113.54.159.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: UESTC at Qingshuihe

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2019-11-10T17:32:29.484695scmdmz1 sshd\[15495\]: Invalid user yang from 113.54.159.55 port 54332 2019-11-10T17:32:29.487414scmdmz1 sshd\[15495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 2019-11-10T17:32:31.647371scmdmz1 sshd\[15495\]: Failed password for invalid user yang from 113.54.159.55 port 54332 ssh2 ...	2019-11-11 05:20:16
attackbots	2019-11-10T16:59:39.526103scmdmz1 sshd\[12645\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 user=root 2019-11-10T16:59:41.571090scmdmz1 sshd\[12645\]: Failed password for root from 113.54.159.55 port 57134 ssh2 2019-11-10T17:04:34.797438scmdmz1 sshd\[13094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 user=root ...	2019-11-11 00:07:35
attackspambots	Nov 8 17:32:43 MK-Soft-VM4 sshd[1821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 Nov 8 17:32:44 MK-Soft-VM4 sshd[1821]: Failed password for invalid user qq123456 from 113.54.159.55 port 57720 ssh2 ...	2019-11-09 05:40:35
attackspambots	2019-10-27T06:01:17.196602scmdmz1 sshd\[18629\]: Invalid user jake from 113.54.159.55 port 33042 2019-10-27T06:01:17.199495scmdmz1 sshd\[18629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 2019-10-27T06:01:19.296996scmdmz1 sshd\[18629\]: Failed password for invalid user jake from 113.54.159.55 port 33042 ssh2 ...	2019-10-27 15:18:17
attack	Sep 27 13:58:56 game-panel sshd[9967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 Sep 27 13:58:58 game-panel sshd[9967]: Failed password for invalid user ftpuser1 from 113.54.159.55 port 39344 ssh2 Sep 27 14:03:14 game-panel sshd[10119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55	2019-09-28 03:30:53
attackbotsspam	$f2bV_matches	2019-08-31 06:18:41
attackspam	Aug 27 20:09:56 hcbb sshd\[32228\]: Invalid user zl from 113.54.159.55 Aug 27 20:09:56 hcbb sshd\[32228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55 Aug 27 20:09:58 hcbb sshd\[32228\]: Failed password for invalid user zl from 113.54.159.55 port 57620 ssh2 Aug 27 20:15:27 hcbb sshd\[32701\]: Invalid user mediax from 113.54.159.55 Aug 27 20:15:27 hcbb sshd\[32701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.54.159.55	2019-08-28 14:20:49
attack	Invalid user tester from 113.54.159.55 port 36088	2019-08-23 13:57:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.54.159.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12394
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.54.159.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 23 13:57:51 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 55.159.54.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 55.159.54.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.59.38	attackbotsspam	Apr 8 08:09:12 OPSO sshd\[24594\]: Invalid user user1 from 159.203.59.38 port 59762 Apr 8 08:09:12 OPSO sshd\[24594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.59.38 Apr 8 08:09:14 OPSO sshd\[24594\]: Failed password for invalid user user1 from 159.203.59.38 port 59762 ssh2 Apr 8 08:14:25 OPSO sshd\[26273\]: Invalid user postgres from 159.203.59.38 port 40268 Apr 8 08:14:25 OPSO sshd\[26273\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.59.38	2020-04-08 14:26:44
46.38.145.6	attack	Apr 8 07:41:09 mail postfix/smtpd\[15308\]: warning: unknown\[46.38.145.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 8 07:42:18 mail postfix/smtpd\[15308\]: warning: unknown\[46.38.145.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 8 08:12:41 mail postfix/smtpd\[15803\]: warning: unknown\[46.38.145.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 8 08:13:54 mail postfix/smtpd\[15803\]: warning: unknown\[46.38.145.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-04-08 14:25:41
192.162.70.66	attackbots	Brute-force attempt banned	2020-04-08 13:57:47
106.54.83.152	attackbotsspam	SSH Brute Force	2020-04-08 14:07:14
80.229.8.61	attackspambots	Bruteforce detected by fail2ban	2020-04-08 13:58:19
49.76.148.94	attackspambots	ssh intrusion attempt	2020-04-08 13:49:16
