106.55.254.160

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Attempted connection to port 6379.	2020-08-27 17:27:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.55.254.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42636
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.55.254.160.			IN	A

;; AUTHORITY SECTION:
.			513	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082700 1800 900 604800 86400

;; Query time: 83 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 27 17:27:16 CST 2020
;; MSG SIZE  rcvd: 118

Host info

160.254.55.106.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 160.254.55.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.64.127.179	attackspambots	Telnet Server BruteForce Attack	2020-06-04 01:36:28
45.232.50.43	attackbots	firewall-block, port(s): 445/tcp	2020-06-04 01:53:19
50.53.179.3	attack	Jun 3 09:41:04 Tower sshd[1879]: Connection from 50.53.179.3 port 33956 on 192.168.10.220 port 22 rdomain "" Jun 3 09:41:06 Tower sshd[1879]: Failed password for root from 50.53.179.3 port 33956 ssh2 Jun 3 09:41:06 Tower sshd[1879]: Received disconnect from 50.53.179.3 port 33956:11: Bye Bye [preauth] Jun 3 09:41:06 Tower sshd[1879]: Disconnected from authenticating user root 50.53.179.3 port 33956 [preauth]	2020-06-04 01:48:14
192.99.36.177	attackbots	192.99.36.177 - - [03/Jun/2020:19:34:29 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.36.177 - - [03/Jun/2020:19:34:48 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.36.177 - - [03/Jun/2020:19:35:05 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.36.177 - - [03/Jun/2020:19:35:22 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.36.177 - - [03/Jun/2020:19:35:42 +0200] "POST /wp-login.php HTTP/1.1" 200 4578 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safar ...	2020-06-04 01:52:53
134.122.117.242	attackspambots	TCP (SYN) 134.122.117.242:40999 -> port 649, len 44	2020-06-04 01:39:46
172.245.52.30	attackspambots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-06-04 01:55:47
104.248.10.181	attack	TCP (SYN) 104.248.10.181:58201 -> port 24500, len 44	2020-06-04 01:43:41
139.99.135.175	attack	DATE:2020-06-03 13:49:39, IP:139.99.135.175, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-06-04 02:07:27
122.148.70.219	attackspam	xmlrpc attack	2020-06-04 02:01:13
187.178.162.125	attack	Automatic report - Port Scan Attack	2020-06-04 02:10:04
192.99.15.15	attackbots	[03/Jun/2020:19:03:14 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36"	2020-06-04 01:30:30
51.77.140.110	attackbots	51.77.140.110 - - [03/Jun/2020:17:41:59 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.140.110 - - [03/Jun/2020:17:41:59 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.140.110 - - [03/Jun/2020:17:41:59 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.140.110 - - [03/Jun/2020:17:41:59 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.140.110 - - [03/Jun/2020:17:41:59 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.140.110 - - [03/Jun/2020:17:42:00 +0200] "POST /wp-login.php HTTP/1.1" 200 2009 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-06-04 01:36:07
116.110.10.167	attack	[PY] (sshd) Failed SSH login from 116.110.10.167 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 3 10:50:40 svr sshd[3063684]: refused connect from 116.110.10.167 (116.110.10.167) Jun 3 10:50:44 svr sshd[3063713]: refused connect from 116.110.10.167 (116.110.10.167) Jun 3 10:50:44 svr sshd[3063714]: refused connect from 116.110.10.167 (116.110.10.167) Jun 3 10:50:44 svr sshd[3063721]: refused connect from 116.110.10.167 (116.110.10.167) Jun 3 10:50:45 svr sshd[3063726]: refused connect from 116.110.10.167 (116.110.10.167)	2020-06-04 01:54:04
37.230.189.22	attackbots	firewall-block, port(s): 445/tcp	2020-06-04 01:56:16
178.128.204.172	attack	34002/tcp [2020-06-03]1pkt	2020-06-04 01:37:01

Recently Reported IPs

146.222.184.214	222.95.250.210	192.172.75.15	107.1.23.234
51.83.139.10	125.26.221.41	180.244.80.153	121.41.45.198
221.146.86.206	119.123.76.136	5.123.111.16	180.233.123.221
118.173.203.124	180.214.236.70	219.131.60.198	147.50.12.218
45.74.156.16	43.250.158.88	42.113.203.18	188.169.45.223