5.16.70.207 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Russian Federation

运营商(isp): JSC ER-Telecom Holding

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jul 20 03:19:17 mxgate1 postfix/postscreen[22477]: CONNECT from [5.16.70.207]:55103 to [176.31.12.44]:25 Jul 20 03:19:17 mxgate1 postfix/dnsblog[22496]: addr 5.16.70.207 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: PREGREET 18 after 0.6 from [5.16.70.207]:55103: HELO xiixaku.com Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.3 Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: DNSBL rank 3 for [5.16.70.207]:55103 Jul x@x Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: HANGUP after 1.6 from [5.16.70.207]:55103 in tests after SMTP handshake Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: DISCONNECT [5.16.70.207]:55103 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=5.16.70.207	2019-07-20 17:19:16

类型

评论内容

时间

attackspambots

Jul 20 03:19:17 mxgate1 postfix/postscreen[22477]: CONNECT from [5.16.70.207]:55103 to [176.31.12.44]:25
Jul 20 03:19:17 mxgate1 postfix/dnsblog[22496]: addr 5.16.70.207 listed by domain cbl.abuseat.org as 127.0.0.2
Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: PREGREET 18 after 0.6 from [5.16.70.207]:55103: HELO xiixaku.com

Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.3
Jul 20 03:19:18 mxgate1 postfix/dnsblog[22492]: addr 5.16.70.207 listed by domain zen.spamhaus.org as 127.0.0.4
Jul 20 03:19:18 mxgate1 postfix/postscreen[22477]: DNSBL rank 3 for [5.16.70.207]:55103
Jul x@x
Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: HANGUP after 1.6 from [5.16.70.207]:55103 in tests after SMTP handshake
Jul 20 03:19:20 mxgate1 postfix/postscreen[22477]: DISCONNECT [5.16.70.207]:55103


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=5.16.70.207

2019-07-20 17:19:16

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.16.70.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50807
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.16.70.207.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 20 17:19:07 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

