213.159.213.54

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: JSC Server

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 2 08:13:17 vmd17057 sshd\[3512\]: Invalid user dana from 213.159.213.54 port 48744 Aug 2 08:13:17 vmd17057 sshd\[3512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.159.213.54 Aug 2 08:13:19 vmd17057 sshd\[3512\]: Failed password for invalid user dana from 213.159.213.54 port 48744 ssh2 ...	2019-08-02 16:14:44

Type

Details

Datetime

attackbots

Aug  2 08:13:17 vmd17057 sshd\[3512\]: Invalid user dana from 213.159.213.54 port 48744
Aug  2 08:13:17 vmd17057 sshd\[3512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.159.213.54
Aug  2 08:13:19 vmd17057 sshd\[3512\]: Failed password for invalid user dana from 213.159.213.54 port 48744 ssh2
...

2019-08-02 16:14:44

Comments on same subnet:

IP	Type	Details	Datetime
213.159.213.137	attackbots	Automatic report - Banned IP Access	2020-05-04 02:57:43
213.159.213.137	attackspam	Malicious brute force vulnerability hacking attacks	2020-04-15 18:56:19
213.159.213.137	attack	Automated report (2020-01-06T13:12:29+00:00). Faked user agent detected.	2020-01-07 02:59:00
213.159.213.137	attack	Automated report (2019-12-24T11:11:44+00:00). Spambot detected.	2019-12-24 19:21:17
213.159.213.137	attack	Automated report (2019-12-20T23:46:09+00:00). Faked user agent detected.	2019-12-21 08:11:18
213.159.213.236	attack	Brute force attack stopped by firewall	2019-12-12 10:26:39
213.159.213.137	attackbots	Brute force attack stopped by firewall	2019-12-12 10:06:04
213.159.213.236	attack	Unauthorized SSH login attempts	2019-10-30 16:16:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.159.213.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56243
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.159.213.54.			IN	A

;; AUTHORITY SECTION:
.			3578	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 16:14:37 CST 2019
;; MSG SIZE  rcvd: 118

Host info

54.213.159.213.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 54.213.159.213.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.196	attackbotsspam	Oct 13 12:10:15 sso sshd[12382]: Failed password for root from 112.85.42.196 port 33982 ssh2 Oct 13 12:10:20 sso sshd[12382]: Failed password for root from 112.85.42.196 port 33982 ssh2 ...	2020-10-13 18:15:19
193.112.16.245	attackbots	(sshd) Failed SSH login from 193.112.16.245 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 13 03:04:40 optimus sshd[27930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.16.245 user=root Oct 13 03:04:42 optimus sshd[27930]: Failed password for root from 193.112.16.245 port 53626 ssh2 Oct 13 03:07:51 optimus sshd[29018]: Invalid user ronda from 193.112.16.245 Oct 13 03:07:51 optimus sshd[29018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.16.245 Oct 13 03:07:53 optimus sshd[29018]: Failed password for invalid user ronda from 193.112.16.245 port 36362 ssh2	2020-10-13 18:26:37
173.30.96.81	attack	Oct 13 12:09:31 mail sshd[25087]: Failed password for root from 173.30.96.81 port 43268 ssh2	2020-10-13 18:23:31
194.61.24.177	attackspam	2020-10-13T09:17:29.092279scrat sshd[181196]: Invalid user 22 from 194.61.24.177 port 44355 2020-10-13T09:17:29.116317scrat sshd[181196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.61.24.177 2020-10-13T09:17:28.915735scrat sshd[181196]: Connection from 194.61.24.177 port 44355 on 193.30.123.226 port 22 rdomain "" 2020-10-13T09:17:29.092279scrat sshd[181196]: Invalid user 22 from 194.61.24.177 port 44355 2020-10-13T09:17:30.838430scrat sshd[181196]: Failed password for invalid user 22 from 194.61.24.177 port 44355 ssh2 ...	2020-10-13 17:46:44
180.76.238.19	attackspambots	2020-10-13 09:36:12,042 fail2ban.actions: WARNING [ssh] Ban 180.76.238.19	2020-10-13 18:08:04
103.28.32.18	attack	Oct 13 11:45:45 nopemail auth.info sshd[749]: Invalid user francois from 103.28.32.18 port 34850 ...	2020-10-13 17:49:06
154.83.16.242	attackspam	frenzy	2020-10-13 17:44:16
145.239.110.129	attackspambots	Oct 13 09:57:26 staging sshd[26681]: Invalid user arun from 145.239.110.129 port 53354 Oct 13 09:57:26 staging sshd[26681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.110.129 Oct 13 09:57:26 staging sshd[26681]: Invalid user arun from 145.239.110.129 port 53354 Oct 13 09:57:28 staging sshd[26681]: Failed password for invalid user arun from 145.239.110.129 port 53354 ssh2 ...	2020-10-13 18:09:48
85.48.56.42	attackspambots	Oct 13 10:35:36 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=85.48.56.42, lip=10.64.89.208, session=\ Oct 13 10:35:38 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=85.48.56.42, lip=10.64.89.208, session=\ Oct 13 10:47:17 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 179 secs\): user=\, method=PLAIN, rip=85.48.56.42, lip=10.64.89.208, session=\ Oct 13 10:47:20 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=85.48.56.42, lip=10.64.89.208, session=\ Oct 13 10:57:06 WHD8 dovecot: pop3-login: Disconnected \(auth failed, 1 attempts in 145 secs\): user=\	2020-10-13 18:15:49
78.109.175.100	attackbots	Fail2Ban Ban Triggered Wordpress Attack Attempt	2020-10-13 18:04:41
193.202.14.34	attackbots	C1,Magento Bruteforce Login Attack POST /index.php/admin/	2020-10-13 18:02:06
61.177.172.168	attackspambots	Oct 13 12:20:47 server sshd[8721]: Failed none for root from 61.177.172.168 port 8790 ssh2 Oct 13 12:20:49 server sshd[8721]: Failed password for root from 61.177.172.168 port 8790 ssh2 Oct 13 12:20:55 server sshd[8721]: Failed password for root from 61.177.172.168 port 8790 ssh2	2020-10-13 18:21:10
183.17.229.11	attackspam	1602552964 - 10/13/2020 03:36:04 Host: 183.17.229.11/183.17.229.11 Port: 445 TCP Blocked	2020-10-13 17:48:08
139.199.80.75	attack	k+ssh-bruteforce	2020-10-13 18:11:39
201.102.193.63	attackspam	Unauthorized connection attempt from IP address 201.102.193.63 on Port 445(SMB)	2020-10-13 17:43:30

Recently Reported IPs

175.19.30.46	66.124.232.204	4.240.247.126	222.120.192.106
92.215.90.118	189.8.1.50	7.242.111.46	146.154.101.82
158.55.173.23	41.101.6.109	113.50.52.156	203.134.104.198
4.231.49.28	44.131.183.5	37.186.220.241	83.51.14.93
139.234.63.121	35.118.167.103	220.3.133.60	248.13.150.39