5.133.66.12 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Lithuania

Internet Service Provider: BK DC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Autoban 5.133.66.12 AUTH/CONNECT	2019-12-13 05:21:30

Comments on same subnet:

IP	Type	Details	Datetime
5.133.66.72	attackbotsspam	Mar 9 13:13:25 mail.srvfarm.net postfix/smtpd[4035559]: NOQUEUE: reject: RCPT from unknown[5.133.66.72]: 554 5.7.1 Service unavailable; Client host [5.133.66.72] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Mar 9 13:13:25 mail.srvfarm.net postfix/smtpd[4047795]: NOQUEUE: reject: RCPT from unknown[5.133.66.72]: 554 5.7.1 Service unavailable; Client host [5.133.66.72] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Mar 9 13:15:20 mail.srvfarm.net postfix/smtpd[4047463]: NOQUEUE: reject: RCPT from unknown[5.133.66.72]: 554 5.7.1 Service unavailable; Client host [5.133.66.72] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-03-10 00:26:13
5.133.66.188	attack	[ER hit] Tried to deliver spam. Already well known.	2020-03-09 15:48:30
5.133.66.17	attackbots	2020-03-08 14:42:31 H=caption.tamnhapho.com $caption.obnalon.com$ \[5.133.66.17\] sender verify fail for \: Unrouteable address 2020-03-08 14:42:31 H=caption.tamnhapho.com $caption.obnalon.com$ \[5.133.66.17\] F=\ rejected RCPT \: Sender verify failed 2020-03-08 14:42:31 H=caption.tamnhapho.com $caption.obnalon.com$ \[5.133.66.17\] sender verify fail for \: Unrouteable address 2020-03-08 14:42:31 H=caption.tamnhapho.com $caption.obnalon.com$ \[5.133.66.17\] F=\ rejected RCPT \: Sender verify failed 2020-03-08 14:42:31 H=caption.tamnhapho.com $caption.obnalon.com$ \[5.133.66.17\] sender verify fail for \: Unrouteable address 2020-03-08 14:42:31 H=caption.tamnhapho.com $caption.obnalon.com$ \[5.133.66.17\] F=\ rejected RCPT \: Sender verify failed 2 ...	2020-03-09 02:14:28
5.133.66.86	attackspambots	Mar 7 15:11:34 mail.srvfarm.net postfix/smtpd[2793240]: NOQUEUE: reject: RCPT from unknown[5.133.66.86]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 15:12:17 mail.srvfarm.net postfix/smtpd[2781946]: NOQUEUE: reject: RCPT from unknown[5.133.66.86]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 15:12:17 mail.srvfarm.net postfix/smtpd[2793242]: NOQUEUE: reject: RCPT from unknown[5.133.66.86]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 7 15:13:25 mail.srvfarm.net postfix/smtpd[2793240]: NOQUEUE: reject: RCPT from unknown[5.133.66.86]: 450 4.1.8	2020-03-07 23:53:53
5.133.66.26	attack	Mar 6 15:11:19 mail.srvfarm.net postfix/smtpd[2136420]: NOQUEUE: reject: RCPT from unknown[5.133.66.26]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 6 15:13:17 mail.srvfarm.net postfix/smtpd[2133617]: NOQUEUE: reject: RCPT from unknown[5.133.66.26]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 6 15:13:17 mail.srvfarm.net postfix/smtpd[2149507]: NOQUEUE: reject: RCPT from unknown[5.133.66.26]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 6 15:15:23 mail.srvfarm.net postfix/smtpd[2149517]: NOQUEUE: reject: RCPT from unknown[5.133.66.26]: 450 4.1.8	2020-03-07 02:16:11
