5.137.98.207 - IPInfo

Basic Info

City: Novosibirsk

Region: Novosibirsk Oblast

Country: Russia

Internet Service Provider: Rostelecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.137.98.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8724
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.137.98.207.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102501 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 26 03:18:26 CST 2019
;; MSG SIZE  rcvd: 116

Host info

207.98.137.5.in-addr.arpa domain name pointer ppp-5.137.98.207.nsk.rt.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
207.98.137.5.in-addr.arpa	name = ppp-5.137.98.207.nsk.rt.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.233.1.70	attackbots	Automatically reported by fail2ban report script (mx1)	2019-11-22 00:26:24
117.71.53.105	attack	Automatic report - Banned IP Access	2019-11-22 00:50:10
220.92.16.82	attackspambots	Automatic report - Banned IP Access	2019-11-22 00:11:02
218.92.0.137	attack	$f2bV_matches	2019-11-22 00:06:39
118.24.95.153	attackbots	Nov 21 16:58:32 legacy sshd[373]: Failed password for root from 118.24.95.153 port 45470 ssh2 Nov 21 17:04:16 legacy sshd[446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.95.153 Nov 21 17:04:18 legacy sshd[446]: Failed password for invalid user muhammad from 118.24.95.153 port 51494 ssh2 ...	2019-11-22 00:48:35
49.88.112.74	attackbotsspam	2019-11-21T16:18:17.219253shield sshd\[1593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.74 user=root 2019-11-21T16:18:19.782992shield sshd\[1593\]: Failed password for root from 49.88.112.74 port 26206 ssh2 2019-11-21T16:18:21.327261shield sshd\[1593\]: Failed password for root from 49.88.112.74 port 26206 ssh2 2019-11-21T16:18:23.336066shield sshd\[1593\]: Failed password for root from 49.88.112.74 port 26206 ssh2 2019-11-21T16:21:47.639395shield sshd\[2156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.74 user=root	2019-11-22 00:37:54
222.186.180.8	attack	Nov 21 16:57:10 legacy sshd[336]: Failed password for root from 222.186.180.8 port 52008 ssh2 Nov 21 16:57:23 legacy sshd[336]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 52008 ssh2 [preauth] Nov 21 16:57:29 legacy sshd[344]: Failed password for root from 222.186.180.8 port 50120 ssh2 ...	2019-11-22 00:02:54
222.186.175.215	attack	Nov 21 16:26:30 localhost sshd\[36537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root Nov 21 16:26:32 localhost sshd\[36537\]: Failed password for root from 222.186.175.215 port 56184 ssh2 Nov 21 16:26:34 localhost sshd\[36537\]: Failed password for root from 222.186.175.215 port 56184 ssh2 Nov 21 16:26:38 localhost sshd\[36537\]: Failed password for root from 222.186.175.215 port 56184 ssh2 Nov 21 16:26:41 localhost sshd\[36537\]: Failed password for root from 222.186.175.215 port 56184 ssh2 ...	2019-11-22 00:28:40
185.176.27.178	attackbotsspam	Nov 21 17:38:05 h2177944 kernel: \[7229683.753564\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=16748 PROTO=TCP SPT=41739 DPT=35714 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 21 17:38:16 h2177944 kernel: \[7229694.508447\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=38668 PROTO=TCP SPT=41739 DPT=20512 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 21 17:39:16 h2177944 kernel: \[7229754.836647\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=58112 PROTO=TCP SPT=41739 DPT=40716 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 21 17:39:40 h2177944 kernel: \[7229778.916371\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=19045 PROTO=TCP SPT=41739 DPT=36254 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 21 17:40:12 h2177944 kernel: \[7229810.716643\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.178 DST=85.	2019-11-22 00:42:20
36.229.105.191	attack	Honeypot attack, port: 23, PTR: 36-229-105-191.dynamic-ip.hinet.net.	2019-11-22 00:19:17
51.144.160.217	attack	Port Scan detected from 51.144.160.217 (NL/Netherlands/-). 4 hits in the last 60 seconds	2019-11-22 00:09:32
95.123.171.191	attackbotsspam	Repeated brute force against a port	2019-11-22 00:05:33
142.44.160.214	attackspambots	2019-11-21T16:08:33.968328abusebot-6.cloudsearch.cf sshd\[1533\]: Invalid user guest from 142.44.160.214 port 35405	2019-11-22 00:32:56
201.205.137.173	attackbots	Nov 20 20:26:41 server2 sshd[5624]: Address 201.205.137.173 maps to mail.gruposervica.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 20 20:26:41 server2 sshd[5624]: Invalid user watcher from 201.205.137.173 Nov 20 20:26:41 server2 sshd[5624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.205.137.173 Nov 20 20:26:43 server2 sshd[5624]: Failed password for invalid user watcher from 201.205.137.173 port 53552 ssh2 Nov 20 20:26:43 server2 sshd[5624]: Received disconnect from 201.205.137.173: 11: Bye Bye [preauth] Nov 20 20:39:03 server2 sshd[6628]: Address 201.205.137.173 maps to mail.gruposervica.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 20 20:39:03 server2 sshd[6628]: Invalid user test from 201.205.137.173 Nov 20 20:39:03 server2 sshd[6628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.205.137.173 ........ ----------------------------------------	2019-11-22 00:12:03
159.203.197.6	attackspam	159.203.197.6 was recorded 13 times by 13 hosts attempting to connect to the following ports: 2095. Incident counter (4h, 24h, all-time): 13, 25, 119	2019-11-22 00:38:20

Recently Reported IPs

180.173.154.94	183.82.116.30	52.94.98.7	61.62.95.2
210.147.174.58	81.218.98.84	165.228.119.86	188.7.166.233
80.162.171.31	183.209.248.128	45.26.247.173	183.239.167.182
216.122.160.113	1.146.106.199	14.34.125.85	64.168.108.168
205.123.37.201	159.0.229.150	179.162.94.58	100.195.155.73