116.206.40.66 - IPInfo

Basic Info

City: Surabaya

Region: Jawa Timur

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.206.40.88	attackbots	1586750332 - 04/13/2020 05:58:52 Host: 116.206.40.88/116.206.40.88 Port: 445 TCP Blocked	2020-04-13 12:59:54
116.206.40.117	attack	1583756970 - 03/09/2020 13:29:30 Host: 116.206.40.117/116.206.40.117 Port: 445 TCP Blocked	2020-03-09 23:27:02
116.206.40.57	attack	1582205366 - 02/20/2020 14:29:26 Host: 116.206.40.57/116.206.40.57 Port: 445 TCP Blocked	2020-02-20 23:00:42
116.206.40.44	attackbots	[Thu Feb 13 11:54:09.296635 2020] [:error] [pid 29333:tid 140024179844864] [client 116.206.40.44:58479] [client 116.206.40.44] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/1.svg"] [unique_id "XkTWZZOePmzR7ExralD6pQAAAU4"], referer: https://karangploso.jatim.bmkg.go.id/ ...	2020-02-13 14:15:45
116.206.40.39	attack	Honeypot attack, port: 445, PTR: subs44-116-206-40-39.three.co.id.	2019-11-05 03:57:35
116.206.40.74	attack	Unauthorized connection attempt from IP address 116.206.40.74 on Port 445(SMB)	2019-07-27 21:38:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.206.40.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51669
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.206.40.66.			IN	A

;; AUTHORITY SECTION:
.			240	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023050400 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 04 14:52:20 CST 2023
;; MSG SIZE  rcvd: 106

Host info

66.40.206.116.in-addr.arpa domain name pointer subs44-116-206-40-66.three.co.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.40.206.116.in-addr.arpa	name = subs44-116-206-40-66.three.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.65.221.222	attack	2 attempts against mh-modsecurity-ban on comet	2020-09-10 04:40:51
94.242.206.148	attack	Sep 9 18:56:46 server postfix/smtpd[10329]: NOQUEUE: reject: RCPT from mail.bizetase.nl[94.242.206.148]: 554 5.7.1 Service unavailable; Client host [94.242.206.148] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-09-10 04:23:29
122.248.33.1	attack	Sep 9 15:16:09 vps46666688 sshd[16246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.248.33.1 Sep 9 15:16:12 vps46666688 sshd[16246]: Failed password for invalid user vibhuti from 122.248.33.1 port 42440 ssh2 ...	2020-09-10 04:26:50
78.199.19.89	attackspam	78.199.19.89 (FR/France/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 9 18:52:56 server sshd[29403]: Failed password for root from 159.89.188.167 port 48390 ssh2 Sep 9 18:52:54 server sshd[29403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.188.167 user=root Sep 9 18:56:32 server sshd[29947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.138.220 user=root Sep 9 18:50:41 server sshd[29161]: Failed password for root from 78.199.19.89 port 33186 ssh2 Sep 9 18:51:26 server sshd[29239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.237.253.167 user=root Sep 9 18:51:27 server sshd[29239]: Failed password for root from 218.237.253.167 port 39287 ssh2 IP Addresses Blocked: 159.89.188.167 (US/United States/-) 119.45.138.220 (CN/China/-)	2020-09-10 04:26:36
195.54.160.183	attackbots	Sep 9 20:18:02 email sshd\[29965\]: Invalid user user from 195.54.160.183 Sep 9 20:18:02 email sshd\[29965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.183 Sep 9 20:18:04 email sshd\[29965\]: Failed password for invalid user user from 195.54.160.183 port 35409 ssh2 Sep 9 20:18:04 email sshd\[29972\]: Invalid user admin from 195.54.160.183 Sep 9 20:18:05 email sshd\[29972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.183 ...	2020-09-10 04:24:49
103.62.30.154	attack	Icarus honeypot on github	2020-09-10 04:28:37
222.186.169.194	attackspam	Sep 9 16:09:07 plusreed sshd[4444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root Sep 9 16:09:09 plusreed sshd[4444]: Failed password for root from 222.186.169.194 port 29574 ssh2 ...	2020-09-10 04:16:53
49.233.69.138	attackspambots	Sep 9 19:53:41 jane sshd[14134]: Failed password for root from 49.233.69.138 port 54577 ssh2 Sep 9 19:54:32 jane sshd[14660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.69.138 ...	2020-09-10 04:23:40
104.206.128.66	attackspam	Icarus honeypot on github	2020-09-10 04:18:06
119.92.127.123	attack	Icarus honeypot on github	2020-09-10 04:32:42
139.59.40.240	attack	Sep 9 20:57:40 jane sshd[1477]: Failed password for root from 139.59.40.240 port 34798 ssh2 ...	2020-09-10 04:23:05
91.201.188.240	attack	20/9/9@12:57:09: FAIL: IoT-Telnet address from=91.201.188.240 20/9/9@12:57:10: FAIL: IoT-Telnet address from=91.201.188.240 ...	2020-09-10 04:06:08
112.85.42.89	attackbotsspam	Sep 10 02:03:23 dhoomketu sshd[2980904]: Failed password for root from 112.85.42.89 port 38513 ssh2 Sep 10 02:04:33 dhoomketu sshd[2980917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Sep 10 02:04:35 dhoomketu sshd[2980917]: Failed password for root from 112.85.42.89 port 60589 ssh2 Sep 10 02:05:50 dhoomketu sshd[2980922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Sep 10 02:05:52 dhoomketu sshd[2980922]: Failed password for root from 112.85.42.89 port 14748 ssh2 ...	2020-09-10 04:42:36
106.75.141.223	attack	UDP 106.75.141.223:58914 -> port 30311, len 72	2020-09-10 04:19:39
218.92.0.165	attackbots	Sep 9 16:47:35 firewall sshd[32232]: Failed password for root from 218.92.0.165 port 14525 ssh2 Sep 9 16:47:39 firewall sshd[32232]: Failed password for root from 218.92.0.165 port 14525 ssh2 Sep 9 16:47:42 firewall sshd[32232]: Failed password for root from 218.92.0.165 port 14525 ssh2 ...	2020-09-10 04:07:14

Recently Reported IPs

140.116.26.115	140.116.214.190	140.116.157.169	140.116.181.198
140.116.228.6	19.59.66.86	176.32.34.151	140.116.67.200
132.187.12.16	212.191.78.50	116.206.15.12	130.127.255.220
195.246.46.254	129.72.249.95	140.116.120.64	140.116.161.115
116.206.40.4	89.248.165.3	140.116.153.6	122.51.37.233