JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.231.242.254

5.231.242.254 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 29%: ?

29%

ISP	GHOSTNET GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS49581
Hostname(s)	254.0-255.242.231.5.in-addr.arpa
Domain Name	ghostnet.de
Country	🇩🇪 Germany
City	Aachen, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.231.242.254

Whois 5.231.242.254

IP Abuse Reports for 5.231.242.254:

This IP address has been reported a total of 68 times from 4 distinct sources. 5.231.242.254 was first reported on December 31st 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-03 14:18:52 (9 hours ago)	Blocked by UFW (TCP on 5622) Source port: 51265 TTL: 239 Packet length: 40 TOS: 0x14 This report (f ... show more Blocked by UFW (TCP on 5622) Source port: 51265 TTL: 239 Packet length: 40 TOS: 0x14 This report (for 5.231.242.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 Sakura Miko	2026-06-02 21:54:25 (1 day ago)	2026-06-03T05:54:21.358290+08:00 nekoaru-shanghai-1 sshd-session[1815437]: Connection from 5.231.242 ... show more 2026-06-03T05:54:21.358290+08:00 nekoaru-shanghai-1 sshd-session[1815437]: Connection from 5.231.242.254 port 16260 on 192.168.12.24 port 41022 rdomain "" 2026-06-03T05:54:22.938692+08:00 nekoaru-shanghai-1 sshd-session[1815437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.231.242.254 user=root 2026-06-03T05:54:24.610598+08:00 nekoaru-shanghai-1 sshd-session[1815437]: Failed password for root from 5.231.242.254 port 16260 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-06-02 15:12:57 (1 day ago)	Blocked by UFW (TCP on 45022) Source port: 49447 TTL: 241 Packet length: 40 TOS: 0x14 This report ( ... show more Blocked by UFW (TCP on 45022) Source port: 49447 TTL: 241 Packet length: 40 TOS: 0x14 This report (for 5.231.242.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 pengpeng	2026-06-01 21:55:15 (2 days ago)	monitor: on VM-0-7-ubuntu \| port: 7322 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter	Port Scan
Anonymous	2026-06-01 08:37:34 (2 days ago)	Blocked by UFW (TCP on 36522) Source port: 46352 TTL: 240 Packet length: 40 TOS: 0x14 This report ( ... show more Blocked by UFW (TCP on 36522) Source port: 46352 TTL: 240 Packet length: 40 TOS: 0x14 This report (for 5.231.242.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 pengpeng	2026-05-31 21:51:06 (3 days ago)	monitor: on VM-0-7-ubuntu \| port: 42622 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 42622 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 Scutech Scutech	2026-05-31 20:01:20 (3 days ago)	Jun 1 04:01:15 gateway sshd[2395439]: Invalid user a from 5.231.242.254 port 42216 Jun 1 04:01:15 ... show more Jun 1 04:01:15 gateway sshd[2395439]: Invalid user a from 5.231.242.254 port 42216 Jun 1 04:01:15 gateway sshd[2395454]: Invalid user admin from 5.231.242.254 port 42262 Jun 1 04:01:16 gateway sshd[2395450]: Invalid user admin from 5.231.242.254 port 42250 Jun 1 04:01:17 gateway sshd[2395446]: Invalid user admin from 5.231.242.254 port 42242 Jun 1 04:01:17 gateway sshd[2395477]: Invalid user admin from 5.231.242.254 port 42298 ... show less	Brute-Force SSH
🇨🇳 pengpeng	2026-05-30 15:42:22 (4 days ago)	monitor: on VM-0-7-ubuntu \| port: 26822 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 26822 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-05-29 10:54:11 (5 days ago)	Blocked by UFW (TCP on 36522) Source port: 57650 TTL: 241 Packet length: 40 TOS: 0x14 This report ( ... show more Blocked by UFW (TCP on 36522) Source port: 57650 TTL: 241 Packet length: 40 TOS: 0x14 This report (for 5.231.242.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-05-28 14:40:12 (6 days ago)	Blocked by UFW (TCP on 30322) Source port: 48539 TTL: 241 Packet length: 40 TOS: 0x14 This report ( ... show more Blocked by UFW (TCP on 30322) Source port: 48539 TTL: 241 Packet length: 40 TOS: 0x14 This report (for 5.231.242.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-05-27 21:11:52 (1 week ago)	Blocked by UFW (TCP on 38622) Source port: 43638 TTL: 239 Packet length: 40 TOS: 0x14 This report ( ... show more Blocked by UFW (TCP on 38622) Source port: 43638 TTL: 239 Packet length: 40 TOS: 0x14 This report (for 5.231.242.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-05-27 05:53:12 (1 week ago)	Blocked by UFW (TCP on 48922) Source port: 60779 TTL: 241 Packet length: 40 TOS: 0x14 This report ( ... show more Blocked by UFW (TCP on 48922) Source port: 60779 TTL: 241 Packet length: 40 TOS: 0x14 This report (for 5.231.242.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 pengpeng	2026-05-27 04:14:34 (1 week ago)	monitor: on VM-0-7-ubuntu \| port: 50222 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 50222 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-05-26 17:44:33 (1 week ago)	Blocked by UFW (TCP on 2622) Source port: 55580 TTL: 239 Packet length: 40 TOS: 0x14 This report (f ... show more Blocked by UFW (TCP on 2622) Source port: 55580 TTL: 239 Packet length: 40 TOS: 0x14 This report (for 5.231.242.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 Sakura Miko	2026-05-25 03:08:31 (1 week ago)	2026-05-25T11:08:25.609137+08:00 nekoaru-shanghai-1 sshd-session[609914]: Connection from 5.231.242. ... show more 2026-05-25T11:08:25.609137+08:00 nekoaru-shanghai-1 sshd-session[609914]: Connection from 5.231.242.254 port 54730 on 192.168.12.24 port 41022 rdomain "" 2026-05-25T11:08:28.161390+08:00 nekoaru-shanghai-1 sshd-session[609914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.231.242.254 user=root 2026-05-25T11:08:29.935989+08:00 nekoaru-shanghai-1 sshd-session[609914]: Failed password for root from 5.231.242.254 port 54730 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 213.32.23.140

🇧🇪 198.235.24.177

🇧🇷 187.0.238.206

🇮🇩 182.10.100.138

🇸🇦 178.73.79.84

🇰🇷 116.123.150.231

🇺🇸 98.245.24.105

🇷🇴 92.118.39.236

🇺🇸 76.81.71.226

🇺🇸 69.171.234.31

🇺🇸 216.180.246.7

🇻🇪 206.0.176.249

🇧🇷 200.170.220.6

🇭🇺 194.180.12.23

🇻🇳 171.244.141.86

🇭🇳 170.83.118.204

🇺🇸 170.9.16.186

🇺🇸 162.216.150.237

🇭🇰 152.32.133.103

🇨🇳 113.108.13.168