116.55.1.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.55.103.37	attackspam	Unauthorized connection attempt from IP address 116.55.103.37 on Port 445(SMB)	2020-09-02 14:59:40
116.55.103.37	attackspambots	Unauthorized connection attempt from IP address 116.55.103.37 on Port 445(SMB)	2020-09-02 08:01:01
116.55.103.37	attackbots	1598616344 - 08/28/2020 14:05:44 Host: 116.55.103.37/116.55.103.37 Port: 445 TCP Blocked	2020-08-29 00:31:42
116.55.130.16	attackspam	06/06/2020-16:45:13.959114 116.55.130.16 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-07 06:05:52
116.55.103.37	attackbotsspam	Unauthorized connection attempt detected from IP address 116.55.103.37 to port 445	2020-05-31 03:41:31
116.55.140.149	attack	Automatic report - Banned IP Access	2020-03-14 01:26:09
116.55.121.82	attackbotsspam	Honeypot attack, port: 5555, PTR: 82.121.55.116.broad.km.yn.dynamic.163data.com.cn.	2020-03-01 13:12:48
116.55.101.26	attackspam	Unauthorized connection attempt from IP address 116.55.101.26 on Port 445(SMB)	2019-12-25 21:38:38
116.55.140.245	attack	badbot	2019-11-20 19:11:28
116.55.117.32	attackspambots	Unauthorised access (Oct 11) SRC=116.55.117.32 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=1054 TCP DPT=8080 WINDOW=9228 SYN Unauthorised access (Oct 10) SRC=116.55.117.32 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=37808 TCP DPT=8080 WINDOW=21783 SYN Unauthorised access (Oct 9) SRC=116.55.117.32 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=42657 TCP DPT=8080 WINDOW=10500 SYN Unauthorised access (Oct 9) SRC=116.55.117.32 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=61520 TCP DPT=8080 WINDOW=10500 SYN	2019-10-11 15:11:32
116.55.197.54	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/116.55.197.54/ CN - 1H : (516) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 116.55.197.54 CIDR : 116.55.192.0/19 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 WYKRYTE ATAKI Z ASN4134 : 1H - 13 3H - 32 6H - 59 12H - 115 24H - 217 DateTime : 2019-10-09 15:06:38 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 21:23:04
116.55.123.190	attackbots	firewall-block, port(s): 5555/tcp	2019-07-07 10:33:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.55.1.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10536
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.55.1.5.			IN	A

;; AUTHORITY SECTION:
.			419	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 16:22:59 CST 2022
;; MSG SIZE  rcvd: 103

