5.20.131.6 - IPInfo

Basic Info

City: Vilnius

Region: Vilnius

Country: Republic of Lithuania

Internet Service Provider: UAB Cgates

Hostname: unknown

Organization: UAB Cgates

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Nov 8 17:13:18 aragorn sshd[10228]: User sshd from data-131-6.cgates.lt not allowed because not listed in AllowUsers Nov 8 17:15:31 aragorn sshd[11124]: User sshd from data-131-6.cgates.lt not allowed because not listed in AllowUsers Nov 8 17:15:45 aragorn sshd[11129]: User sshd from data-131-6.cgates.lt not allowed because not listed in AllowUsers Nov 8 17:38:14 aragorn sshd[14749]: Invalid user user1 from 5.20.131.6 ...	2019-11-09 08:14:13

Type

Details

Datetime

attackspam

Nov  8 17:13:18 aragorn sshd[10228]: User sshd from data-131-6.cgates.lt not allowed because not listed in AllowUsers
Nov  8 17:15:31 aragorn sshd[11124]: User sshd from data-131-6.cgates.lt not allowed because not listed in AllowUsers
Nov  8 17:15:45 aragorn sshd[11129]: User sshd from data-131-6.cgates.lt not allowed because not listed in AllowUsers
Nov  8 17:38:14 aragorn sshd[14749]: Invalid user user1 from 5.20.131.6
...

2019-11-09 08:14:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.20.131.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60605
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.20.131.6.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 01:56:48 +08 2019
;; MSG SIZE  rcvd: 114

