139.5.154.61 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Max Internet Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	B: Abusive ssh attack	2020-08-19 21:57:32
attack	Jun 2 03:51:05 game-panel sshd[14703]: Failed password for root from 139.5.154.61 port 54246 ssh2 Jun 2 03:54:42 game-panel sshd[14847]: Failed password for root from 139.5.154.61 port 58360 ssh2	2020-06-02 12:29:03
attackspam	05/24/2020-23:55:42.742000 139.5.154.61 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-25 12:37:03
attack	May 21 12:25:49 onepixel sshd[681721]: Invalid user yzp from 139.5.154.61 port 51618 May 21 12:25:49 onepixel sshd[681721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.154.61 May 21 12:25:49 onepixel sshd[681721]: Invalid user yzp from 139.5.154.61 port 51618 May 21 12:25:51 onepixel sshd[681721]: Failed password for invalid user yzp from 139.5.154.61 port 51618 ssh2 May 21 12:26:21 onepixel sshd[681784]: Invalid user ghr from 139.5.154.61 port 60392	2020-05-21 22:15:16
attackbots	May 10 04:39:44 firewall sshd[19550]: Invalid user xue from 139.5.154.61 May 10 04:39:46 firewall sshd[19550]: Failed password for invalid user xue from 139.5.154.61 port 39492 ssh2 May 10 04:40:39 firewall sshd[19569]: Invalid user ubuntu from 139.5.154.61 ...	2020-05-10 19:02:53
attackbots	(sshd) Failed SSH login from 139.5.154.61 (ID/Indonesia/-): 5 in the last 3600 secs	2020-05-05 00:12:33

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.5.154.61
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13955
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.5.154.61.			IN	A

;; AUTHORITY SECTION:
.			562	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050400 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 05 00:12:29 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 61.154.5.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 61.154.5.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
170.0.128.10	attackbots	Jun 22 19:28:13 server1 sshd\[26811\]: Invalid user pegas from 170.0.128.10 Jun 22 19:28:13 server1 sshd\[26811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.0.128.10 Jun 22 19:28:15 server1 sshd\[26811\]: Failed password for invalid user pegas from 170.0.128.10 port 52628 ssh2 Jun 22 19:29:44 server1 sshd\[27162\]: Invalid user gk from 170.0.128.10 Jun 22 19:29:44 server1 sshd\[27162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.0.128.10 ...	2019-06-23 12:32:36
187.120.136.200	attackbotsspam	failed_logins	2019-06-23 12:46:47
191.208.30.172	attackspambots	ports scanning	2019-06-23 12:54:51
118.25.128.19	attackbotsspam	Jun 23 02:34:03 localhost sshd\[4509\]: Invalid user heng from 118.25.128.19 port 36594 Jun 23 02:34:03 localhost sshd\[4509\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.128.19 Jun 23 02:34:05 localhost sshd\[4509\]: Failed password for invalid user heng from 118.25.128.19 port 36594 ssh2	2019-06-23 13:01:12
165.22.246.254	attackspambots	firewall-block, port(s): 8545/tcp	2019-06-23 12:24:57
183.82.250.61	attack	ports scanning	2019-06-23 12:30:51
106.12.84.221	attackbots	Jun 23 02:14:43 host sshd\[48600\]: Invalid user dan from 106.12.84.221 port 55128 Jun 23 02:14:43 host sshd\[48600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.84.221 ...	2019-06-23 12:19:32
162.243.142.99	attack	¯\_(ツ)_/¯	2019-06-23 12:16:15
145.239.214.124	attackbotsspam	proto=tcp . spt=52911 . dpt=25 . (listed on Blocklist de Jun 22) (42)	2019-06-23 12:59:28
117.3.103.206	attackspambots	139/tcp 445/tcp... [2019-06-06/22]6pkt,2pt.(tcp)	2019-06-23 12:46:22
43.247.38.217	attackbots	23/tcp 2323/tcp 5555/tcp... [2019-05-20/06-22]8pkt,4pt.(tcp)	2019-06-23 12:48:37
139.99.107.166	attack	2019-06-22T21:14:18.819094mizuno.rwx.ovh sshd[13384]: Connection from 139.99.107.166 port 47696 on 78.46.61.178 port 22 2019-06-22T21:14:19.991617mizuno.rwx.ovh sshd[13384]: Invalid user bartek from 139.99.107.166 port 47696 2019-06-22T21:14:19.999356mizuno.rwx.ovh sshd[13384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.107.166 2019-06-22T21:14:18.819094mizuno.rwx.ovh sshd[13384]: Connection from 139.99.107.166 port 47696 on 78.46.61.178 port 22 2019-06-22T21:14:19.991617mizuno.rwx.ovh sshd[13384]: Invalid user bartek from 139.99.107.166 port 47696 2019-06-22T21:14:22.584833mizuno.rwx.ovh sshd[13384]: Failed password for invalid user bartek from 139.99.107.166 port 47696 ssh2 ...	2019-06-23 12:31:28
77.247.110.22	attackbots	\[2019-06-22 23:03:05\] NOTICE\[1849\] chan_sip.c: Registration from '"100" \' failed for '77.247.110.22:5710' - Wrong password \[2019-06-22 23:03:05\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-22T23:03:05.453-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="100",SessionID="0x7fc424009a28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.22/5710",Challenge="5a39aeac",ReceivedChallenge="5a39aeac",ReceivedHash="3a90a79c3c63d1c57faabe8cc4f99c81" \[2019-06-22 23:03:05\] NOTICE\[1849\] chan_sip.c: Registration from '"100" \' failed for '77.247.110.22:5710' - Wrong password \[2019-06-22 23:03:05\] SECURITY\[1857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-22T23:03:05.567-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="100",SessionID="0x7fc42427dd38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.2	2019-06-23 12:51:22
24.118.19.247	attackbots	20 attempts against mh-ssh on wave.magehost.pro	2019-06-23 12:45:24
1.202.140.162	attackspam	ports scanning	2019-06-23 12:39:34

Recently Reported IPs

18.228.179.100	165.22.63.27	177.190.160.15	2001:19f0:6401:fc0:5400:2ff:feb1:6cf7
186.193.143.66	114.6.74.102	162.243.142.93	186.235.79.54
83.137.149.46	130.61.41.62	40.107.67.93	45.15.72.107
165.7.148.134	5.14.10.31	25.210.35.175	220.132.239.92
177.132.226.116	157.230.40.72	63.82.49.59	240e:370:31a:5780:d9eb:cca4:5427:d180