X3-VL\<=info@whatsup2013.chH=\(localhost\)[183.89.212.76]:33694P=esmtpsaX=TLSv1.2:ECDHE-RSA |
2020-02-07 06:21:30 |
| 122.183.200.218 | attackbots | lfd: (smtpauth) Failed SMTP AUTH login from 122.183.200.218 (IN/India/telemedia-smb-218.200.183.122.airtelbroadband.in): 5 in the last 3600 secs - Thu Jun 28 12:18:33 2018 |
2020-02-07 06:13:23 |