159.192.143.54

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 159.192.143.54 on Port 445(SMB)	2020-08-30 21:27:40

Comments on same subnet:

IP	Type	Details	Datetime
159.192.143.249	attackspam	Invalid user squid from 159.192.143.249 port 54968	2020-09-21 18:06:42
159.192.143.249	attackspam	Sep 19 16:21:39 mail sshd[18354]: Failed password for root from 159.192.143.249 port 54288 ssh2	2020-09-19 22:24:02
159.192.143.249	attack	2020-09-19T07:27:47.463088cyberdyne sshd[522654]: Failed password for invalid user admin from 159.192.143.249 port 32950 ssh2 2020-09-19T07:31:33.318296cyberdyne sshd[524395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root 2020-09-19T07:31:35.640844cyberdyne sshd[524395]: Failed password for root from 159.192.143.249 port 54392 ssh2 2020-09-19T07:33:49.822478cyberdyne sshd[524483]: Invalid user test from 159.192.143.249 port 33262 ...	2020-09-19 14:15:36
159.192.143.249	attack	Sep 19 04:12:27 webhost01 sshd[4664]: Failed password for root from 159.192.143.249 port 37506 ssh2 ...	2020-09-19 05:53:22
159.192.143.249	attack	2020-08-29T11:58:32.657287abusebot-2.cloudsearch.cf sshd[28506]: Invalid user zlj from 159.192.143.249 port 39990 2020-08-29T11:58:32.669383abusebot-2.cloudsearch.cf sshd[28506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 2020-08-29T11:58:32.657287abusebot-2.cloudsearch.cf sshd[28506]: Invalid user zlj from 159.192.143.249 port 39990 2020-08-29T11:58:34.367099abusebot-2.cloudsearch.cf sshd[28506]: Failed password for invalid user zlj from 159.192.143.249 port 39990 ssh2 2020-08-29T12:03:33.338603abusebot-2.cloudsearch.cf sshd[28583]: Invalid user zookeeper from 159.192.143.249 port 43678 2020-08-29T12:03:33.345323abusebot-2.cloudsearch.cf sshd[28583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 2020-08-29T12:03:33.338603abusebot-2.cloudsearch.cf sshd[28583]: Invalid user zookeeper from 159.192.143.249 port 43678 2020-08-29T12:03:36.032945abusebot-2.cloudsearch.cf ssh ...	2020-08-30 03:44:21
159.192.143.249	attack	Aug 28 07:24:21 PorscheCustomer sshd[15988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 Aug 28 07:24:23 PorscheCustomer sshd[15988]: Failed password for invalid user wy from 159.192.143.249 port 55926 ssh2 Aug 28 07:27:31 PorscheCustomer sshd[16209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 ...	2020-08-28 13:45:46
159.192.143.249	attack	Aug 27 18:04:29 ws12vmsma01 sshd[33347]: Invalid user dany from 159.192.143.249 Aug 27 18:04:30 ws12vmsma01 sshd[33347]: Failed password for invalid user dany from 159.192.143.249 port 53890 ssh2 Aug 27 18:07:28 ws12vmsma01 sshd[33880]: Invalid user andre from 159.192.143.249 ...	2020-08-28 05:12:19
159.192.143.249	attackbotsspam	Aug 19 06:47:17 dev0-dcde-rnet sshd[24662]: Failed password for root from 159.192.143.249 port 42730 ssh2 Aug 19 06:51:33 dev0-dcde-rnet sshd[24777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 Aug 19 06:51:35 dev0-dcde-rnet sshd[24777]: Failed password for invalid user rock from 159.192.143.249 port 51748 ssh2	2020-08-19 16:16:19
159.192.143.249	attackspambots	Aug 15 12:40:47 plex-server sshd[1445173]: Invalid user ff123!@# from 159.192.143.249 port 54414 Aug 15 12:40:47 plex-server sshd[1445173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 Aug 15 12:40:47 plex-server sshd[1445173]: Invalid user ff123!@# from 159.192.143.249 port 54414 Aug 15 12:40:48 plex-server sshd[1445173]: Failed password for invalid user ff123!@# from 159.192.143.249 port 54414 ssh2 Aug 15 12:45:06 plex-server sshd[1447052]: Invalid user china886 from 159.192.143.249 port 33218 ...	2020-08-15 22:35:21
