111.231.54.248

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: Shenzhen Tencent Computer Systems Company Limited

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jan 13 15:09:14 vmanager6029 sshd\[32148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 user=root Jan 13 15:09:17 vmanager6029 sshd\[32148\]: Failed password for root from 111.231.54.248 port 55896 ssh2 Jan 13 15:11:34 vmanager6029 sshd\[32270\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 user=root	2020-01-13 22:17:21
attackbotsspam	Invalid user glymph from 111.231.54.248 port 52035	2019-12-28 21:38:15
attack	Dec 26 11:02:53 web9 sshd\[766\]: Invalid user seroka from 111.231.54.248 Dec 26 11:02:53 web9 sshd\[766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Dec 26 11:02:55 web9 sshd\[766\]: Failed password for invalid user seroka from 111.231.54.248 port 60935 ssh2 Dec 26 11:06:22 web9 sshd\[1356\]: Invalid user erdal from 111.231.54.248 Dec 26 11:06:22 web9 sshd\[1356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248	2019-12-27 06:23:25
attackspambots	Invalid user dirpi from 111.231.54.248 port 43727 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Failed password for invalid user dirpi from 111.231.54.248 port 43727 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 user=bin Failed password for bin from 111.231.54.248 port 43081 ssh2	2019-12-15 22:12:06
attack	Dec 15 01:37:16 server sshd\[14484\]: Invalid user webftp from 111.231.54.248 Dec 15 01:37:16 server sshd\[14484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Dec 15 01:37:18 server sshd\[14484\]: Failed password for invalid user webftp from 111.231.54.248 port 41027 ssh2 Dec 15 01:51:35 server sshd\[18749\]: Invalid user gangitano from 111.231.54.248 Dec 15 01:51:35 server sshd\[18749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 ...	2019-12-15 07:52:10
attackbots	Dec 8 09:11:41 microserver sshd[35854]: Invalid user colnago from 111.231.54.248 port 58048 Dec 8 09:11:41 microserver sshd[35854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Dec 8 09:11:44 microserver sshd[35854]: Failed password for invalid user colnago from 111.231.54.248 port 58048 ssh2 Dec 8 09:17:18 microserver sshd[36620]: Invalid user gap from 111.231.54.248 port 56669 Dec 8 09:17:18 microserver sshd[36620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Dec 8 09:28:19 microserver sshd[38272]: Invalid user passwd777 from 111.231.54.248 port 54659 Dec 8 09:28:19 microserver sshd[38272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Dec 8 09:28:21 microserver sshd[38272]: Failed password for invalid user passwd777 from 111.231.54.248 port 54659 ssh2 Dec 8 09:34:08 microserver sshd[39074]: Invalid user userpass from 111.231.5	2019-12-08 21:21:36
attackbots	Dec 4 20:12:56 Ubuntu-1404-trusty-64-minimal sshd\[23707\]: Invalid user ident from 111.231.54.248 Dec 4 20:12:56 Ubuntu-1404-trusty-64-minimal sshd\[23707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Dec 4 20:12:58 Ubuntu-1404-trusty-64-minimal sshd\[23707\]: Failed password for invalid user ident from 111.231.54.248 port 58253 ssh2 Dec 4 20:24:57 Ubuntu-1404-trusty-64-minimal sshd\[2797\]: Invalid user fogstad from 111.231.54.248 Dec 4 20:24:57 Ubuntu-1404-trusty-64-minimal sshd\[2797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248	2019-12-05 06:43:28
attackspam	F2B jail: sshd. Time: 2019-11-17 15:45:59, Reported by: VKReport	2019-11-17 22:51:31
attackbotsspam	Nov 9 01:41:35 dedicated sshd[10790]: Invalid user agus123 from 111.231.54.248 port 39938	2019-11-09 08:54:12
