159.138.56.234

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.138.56.188	attack	Invalid user edu from 159.138.56.188 port 43354	2019-06-25 03:13:17
159.138.56.188	attackspambots	Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Failed password for invalid user lue from 159.138.56.188 port 53182 ssh2 Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Received disconnect from 159.138.56.188 port 53182:11: Bye Bye [preauth] Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Disconnected from 159.138.56.188 port 53182 [preauth] Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Invalid user mm3 from 159.138.56.188 port 54954 Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Failed password for invalid user mm3 from 159.138.56.188 port 54954 ssh2 Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Received disconnect from 159.138.56.188 port 54954:11: Bye Bye [preauth] Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Disconnected from 159.138.56.188 port 54954 [preauth] Jun 21 12:36:46 Aberdeen-m4-Access auth.info sshd[11879]: Invalid user arma2 from 159.138.56.188 port 58498 Jun 21 12:36:46 Aberdee........ ------------------------------	2019-06-22 05:28:43

Type

Details

Datetime

159.138.56.188

attack

Invalid user edu from 159.138.56.188 port 43354

2019-06-25 03:13:17

159.138.56.188

attackspambots

Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Failed password for invalid user lue from 159.138.56.188 port 53182 ssh2
Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Received disconnect from 159.138.56.188 port 53182:11: Bye Bye [preauth]
Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Disconnected from 159.138.56.188 port 53182 [preauth]
Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Invalid user mm3 from 159.138.56.188 port 54954
Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Failed password for invalid user mm3 from 159.138.56.188 port 54954 ssh2
Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Received disconnect from 159.138.56.188 port 54954:11: Bye Bye [preauth]
Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Disconnected from 159.138.56.188 port 54954 [preauth]
Jun 21 12:36:46 Aberdeen-m4-Access auth.info sshd[11879]: Invalid user arma2 from 159.138.56.188 port 58498
Jun 21 12:36:46 Aberdee........
------------------------------

2019-06-22 05:28:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.56.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22732
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.138.56.234.			IN	A

;; AUTHORITY SECTION:
.			411	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 13:36:38 CST 2022
;; MSG SIZE  rcvd: 107