5.133.66.45	attackspam	Mar 4 22:23:24 mail.srvfarm.net postfix/smtpd[173814]: NOQUEUE: reject: RCPT from unknown[5.133.66.45]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 4 22:23:24 mail.srvfarm.net postfix/smtpd[160422]: NOQUEUE: reject: RCPT from unknown[5.133.66.45]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 4 22:23:24 mail.srvfarm.net postfix/smtpd[173825]: NOQUEUE: reject: RCPT from unknown[5.133.66.45]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 4 22:23:30 mail.srvfarm.net postfix/smtpd[160387]: NOQUEUE: reject: RCPT from unknown[5.133.66.45]: 450 4.1.8	2020-03-05 09:20:09
5.133.66.239	attack	postfix	2020-01-28 02:01:16
5.133.66.19	attackspambots	Postfix RBL failed	2020-01-21 00:38:31
5.133.66.100	attackbotsspam	Postfix RBL failed	2020-01-03 08:03:13
5.133.66.10	attack	Lines containing failures of 5.133.66.10 Jan 1 14:20:49 shared04 postfix/smtpd[20916]: connect from tank.tamnhapho.com[5.133.66.10] Jan 1 14:20:49 shared04 policyd-spf[21178]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=5.133.66.10; helo=tank.herahostnameech.com; envelope-from=x@x Jan x@x Jan 1 14:20:49 shared04 postfix/smtpd[20916]: disconnect from tank.tamnhapho.com[5.133.66.10] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jan 1 14:21:18 shared04 postfix/smtpd[21527]: connect from tank.tamnhapho.com[5.133.66.10] Jan 1 14:21:19 shared04 policyd-spf[21640]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=5.133.66.10; helo=tank.herahostnameech.com; envelope-from=x@x Jan x@x Jan 1 14:21:19 shared04 postfix/smtpd[21527]: disconnect from tank.tamnhapho.com[5.133.66.10] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jan 1 14:21:47 shared04 postfix/smtpd[20916]: connect from tank.tamnhapho.com........ ------------------------------	2020-01-02 03:17:18
5.133.66.41	attackspam	Postfix DNSBL listed. Trying to send SPAM.	2019-12-25 02:05:19
5.133.66.80	attackspam	Lines containing failures of 5.133.66.80 Dec 23 06:02:52 shared04 postfix/smtpd[9630]: connect from fruhostname.tamnhapho.com[5.133.66.80] Dec 23 06:02:53 shared04 policyd-spf[10880]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=5.133.66.80; helo=fruhostname.offshomal.com; envelope-from=x@x Dec x@x Dec 23 06:02:53 shared04 postfix/smtpd[9630]: disconnect from fruhostname.tamnhapho.com[5.133.66.80] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Dec 23 06:02:57 shared04 postfix/smtpd[9630]: connect from fruhostname.tamnhapho.com[5.133.66.80] Dec 23 06:02:57 shared04 policyd-spf[10880]: prepend Received-SPF: Pass (mailfrom) identhostnamey=mailfrom; client-ip=5.133.66.80; helo=fruhostname.offshomal.com; envelope-from=x@x Dec x@x Dec 23 06:02:57 shared04 postfix/smtpd[9630]: disconnect from fruhostname.tamnhapho.com[5.133.66.80] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Dec 23 06:03:40 shared04 postfix/smtpd[9630]: connec........ ------------------------------	2019-12-23 17:57:47
5.133.66.18	attack	email spam	2019-12-19 21:46:42
5.133.66.48	attackspam	email spam	2019-12-19 18:44:18
5.133.66.53	attack	email spam	2019-12-19 18:16:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.133.66.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63908
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.133.66.12.			IN	A

