54.36.109.139 - IPInfo

Basic Info

City: Limburg an der Lahn

Region: Hessen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
54.36.109.74	attack	ET SCAN Sipvicious Scan - port: 5060 proto: sip cat: Attempted Information Leakbytes: 454	2020-08-11 08:07:38
54.36.109.237	attackbots	Port scan denied	2020-08-03 01:04:31
54.36.109.237	attackbots	Unauthorized connection attempt detected from IP address 54.36.109.237 to port 8443	2020-07-23 03:21:31
54.36.109.74	attack	Port Scan detected from 54.36.109.74 (DE/Germany/Saarland/Saarbrücken (Mitte)/ns3102391.ip-54-36-109.eu). 4 hits in the last 140 seconds	2020-07-20 14:21:46
54.36.109.74	attack	" "	2020-07-20 05:04:25
54.36.109.237	attackspambots	Unauthorized connection attempt detected from IP address 54.36.109.237 to port 8443 [T]	2020-07-20 04:30:22
54.36.109.74	attackbotsspam	UDP 54.36.109.74:5130 -> port 5060, len 437	2020-07-05 22:44:58
54.36.109.74	attack	SIP Server BruteForce Attack	2020-06-23 04:57:44
54.36.109.74	attack	06/20/2020-04:10:27.917421 54.36.109.74 Protocol: 17 ET SCAN Sipvicious User-Agent Detected (friendly-scanner)	2020-06-20 19:57:51
54.36.109.74	attack	Fail2Ban Ban Triggered	2020-06-17 23:51:36
54.36.109.76	attack	1 attempts against mh-modsecurity-ban on crop	2020-05-15 00:42:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.36.109.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34095
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;54.36.109.139.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023120102 1800 900 604800 86400

;; Query time: 169 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 02 07:38:07 CST 2023
;; MSG SIZE  rcvd: 106

Host info

139.109.36.54.in-addr.arpa domain name pointer ns3102509.ip-54-36-109.eu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.109.36.54.in-addr.arpa	name = ns3102509.ip-54-36-109.eu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
108.30.160.14	attackbots	Aug 30 10:34:59 game-panel sshd[22136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.30.160.14 Aug 30 10:35:01 game-panel sshd[22136]: Failed password for invalid user patrick from 108.30.160.14 port 38652 ssh2 Aug 30 10:43:09 game-panel sshd[22579]: Failed password for root from 108.30.160.14 port 49910 ssh2	2020-08-30 19:01:22
61.142.247.210	attackspam	Aug 30 12:31:14 lnxmail61 postfix/smtpd[12942]: lost connection after CONNECT from unknown[61.142.247.210]	2020-08-30 18:47:33
51.77.108.33	attackspam	Aug 30 07:44:03 rotator sshd\[30527\]: Address 51.77.108.33 maps to ip-51-77-108.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 30 07:44:05 rotator sshd\[30527\]: Failed password for root from 51.77.108.33 port 49970 ssh2Aug 30 07:44:08 rotator sshd\[30527\]: Failed password for root from 51.77.108.33 port 49970 ssh2Aug 30 07:44:10 rotator sshd\[30527\]: Failed password for root from 51.77.108.33 port 49970 ssh2Aug 30 07:44:12 rotator sshd\[30527\]: Failed password for root from 51.77.108.33 port 49970 ssh2Aug 30 07:44:14 rotator sshd\[30527\]: Failed password for root from 51.77.108.33 port 49970 ssh2 ...	2020-08-30 18:30:47
113.178.226.93	attack	20/8/30@00:11:04: FAIL: Alarm-Network address from=113.178.226.93 20/8/30@00:11:05: FAIL: Alarm-Network address from=113.178.226.93 ...	2020-08-30 18:58:36
170.80.231.218	attackbots	www.rbtierfotografie.de 170.80.231.218 [30/Aug/2020:05:42:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4257 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" www.rbtierfotografie.de 170.80.231.218 [30/Aug/2020:05:42:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4257 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-08-30 19:07:50
170.80.68.242	attack	Brute-force attempt banned	2020-08-30 18:37:50
218.92.0.133	attack	Aug 30 12:26:09 ip106 sshd[10842]: Failed password for root from 218.92.0.133 port 25564 ssh2 Aug 30 12:26:13 ip106 sshd[10842]: Failed password for root from 218.92.0.133 port 25564 ssh2 ...	2020-08-30 18:26:47
142.93.97.13	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-30 18:46:36
216.218.206.102	attackspambots	TCP (SYN) 216.218.206.102:53109 -> port 445, len 44	2020-08-30 18:44:13
106.111.227.186	attack	Port probing on unauthorized port 81	2020-08-30 19:07:04
206.189.235.139	attack	WordPress wp-login brute force :: 206.189.235.139 0.156 - [30/Aug/2020:03:44:15 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-08-30 18:22:04
195.223.211.242	attackspam	Invalid user ftp1 from 195.223.211.242 port 52696	2020-08-30 18:36:43
31.192.248.116	attackbots	Icarus honeypot on github	2020-08-30 18:24:22
49.156.43.230	attackspambots	IMAP/SMTP Authentication Failure	2020-08-30 18:39:10
62.210.6.93	attack	Unauthorized SSH login attempts	2020-08-30 18:43:21

Recently Reported IPs

170.187.224.14	54.190.166.96	10.60.145.166	172.71.151.16
223.72.37.206	65.49.1.63	23.133.8.226	172.31.102.240
2.57.121.114	2.57.121.144	167.160.90.251	109.104.152.219
154.16.159.22	94.29.3.193	1.172.232.17	35.203.210.212
47.89.133.186	163.47.10.100	111.90.150.91	66.3.2.6