5.130.72.9 - IPInfo

Basic Info

City: Novosibirsk

Region: Novosibirsk Oblast

Country: Russia

Internet Service Provider: Novotelecom Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 5.130.72.9 on Port 445(SMB)	2020-04-14 20:05:01
attackspambots	DATE:2020-03-01 22:44:56, IP:5.130.72.9, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-03-02 05:51:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.130.72.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47635
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.130.72.9.			IN	A

;; AUTHORITY SECTION:
.			242	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030101 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 05:51:45 CST 2020
;; MSG SIZE  rcvd: 114

Host info

9.72.130.5.in-addr.arpa domain name pointer l5-130-72-9.novotelecom.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
9.72.130.5.in-addr.arpa	name = l5-130-72-9.novotelecom.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.191.252.218	attack	Jul 12 04:44:41 mailman dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=61.191.252.218, lip=[munged], TLS: Disconnected	2019-07-12 19:37:17
138.197.165.64	attackspambots	WordPress brute force	2019-07-12 20:15:57
221.6.22.203	attack	Jul 12 13:23:07 lnxweb61 sshd[2674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.6.22.203	2019-07-12 20:09:14
141.98.80.115	attackspam	Port scan attempt detected by AWS-CCS, CTS, India	2019-07-12 20:06:35
54.37.120.112	attackbots	Jul 12 12:57:50 localhost sshd\[18188\]: Invalid user washington from 54.37.120.112 port 38400 Jul 12 12:57:50 localhost sshd\[18188\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.120.112 ...	2019-07-12 20:10:48
220.167.100.60	attackspam	Jul 12 12:11:55 ncomp sshd[13819]: Invalid user jupiter from 220.167.100.60 Jul 12 12:11:55 ncomp sshd[13819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.167.100.60 Jul 12 12:11:55 ncomp sshd[13819]: Invalid user jupiter from 220.167.100.60 Jul 12 12:11:58 ncomp sshd[13819]: Failed password for invalid user jupiter from 220.167.100.60 port 44628 ssh2	2019-07-12 19:29:14
153.36.236.35	attackbots	Jul 12 12:53:20 cvbmail sshd\[18778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.35 user=root Jul 12 12:53:23 cvbmail sshd\[18778\]: Failed password for root from 153.36.236.35 port 38087 ssh2 Jul 12 12:53:31 cvbmail sshd\[18785\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.35 user=root	2019-07-12 19:31:41
167.99.75.174	attack	Invalid user venom from 167.99.75.174 port 48100	2019-07-12 20:14:56
91.149.142.139	attackbotsspam	Unauthorized connection attempt from IP address 91.149.142.139 on Port 445(SMB)	2019-07-12 19:50:50
186.209.35.122	attack	Unauthorized connection attempt from IP address 186.209.35.122 on Port 445(SMB)	2019-07-12 20:07:58
185.176.26.14	attackbots	12.07.2019 11:22:43 Connection to port 33333 blocked by firewall	2019-07-12 19:40:58
5.9.102.134	attackspam	WordPress brute force	2019-07-12 19:39:36
128.199.152.171	attackbots	[munged]::443 128.199.152.171 - - [12/Jul/2019:11:43:11 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 128.199.152.171 - - [12/Jul/2019:11:43:21 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 128.199.152.171 - - [12/Jul/2019:11:43:30 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 128.199.152.171 - - [12/Jul/2019:11:43:40 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 128.199.152.171 - - [12/Jul/2019:11:43:49 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 128.199.152.171 - - [12/Jul/2019:11:43:58 +0200] "POST /[munged]: HTTP/1.1" 200 9079 "-" "Mozilla/5.	2019-07-12 19:53:25
52.178.218.186	attack	3306/tcp [2019-07-12]1pkt	2019-07-12 19:56:47
92.222.66.27	attack	Jul 12 11:39:51 localhost sshd\[16512\]: Invalid user romeo from 92.222.66.27 port 49366 Jul 12 11:39:51 localhost sshd\[16512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.66.27 Jul 12 11:39:53 localhost sshd\[16512\]: Failed password for invalid user romeo from 92.222.66.27 port 49366 ssh2 Jul 12 11:44:46 localhost sshd\[16714\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.66.27 user=root Jul 12 11:44:48 localhost sshd\[16714\]: Failed password for root from 92.222.66.27 port 60726 ssh2 ...	2019-07-12 20:04:07

Recently Reported IPs

77.84.222.47	5.170.00.125	50.24.241.219	5.170.05.125
5.170.01.125	191.204.235.182	37.56.93.190	5.170.0.125
67.187.120.39	32.119.236.19	5.170.100.150	52.24.2.32
107.174.66.140	5.180.100.150	86.250.49.141	192.222.195.128
200.89.159.240	124.178.98.232	95.47.150.249	70.238.45.115