116.12.55.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: USONYX Singapore Broadband Web Hosting Services

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	invalid user	2020-02-04 19:45:43
attack	Feb 3 12:06:37 v22018076622670303 sshd\[902\]: Invalid user postgres from 116.12.55.66 port 54062 Feb 3 12:06:37 v22018076622670303 sshd\[902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.12.55.66 Feb 3 12:06:39 v22018076622670303 sshd\[902\]: Failed password for invalid user postgres from 116.12.55.66 port 54062 ssh2 ...	2020-02-03 19:14:33

Type

Details

Datetime

attackbots

invalid user

2020-02-04 19:45:43

attack

Feb  3 12:06:37 v22018076622670303 sshd\[902\]: Invalid user postgres from 116.12.55.66 port 54062
Feb  3 12:06:37 v22018076622670303 sshd\[902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.12.55.66
Feb  3 12:06:39 v22018076622670303 sshd\[902\]: Failed password for invalid user postgres from 116.12.55.66 port 54062 ssh2
...

2020-02-03 19:14:33

Comments on same subnet:

IP	Type	Details	Datetime
116.12.55.218	attackbots	SpamScore above: 10.0	2020-03-25 05:56:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.12.55.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7422
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.12.55.66.			IN	A

;; AUTHORITY SECTION:
.			262	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020300 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 03 19:14:26 CST 2020
;; MSG SIZE  rcvd: 116