attackspambots	Oct 22 06:48:05 site2 sshd\[38808\]: Invalid user uwsgi from 111.231.54.248Oct 22 06:48:07 site2 sshd\[38808\]: Failed password for invalid user uwsgi from 111.231.54.248 port 36756 ssh2Oct 22 06:52:38 site2 sshd\[38889\]: Failed password for root from 111.231.54.248 port 55425 ssh2Oct 22 06:56:48 site2 sshd\[38986\]: Invalid user ark from 111.231.54.248Oct 22 06:56:49 site2 sshd\[38986\]: Failed password for invalid user ark from 111.231.54.248 port 45934 ssh2 ...	2019-10-22 13:25:17
attackbotsspam	Oct 11 17:38:35 meumeu sshd[4739]: Failed password for root from 111.231.54.248 port 37532 ssh2 Oct 11 17:43:30 meumeu sshd[5785]: Failed password for root from 111.231.54.248 port 54811 ssh2 ...	2019-10-12 12:31:49
attack	Jun 19 18:30:19 ubuntu sshd[20261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Jun 19 18:30:21 ubuntu sshd[20261]: Failed password for invalid user zuan from 111.231.54.248 port 34968 ssh2 Jun 19 18:31:19 ubuntu sshd[20286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248	2019-10-08 16:51:20
attack	Sep 30 07:57:51 lnxmysql61 sshd[1941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248	2019-09-30 16:44:38
attackspambots	Sep 23 14:09:54 plusreed sshd[5981]: Invalid user nancys from 111.231.54.248 ...	2019-09-24 03:37:31
attack	Sep 23 01:38:12 lnxded63 sshd[15836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248	2019-09-23 08:53:08
attackspambots	Invalid user administrator from 111.231.54.248 port 49300	2019-09-22 08:48:46
attackspam	detected by Fail2Ban	2019-09-14 04:43:09
attackspambots	Sep 7 07:01:08 mail sshd\[24265\]: Failed password for invalid user user from 111.231.54.248 port 46776 ssh2 Sep 7 07:05:35 mail sshd\[24632\]: Invalid user user from 111.231.54.248 port 39255 Sep 7 07:05:35 mail sshd\[24632\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Sep 7 07:05:37 mail sshd\[24632\]: Failed password for invalid user user from 111.231.54.248 port 39255 ssh2 Sep 7 07:10:12 mail sshd\[25181\]: Invalid user test from 111.231.54.248 port 60469	2019-09-07 13:19:06
attack	Sep 1 09:18:38 lcdev sshd\[16037\]: Invalid user admin from 111.231.54.248 Sep 1 09:18:38 lcdev sshd\[16037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Sep 1 09:18:40 lcdev sshd\[16037\]: Failed password for invalid user admin from 111.231.54.248 port 46543 ssh2 Sep 1 09:23:00 lcdev sshd\[16385\]: Invalid user munich from 111.231.54.248 Sep 1 09:23:00 lcdev sshd\[16385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248	2019-09-02 03:25:21
attack	Aug 12 07:14:01 debian sshd\[516\]: Invalid user student from 111.231.54.248 port 52209 Aug 12 07:14:01 debian sshd\[516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 ...	2019-08-12 16:45:55
attackspam	Aug 1 00:54:45 mail sshd\[22533\]: Invalid user skywalkr from 111.231.54.248 port 57398 Aug 1 00:54:45 mail sshd\[22533\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 ...	2019-08-01 09:14:32
attack	Jul 22 05:14:46 dedicated sshd[16985]: Invalid user national from 111.231.54.248 port 42037	2019-07-22 11:23:29
attackbots	Jul 8 01:03:38 dev0-dcde-rnet sshd[10371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248 Jul 8 01:03:40 dev0-dcde-rnet sshd[10371]: Failed password for invalid user pa from 111.231.54.248 port 59484 ssh2 Jul 8 01:05:42 dev0-dcde-rnet sshd[10373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.248	2019-07-08 10:39:16
attack	Jul 1 23:04:06 *** sshd[25342]: Invalid user berline from 111.231.54.248	2019-07-02 11:03:30
attackspam	ssh failed login	2019-06-30 01:51:29

