124.156.55.214

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 124.156.55.214 to port 6668 [J]	2020-01-29 04:54:31
attackbots	Unauthorized connection attempt detected from IP address 124.156.55.214 to port 5357 [J]	2020-01-23 14:02:27
attackbotsspam	Unauthorized connection attempt detected from IP address 124.156.55.214 to port 8006 [J]	2020-01-16 07:59:50
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-21 23:39:46
attackbotsspam	firewall-block, port(s): 443/tcp	2019-08-28 04:17:59
attackspambots	6060/tcp 1432/tcp 10030/tcp... [2019-07-14/08-23]8pkt,8pt.(tcp)	2019-08-24 06:00:01

Comments on same subnet:

IP	Type	Details	Datetime
124.156.55.181	attackspambots	623/tcp 25000/tcp 5986/tcp... [2020-08-13/10-07]9pkt,9pt.(tcp)	2020-10-09 03:19:36
124.156.55.181	attack	623/tcp 25000/tcp 5986/tcp... [2020-08-13/10-07]9pkt,9pt.(tcp)	2020-10-08 19:24:06
124.156.55.167	attack	Fail2Ban Ban Triggered	2020-09-29 00:24:24
124.156.55.167	attackbotsspam	Fail2Ban Ban Triggered	2020-09-28 16:26:20
124.156.55.21	attackbots	TCP (SYN) 124.156.55.21:53865 -> port 8085, len 44	2020-09-21 02:29:44
124.156.55.21	attackspam	Found on CINS badguys / proto=17 . srcport=55865 . dstport=161 . (2282)	2020-09-20 18:30:34
124.156.55.107	attack	TCP (SYN) 124.156.55.107:45365 -> port 1098, len 44	2020-09-13 20:09:08
124.156.55.107	attack	[Sun Sep 06 16:40:46 2020] - DDoS Attack From IP: 124.156.55.107 Port: 48380	2020-09-13 12:01:58
124.156.55.107	attackspambots	firewall-block, port(s): 88/udp	2020-09-13 03:51:44
124.156.55.20	attackbotsspam	port scan and connect, tcp 143 (imap)	2020-09-07 22:25:32
124.156.55.20	attackbots	port scan and connect, tcp 143 (imap)	2020-09-07 14:07:30
124.156.55.20	attackbots	port scan and connect, tcp 143 (imap)	2020-09-07 06:40:50
124.156.55.21	attack	8881/tcp 16992/tcp 7145/tcp... [2020-07-06/08-13]7pkt,6pt.(tcp),1pt.(udp)	2020-08-14 18:39:35
124.156.55.167	attackspambots	[Thu Jul 02 12:49:19 2020] - DDoS Attack From IP: 124.156.55.167 Port: 46640	2020-08-12 01:56:01
124.156.55.222	attackspam	Unauthorized connection attempt detected from IP address 124.156.55.222 to port 389	2020-07-25 21:23:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.156.55.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28389
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.156.55.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082301 1800 900 604800 86400

