96.54.2.158 - IPInfo

Basic Info

City: Parksville

Region: British Columbia

Country: Canada

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
96.54.228.119	attack	reported through recidive - multiple failed attempts(SSH)	2020-09-05 23:38:34
96.54.228.119	attack	reported through recidive - multiple failed attempts(SSH)	2020-09-05 15:10:53
96.54.228.119	attackspambots	Sep 4 23:28:20 localhost sshd[18364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=s0106b8c75dd059ab.gv.shawcable.net user=root Sep 4 23:28:22 localhost sshd[18364]: Failed password for root from 96.54.228.119 port 34669 ssh2 Sep 4 23:34:23 localhost sshd[18925]: Invalid user ec2-user from 96.54.228.119 port 36076 Sep 4 23:34:23 localhost sshd[18925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=s0106b8c75dd059ab.gv.shawcable.net Sep 4 23:34:23 localhost sshd[18925]: Invalid user ec2-user from 96.54.228.119 port 36076 Sep 4 23:34:24 localhost sshd[18925]: Failed password for invalid user ec2-user from 96.54.228.119 port 36076 ssh2 ...	2020-09-05 07:48:41
96.54.228.119	attackspam	Aug 31 12:20:28 gw1 sshd[21334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.54.228.119 Aug 31 12:20:30 gw1 sshd[21334]: Failed password for invalid user administrator from 96.54.228.119 port 47863 ssh2 ...	2020-08-31 16:53:48
96.54.228.119	attackbots	SSH Brute-Force. Ports scanning.	2020-08-25 06:14:11
96.54.228.119	attackbots	Invalid user device from 96.54.228.119 port 45197	2020-08-19 12:28:01
96.54.228.119	attack	Aug 2 14:10:12 ip40 sshd[12598]: Failed password for root from 96.54.228.119 port 36882 ssh2 ...	2020-08-02 22:58:07
96.54.228.119	attackspam	$f2bV_matches	2020-07-30 07:54:50
96.54.228.119	attackspam	2020-07-24 UTC: (24x) - Michael,admin(3x),anand,cmb,dama,debra,emese,error,fs,ftpuser1,gregoire,master,mzh,ncs,nxf,sa,simon,test1,tester,tomcat,ts3bot1,versa	2020-07-25 17:58:01
96.54.228.119	attackspambots	Jul 9 23:16:06 lukav-desktop sshd\[8144\]: Invalid user christoph from 96.54.228.119 Jul 9 23:16:06 lukav-desktop sshd\[8144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.54.228.119 Jul 9 23:16:08 lukav-desktop sshd\[8144\]: Failed password for invalid user christoph from 96.54.228.119 port 46037 ssh2 Jul 9 23:21:28 lukav-desktop sshd\[8210\]: Invalid user test9 from 96.54.228.119 Jul 9 23:21:28 lukav-desktop sshd\[8210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.54.228.119	2020-07-10 04:39:17
96.54.228.119	attack	Jul 7 23:39:13 Tower sshd[40497]: Connection from 96.54.228.119 port 44390 on 192.168.10.220 port 22 rdomain "" Jul 7 23:39:14 Tower sshd[40497]: Invalid user ftpd from 96.54.228.119 port 44390 Jul 7 23:39:14 Tower sshd[40497]: error: Could not get shadow information for NOUSER Jul 7 23:39:14 Tower sshd[40497]: Failed password for invalid user ftpd from 96.54.228.119 port 44390 ssh2 Jul 7 23:39:14 Tower sshd[40497]: Received disconnect from 96.54.228.119 port 44390:11: Bye Bye [preauth] Jul 7 23:39:14 Tower sshd[40497]: Disconnected from invalid user ftpd 96.54.228.119 port 44390 [preauth]	2020-07-08 19:47:01
96.54.228.119	attackbots	Jun 27 07:49:16 vps sshd[426211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=s0106b8c75dd059ab.gv.shawcable.net Jun 27 07:49:18 vps sshd[426211]: Failed password for invalid user cacti from 96.54.228.119 port 41120 ssh2 Jun 27 07:54:58 vps sshd[450431]: Invalid user zhangl from 96.54.228.119 port 36250 Jun 27 07:54:58 vps sshd[450431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=s0106b8c75dd059ab.gv.shawcable.net Jun 27 07:55:00 vps sshd[450431]: Failed password for invalid user zhangl from 96.54.228.119 port 36250 ssh2 ...	2020-06-27 13:55:12
96.54.228.119	attack	2020-06-25T12:28:22.243089devel sshd[11844]: Invalid user port from 96.54.228.119 port 44795 2020-06-25T12:28:23.894950devel sshd[11844]: Failed password for invalid user port from 96.54.228.119 port 44795 ssh2 2020-06-25T12:42:27.846267devel sshd[13682]: Invalid user raz from 96.54.228.119 port 34746	2020-06-26 02:24:56
96.54.228.119	attackspambots	$f2bV_matches	2019-12-20 01:11:41
96.54.228.119	attack	Dec 13 09:39:50 ns382633 sshd\[20112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.54.228.119 user=root Dec 13 09:39:51 ns382633 sshd\[20112\]: Failed password for root from 96.54.228.119 port 48130 ssh2 Dec 13 09:47:52 ns382633 sshd\[21792\]: Invalid user kuromai from 96.54.228.119 port 36525 Dec 13 09:47:52 ns382633 sshd\[21792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.54.228.119 Dec 13 09:47:54 ns382633 sshd\[21792\]: Failed password for invalid user kuromai from 96.54.228.119 port 36525 ssh2	2019-12-15 00:15:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 96.54.2.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42598
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;96.54.2.158.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021902 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 08:23:42 CST 2025
;; MSG SIZE  rcvd: 104