Host info

6.131.20.5.in-addr.arpa domain name pointer data-131-6.cgates.lt.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
6.131.20.5.in-addr.arpa	name = data-131-6.cgates.lt.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.235.37.232	attackbotsspam	Mar 28 06:47:14 odroid64 sshd\[11885\]: Invalid user gi from 49.235.37.232 Mar 28 06:47:14 odroid64 sshd\[11885\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.37.232 ...	2020-03-28 17:21:52
51.91.122.195	attackspambots	Mar 28 09:49:15 srv206 sshd[3375]: Invalid user inu from 51.91.122.195 Mar 28 09:49:15 srv206 sshd[3375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.ip-51-91-122.eu Mar 28 09:49:15 srv206 sshd[3375]: Invalid user inu from 51.91.122.195 Mar 28 09:49:17 srv206 sshd[3375]: Failed password for invalid user inu from 51.91.122.195 port 51122 ssh2 ...	2020-03-28 17:04:42
50.127.71.5	attackspambots	2020-03-28T07:21:49.576121whonock.onlinehub.pt sshd[10785]: Invalid user cze from 50.127.71.5 port 36833 2020-03-28T07:21:49.579085whonock.onlinehub.pt sshd[10785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.127.71.5 2020-03-28T07:21:49.576121whonock.onlinehub.pt sshd[10785]: Invalid user cze from 50.127.71.5 port 36833 2020-03-28T07:21:51.167841whonock.onlinehub.pt sshd[10785]: Failed password for invalid user cze from 50.127.71.5 port 36833 ssh2 2020-03-28T07:30:51.175366whonock.onlinehub.pt sshd[11016]: Invalid user oqo from 50.127.71.5 port 31016 2020-03-28T07:30:51.178284whonock.onlinehub.pt sshd[11016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.127.71.5 2020-03-28T07:30:51.175366whonock.onlinehub.pt sshd[11016]: Invalid user oqo from 50.127.71.5 port 31016 2020-03-28T07:30:53.173174whonock.onlinehub.pt sshd[11016]: Failed password for invalid user oqo from 50.127.71.5 port 31016 ssh2 ...	2020-03-28 16:59:48
183.88.2.169	attack	1585367330 - 03/28/2020 04:48:50 Host: 183.88.2.169/183.88.2.169 Port: 445 TCP Blocked	2020-03-28 17:01:04
200.58.221.234	attackbotsspam	Probing for vulnerable services	2020-03-28 16:54:13
49.234.47.124	attackbots	$f2bV_matches	2020-03-28 16:59:00
95.84.146.201	attackspam	Mar 28 08:52:35 lock-38 sshd[248803]: Invalid user wso from 95.84.146.201 port 57800 Mar 28 08:52:35 lock-38 sshd[248803]: Failed password for invalid user wso from 95.84.146.201 port 57800 ssh2 Mar 28 08:56:17 lock-38 sshd[248949]: Invalid user var from 95.84.146.201 port 41048 Mar 28 08:56:17 lock-38 sshd[248949]: Invalid user var from 95.84.146.201 port 41048 Mar 28 08:56:17 lock-38 sshd[248949]: Failed password for invalid user var from 95.84.146.201 port 41048 ssh2 ...	2020-03-28 16:46:36
106.12.96.23	attackbotsspam	SSH bruteforce (Triggered fail2ban)	2020-03-28 17:05:13
92.118.161.5	attackbotsspam	Unauthorized connection attempt detected from IP address 92.118.161.5 to port 2002 [T]	2020-03-28 17:09:14
1.0.191.132	attackspambots	Icarus honeypot on github	2020-03-28 16:52:31
220.167.224.133	attackspambots	Mar 28 09:00:55 server sshd[62809]: Failed password for invalid user cez from 220.167.224.133 port 41977 ssh2 Mar 28 09:12:04 server sshd[65515]: Failed password for invalid user fau from 220.167.224.133 port 44163 ssh2 Mar 28 09:14:55 server sshd[1033]: Failed password for invalid user suman from 220.167.224.133 port 33798 ssh2	2020-03-28 17:21:00
178.136.235.119	attackbots	Mar 28 09:50:33 legacy sshd[19001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.136.235.119 Mar 28 09:50:35 legacy sshd[19001]: Failed password for invalid user dap from 178.136.235.119 port 54878 ssh2 Mar 28 09:55:55 legacy sshd[19151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.136.235.119 ...	2020-03-28 17:11:28
185.22.142.132	attack	Mar 28 09:32:58 relay dovecot: imap-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=185.22.142.132, lip=176.9.177.164, session=\ Mar 28 09:33:00 relay dovecot: imap-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=185.22.142.132, lip=176.9.177.164, session=\ Mar 28 09:33:22 relay dovecot: imap-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=185.22.142.132, lip=176.9.177.164, session=\ Mar 28 09:38:33 relay dovecot: imap-login: Disconnected: Inactivity $auth failed, 1 attempts in 181 secs$: user=\, method=PLAIN, rip=185.22.142.132, lip=176.9.177.164, session=\ Mar 28 09:38:34 relay dovecot: imap-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 ...	2020-03-28 16:41:45
220.161.81.131	attackspambots	Mar 28 05:39:39 ws12vmsma01 sshd[36407]: Invalid user lien from 220.161.81.131 Mar 28 05:39:41 ws12vmsma01 sshd[36407]: Failed password for invalid user lien from 220.161.81.131 port 37594 ssh2 Mar 28 05:43:34 ws12vmsma01 sshd[36987]: Invalid user uyc from 220.161.81.131 ...	2020-03-28 16:44:10
202.82.149.243	attack	Mar 28 10:22:53 server sshd\[31660\]: Invalid user rtq from 202.82.149.243 Mar 28 10:22:53 server sshd\[31660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=smtp.ifourltd.com Mar 28 10:22:55 server sshd\[31660\]: Failed password for invalid user rtq from 202.82.149.243 port 44302 ssh2 Mar 28 10:38:25 server sshd\[3650\]: Invalid user xhq from 202.82.149.243 Mar 28 10:38:25 server sshd\[3650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=smtp.ifourltd.com ...	2020-03-28 17:17:03

Recently Reported IPs

131.44.202.110	86.125.141.106	46.105.140.52	177.24.167.87
27.73.4.120	18.47.171.153	151.41.175.39	45.246.52.201
5.129.70.199	110.206.10.166	5.128.36.131	19.7.180.157
49.81.94.191	243.125.51.16	45.160.173.227	49.76.86.245
155.128.30.53	49.51.9.41	43.255.21.10	193.178.228.215