5.16.70.207 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): JSC ER-Telecom Holding

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jul 20 03:19:17 mxgate1 postfix/postscreen[22477]: CONNECT from [5.16.70.207]:55103 to [176.31.12.44]:25 Jul 20 03:19:17 mxgate1 postfix/dnsblog[22496]: addr 5.16.70.207 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: PREGREET 18 after 0.6 from [5.16.70.207]:55103: HELO xiixaku.com Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.3 Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: DNSBL rank 3 for [5.16.70.207]:55103 Jul x@x Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: HANGUP after 1.6 from [5.16.70.207]:55103 in tests after SMTP handshake Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: DISCONNECT [5.16.70.207]:55103 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=5.16.70.207	2019-07-20 17:19:16

类型

评论内容

时间

attackspambots

Jul 20 03:19:17 mxgate1 postfix/postscreen[22477]: CONNECT from [5.16.70.207]:55103 to [176.31.12.44]:25
Jul 20 03:19:17 mxgate1 postfix/dnsblog[22496]: addr 5.16.70.207 listed by domain cbl.abuseat.org as 127.0.0.2
Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: PREGREET 18 after 0.6 from [5.16.70.207]:55103: HELO xiixaku.com

Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.3
Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.4
Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: DNSBL rank 3 for [5.16.70.207]:55103
Jul x@x
Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: HANGUP after 1.6 from [5.16.70.207]:55103 in tests after SMTP handshake
Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: DISCONNECT [5.16.70.207]:55103


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=5.16.70.207

2019-07-20 17:19:16

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.16.70.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50807
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.16.70.207.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 20 17:19:07 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