Comments on same subnet:

IP	Type	Details	Datetime
111.231.54.212	attack	Sep 1 07:00:18 dignus sshd[32373]: Failed password for invalid user al from 111.231.54.212 port 45720 ssh2 Sep 1 07:05:19 dignus sshd[610]: Invalid user linaro from 111.231.54.212 port 41084 Sep 1 07:05:19 dignus sshd[610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.212 Sep 1 07:05:21 dignus sshd[610]: Failed password for invalid user linaro from 111.231.54.212 port 41084 ssh2 Sep 1 07:10:18 dignus sshd[1407]: Invalid user ftp from 111.231.54.212 port 36450 ...	2020-09-02 03:45:22
111.231.54.33	attack	prod6 ...	2020-08-29 04:45:22
111.231.54.33	attackbots	Invalid user zhouying from 111.231.54.33 port 46206	2020-08-28 19:26:18
111.231.54.33	attackspambots	Aug 26 12:49:49 rancher-0 sshd[1283751]: Invalid user hadoop from 111.231.54.33 port 60106 ...	2020-08-26 20:20:28
111.231.54.33	attack	Invalid user zhouying from 111.231.54.33 port 46206	2020-08-25 16:35:50
111.231.54.212	attackspambots	Input Traffic from this IP, but critial abuseconfidencescore	2020-08-23 23:19:26
111.231.54.33	attackbotsspam	Total attacks: 2	2020-08-19 13:25:23
111.231.54.33	attackbotsspam	Aug 4 23:12:31 ns3164893 sshd[18869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.33 user=root Aug 4 23:12:33 ns3164893 sshd[18869]: Failed password for root from 111.231.54.33 port 51456 ssh2 ...	2020-08-05 06:32:47
111.231.54.212	attack	" "	2020-07-31 01:05:06
111.231.54.212	attack	Jul 29 22:25:43 vps647732 sshd[4087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.212 Jul 29 22:25:44 vps647732 sshd[4087]: Failed password for invalid user andrey from 111.231.54.212 port 46792 ssh2 ...	2020-07-30 07:29:25
111.231.54.212	attackbots	SSH Brute-Force reported by Fail2Ban	2020-07-15 06:27:55
111.231.54.212	attack	2020-07-14T07:02:38.664936vps751288.ovh.net sshd\[24280\]: Invalid user admin from 111.231.54.212 port 36510 2020-07-14T07:02:38.675760vps751288.ovh.net sshd\[24280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.212 2020-07-14T07:02:40.393165vps751288.ovh.net sshd\[24280\]: Failed password for invalid user admin from 111.231.54.212 port 36510 ssh2 2020-07-14T07:06:03.335092vps751288.ovh.net sshd\[24284\]: Invalid user mp3 from 111.231.54.212 port 47318 2020-07-14T07:06:03.343107vps751288.ovh.net sshd\[24284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.212	2020-07-14 15:26:11
111.231.54.28	attack	Jul 8 15:23:23 [host] sshd[16608]: Invalid user w Jul 8 15:23:23 [host] sshd[16608]: pam_unix(sshd: Jul 8 15:23:25 [host] sshd[16608]: Failed passwor	2020-07-09 00:56:58
111.231.54.28	attackbotsspam	Jul 6 13:04:08 lnxmysql61 sshd[8044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.28 Jul 6 13:04:08 lnxmysql61 sshd[8044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.28	2020-07-06 19:12:39
111.231.54.28	attackspambots	Jul 4 01:09:55 rush sshd[2523]: Failed password for root from 111.231.54.28 port 57848 ssh2 Jul 4 01:13:18 rush sshd[2564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.54.28 Jul 4 01:13:21 rush sshd[2564]: Failed password for invalid user gyc from 111.231.54.28 port 41088 ssh2 ...	2020-07-04 09:38:48

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.231.54.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50441
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.231.54.248.			IN	A

;; AUTHORITY SECTION:
.			1053	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040601 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 09:37:35 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 248.54.231.111.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 248.54.231.111.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
107.23.165.61	attackbots	Jun 29 18:46:59 mout sshd[8631]: Connection closed by 107.23.165.61 port 35862 [preauth]	2020-06-30 03:18:04
139.198.121.63	attackspambots	Jun 29 19:08:00 lnxweb62 sshd[8314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.121.63 Jun 29 19:08:00 lnxweb62 sshd[8314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.121.63	2020-06-30 02:50:23
111.93.200.50	attackspam	Jun 29 19:38:05 vmd48417 sshd[11810]: Failed password for root from 111.93.200.50 port 57653 ssh2	2020-06-30 03:11:35
207.172.210.238	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-06-30 03:22:01
180.244.164.47	attack	1593428787 - 06/29/2020 13:06:27 Host: 180.244.164.47/180.244.164.47 Port: 445 TCP Blocked	2020-06-30 03:24:42
81.30.192.250	attackbotsspam	Spam relay	2020-06-30 03:19:04
177.207.63.30	attackbots	Jun 29 19:44:04 lnxded63 sshd[23199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.207.63.30	2020-06-30 03:25:55
106.13.19.75	attackbotsspam	SSH Brute-Force attacks	2020-06-30 03:15:39
90.201.8.142	attack	[29/Jun/2020 x@x [29/Jun/2020 x@x [29/Jun/2020 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=90.201.8.142	2020-06-30 03:23:54
182.61.44.177	attackbotsspam	Jun 29 20:03:13 srv sshd[25549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.44.177	2020-06-30 03:09:49
46.214.141.130	attackspambots	Attempt to log in with non-existing username: admin	2020-06-30 03:09:20
117.139.166.27	attackbots	$f2bV_matches	2020-06-30 02:49:09
142.93.112.41	attack	TCP (SYN) 142.93.112.41:50834 -> port 28358, len 44	2020-06-30 03:17:40
216.144.248.186	attackbotsspam	Automatic report - Port Scan	2020-06-30 03:08:44
222.186.42.136	attackbotsspam	Jun 30 04:51:24 localhost sshd[1462359]: Disconnected from 222.186.42.136 port 25539 [preauth] ...	2020-06-30 02:54:22

Recently Reported IPs

14.17.3.64	58.87.75.178	14.243.20.39	103.25.192.126
65.254.28.206	46.190.84.11	14.163.46.245	24.224.217.149
188.168.24.228	149.56.100.153	179.241.197.121	148.70.63.10
94.23.204.136	14.162.62.151	105.233.234.226	202.131.227.60
120.188.66.56	31.17.254.27	181.42.148.44	123.21.76.167