159.192.143.249	attackspambots	Aug 14 23:31:10 lukav-desktop sshd\[22881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root Aug 14 23:31:13 lukav-desktop sshd\[22881\]: Failed password for root from 159.192.143.249 port 45698 ssh2 Aug 14 23:35:28 lukav-desktop sshd\[24917\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root Aug 14 23:35:30 lukav-desktop sshd\[24917\]: Failed password for root from 159.192.143.249 port 35016 ssh2 Aug 14 23:39:39 lukav-desktop sshd\[27011\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root	2020-08-15 08:40:21
159.192.143.249	attackbotsspam	2020-08-03T22:46:04.551973vps773228.ovh.net sshd[6278]: Failed password for root from 159.192.143.249 port 39700 ssh2 2020-08-03T22:50:32.886289vps773228.ovh.net sshd[6302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root 2020-08-03T22:50:34.716455vps773228.ovh.net sshd[6302]: Failed password for root from 159.192.143.249 port 34544 ssh2 2020-08-03T22:54:55.734287vps773228.ovh.net sshd[6330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root 2020-08-03T22:54:58.005751vps773228.ovh.net sshd[6330]: Failed password for root from 159.192.143.249 port 56812 ssh2 ...	2020-08-04 05:17:29
159.192.143.249	attackbots	Aug 3 22:37:11 host sshd[32232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root Aug 3 22:37:13 host sshd[32232]: Failed password for root from 159.192.143.249 port 49042 ssh2 ...	2020-08-04 04:39:06
159.192.143.249	attack	Aug 3 10:11:41 nextcloud sshd\[6803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root Aug 3 10:11:44 nextcloud sshd\[6803\]: Failed password for root from 159.192.143.249 port 46006 ssh2 Aug 3 10:16:19 nextcloud sshd\[12739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.143.249 user=root	2020-08-03 18:04:28
159.192.143.249	attackspam	Jul 29 22:43:31 ip-172-31-62-245 sshd\[11107\]: Invalid user shc from 159.192.143.249\ Jul 29 22:43:32 ip-172-31-62-245 sshd\[11107\]: Failed password for invalid user shc from 159.192.143.249 port 60644 ssh2\ Jul 29 22:48:16 ip-172-31-62-245 sshd\[11169\]: Invalid user huaweihong from 159.192.143.249\ Jul 29 22:48:17 ip-172-31-62-245 sshd\[11169\]: Failed password for invalid user huaweihong from 159.192.143.249 port 45982 ssh2\ Jul 29 22:53:00 ip-172-31-62-245 sshd\[11238\]: Invalid user yand from 159.192.143.249\	2020-07-30 07:28:07
159.192.143.249	attackbots	(sshd) Failed SSH login from 159.192.143.249 (TH/Thailand/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 28 14:52:29 s1 sshd[4743]: Invalid user ql from 159.192.143.249 port 43410 Jul 28 14:52:31 s1 sshd[4743]: Failed password for invalid user ql from 159.192.143.249 port 43410 ssh2 Jul 28 15:04:54 s1 sshd[5588]: Invalid user lauca from 159.192.143.249 port 45068 Jul 28 15:04:56 s1 sshd[5588]: Failed password for invalid user lauca from 159.192.143.249 port 45068 ssh2 Jul 28 15:08:19 s1 sshd[6041]: Invalid user saul from 159.192.143.249 port 40176	2020-07-28 20:09:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.192.143.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13307
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.192.143.54.			IN	A