;; Query time: 241 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 24 05:59:56 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 214.55.156.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 214.55.156.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.40.235.233	attackbotsspam	2019-08-28T05:01:19.166574abusebot-5.cloudsearch.cf sshd\[16364\]: Invalid user franklin from 103.40.235.233 port 49452	2019-08-28 13:59:31
154.66.113.78	attackspam	Aug 28 04:28:11 MK-Soft-VM3 sshd\[12431\]: Invalid user shootmania from 154.66.113.78 port 37722 Aug 28 04:28:11 MK-Soft-VM3 sshd\[12431\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.66.113.78 Aug 28 04:28:13 MK-Soft-VM3 sshd\[12431\]: Failed password for invalid user shootmania from 154.66.113.78 port 37722 ssh2 ...	2019-08-28 14:03:21
170.0.125.58	attackbots	Lines containing failures of 170.0.125.58 Aug 26 00:23:06 hwd03 postfix/smtpd[28851]: connect from 58-125-0-170.castelecom.com.br[170.0.125.58] Aug x@x Aug x@x Aug x@x Aug 26 00:23:12 hwd03 postfix/smtpd[28851]: lost connection after RCPT from 58-125-0-170.castelecom.com.br[170.0.125.58] Aug 26 00:23:12 hwd03 postfix/smtpd[28851]: disconnect from 58-125-0-170.castelecom.com.br[170.0.125.58] ehlo=1 mail=1 rcpt=0/3 commands=2/5 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=170.0.125.58	2019-08-28 13:55:36
51.75.25.164	attackspam	Invalid user adminit from 51.75.25.164 port 50874	2019-08-28 14:10:53
91.121.155.226	attackspam	2019-08-28T05:58:49.630813abusebot-6.cloudsearch.cf sshd\[30850\]: Invalid user m from 91.121.155.226 port 58239	2019-08-28 14:05:53
94.23.198.73	attackspam	Aug 28 08:30:42 srv-4 sshd\[22058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.198.73 user=root Aug 28 08:30:44 srv-4 sshd\[22058\]: Failed password for root from 94.23.198.73 port 54906 ssh2 Aug 28 08:39:42 srv-4 sshd\[22939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.198.73 user=ftp ...	2019-08-28 14:16:28
209.97.142.250	attackbotsspam	Aug 28 09:34:23 pkdns2 sshd\[48045\]: Invalid user alberto from 209.97.142.250Aug 28 09:34:25 pkdns2 sshd\[48045\]: Failed password for invalid user alberto from 209.97.142.250 port 60058 ssh2Aug 28 09:38:21 pkdns2 sshd\[48222\]: Invalid user t from 209.97.142.250Aug 28 09:38:23 pkdns2 sshd\[48222\]: Failed password for invalid user t from 209.97.142.250 port 47252 ssh2Aug 28 09:42:14 pkdns2 sshd\[48419\]: Invalid user piccatravel from 209.97.142.250Aug 28 09:42:16 pkdns2 sshd\[48419\]: Failed password for invalid user piccatravel from 209.97.142.250 port 34446 ssh2 ...	2019-08-28 14:49:32
103.244.205.70	attackspam	Aug 26 00:06:33 mxgate1 postfix/postscreen[30855]: CONNECT from [103.244.205.70]:53812 to [176.31.12.44]:25 Aug 26 00:06:33 mxgate1 postfix/dnsblog[30859]: addr 103.244.205.70 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 26 00:06:33 mxgate1 postfix/dnsblog[30859]: addr 103.244.205.70 listed by domain zen.spamhaus.org as 127.0.0.3 Aug 26 00:06:33 mxgate1 postfix/dnsblog[30860]: addr 103.244.205.70 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 26 00:06:33 mxgate1 postfix/dnsblog[30856]: addr 103.244.205.70 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Aug 26 00:06:33 mxgate1 postfix/dnsblog[30858]: addr 103.244.205.70 listed by domain bl.spamcop.net as 127.0.0.2 Aug 26 00:06:34 mxgate1 postfix/postscreen[30855]: PREGREET 21 after 0.6 from [103.244.205.70]:53812: EHLO livecolours.hostname Aug 26 00:06:34 mxgate1 postfix/postscreen[30855]: DNSBL rank 5 for [103.244.205.70]:53812 Aug x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.244.205.7	2019-08-28 13:52:48