Host info

66.55.12.116.in-addr.arpa domain name pointer vps.pnhgrp.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.55.12.116.in-addr.arpa	name = vps.pnhgrp.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
40.88.131.206	attackbotsspam	Jul 14 11:28:41 colo1 sshd[1931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.88.131.206 user=r.r Jul 14 11:28:41 colo1 sshd[1937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.88.131.206 user=r.r Jul 14 11:28:41 colo1 sshd[1938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.88.131.206 user=r.r Jul 14 11:28:41 colo1 sshd[1939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.88.131.206 user=r.r Jul 14 11:28:42 colo1 sshd[1908]: Failed password for invalid user colo from 40.88.131.206 port 30960 ssh2 Jul 14 11:28:42 colo1 sshd[1941]: Failed password for invalid user admin from 40.88.131.206 port 30982 ssh2 Jul 14 11:28:42 colo1 sshd[1909]: Failed password for invalid user unimatrixzero from 40.88.131.206 port 30961 ssh2 Jul 14 11:28:42 colo1 sshd[1907]: Failed password for invalid user co........ -------------------------------	2020-07-15 01:02:09
195.16.59.170	attack	TCP src-port=49685 dst-port=25 Listed on dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (94)	2020-07-15 01:00:25
13.84.217.13	attackbots	Jul 14 16:50:12 ift sshd\[11122\]: Invalid user org from 13.84.217.13Jul 14 16:50:12 ift sshd\[11125\]: Invalid user ift.org.ua from 13.84.217.13Jul 14 16:50:14 ift sshd\[11122\]: Failed password for invalid user org from 13.84.217.13 port 54441 ssh2Jul 14 16:50:14 ift sshd\[11125\]: Failed password for invalid user ift.org.ua from 13.84.217.13 port 54442 ssh2Jul 14 16:50:14 ift sshd\[11121\]: Failed password for ift from 13.84.217.13 port 54440 ssh2 ...	2020-07-15 01:17:54
172.107.95.30	attackbots	GPL DNS named version attempt - port: 53 proto: dns cat: Attempted Information Leakbytes: 72	2020-07-15 00:57:07
170.130.143.16	attackbotsspam	Mail Rejected for No PTR on port 25, EHLO: 0590298c.coldwar.buzz	2020-07-15 01:00:43
51.91.123.119	attackbotsspam	2020-07-14T17:43:45+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-07-15 00:43:37
106.13.29.92	attack	Jul 14 16:12:29 server sshd[16317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 user=web1 Jul 14 16:12:31 server sshd[16317]: Failed password for invalid user web1 from 106.13.29.92 port 58270 ssh2 Jul 14 16:25:31 server sshd[16894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.29.92 Jul 14 16:25:32 server sshd[16894]: Failed password for invalid user eunho from 106.13.29.92 port 38866 ssh2	2020-07-15 00:46:57
52.255.137.117	attackbotsspam	Jul 14 12:30:48 vpxxxxxxx69670 sshd[22632]: Invalid user daisy from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22642]: Invalid user daisy from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22638]: Invalid user net from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22653]: Invalid user daisy-net.com from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22654]: Invalid user daisy-net.com from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22655]: Invalid user daisy-net.com from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22652]: Invalid user daisy-net.com from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22665]: Invalid user admin from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22664]: Invalid user admin from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22668]: Invalid user admin from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22669]: Invalid user admin from 52.255.137.117 Jul 14 12:30:48 vpxxxxxxx69670 sshd[22629]........ ------------------------------	2020-07-15 01:04:25
206.189.225.85	attack	2020-07-14T11:17:24.366622mail.thespaminator.com sshd[28307]: Invalid user gonzalo from 206.189.225.85 port 56430 2020-07-14T11:17:25.907443mail.thespaminator.com sshd[28307]: Failed password for invalid user gonzalo from 206.189.225.85 port 56430 ssh2 ...	2020-07-15 01:05:38
89.45.226.116	attackbots	Jul 14 14:59:03 h2865660 sshd[32243]: Invalid user eliane from 89.45.226.116 port 60966 Jul 14 14:59:03 h2865660 sshd[32243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.45.226.116 Jul 14 14:59:03 h2865660 sshd[32243]: Invalid user eliane from 89.45.226.116 port 60966 Jul 14 14:59:05 h2865660 sshd[32243]: Failed password for invalid user eliane from 89.45.226.116 port 60966 ssh2 Jul 14 15:15:56 h2865660 sshd[497]: Invalid user no from 89.45.226.116 port 45112 ...	2020-07-15 00:51:50
157.245.64.140	attackspambots	Failed password for invalid user kevin from 157.245.64.140 port 57436 ssh2	2020-07-15 01:15:47
51.158.65.243	attack	Jul 14 16:09:16 IngegnereFirenze sshd[24743]: User root from 51.158.65.243 not allowed because not listed in AllowUsers ...	2020-07-15 00:58:38
52.188.55.6	attack	52.188.55.6 - - [14/Jul/2020:15:13:13 +0200] "GET /wp-login.php HTTP/1.1" 200 4966 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 52.188.55.6 - - [14/Jul/2020:15:13:15 +0200] "POST /wp-login.php HTTP/1.1" 200 5379 "http://idea.univ-lyon3.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 52.188.55.6 - - [14/Jul/2020:15:13:15 +0200] "POST /wp-login.php HTTP/1.1" 200 5379 "http://idea.univ-lyon3.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 52.188.55.6 - - [14/Jul/2020:15:13:16 +0200] "POST /wp-login.php HTTP/1.1" 200 5379 "http://idea.univ-lyon3.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 52.188.55.6 - - [14/Jul/2020:15:13:16 +0200] "POST /wp-login.php H ...	2020-07-15 00:43:12
20.48.1.164	attackspambots	Jul 14 14:53:02 sigma sshd\[3635\]: Invalid user email from 20.48.1.164Jul 14 14:53:02 sigma sshd\[3636\]: Invalid user sigma.email from 20.48.1.164 ...	2020-07-15 00:56:19
185.143.73.33	attack	2020-07-14 17:13:38 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=akimov@csmailer.org) 2020-07-14 17:14:02 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=prefecture@csmailer.org) 2020-07-14 17:14:27 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=jaime@csmailer.org) 2020-07-14 17:14:47 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=ajai@csmailer.org) 2020-07-14 17:15:16 auth_plain authenticator failed for (User) [185.143.73.33]: 535 Incorrect authentication data (set_id=awsdev@csmailer.org) ...	2020-07-15 01:13:07

Recently Reported IPs

234.139.251.113	185.233.104.68	151.141.7.159	28.79.194.68
102.154.125.174	91.9.147.50	179.33.110.55	73.7.206.106
227.197.43.244	191.152.243.127	161.24.163.45	82.61.74.192
23.117.175.125	213.143.106.209	17.77.237.63	29.177.104.194
241.251.255.66	104.112.34.174	39.23.23.30	14.246.76.217