5.54.13.139 - IPInfo

Basic Info

City: Sparti

Region: Peloponnese

Country: Greece

Internet Service Provider: Vodafone-Panafon Hellenic Telecommunications Company SA

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Telnet Server BruteForce Attack	2019-11-11 15:54:03

Comments on same subnet:

IP	Type	Details	Datetime
5.54.133.160	attack	Telnet Server BruteForce Attack	2019-11-09 08:27:43
5.54.130.122	attackbots	Sun, 21 Jul 2019 18:29:02 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:10:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.54.13.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42448
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.54.13.139.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111100 1800 900 604800 86400

;; Query time: 127 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 11 15:54:00 CST 2019
;; MSG SIZE  rcvd: 115

Host info

139.13.54.5.in-addr.arpa domain name pointer ppp005054013139.access.hol.gr.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.13.54.5.in-addr.arpa	name = ppp005054013139.access.hol.gr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.191.23.15	attackbots	Jun 7 07:52:25 eventyay sshd[9088]: Failed password for root from 94.191.23.15 port 50234 ssh2 Jun 7 07:57:03 eventyay sshd[9267]: Failed password for root from 94.191.23.15 port 44030 ssh2 ...	2020-06-07 14:42:20
51.38.230.10	attack	Jun 7 08:46:34 piServer sshd[15519]: Failed password for root from 51.38.230.10 port 56390 ssh2 Jun 7 08:50:08 piServer sshd[15962]: Failed password for root from 51.38.230.10 port 32828 ssh2 ...	2020-06-07 14:59:21
112.85.42.180	attackbotsspam	$f2bV_matches	2020-06-07 14:55:27
150.109.151.244	attackspambots	Jun 2 16:34:53 ntop sshd[8644]: User r.r from 150.109.151.244 not allowed because not listed in AllowUsers Jun 2 16:34:53 ntop sshd[8644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.151.244 user=r.r Jun 2 16:34:56 ntop sshd[8644]: Failed password for invalid user r.r from 150.109.151.244 port 60482 ssh2 Jun 2 16:34:57 ntop sshd[8644]: Received disconnect from 150.109.151.244 port 60482:11: Bye Bye [preauth] Jun 2 16:34:57 ntop sshd[8644]: Disconnected from invalid user r.r 150.109.151.244 port 60482 [preauth] Jun 2 17:57:35 ntop sshd[24804]: User r.r from 150.109.151.244 not allowed because not listed in AllowUsers Jun 2 17:57:35 ntop sshd[24804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.151.244 user=r.r Jun 2 17:57:37 ntop sshd[24804]: Failed password for invalid user r.r from 150.109.151.244 port 55500 ssh2 Jun 2 17:57:38 ntop sshd[24804]: Received di........ -------------------------------	2020-06-07 14:53:43
185.176.27.54	attackbots	06/06/2020-23:55:22.703260 185.176.27.54 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-07 14:32:34
59.124.90.231	attackspam	Lines containing failures of 59.124.90.231 Jun 1 06:41:54 neon sshd[26803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.124.90.231 user=r.r Jun 1 06:41:56 neon sshd[26803]: Failed password for r.r from 59.124.90.231 port 48062 ssh2 Jun 1 06:41:56 neon sshd[26803]: Received disconnect from 59.124.90.231 port 48062:11: Bye Bye [preauth] Jun 1 06:41:56 neon sshd[26803]: Disconnected from authenticating user r.r 59.124.90.231 port 48062 [preauth] Jun 1 06:50:36 neon sshd[29399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.124.90.231 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.124.90.231	2020-06-07 14:31:28
103.253.113.173	attackspam	Jun 7 09:05:42 gw1 sshd[23673]: Failed password for root from 103.253.113.173 port 36657 ssh2 ...	2020-06-07 14:37:03
212.225.180.51	attackspambots	Automatic report - Port Scan Attack	2020-06-07 14:52:33
61.147.61.254	attackbotsspam	General vulnerability scan.	2020-06-07 15:02:18
60.49.106.146	attack	(sshd) Failed SSH login from 60.49.106.146 (MY/Malaysia/146.106.49.60.brf03-home.tm.net.my): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 7 08:27:47 amsweb01 sshd[15976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.49.106.146 user=root Jun 7 08:27:49 amsweb01 sshd[15976]: Failed password for root from 60.49.106.146 port 52688 ssh2 Jun 7 08:38:19 amsweb01 sshd[17707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.49.106.146 user=root Jun 7 08:38:21 amsweb01 sshd[17707]: Failed password for root from 60.49.106.146 port 48566 ssh2 Jun 7 08:41:19 amsweb01 sshd[18101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.49.106.146 user=root	2020-06-07 15:03:24
1.161.99.28	attackspambots	20/6/6@23:54:37: FAIL: Alarm-Network address from=1.161.99.28 ...	2020-06-07 14:57:04
37.49.226.107	attackspam	Lines containing failures of 37.49.226.107 Jun 1 16:47:34 mc sshd[1427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.49.226.107 user=r.r Jun 1 16:47:36 mc sshd[1427]: Failed password for r.r from 37.49.226.107 port 35964 ssh2 Jun 1 16:47:37 mc sshd[1427]: Received disconnect from 37.49.226.107 port 35964:11: Normal Shutdown, Thank you for playing [preauth] Jun 1 16:47:37 mc sshd[1427]: Disconnected from authenticating user r.r 37.49.226.107 port 35964 [preauth] Jun 1 16:49:24 mc sshd[1452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.49.226.107 user=r.r Jun 1 16:49:26 mc sshd[1452]: Failed password for r.r from 37.49.226.107 port 44802 ssh2 Jun 1 16:49:27 mc sshd[1452]: Received disconnect from 37.49.226.107 port 44802:11: Normal Shutdown, Thank you for playing [preauth] Jun 1 16:49:27 mc sshd[1452]: Disconnected from authenticating user r.r 37.49.226.107 port 44802 [p........ ------------------------------	2020-06-07 14:32:47
52.37.81.230	attack	IP 52.37.81.230 attacked honeypot on port: 80 at 6/7/2020 4:54:22 AM	2020-06-07 15:01:19
49.233.87.146	attack	Jun 7 08:35:53 Ubuntu-1404-trusty-64-minimal sshd\[17909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.87.146 user=root Jun 7 08:35:55 Ubuntu-1404-trusty-64-minimal sshd\[17909\]: Failed password for root from 49.233.87.146 port 47643 ssh2 Jun 7 08:53:38 Ubuntu-1404-trusty-64-minimal sshd\[28099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.87.146 user=root Jun 7 08:53:40 Ubuntu-1404-trusty-64-minimal sshd\[28099\]: Failed password for root from 49.233.87.146 port 36546 ssh2 Jun 7 08:56:25 Ubuntu-1404-trusty-64-minimal sshd\[29559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.87.146 user=root	2020-06-07 15:03:38
138.91.184.56	attackspambots	Brute forcing email accounts	2020-06-07 14:43:13

Recently Reported IPs

154.223.40.244	61.176.242.152	177.69.221.75	178.128.84.200
31.222.195.30	200.61.163.27	52.38.205.63	171.100.190.195
61.149.136.46	94.130.14.92	180.183.180.6	194.108.0.86
152.250.28.63	122.121.105.217	167.71.219.231	61.184.253.154
45.136.109.243	123.124.158.23	59.95.247.150	90.224.136.147