5.130.72.9 - IPInfo

Basic Info

City: Novosibirsk

Region: Novosibirsk Oblast

Country: Russia

Internet Service Provider: Novotelecom Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 5.130.72.9 on Port 445(SMB)	2020-04-14 20:05:01
attackspambots	DATE:2020-03-01 22:44:56, IP:5.130.72.9, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-03-02 05:51:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.130.72.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47635
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.130.72.9.			IN	A

;; AUTHORITY SECTION:
.			242	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030101 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 05:51:45 CST 2020
;; MSG SIZE  rcvd: 114

Host info

9.72.130.5.in-addr.arpa domain name pointer l5-130-72-9.novotelecom.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
9.72.130.5.in-addr.arpa	name = l5-130-72-9.novotelecom.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.74.25.246	attackspambots	Invalid user sport from 182.74.25.246 port 31271	2020-04-26 03:58:44
151.80.42.186	attackspam	Apr 25 21:12:19 nextcloud sshd\[10623\]: Invalid user factorio from 151.80.42.186 Apr 25 21:12:19 nextcloud sshd\[10623\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.42.186 Apr 25 21:12:21 nextcloud sshd\[10623\]: Failed password for invalid user factorio from 151.80.42.186 port 46114 ssh2	2020-04-26 04:17:25
139.59.135.84	attack	Bruteforce detected by fail2ban	2020-04-26 04:06:28
112.35.77.101	attackbots	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-04-26 04:29:52
222.186.175.23	attackbots	2020-04-25T13:25:45.352207homeassistant sshd[7979]: Failed password for root from 222.186.175.23 port 46470 ssh2 2020-04-25T19:58:51.691737homeassistant sshd[6149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root ...	2020-04-26 04:01:19
178.154.200.63	attackbots	Unauthorized connection attempt, very violent continuous attack! IP address disabled!	2020-04-26 03:56:15
68.183.65.112	attackbots	Port probing on unauthorized port 10000	2020-04-26 03:54:33
187.141.128.42	attack	Invalid user yq from 187.141.128.42 port 43970	2020-04-26 04:04:18
193.112.112.78	attackbots	2020-04-25T18:15:42.122651ionos.janbro.de sshd[68113]: Invalid user andreas from 193.112.112.78 port 45402 2020-04-25T18:15:44.507725ionos.janbro.de sshd[68113]: Failed password for invalid user andreas from 193.112.112.78 port 45402 ssh2 2020-04-25T18:25:19.358171ionos.janbro.de sshd[68139]: Invalid user idenya from 193.112.112.78 port 37582 2020-04-25T18:25:19.721698ionos.janbro.de sshd[68139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.112.78 2020-04-25T18:25:19.358171ionos.janbro.de sshd[68139]: Invalid user idenya from 193.112.112.78 port 37582 2020-04-25T18:25:21.245037ionos.janbro.de sshd[68139]: Failed password for invalid user idenya from 193.112.112.78 port 37582 ssh2 2020-04-25T18:30:15.001076ionos.janbro.de sshd[68169]: Invalid user minecraft from 193.112.112.78 port 49008 2020-04-25T18:30:15.102891ionos.janbro.de sshd[68169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112. ...	2020-04-26 04:17:02
162.243.130.8	attackspam	firewall-block, port(s): 5672/tcp	2020-04-26 04:13:37
198.108.66.90	attackbotsspam	firewall-block, port(s): 8090/tcp	2020-04-26 04:02:49
87.251.74.243	attackbots	04/25/2020-16:14:45.063994 87.251.74.243 Protocol: 6 ET SCAN Suspicious inbound to Oracle SQL port 1521	2020-04-26 04:18:33
201.27.208.136	attack	SSH bruteforce	2020-04-26 04:00:09
124.235.118.14	attack	Apr 25 22:20:33 debian-2gb-nbg1-2 kernel: \[10104971.693007\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=124.235.118.14 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=51221 PROTO=TCP SPT=49401 DPT=6378 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-26 04:22:43
159.89.145.59	attackbots	Apr 25 14:19:27 firewall sshd[10561]: Invalid user leviomri from 159.89.145.59 Apr 25 14:19:30 firewall sshd[10561]: Failed password for invalid user leviomri from 159.89.145.59 port 46696 ssh2 Apr 25 14:23:21 firewall sshd[10626]: Invalid user bella from 159.89.145.59 ...	2020-04-26 04:25:19

Recently Reported IPs

77.84.222.47	5.170.00.125	50.24.241.219	5.170.05.125
5.170.01.125	191.204.235.182	37.56.93.190	5.170.0.125
67.187.120.39	32.119.236.19	5.170.100.150	52.24.2.32
107.174.66.140	5.180.100.150	86.250.49.141	192.222.195.128
200.89.159.240	124.178.98.232	95.47.150.249	70.238.45.115