Host info

234.56.138.159.in-addr.arpa domain name pointer ecs-159-138-56-234.compute.hwclouds-dns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
234.56.138.159.in-addr.arpa	name = ecs-159-138-56-234.compute.hwclouds-dns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.8	attackbots	Dec 18 17:23:31 icinga sshd[23184]: Failed password for root from 222.186.180.8 port 12816 ssh2 Dec 18 17:23:45 icinga sshd[23184]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 12816 ssh2 [preauth] ...	2019-12-19 00:24:33
123.27.191.29	attackbots	Unauthorized connection attempt detected from IP address 123.27.191.29 to port 445	2019-12-19 00:23:28
14.116.253.142	attack	Dec 18 16:23:59 Ubuntu-1404-trusty-64-minimal sshd\[12309\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.116.253.142 user=nobody Dec 18 16:24:00 Ubuntu-1404-trusty-64-minimal sshd\[12309\]: Failed password for nobody from 14.116.253.142 port 54900 ssh2 Dec 18 16:39:00 Ubuntu-1404-trusty-64-minimal sshd\[26594\]: Invalid user tanino from 14.116.253.142 Dec 18 16:39:00 Ubuntu-1404-trusty-64-minimal sshd\[26594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.116.253.142 Dec 18 16:39:01 Ubuntu-1404-trusty-64-minimal sshd\[26594\]: Failed password for invalid user tanino from 14.116.253.142 port 38401 ssh2	2019-12-19 00:18:07
45.55.80.186	attack	Triggered by Fail2Ban at Vostok web server	2019-12-19 00:13:32
104.131.3.165	attackbots	SS1,DEF GET /wp-login.php	2019-12-19 00:09:28
134.209.81.60	attackspam	2019-12-18T16:06:05.034524shield sshd\[26055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.81.60 user=root 2019-12-18T16:06:06.917752shield sshd\[26055\]: Failed password for root from 134.209.81.60 port 42368 ssh2 2019-12-18T16:11:22.283739shield sshd\[27409\]: Invalid user vcsa from 134.209.81.60 port 53040 2019-12-18T16:11:22.290173shield sshd\[27409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.81.60 2019-12-18T16:11:24.690406shield sshd\[27409\]: Failed password for invalid user vcsa from 134.209.81.60 port 53040 ssh2	2019-12-19 00:24:08
91.216.93.70	attack	2019-12-18T15:24:55.387228host3.slimhost.com.ua sshd[1759903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.216.93.70 user=daemon 2019-12-18T15:24:57.964211host3.slimhost.com.ua sshd[1759903]: Failed password for daemon from 91.216.93.70 port 53490 ssh2 2019-12-18T15:33:26.655688host3.slimhost.com.ua sshd[1762764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.216.93.70 user=root 2019-12-18T15:33:29.382162host3.slimhost.com.ua sshd[1762764]: Failed password for root from 91.216.93.70 port 47160 ssh2 2019-12-18T15:38:30.933583host3.slimhost.com.ua sshd[1764172]: Invalid user sanath from 91.216.93.70 port 56688 2019-12-18T15:38:30.939605host3.slimhost.com.ua sshd[1764172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.216.93.70 2019-12-18T15:38:30.933583host3.slimhost.com.ua sshd[1764172]: Invalid user sanath from 91.216.93.70 port 56688 2019-12-18T15: ...	2019-12-19 00:06:45
121.168.115.36	attack	Dec 18 04:53:02 sachi sshd\[16973\]: Invalid user webadmin from 121.168.115.36 Dec 18 04:53:02 sachi sshd\[16973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.168.115.36 Dec 18 04:53:04 sachi sshd\[16973\]: Failed password for invalid user webadmin from 121.168.115.36 port 47430 ssh2 Dec 18 04:59:19 sachi sshd\[17577\]: Invalid user yuuchama from 121.168.115.36 Dec 18 04:59:19 sachi sshd\[17577\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.168.115.36	2019-12-19 00:22:32
123.207.247.237	attack	123.207.247.68 - - [18/Dec/2019:10:49:23 -0500] "GET /TP/public/index.php HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 123.207.247.68 - - [18/Dec/2019:10:49:24 -0500] "GET /TP/html/public/index.php HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 123.207.247.68 - - [18/Dec/2019:10:49:24 -0500] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 123.207.247.68 - - [18/Dec/2019:10:49:24 -0500] "GET /index.php HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 123.207.247.68 - - [18/Dec/2019:10:49:24 -0500] "GET /TP/index.php HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 123.207.247.68 - - [18/Dec/2019:10:49:24 -0500] "GET /html/public/index.php HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 123.207.247.68 - - [18/Dec/2019:10:49:24 -0500] "GET /public/index.php HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 123.207.247.68 - - [18/Dec/2019:10:49:24 -0500] "GET /elrekt.php HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 123.207.247.68 - - [18/Dec/2019:10:49:26 -0500] "GET / HTTP/1.1" 404 143 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"	2019-12-19 00:28:39
