5.137.231.66 - IPInfo

Basic Info

City: Novosibirsk

Region: Novosibirsk Oblast

Country: Russia

Internet Service Provider: OJSC Rostelecom

Hostname: unknown

Organization: Rostelecom

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 5.137.231.66 on Port 445(SMB)	2019-08-18 23:59:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.137.231.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19525
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.137.231.66.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081800 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 18 23:59:33 CST 2019
;; MSG SIZE  rcvd: 116

Host info

66.231.137.5.in-addr.arpa domain name pointer ppp-5.137.231.66.nsk.rt.ru.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
66.231.137.5.in-addr.arpa	name = ppp-5.137.231.66.nsk.rt.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
71.6.199.23	attack	05/08/2020-20:46:15.503413 71.6.199.23 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 71	2020-05-09 23:16:02
68.183.55.223	attackspam	firewall-block, port(s): 32669/tcp	2020-05-09 23:32:24
66.240.205.34	attackbotsspam	05/08/2020-20:43:11.235505 66.240.205.34 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 68	2020-05-09 23:52:54
67.159.131.6	attackspam	Honeypot attack, port: 4567, PTR: 6.131-159-67.ftth.swbr.surewest.net.	2020-05-09 23:50:48
43.228.130.66	attackspambots	Unauthorized connection attempt from IP address 43.228.130.66 on Port 445(SMB)	2020-05-09 23:48:33
218.32.15.195	attackbots	Unauthorized connection attempt from IP address 218.32.15.195 on Port 445(SMB)	2020-05-09 23:41:25
171.103.167.46	attack	2020-05-0717:28:341jWiRt-00067f-Kh\<=info@whatsup2013.chH=\(localhost\)[182.189.33.99]:60916P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3074id=8e87801a113aef1c3fc137646fbb82ae8d678f19f7@whatsup2013.chT="Iamjustexcitedaboutyou"fordarlingjames50@gmail.comninjahcarlos@gmail.com2020-05-0717:28:251jWiRj-00065C-Jr\<=info@whatsup2013.chH=\(localhost\)[14.177.18.87]:50797P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3199id=ae2ab58c87ac798aa957a1f2f92d14381bf1694e26@whatsup2013.chT="You'vebeenintruelove\?"forjeep1972cj5@gmail.comarmanali@yahoo.com2020-05-0717:27:071jWiQU-0005ze-UP\<=info@whatsup2013.chH=171-103-167-46.static.asianet.co.th\(localhost\)[171.103.167.46]:54178P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3103id=ae70ba363d16c33013ed1b484397ae82a14bf2b5e2@whatsup2013.chT="Youignitemyheart."foralexisrivera2018@gmail.combones382003@gmail.com2020-05-0717:27:261jWiQo-00	2020-05-09 23:39:50
185.50.149.12	attackbots	May 9 04:50:49 relay postfix/smtpd\[9099\]: warning: unknown\[185.50.149.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:51:12 relay postfix/smtpd\[7290\]: warning: unknown\[185.50.149.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:51:29 relay postfix/smtpd\[7494\]: warning: unknown\[185.50.149.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:51:48 relay postfix/smtpd\[8396\]: warning: unknown\[185.50.149.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:52:20 relay postfix/smtpd\[7290\]: warning: unknown\[185.50.149.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-09 23:22:19
203.245.29.159	attackbots	SSH/22 MH Probe, BF, Hack -	2020-05-09 23:41:46
189.130.126.19	attackspambots	Unauthorized connection attempt detected from IP address 189.130.126.19 to port 88	2020-05-09 23:43:20
51.91.250.197	attackbotsspam	May 8 21:33:11 mail sshd\[2518\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.250.197 user=root ...	2020-05-09 23:08:07
222.186.30.112	attackbots	May 9 04:59:24 vps639187 sshd\[23996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root May 9 04:59:26 vps639187 sshd\[23996\]: Failed password for root from 222.186.30.112 port 30990 ssh2 May 9 04:59:29 vps639187 sshd\[23996\]: Failed password for root from 222.186.30.112 port 30990 ssh2 ...	2020-05-09 23:53:26
106.75.7.123	attackbots	21 attempts against mh-ssh on cloud	2020-05-09 23:55:09
211.145.49.253	attackbotsspam	Scanned 3 times in the last 24 hours on port 22	2020-05-09 23:08:45
124.29.236.163	attackspambots	May 9 04:49:59 ns3164893 sshd[3530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.29.236.163 May 9 04:50:01 ns3164893 sshd[3530]: Failed password for invalid user kaa from 124.29.236.163 port 50468 ssh2 ...	2020-05-09 23:21:48

Recently Reported IPs

185.97.201.64	206.96.104.63	59.188.82.66	78.243.21.222
79.35.115.24	180.152.10.9	17.100.55.56	75.142.128.113
85.231.124.145	152.217.168.121	154.196.248.197	57.249.232.120
191.88.20.238	41.188.46.218	104.183.61.28	74.218.79.47
160.135.166.100	153.199.78.205	46.88.66.164	195.116.168.21