159.65.236.58	attack	Aug 28 06:00:21 localhost sshd\[54981\]: Invalid user user from 159.65.236.58 port 43344 Aug 28 06:00:21 localhost sshd\[54981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.236.58 Aug 28 06:00:23 localhost sshd\[54981\]: Failed password for invalid user user from 159.65.236.58 port 43344 ssh2 Aug 28 06:06:44 localhost sshd\[55171\]: Invalid user clamav from 159.65.236.58 port 58668 Aug 28 06:06:44 localhost sshd\[55171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.236.58 ...	2019-08-28 14:22:09
49.50.64.221	attack	Aug 27 20:18:35 web9 sshd\[17230\]: Invalid user ubuntu from 49.50.64.221 Aug 27 20:18:35 web9 sshd\[17230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.50.64.221 Aug 27 20:18:38 web9 sshd\[17230\]: Failed password for invalid user ubuntu from 49.50.64.221 port 58638 ssh2 Aug 27 20:24:21 web9 sshd\[18328\]: Invalid user elbe from 49.50.64.221 Aug 27 20:24:21 web9 sshd\[18328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.50.64.221	2019-08-28 14:26:36
202.40.177.6	attackspambots	Aug 28 07:42:27 legacy sshd[17629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.40.177.6 Aug 28 07:42:29 legacy sshd[17629]: Failed password for invalid user kylix from 202.40.177.6 port 54556 ssh2 Aug 28 07:47:26 legacy sshd[17833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.40.177.6 ...	2019-08-28 14:02:55
119.29.170.170	attackspam	Aug 27 20:41:00 lcdev sshd\[26567\]: Invalid user cognos from 119.29.170.170 Aug 27 20:41:00 lcdev sshd\[26567\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.170.170 Aug 27 20:41:02 lcdev sshd\[26567\]: Failed password for invalid user cognos from 119.29.170.170 port 34576 ssh2 Aug 27 20:47:38 lcdev sshd\[27225\]: Invalid user topic from 119.29.170.170 Aug 27 20:47:38 lcdev sshd\[27225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.170.170	2019-08-28 14:50:52
218.186.168.135	attackbotsspam	2019-08-27 23:17:35 H=(ns1.zackeruz.tk) [218.186.168.135]:44410 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11) (https://www.spamhaus.org/query/ip/218.186.168.135) 2019-08-27 23:17:46 H=(ns1.zackeruz.tk) [218.186.168.135]:45130 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11) (https://www.spamhaus.org/query/ip/218.186.168.135) 2019-08-27 23:28:21 H=(ns1.zackeruz.tk) [218.186.168.135]:56274 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11) (https://www.spamhaus.org/query/ip/218.186.168.135) ...	2019-08-28 14:01:10
165.22.128.115	attackspambots	Aug 27 20:41:48 php2 sshd\[8520\]: Invalid user robin from 165.22.128.115 Aug 27 20:41:48 php2 sshd\[8520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.128.115 Aug 27 20:41:50 php2 sshd\[8520\]: Failed password for invalid user robin from 165.22.128.115 port 33042 ssh2 Aug 27 20:46:05 php2 sshd\[8950\]: Invalid user hlb from 165.22.128.115 Aug 27 20:46:05 php2 sshd\[8950\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.128.115	2019-08-28 14:48:04
104.224.162.238	attackbots	Aug 27 19:58:28 web1 sshd\[19606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.224.162.238 user=mysql Aug 27 19:58:30 web1 sshd\[19606\]: Failed password for mysql from 104.224.162.238 port 33470 ssh2 Aug 27 20:03:24 web1 sshd\[20071\]: Invalid user oracle from 104.224.162.238 Aug 27 20:03:24 web1 sshd\[20071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.224.162.238 Aug 27 20:03:26 web1 sshd\[20071\]: Failed password for invalid user oracle from 104.224.162.238 port 50606 ssh2	2019-08-28 14:08:29

Recently Reported IPs

206.81.29.166	103.35.171.46	127.239.85.167	161.62.199.35
36.12.189.139	22.13.95.13	35.150.53.253	84.155.53.213
252.108.185.150	7.254.94.242	184.214.63.225	184.144.0.156
176.110.249.162	31.251.15.207	26.250.247.111	119.176.182.20
125.236.214.222	72.10.38.81	160.128.254.254	13.57.201.35