Host info

158.2.54.96.in-addr.arpa domain name pointer S01063c2d9ef0e9e6.pk.shawcable.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
158.2.54.96.in-addr.arpa	name = S01063c2d9ef0e9e6.pk.shawcable.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.248.174.193	attack	10/27/2019-08:42:25.702783 89.248.174.193 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-27 22:15:24
190.41.110.221	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/190.41.110.221/ US - 1H : (271) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN6147 IP : 190.41.110.221 CIDR : 190.41.110.0/24 PREFIX COUNT : 2296 UNIQUE IP COUNT : 1456128 ATTACKS DETECTED ASN6147 : 1H - 1 3H - 3 6H - 3 12H - 5 24H - 12 DateTime : 2019-10-27 13:06:42 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-27 22:34:43
162.214.14.3	attackspambots	Oct 27 13:50:39 vps647732 sshd[5406]: Failed password for root from 162.214.14.3 port 58744 ssh2 Oct 27 13:54:44 vps647732 sshd[5464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.214.14.3 ...	2019-10-27 22:33:42
218.92.36.66	attack	Oct 27 15:09:42 MK-Soft-Root1 sshd[29325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.36.66 Oct 27 15:09:43 MK-Soft-Root1 sshd[29325]: Failed password for invalid user ylngylng from 218.92.36.66 port 35190 ssh2 ...	2019-10-27 22:29:41
175.151.92.229	attackbotsspam	Port Scan	2019-10-27 22:24:22
222.186.175.147	attack	Oct 27 10:10:52 ny01 sshd[13922]: Failed password for root from 222.186.175.147 port 18446 ssh2 Oct 27 10:11:11 ny01 sshd[13922]: error: maximum authentication attempts exceeded for root from 222.186.175.147 port 18446 ssh2 [preauth] Oct 27 10:11:23 ny01 sshd[13971]: Failed password for root from 222.186.175.147 port 25354 ssh2	2019-10-27 22:12:57
39.76.253.87	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/39.76.253.87/ CN - 1H : (710) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 39.76.253.87 CIDR : 39.64.0.0/11 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 10 3H - 43 6H - 85 12H - 175 24H - 232 DateTime : 2019-10-27 13:06:50 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-27 22:27:56
164.132.104.58	attack	Oct 27 15:25:46 SilenceServices sshd[22076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.104.58 Oct 27 15:25:49 SilenceServices sshd[22076]: Failed password for invalid user cfs1035 from 164.132.104.58 port 53480 ssh2 Oct 27 15:29:52 SilenceServices sshd[24669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.104.58	2019-10-27 22:39:20
106.12.199.98	attackbotsspam	Oct 27 03:44:14 php1 sshd\[740\]: Invalid user design1234 from 106.12.199.98 Oct 27 03:44:14 php1 sshd\[740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Oct 27 03:44:17 php1 sshd\[740\]: Failed password for invalid user design1234 from 106.12.199.98 port 58820 ssh2 Oct 27 03:50:13 php1 sshd\[1272\]: Invalid user suporte from 106.12.199.98 Oct 27 03:50:13 php1 sshd\[1272\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98	2019-10-27 22:43:40
220.92.16.94	attack	Oct 27 13:02:01 localhost sshd\[2756\]: Invalid user crichard from 220.92.16.94 port 41532 Oct 27 13:02:01 localhost sshd\[2756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.92.16.94 Oct 27 13:02:03 localhost sshd\[2756\]: Failed password for invalid user crichard from 220.92.16.94 port 41532 ssh2 ...	2019-10-27 21:59:15
106.12.21.212	attack	Automatic report - Banned IP Access	2019-10-27 22:07:48
121.66.224.90	attack	fail2ban	2019-10-27 22:03:05
182.176.163.116	attackspambots	Unauthorised access (Oct 27) SRC=182.176.163.116 LEN=52 TTL=113 ID=8920 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-27 22:25:45
178.49.58.151	attack	Chat Spam	2019-10-27 22:07:29
85.93.20.90	attackbots	191027 4:02:12 \[Warning\] Access denied for user 'root'@'85.93.20.90' $using password: YES$ 191027 6:23:47 \[Warning\] Access denied for user 'root'@'85.93.20.90' $using password: YES$ 191027 7:56:47 \[Warning\] Access denied for user 'root'@'85.93.20.90' $using password: YES$ ...	2019-10-27 22:28:42

Recently Reported IPs

204.52.60.180	205.206.65.51	49.226.92.16	231.129.69.150
223.224.207.85	155.14.16.17	135.132.123.156	191.179.167.137
92.134.58.203	53.160.59.49	246.92.26.174	65.226.166.35
243.108.110.111	127.131.100.22	129.151.186.159	254.113.159.22
168.226.226.15	50.106.34.2	255.242.69.90	37.135.61.148