;; AUTHORITY SECTION:
.			250	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121201 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 13 05:21:26 CST 2019
;; MSG SIZE  rcvd: 115

Host info

12.66.133.5.in-addr.arpa domain name pointer dirt.tamnhapho.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
12.66.133.5.in-addr.arpa	name = dirt.tamnhapho.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.210.197.158	attackspambots	1577400284 - 12/26/2019 23:44:44 Host: 203.210.197.158/203.210.197.158 Port: 445 TCP Blocked	2019-12-27 08:29:31
49.88.112.73	attackspam	Dec 27 00:27:38 pi sshd\[10234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.73 user=root Dec 27 00:27:39 pi sshd\[10234\]: Failed password for root from 49.88.112.73 port 56470 ssh2 Dec 27 00:27:43 pi sshd\[10234\]: Failed password for root from 49.88.112.73 port 56470 ssh2 Dec 27 00:27:45 pi sshd\[10234\]: Failed password for root from 49.88.112.73 port 56470 ssh2 Dec 27 00:29:00 pi sshd\[10248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.73 user=root ...	2019-12-27 08:49:22
181.40.73.86	attack	$f2bV_matches	2019-12-27 08:45:49
209.97.177.241	attackspambots	3 failed ftp login attempts in 3600s	2019-12-27 08:58:15
177.92.241.19	attack	Unauthorized IMAP connection attempt	2019-12-27 08:40:06
77.244.222.178	attackbots	Wordpress Admin Login attack	2019-12-27 08:54:14
195.154.154.89	attackbots	195.154.154.89:54102 - - [26/Dec/2019:00:45:01 +0100] "GET /cms/wp-login.php HTTP/1.1" 404 301	2019-12-27 08:33:06
185.175.93.18	attack	Scanning random ports - tries to find possible vulnerable services	2019-12-27 08:42:27
72.68.125.94	attackspambots	Dec 26 16:37:59 askasleikir sshd[433589]: Failed password for invalid user pi from 72.68.125.94 port 34540 ssh2 Dec 26 16:37:59 askasleikir sshd[433590]: Failed password for invalid user pi from 72.68.125.94 port 34544 ssh2	2019-12-27 08:18:29
46.38.144.17	attack	Dec 27 01:34:35 relay postfix/smtpd\[17896\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 27 01:35:18 relay postfix/smtpd\[16693\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 27 01:36:03 relay postfix/smtpd\[17896\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 27 01:36:48 relay postfix/smtpd\[16693\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 27 01:37:32 relay postfix/smtpd\[6898\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-27 08:38:38
106.12.24.170	attackbots	Dec 27 00:55:55 silence02 sshd[817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.170 Dec 27 00:55:57 silence02 sshd[817]: Failed password for invalid user aloma from 106.12.24.170 port 57980 ssh2 Dec 27 00:57:36 silence02 sshd[867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.170	2019-12-27 08:22:57
109.195.165.104	attackbots	Automatic report - Port Scan Attack	2019-12-27 08:44:07
27.71.224.23	attackbots	Automatic report - Windows Brute-Force Attack	2019-12-27 08:55:29
27.128.233.104	attackbots	Dec 26 20:46:49 firewall sshd[22055]: Invalid user wwwrun from 27.128.233.104 Dec 26 20:46:51 firewall sshd[22055]: Failed password for invalid user wwwrun from 27.128.233.104 port 42428 ssh2 Dec 26 20:50:27 firewall sshd[22133]: Invalid user elma from 27.128.233.104 ...	2019-12-27 08:49:43
222.186.180.41	attackbots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root Failed password for root from 222.186.180.41 port 64138 ssh2 Failed password for root from 222.186.180.41 port 64138 ssh2 Failed password for root from 222.186.180.41 port 64138 ssh2 Failed password for root from 222.186.180.41 port 64138 ssh2	2019-12-27 08:40:29

Recently Reported IPs

75.149.31.191	147.231.24.162	49.248.154.210	237.241.51.253
49.48.20.146	49.245.126.193	49.236.212.40	49.196.171.45
178.176.112.49	193.162.147.161	72.31.164.91	49.15.239.40
49.0.32.218	47.63.253.166	45.93.20.170	114.43.190.127
47.61.26.112	46.97.158.191	46.44.201.116	46.41.150.10