106.13.34.212	attackspambots	Oct 27 06:04:51 microserver sshd[65454]: Invalid user from 106.13.34.212 port 41144 Oct 27 06:04:51 microserver sshd[65454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.212 Oct 27 06:04:53 microserver sshd[65454]: Failed password for invalid user from 106.13.34.212 port 41144 ssh2 Oct 27 06:10:07 microserver sshd[1091]: Invalid user cisco from 106.13.34.212 port 49412 Oct 27 06:10:07 microserver sshd[1091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.212 Dec 18 16:24:44 microserver sshd[32760]: Invalid user khyra from 106.13.34.212 port 51578 Dec 18 16:24:44 microserver sshd[32760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.34.212 Dec 18 16:24:46 microserver sshd[32760]: Failed password for invalid user khyra from 106.13.34.212 port 51578 ssh2 Dec 18 16:30:22 microserver sshd[34024]: Invalid user host from 106.13.34.212 port 43216 Dec 18 16:30:22 mi	2019-12-19 00:10:30
128.199.51.52	attack	Dec 18 17:03:52 localhost sshd\[20470\]: Invalid user vcsa from 128.199.51.52 port 56417 Dec 18 17:03:52 localhost sshd\[20470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.51.52 Dec 18 17:03:54 localhost sshd\[20470\]: Failed password for invalid user vcsa from 128.199.51.52 port 56417 ssh2	2019-12-19 00:26:13
159.203.69.48	attackspambots	2019-12-18T16:59:17.602163 sshd[9697]: Invalid user qhsupport from 159.203.69.48 port 41232 2019-12-18T16:59:17.617281 sshd[9697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.69.48 2019-12-18T16:59:17.602163 sshd[9697]: Invalid user qhsupport from 159.203.69.48 port 41232 2019-12-18T16:59:19.822014 sshd[9697]: Failed password for invalid user qhsupport from 159.203.69.48 port 41232 ssh2 2019-12-18T17:04:27.992915 sshd[9863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.69.48 user=mysql 2019-12-18T17:04:30.423581 sshd[9863]: Failed password for mysql from 159.203.69.48 port 49708 ssh2 ...	2019-12-19 00:39:43
5.89.232.197	attackspam	Automatic report - Port Scan Attack	2019-12-19 00:34:32
172.110.30.125	attack	Dec 13 01:45:02 vtv3 sshd[31299]: Failed password for invalid user cicora from 172.110.30.125 port 60476 ssh2 Dec 13 01:53:40 vtv3 sshd[3129]: Failed password for root from 172.110.30.125 port 55846 ssh2 Dec 13 02:09:01 vtv3 sshd[10093]: Failed password for root from 172.110.30.125 port 54216 ssh2 Dec 13 02:14:19 vtv3 sshd[12459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.110.30.125 Dec 13 02:14:21 vtv3 sshd[12459]: Failed password for invalid user shewey from 172.110.30.125 port 35132 ssh2 Dec 13 02:24:48 vtv3 sshd[17250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.110.30.125 Dec 13 02:24:50 vtv3 sshd[17250]: Failed password for invalid user ciesielski from 172.110.30.125 port 52998 ssh2 Dec 13 02:30:04 vtv3 sshd[19629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.110.30.125 Dec 13 02:40:34 vtv3 sshd[25036]: pam_unix(sshd:auth): authentication failure; logname=	2019-12-19 00:02:12
37.211.159.251	attack	Dec 17 18:23:34 riskplan-s sshd[25490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.211.159.251 user=r.r Dec 17 18:23:35 riskplan-s sshd[25490]: Failed password for r.r from 37.211.159.251 port 39754 ssh2 Dec 17 18:23:36 riskplan-s sshd[25490]: Received disconnect from 37.211.159.251: 11: Bye Bye [preauth] Dec 17 18:37:10 riskplan-s sshd[25709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.211.159.251 user=r.r Dec 17 18:37:12 riskplan-s sshd[25709]: Failed password for r.r from 37.211.159.251 port 55170 ssh2 Dec 17 18:37:12 riskplan-s sshd[25709]: Received disconnect from 37.211.159.251: 11: Bye Bye [preauth] Dec 17 18:44:09 riskplan-s sshd[25833]: Invalid user atul from 37.211.159.251 Dec 17 18:44:09 riskplan-s sshd[25833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.211.159.251 Dec 17 18:44:10 riskplan-s sshd[25833]: Failed pas........ -------------------------------	2019-12-19 00:16:02

Recently Reported IPs

159.138.59.74	159.138.6.192	159.138.63.25	159.138.59.237
159.138.84.187	159.138.6.237	159.138.88.70	159.138.91.110
159.140.207.118	159.138.88.1	159.140.38.93	159.140.39.22
159.140.39.23	159.140.7.107	159.140.7.20	159.140.6.121
159.141.130.158	159.142.122.36	159.142.4.194	159.146.18.167