;; AUTHORITY SECTION:
.			582	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083000 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 30 21:27:33 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 54.143.192.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 54.143.192.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
67.170.245.69	attackbotsspam	Dec 15 10:15:54 MK-Soft-Root1 sshd[3532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.170.245.69 Dec 15 10:15:55 MK-Soft-Root1 sshd[3532]: Failed password for invalid user operator from 67.170.245.69 port 44404 ssh2 ...	2019-12-15 17:16:20
139.255.225.178	attack	Dec 14 22:31:48 hanapaa sshd\[15302\]: Invalid user test from 139.255.225.178 Dec 14 22:31:48 hanapaa sshd\[15302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.255.225.178 Dec 14 22:31:51 hanapaa sshd\[15302\]: Failed password for invalid user test from 139.255.225.178 port 51233 ssh2 Dec 14 22:39:12 hanapaa sshd\[16059\]: Invalid user nitin from 139.255.225.178 Dec 14 22:39:12 hanapaa sshd\[16059\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.255.225.178	2019-12-15 16:46:35
222.186.175.183	attackbotsspam	Dec 15 10:01:49 loxhost sshd\[18562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root Dec 15 10:01:50 loxhost sshd\[18562\]: Failed password for root from 222.186.175.183 port 22478 ssh2 Dec 15 10:01:54 loxhost sshd\[18562\]: Failed password for root from 222.186.175.183 port 22478 ssh2 Dec 15 10:01:57 loxhost sshd\[18562\]: Failed password for root from 222.186.175.183 port 22478 ssh2 Dec 15 10:02:00 loxhost sshd\[18562\]: Failed password for root from 222.186.175.183 port 22478 ssh2 ...	2019-12-15 17:03:28
220.247.174.14	attackspambots	Dec 15 11:11:23 sauna sshd[124501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.247.174.14 Dec 15 11:11:25 sauna sshd[124501]: Failed password for invalid user web from 220.247.174.14 port 33340 ssh2 ...	2019-12-15 17:15:26
121.146.240.229	attackspambots	SSH auth scanning - multiple failed logins	2019-12-15 17:13:04
139.199.113.140	attackspambots	Dec 15 08:53:48 cp sshd[13927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140	2019-12-15 16:44:43
202.70.34.30	attackbotsspam	1576391316 - 12/15/2019 07:28:36 Host: 202.70.34.30/202.70.34.30 Port: 445 TCP Blocked	2019-12-15 16:49:38
51.75.28.134	attackspambots	Dec 15 08:11:50 web8 sshd\[32080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.28.134 user=root Dec 15 08:11:52 web8 sshd\[32080\]: Failed password for root from 51.75.28.134 port 52278 ssh2 Dec 15 08:17:04 web8 sshd\[2190\]: Invalid user test from 51.75.28.134 Dec 15 08:17:04 web8 sshd\[2190\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.28.134 Dec 15 08:17:06 web8 sshd\[2190\]: Failed password for invalid user test from 51.75.28.134 port 33494 ssh2	2019-12-15 16:40:07
138.68.82.220	attack	Dec 15 10:07:45 markkoudstaal sshd[32069]: Failed password for root from 138.68.82.220 port 49690 ssh2 Dec 15 10:13:14 markkoudstaal sshd[457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.82.220 Dec 15 10:13:16 markkoudstaal sshd[457]: Failed password for invalid user dovecot from 138.68.82.220 port 58050 ssh2	2019-12-15 17:16:48
159.203.177.49	attack	(sshd) Failed SSH login from 159.203.177.49 (-): 5 in the last 3600 secs	2019-12-15 16:42:12
222.186.180.17	attackspam	2019-12-15T08:59:34.474594abusebot-7.cloudsearch.cf sshd\[20494\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root 2019-12-15T08:59:36.513124abusebot-7.cloudsearch.cf sshd\[20494\]: Failed password for root from 222.186.180.17 port 28778 ssh2 2019-12-15T08:59:39.508783abusebot-7.cloudsearch.cf sshd\[20494\]: Failed password for root from 222.186.180.17 port 28778 ssh2 2019-12-15T08:59:42.838531abusebot-7.cloudsearch.cf sshd\[20494\]: Failed password for root from 222.186.180.17 port 28778 ssh2	2019-12-15 17:00:48
158.69.121.200	attack	\[2019-12-15 03:37:01\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-15T03:37:01.942-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="0046423112971",SessionID="0x7f0fb4fbea58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.121.200/65454",ACLName="no_extension_match" \[2019-12-15 03:37:32\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-15T03:37:32.429-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146423112971",SessionID="0x7f0fb447f838",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.121.200/53752",ACLName="no_extension_match" \[2019-12-15 03:38:03\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-15T03:38:03.906-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146423112971",SessionID="0x7f0fb462f398",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/158.69.121.200/59204",ACLName="no_ext	2019-12-15 17:02:05
206.72.193.222	attackspambots	Dec 14 22:31:33 php1 sshd\[19304\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.72.193.222 user=root Dec 14 22:31:35 php1 sshd\[19304\]: Failed password for root from 206.72.193.222 port 45704 ssh2 Dec 14 22:37:13 php1 sshd\[19998\]: Invalid user webmaster from 206.72.193.222 Dec 14 22:37:13 php1 sshd\[19998\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.72.193.222 Dec 14 22:37:15 php1 sshd\[19998\]: Failed password for invalid user webmaster from 206.72.193.222 port 59676 ssh2	2019-12-15 16:41:20
106.12.94.65	attackspambots	Dec 15 09:35:09 meumeu sshd[9287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.94.65 Dec 15 09:35:11 meumeu sshd[9287]: Failed password for invalid user bhays from 106.12.94.65 port 60078 ssh2 Dec 15 09:42:00 meumeu sshd[10171]: Failed password for gdm from 106.12.94.65 port 56366 ssh2 ...	2019-12-15 17:06:47
103.114.104.129	attackbotsspam	RDP brute force attack detected by fail2ban	2019-12-15 16:58:27

Recently Reported IPs

116.117.252.90	103.41.146.199	22.100.179.217	49.35.104.13
169.212.177.104	195.54.161.159	190.37.251.204	59.107.209.230
181.174.144.77	157.230.28.120	149.131.221.70	1.64.173.182
84.151.206.135	86.98.44.169	223.91.119.113	116.25.46.156
129.208.71.156	121.27.54.135	83.221.222.91	43.229.153.13