5.18.249.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: JSC ER-Telecom Holding

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Apr 19 14:01:47 debian-2gb-nbg1-2 kernel: \[9556674.381749\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=5.18.249.54 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x40 TTL=118 ID=3333 DF PROTO=TCP SPT=8480 DPT=8000 WINDOW=64240 RES=0x00 SYN URGP=0	2020-04-20 00:14:17

Type

Details

Datetime

attackspambots

Apr 19 14:01:47 debian-2gb-nbg1-2 kernel: \[9556674.381749\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=5.18.249.54 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x40 TTL=118 ID=3333 DF PROTO=TCP SPT=8480 DPT=8000 WINDOW=64240 RES=0x00 SYN URGP=0

2020-04-20 00:14:17

Comments on same subnet:

IP	Type	Details	Datetime
5.18.249.150	attackbotsspam	1584016239 - 03/12/2020 13:30:39 Host: 5.18.249.150/5.18.249.150 Port: 445 TCP Blocked	2020-03-12 23:11:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.18.249.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.18.249.54.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041900 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 00:14:10 CST 2020
;; MSG SIZE  rcvd: 115

Host info

54.249.18.5.in-addr.arpa domain name pointer 5x18x249x54.static-business.spb.ertelecom.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.249.18.5.in-addr.arpa	name = 5x18x249x54.static-business.spb.ertelecom.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.140.42.185	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-20 02:15:30
167.99.75.174	attack	...	2020-01-20 01:54:01
159.203.177.49	attackspam	Unauthorized connection attempt detected from IP address 159.203.177.49 to port 2220 [J]	2020-01-20 02:05:51
88.204.242.54	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-20 01:53:03
83.4.119.99	attackbotsspam	port 23	2020-01-20 01:56:38
216.239.90.19	attackbotsspam	Failed password for root from 216.239.90.19 port 62860 ssh2 Failed password for root from 216.239.90.19 port 62860 ssh2 Failed password for root from 216.239.90.19 port 62860 ssh2 Failed password for root from 216.239.90.19 port 62860 ssh2	2020-01-20 01:44:34
103.242.15.145	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-20 02:11:43
51.83.42.244	attackspam	Unauthorized connection attempt detected from IP address 51.83.42.244 to port 2220 [J]	2020-01-20 01:46:47
125.164.116.119	attackbotsspam	Honeypot attack, port: 445, PTR: 119.subnet125-164-116.speedy.telkom.net.id.	2020-01-20 02:12:26
193.242.176.243	attackbots	Unauthorized connection attempt detected from IP address 193.242.176.243 to port 81 [J]	2020-01-20 02:14:59
191.161.1.154	attack	Honeypot attack, port: 445, PTR: 154.1.161.191.isp.timbrasil.com.br.	2020-01-20 01:47:06
222.186.173.142	attackbots	2020-01-19T18:57:45.819002vps751288.ovh.net sshd\[22475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root 2020-01-19T18:57:47.714033vps751288.ovh.net sshd\[22475\]: Failed password for root from 222.186.173.142 port 24460 ssh2 2020-01-19T18:57:50.600042vps751288.ovh.net sshd\[22475\]: Failed password for root from 222.186.173.142 port 24460 ssh2 2020-01-19T18:57:54.225839vps751288.ovh.net sshd\[22475\]: Failed password for root from 222.186.173.142 port 24460 ssh2 2020-01-19T18:57:57.072333vps751288.ovh.net sshd\[22475\]: Failed password for root from 222.186.173.142 port 24460 ssh2	2020-01-20 02:10:08
202.62.45.220	attackspambots	Honeypot attack, port: 445, PTR: mail.dfilucky.com.	2020-01-20 02:02:12
220.86.92.204	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-20 01:48:35
104.37.216.112	attackspam	Jan 19 17:37:14 server2 sshd\[6636\]: User root from 104.37.216.112 not allowed because not listed in AllowUsers Jan 19 17:37:15 server2 sshd\[6638\]: Invalid user DUP from 104.37.216.112 Jan 19 17:37:16 server2 sshd\[6640\]: User root from 104.37.216.112 not allowed because not listed in AllowUsers Jan 19 17:37:17 server2 sshd\[6642\]: User root from 104.37.216.112 not allowed because not listed in AllowUsers Jan 19 17:37:18 server2 sshd\[6644\]: User root from 104.37.216.112 not allowed because not listed in AllowUsers Jan 19 17:37:19 server2 sshd\[6646\]: User root from 104.37.216.112 not allowed because not listed in AllowUsers	2020-01-20 01:45:34

Recently Reported IPs

95.9.129.248	45.148.122.101	180.249.144.131	182.61.170.16
167.71.93.230	46.119.39.170	45.222.74.230	81.213.152.3
95.24.21.119	88.102.249.203	214.71.91.61	228.157.3.59
131.77.60.65	33.109.106.10	177.15.196.163	249.103.142.240
145.240.179.244	146.200.27.118	113.113.73.172	14.139.187.209