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 116.55.1.5.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.22.61.82	attackbots	2020-09-06T00:01:58.743985abusebot-7.cloudsearch.cf sshd[25472]: Invalid user admin from 165.22.61.82 port 36980 2020-09-06T00:01:58.750253abusebot-7.cloudsearch.cf sshd[25472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.61.82 2020-09-06T00:01:58.743985abusebot-7.cloudsearch.cf sshd[25472]: Invalid user admin from 165.22.61.82 port 36980 2020-09-06T00:02:00.510322abusebot-7.cloudsearch.cf sshd[25472]: Failed password for invalid user admin from 165.22.61.82 port 36980 ssh2 2020-09-06T00:10:17.971583abusebot-7.cloudsearch.cf sshd[25568]: Invalid user jira from 165.22.61.82 port 57828 2020-09-06T00:10:17.975960abusebot-7.cloudsearch.cf sshd[25568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.61.82 2020-09-06T00:10:17.971583abusebot-7.cloudsearch.cf sshd[25568]: Invalid user jira from 165.22.61.82 port 57828 2020-09-06T00:10:19.906608abusebot-7.cloudsearch.cf sshd[25568]: Failed password ...	2020-09-06 08:23:37
150.147.166.181	attackspambots	Port probing on unauthorized port 23	2020-09-06 07:58:21
185.239.242.231	attackspambots	2020-09-05T18:26:24.283845correo.[domain] sshd[40729]: Invalid user ubnt from 185.239.242.231 port 59814 2020-09-05T18:26:25.624955correo.[domain] sshd[40729]: Failed password for invalid user ubnt from 185.239.242.231 port 59814 ssh2 2020-09-05T18:26:26.446230correo.[domain] sshd[40731]: Invalid user admin from 185.239.242.231 port 35484 ...	2020-09-06 08:26:46
104.206.119.3	attackspambots	Aug 31 15:25:09 our-server-hostname postfix/smtpd[7575]: connect from unknown[104.206.119.3] Aug 31 15:25:09 our-server-hostname postfix/smtpd[5270]: connect from unknown[104.206.119.3] Aug 31 15:25:09 our-server-hostname postfix/smtpd[7549]: connect from unknown[104.206.119.3] Aug 31 15:25:09 our-server-hostname postfix/smtpd[5255]: connect from unknown[104.206.119.3] Aug 31 15:25:10 our-server-hostname postfix/smtpd[5253]: connect from unknown[104.206.119.3] Aug 31 15:25:10 our-server-hostname postfix/smtpd[5271]: connect from unknown[104.206.119.3] Aug 31 15:25:10 our-server-hostname postfix/smtpd[7576]: connect from unknown[104.206.119.3] Aug x@x .... truncated .... nown[104.206.119.3] Aug 31 15:28:24 our-server-hostname postfix/smtpd[10864]: 73D37A40113: client=unknown[127.0.0.1], orig_client=unknown[104.206.119.3] Aug 31 15:28:24 our-server-hostname amavis[11028]: (11028-02) Passed BAD-HEADER, [104.206.119.3] [104.206.119.3] , mail_id: 8lgroUw7lVht, Hhostnam........ -------------------------------	2020-09-06 08:08:31
141.98.9.166	attackbotsspam	2020-09-06T02:05:43.482848 sshd[1354531]: Invalid user admin from 141.98.9.166 port 37387 2020-09-06T02:05:51.630072 sshd[1354594]: Invalid user ubnt from 141.98.9.166 port 43027 2020-09-06T02:07:48.395810 sshd[1355804]: Invalid user admin from 141.98.9.166 port 44441	2020-09-06 08:22:30
45.140.17.57	attackspam	Port Scan: TCP/18441	2020-09-06 08:24:09
78.133.163.190	attackbots	Dovecot Invalid User Login Attempt.	2020-09-06 08:21:56
137.101.136.251	attackspambots	Automatic report - Port Scan Attack	2020-09-06 08:14:28
195.54.160.180	attack	Sep 6 00:22:11 jumpserver sshd[3875]: Invalid user tgproxy from 195.54.160.180 port 59093 Sep 6 00:22:13 jumpserver sshd[3875]: Failed password for invalid user tgproxy from 195.54.160.180 port 59093 ssh2 Sep 6 00:22:15 jumpserver sshd[3877]: Invalid user vbox from 195.54.160.180 port 12005 ...	2020-09-06 08:26:15
186.200.181.130	attackbots	Sep 6 02:00:54 santamaria sshd\[12600\]: Invalid user www from 186.200.181.130 Sep 6 02:00:54 santamaria sshd\[12600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.200.181.130 Sep 6 02:00:56 santamaria sshd\[12600\]: Failed password for invalid user www from 186.200.181.130 port 50900 ssh2 ...	2020-09-06 08:15:34
68.183.51.204	attack	68.183.51.204 has been banned for [WebApp Attack] ...	2020-09-06 08:19:49
195.226.203.15	attackspambots	Attempted connection to port 445.	2020-09-06 08:35:09
114.219.90.252	attack	Aug 31 07:42:30 georgia postfix/smtpd[36598]: connect from unknown[114.219.90.252] Aug 31 07:42:32 georgia postfix/smtpd[36598]: warning: unknown[114.219.90.252]: SASL LOGIN authentication failed: authentication failure Aug 31 07:42:32 georgia postfix/smtpd[36598]: lost connection after AUTH from unknown[114.219.90.252] Aug 31 07:42:32 georgia postfix/smtpd[36598]: disconnect from unknown[114.219.90.252] ehlo=1 auth=0/1 commands=1/2 Aug 31 07:42:33 georgia postfix/smtpd[36598]: connect from unknown[114.219.90.252] Aug 31 07:42:43 georgia postfix/smtpd[36598]: warning: unknown[114.219.90.252]: SASL LOGIN authentication failed: authentication failure Aug 31 07:42:43 georgia postfix/smtpd[36598]: lost connection after AUTH from unknown[114.219.90.252] Aug 31 07:42:43 georgia postfix/smtpd[36598]: disconnect from unknown[114.219.90.252] ehlo=1 auth=0/1 commands=1/2 Aug 31 07:42:44 georgia postfix/smtpd[36598]: connect from unknown[114.219.90.252] Aug 31 07:42:53 georgia pos........ -------------------------------	2020-09-06 08:14:53
190.39.30.148	attack	1599324387 - 09/05/2020 18:46:27 Host: 190.39.30.148/190.39.30.148 Port: 445 TCP Blocked	2020-09-06 08:31:49
5.188.86.169	attackbotsspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-05T23:49:20Z	2020-09-06 08:05:23

Recently Reported IPs

116.54.98.69	116.54.98.54	116.54.98.93	116.55.246.163
116.55.13.36	116.74.157.13	116.74.126.78	116.74.18.161
116.74.134.141	116.74.254.196	116.74.18.35	116.74.125.185
116.74.27.246	116.74.20.72	116.74.32.164	116.74.33.160
116.74.22.36	116.74.34.195	116.74.59.209	116.74.47.244