207.70.16.5.in-addr.arpa domain name pointer 5x16x70x207.dynamic.spb.ertelecom.ru.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
207.70.16.5.in-addr.arpa	name = 5x16x70x207.dynamic.spb.ertelecom.ru.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
91.239.232.109	attack	91.239.232.109 - - [20/Jul/2019:03:36:58 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-07-20 10:54:00
201.77.138.198	attackbots	Jul 20 04:42:19 icinga sshd[25092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.77.138.198 Jul 20 04:42:22 icinga sshd[25092]: Failed password for invalid user nina from 201.77.138.198 port 38926 ssh2 ...	2019-07-20 10:43:01
178.128.105.2	attackspambots	178.128.105.2 - - [20/Jul/2019:03:36:26 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-07-20 11:12:51
36.91.55.58	attackbots	Jul 20 04:20:29 mail sshd\[27571\]: Invalid user zhao from 36.91.55.58 port 37450 Jul 20 04:20:29 mail sshd\[27571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.91.55.58 Jul 20 04:20:31 mail sshd\[27571\]: Failed password for invalid user zhao from 36.91.55.58 port 37450 ssh2 Jul 20 04:26:10 mail sshd\[28418\]: Invalid user tester from 36.91.55.58 port 57038 Jul 20 04:26:10 mail sshd\[28418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.91.55.58	2019-07-20 10:42:18
121.142.111.114	attackbotsspam	Jul 20 05:12:18 ncomp sshd[5432]: Invalid user hg from 121.142.111.114 Jul 20 05:12:18 ncomp sshd[5432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.142.111.114 Jul 20 05:12:18 ncomp sshd[5432]: Invalid user hg from 121.142.111.114 Jul 20 05:12:20 ncomp sshd[5432]: Failed password for invalid user hg from 121.142.111.114 port 58380 ssh2	2019-07-20 11:20:25
207.180.254.62	attackbots	Automatic report - Banned IP Access	2019-07-20 11:16:00
185.143.221.55	attackspam	Jul 20 04:34:32 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.221.55 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=24677 PROTO=TCP SPT=59163 DPT=4536 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-07-20 10:47:01
123.56.232.35	attackbots	2019-07-08T12:37:04.397026wiz-ks3 sshd[17465]: Invalid user user1 from 123.56.232.35 port 48431 2019-07-08T12:37:04.399192wiz-ks3 sshd[17465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.56.232.35 2019-07-08T12:37:04.397026wiz-ks3 sshd[17465]: Invalid user user1 from 123.56.232.35 port 48431 2019-07-08T12:37:06.440303wiz-ks3 sshd[17465]: Failed password for invalid user user1 from 123.56.232.35 port 48431 ssh2 2019-07-08T12:37:09.929676wiz-ks3 sshd[17467]: Invalid user user2 from 123.56.232.35 port 59828 2019-07-08T12:37:09.931797wiz-ks3 sshd[17467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.56.232.35 2019-07-08T12:37:09.929676wiz-ks3 sshd[17467]: Invalid user user2 from 123.56.232.35 port 59828 2019-07-08T12:37:11.992953wiz-ks3 sshd[17467]: Failed password for invalid user user2 from 123.56.232.35 port 59828 ssh2 2019-07-08T12:37:23.537989wiz-ks3 sshd[17471]: pam_unix(sshd:auth): authentication failure; logname=	2019-07-20 10:52:04
158.69.112.178	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-07-20 11:04:04
112.85.42.181	attack	2019-06-30T02:23:30.245668wiz-ks3 sshd[18182]: Failed password for root from 112.85.42.181 port 64200 ssh2 2019-06-30T02:23:32.374760wiz-ks3 sshd[18182]: Failed password for root from 112.85.42.181 port 64200 ssh2 2019-06-30T02:23:35.449872wiz-ks3 sshd[18182]: Failed password for root from 112.85.42.181 port 64200 ssh2 2019-06-30T02:23:38.281820wiz-ks3 sshd[18182]: Failed password for root from 112.85.42.181 port 64200 ssh2 2019-06-30T02:23:40.814749wiz-ks3 sshd[18182]: Failed password for root from 112.85.42.181 port 64200 ssh2 2019-06-30T02:23:43.607642wiz-ks3 sshd[18182]: Failed password for root from 112.85.42.181 port 64200 ssh2 2019-06-30T02:23:43.607766wiz-ks3 sshd[18182]: error: maximum authentication attempts exceeded for root from 112.85.42.181 port 64200 ssh2 [preauth] 2019-06-30T02:23:48.042590wiz-ks3 sshd[18184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root 2019-06-30T02:23:49.911965wiz-ks3 sshd[18184]: Failed password for root f	2019-07-20 11:09:40
51.15.163.64	attackbots	VoIP Brute Force - 51.15.163.64 - Auto Report ...	2019-07-20 11:21:38
81.22.45.54	attack	Unauthorised access (Jul 20) SRC=81.22.45.54 LEN=40 TTL=247 ID=18728 TCP DPT=3389 WINDOW=1024 SYN Unauthorised access (Jul 16) SRC=81.22.45.54 LEN=40 TTL=247 ID=41495 TCP DPT=3389 WINDOW=1024 SYN	2019-07-20 10:56:49
102.165.35.92	attackbotsspam	2019-07-07T21:10:58.759815wiz-ks3 sshd[5603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.165.35.92 user=root 2019-07-07T21:11:00.892698wiz-ks3 sshd[5603]: Failed password for root from 102.165.35.92 port 1579 ssh2 2019-07-07T21:11:03.267419wiz-ks3 sshd[5603]: Failed password for root from 102.165.35.92 port 1579 ssh2 2019-07-07T21:10:58.759815wiz-ks3 sshd[5603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.165.35.92 user=root 2019-07-07T21:11:00.892698wiz-ks3 sshd[5603]: Failed password for root from 102.165.35.92 port 1579 ssh2 2019-07-07T21:11:03.267419wiz-ks3 sshd[5603]: Failed password for root from 102.165.35.92 port 1579 ssh2 2019-07-07T21:10:58.759815wiz-ks3 sshd[5603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.165.35.92 user=root 2019-07-07T21:11:00.892698wiz-ks3 sshd[5603]: Failed password for root from 102.165.35.92 port 1579 ssh2 2019-07-07T21:11:03.26	2019-07-20 11:22:09
91.121.211.34	attack	Jul 20 04:26:32 legacy sshd[32678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.211.34 Jul 20 04:26:33 legacy sshd[32678]: Failed password for invalid user vogel from 91.121.211.34 port 40450 ssh2 Jul 20 04:31:06 legacy sshd[332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.211.34 ...	2019-07-20 10:37:39
192.241.159.27	attackbots	vps1:pam-generic	2019-07-20 10:55:01

最近上报的IP列表

159.65.12.163	109.166.220.7	109.160.51.173	104.248.85.105
93.63.150.10	134.73.161.140	46.125.250.72	178.164.136.227
83.110.81.97	145.239.128.24	190.148.148.204	14.18.232.5
139.194.19.97	151.179.212.12	112.186.77.102	187.77.19.95
86.107.227.214	247.17.168.182	114.100.157.221	209.41.49.54