207.70.16.5.in-addr.arpa domain name pointer 5x16x70x207.dynamic.spb.ertelecom.ru.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
207.70.16.5.in-addr.arpa	name = 5x16x70x207.dynamic.spb.ertelecom.ru.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
159.65.146.250	attack	(sshd) Failed SSH login from 159.65.146.250 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Dec 1 16:55:30 s1 sshd[28137]: Invalid user naas from 159.65.146.250 port 47772 Dec 1 16:55:32 s1 sshd[28137]: Failed password for invalid user naas from 159.65.146.250 port 47772 ssh2 Dec 1 17:13:01 s1 sshd[28502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.146.250 user=root Dec 1 17:13:03 s1 sshd[28502]: Failed password for root from 159.65.146.250 port 35778 ssh2 Dec 1 17:16:17 s1 sshd[28555]: Invalid user heidemarie from 159.65.146.250 port 41918	2019-12-02 00:45:01
180.76.121.166	attack	Dec 1 17:37:24 microserver sshd[35773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.121.166 Dec 1 17:37:26 microserver sshd[35773]: Failed password for invalid user info from 180.76.121.166 port 43350 ssh2 Dec 1 17:42:07 microserver sshd[36460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.121.166 user=root Dec 1 17:42:09 microserver sshd[36460]: Failed password for root from 180.76.121.166 port 42642 ssh2 Dec 1 17:52:18 microserver sshd[37772]: Invalid user wwwadmin from 180.76.121.166 port 40418 Dec 1 17:52:18 microserver sshd[37772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.121.166 Dec 1 17:52:21 microserver sshd[37772]: Failed password for invalid user wwwadmin from 180.76.121.166 port 40418 ssh2 Dec 1 17:55:43 microserver sshd[38360]: Invalid user mildred from 180.76.121.166 port 39692 Dec 1 17:55:43 microserver sshd[38360]: pam_unix(sshd:aut	2019-12-02 00:41:04
62.210.38.196	attackbots	Automatic report - Port Scan Attack	2019-12-02 00:35:14
176.109.115.250	attack	C1,WP GET /wp-login.php	2019-12-02 00:47:06
181.41.216.137	attackbots	Postfix Brute-Force reported by Fail2Ban	2019-12-02 01:12:32
177.69.221.75	attackbotsspam	Dec 1 15:10:44 web8 sshd\[20685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.221.75 user=news Dec 1 15:10:46 web8 sshd\[20685\]: Failed password for news from 177.69.221.75 port 55012 ssh2 Dec 1 15:14:49 web8 sshd\[22654\]: Invalid user zhangm2 from 177.69.221.75 Dec 1 15:14:49 web8 sshd\[22654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.221.75 Dec 1 15:14:52 web8 sshd\[22654\]: Failed password for invalid user zhangm2 from 177.69.221.75 port 33436 ssh2	2019-12-02 01:08:56
200.57.73.170	attackbots	Rude login attack (21 tries in 1d)	2019-12-02 00:34:03
71.6.233.179	attackspambots	firewall-block, port(s): 8060/tcp	2019-12-02 00:39:01
133.130.123.238	attackbotsspam	Dec 1 17:06:13 ns3042688 sshd\[31780\]: Invalid user p@55w0rd from 133.130.123.238 Dec 1 17:06:15 ns3042688 sshd\[31780\]: Failed password for invalid user p@55w0rd from 133.130.123.238 port 50534 ssh2 Dec 1 17:09:22 ns3042688 sshd\[463\]: Invalid user salladay from 133.130.123.238 Dec 1 17:09:23 ns3042688 sshd\[463\]: Failed password for invalid user salladay from 133.130.123.238 port 58520 ssh2 Dec 1 17:12:40 ns3042688 sshd\[1695\]: Invalid user jashvant from 133.130.123.238 ...	2019-12-02 00:42:26
181.41.216.140	attack	Dec 1 17:01:37 relay postfix/smtpd\[21541\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.140\]: 554 5.7.1 \: Relay access denied\; from=\<08496uh7mfa0n0u@savell.ru\> to=\ proto=ESMTP helo=\<\[181.41.216.131\]\> Dec 1 17:01:37 relay postfix/smtpd\[21541\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.140\]: 554 5.7.1 \: Relay access denied\; from=\<08496uh7mfa0n0u@savell.ru\> to=\ proto=ESMTP helo=\<\[181.41.216.131\]\> Dec 1 17:01:37 relay postfix/smtpd\[21541\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.140\]: 554 5.7.1 \: Relay access denied\; from=\<08496uh7mfa0n0u@savell.ru\> to=\ proto=ESMTP helo=\<\[181.41.216.131\]\> Dec 1 17:01:37 relay postfix/smtpd\[21541\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.140\]: 554 5.7.1 \: Relay access denied\; f ...	2019-12-02 00:30:39
203.195.152.247	attackspam	Dec 1 11:28:45 linuxvps sshd\[62184\]: Invalid user beshai from 203.195.152.247 Dec 1 11:28:45 linuxvps sshd\[62184\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.152.247 Dec 1 11:28:47 linuxvps sshd\[62184\]: Failed password for invalid user beshai from 203.195.152.247 port 34044 ssh2 Dec 1 11:32:34 linuxvps sshd\[64629\]: Invalid user @@@@ from 203.195.152.247 Dec 1 11:32:34 linuxvps sshd\[64629\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.152.247	2019-12-02 00:39:14
185.234.216.87	attackbots	2019-12-01 dovecot_login authenticator failed for \(8LQVs5et\) \[185.234.216.87\]: 535 Incorrect authentication data \(set_id=test2\) 2019-12-01 dovecot_login authenticator failed for \(o64NB9B4\) \[185.234.216.87\]: 535 Incorrect authentication data \(set_id=test2\) 2019-12-01 dovecot_login authenticator failed for \(UdIoOP\) \[185.234.216.87\]: 535 Incorrect authentication data \(set_id=test2\)	2019-12-02 00:46:16
190.228.16.101	attackspambots	fail2ban	2019-12-02 00:59:11
60.6.228.10	attackspambots	Dec 1 22:34:55 vibhu-HP-Z238-Microtower-Workstation sshd\[6779\]: Invalid user admin from 60.6.228.10 Dec 1 22:34:55 vibhu-HP-Z238-Microtower-Workstation sshd\[6779\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.6.228.10 Dec 1 22:34:57 vibhu-HP-Z238-Microtower-Workstation sshd\[6779\]: Failed password for invalid user admin from 60.6.228.10 port 34847 ssh2 Dec 1 22:39:25 vibhu-HP-Z238-Microtower-Workstation sshd\[7164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.6.228.10 user=root Dec 1 22:39:27 vibhu-HP-Z238-Microtower-Workstation sshd\[7164\]: Failed password for root from 60.6.228.10 port 47101 ssh2 ...	2019-12-02 01:13:09
24.123.16.28	attack	firewall-block, port(s): 23/tcp	2019-12-02 01:11:21

最近上报的IP列表

159.65.12.163	109.166.220.7	109.160.51.173	104.248.85.105
93.63.150.10	134.73.161.140	46.125.250.72	178.164.136.227
83.110.81.97	145.239.128.24	190.148.148.204	14.18.232.5
139.194.19.97	151.179.212.12	112.186.77.102	187.77.19.95
86.107.227.214	247.17.168.182	114.100.157.221	209.41.49.54