45.227.255.149	attack	45.227.255.149 - - [08/Apr/2020:06:58:42 +0300] "GET /wp-json/oembed/1.0/embed?url=1209 HTTP/1.0" 404 608 "-" "Opera/9.63 (X11; FreeBSD 7.1-RELEASE i386; U; en) Presto/2.1.1" 45.227.255.149 - - [08/Apr/2020:06:58:43 +0300] "GET /wp-json/oembed/1.0/embed?url=5145 HTTP/1.0" 404 608 "-" "Opera/9.63 (X11; FreeBSD 7.1-RELEASE i386; U; en) Presto/2.1.1" 45.227.255.149 - - [08/Apr/2020:06:58:43 +0300] "GET /wp-json/oembed/1.0/embed?url=https%3A%2F%2Fkirazdiyari.com%2Fblog%2F.%22%27%28%27%29.%22%22%27 HTTP/1.0" 404 608 "-" "Opera/9.63 (X11; FreeBSD 7.1-RELEASE i386; U; en) Presto/2.1.1" 45.227.255.149 - - [08/Apr/2020:06:58:45 +0300] "GET /wp-json/oembed/1.0/embed?url=https%3A%2F%2Fkirazdiyari.com%2Fblog%2F%29%20AND%208427%3D9328%20AND%20%281058%3D1058 HTTP/1.0" 404 764 "-" "Opera/9.63 (X11; FreeBSD 7.1-RELEASE i386; U; en) Presto/2.1.1" 45.227.255.149 - - [08/Apr/2020:06:58:46 +0300] "GET /wp-json/oembed/1.0/embed?url=https%3A%2F%2Fkirazdiyari.com%2Fblog%2F%29%20AND%201761%3D1761%20AND%20%286 ...	2020-04-08 13:49:42
80.244.179.6	attackbotsspam	2020-04-08T04:41:23.685733shield sshd\[13133\]: Invalid user postgres from 80.244.179.6 port 46600 2020-04-08T04:41:23.689388shield sshd\[13133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=school.asazs.co.uk 2020-04-08T04:41:25.501945shield sshd\[13133\]: Failed password for invalid user postgres from 80.244.179.6 port 46600 ssh2 2020-04-08T04:44:42.162112shield sshd\[13743\]: Invalid user professor from 80.244.179.6 port 45466 2020-04-08T04:44:42.165602shield sshd\[13743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=school.asazs.co.uk	2020-04-08 13:58:54
66.33.212.10	attackbots	66.33.212.10 - - [08/Apr/2020:05:58:36 +0200] "GET /wp-login.php HTTP/1.1" 200 5879 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.33.212.10 - - [08/Apr/2020:05:58:37 +0200] "POST /wp-login.php HTTP/1.1" 200 6778 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.33.212.10 - - [08/Apr/2020:05:58:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-08 13:59:13
31.44.247.180	attackbotsspam	Apr 8 08:24:27 server sshd\[3796\]: Invalid user weblogic from 31.44.247.180 Apr 8 08:24:27 server sshd\[3796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.44.247.180 Apr 8 08:24:29 server sshd\[3796\]: Failed password for invalid user weblogic from 31.44.247.180 port 57937 ssh2 Apr 8 08:28:50 server sshd\[4784\]: Invalid user user from 31.44.247.180 Apr 8 08:28:50 server sshd\[4784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.44.247.180 ...	2020-04-08 14:21:05
218.92.0.207	attack	2020-04-08T03:55:16.986292abusebot-8.cloudsearch.cf sshd[27157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-04-08T03:55:19.600930abusebot-8.cloudsearch.cf sshd[27157]: Failed password for root from 218.92.0.207 port 40111 ssh2 2020-04-08T03:55:22.506676abusebot-8.cloudsearch.cf sshd[27157]: Failed password for root from 218.92.0.207 port 40111 ssh2 2020-04-08T03:55:16.986292abusebot-8.cloudsearch.cf sshd[27157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-04-08T03:55:19.600930abusebot-8.cloudsearch.cf sshd[27157]: Failed password for root from 218.92.0.207 port 40111 ssh2 2020-04-08T03:55:22.506676abusebot-8.cloudsearch.cf sshd[27157]: Failed password for root from 218.92.0.207 port 40111 ssh2 2020-04-08T03:55:16.986292abusebot-8.cloudsearch.cf sshd[27157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rho ...	2020-04-08 14:24:27
111.20.68.38	attackbots	$f2bV_matches	2020-04-08 14:03:52
122.228.19.80	attackspambots	Port 16993 scan denied	2020-04-08 14:31:24
133.242.53.108	attack	Wordpress malicious attack:[sshd]	2020-04-08 14:05:36
176.31.191.173	attackbotsspam	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-04-08 14:26:20

Recently Reported IPs

66.92.101.76	89.211.119.145	77.188.132.196	11.64.170.23
42.114.181.59	42.112.239.127	223.1.61.79	223.217.107.198
13.94.41.150	219.159.239.77	218.248.4.14	104.114.94.78
51.77.141.209	183.88.217.60	162.4.93.220	139.221.103.126
209.195.74.162	154.85.115.64	105.127.249.0	140.40.226.18