116.55.1.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.55.103.37	attackspam	Unauthorized connection attempt from IP address 116.55.103.37 on Port 445(SMB)	2020-09-02 14:59:40
116.55.103.37	attackspambots	Unauthorized connection attempt from IP address 116.55.103.37 on Port 445(SMB)	2020-09-02 08:01:01
116.55.103.37	attackbots	1598616344 - 08/28/2020 14:05:44 Host: 116.55.103.37/116.55.103.37 Port: 445 TCP Blocked	2020-08-29 00:31:42
116.55.130.16	attackspam	06/06/2020-16:45:13.959114 116.55.130.16 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-07 06:05:52
116.55.103.37	attackbotsspam	Unauthorized connection attempt detected from IP address 116.55.103.37 to port 445	2020-05-31 03:41:31
116.55.140.149	attack	Automatic report - Banned IP Access	2020-03-14 01:26:09
116.55.121.82	attackbotsspam	Honeypot attack, port: 5555, PTR: 82.121.55.116.broad.km.yn.dynamic.163data.com.cn.	2020-03-01 13:12:48
116.55.101.26	attackspam	Unauthorized connection attempt from IP address 116.55.101.26 on Port 445(SMB)	2019-12-25 21:38:38
116.55.140.245	attack	badbot	2019-11-20 19:11:28
116.55.117.32	attackspambots	Unauthorised access (Oct 11) SRC=116.55.117.32 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=1054 TCP DPT=8080 WINDOW=9228 SYN Unauthorised access (Oct 10) SRC=116.55.117.32 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=37808 TCP DPT=8080 WINDOW=21783 SYN Unauthorised access (Oct 9) SRC=116.55.117.32 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=42657 TCP DPT=8080 WINDOW=10500 SYN Unauthorised access (Oct 9) SRC=116.55.117.32 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=61520 TCP DPT=8080 WINDOW=10500 SYN	2019-10-11 15:11:32
116.55.197.54	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/116.55.197.54/ CN - 1H : (516) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 116.55.197.54 CIDR : 116.55.192.0/19 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 WYKRYTE ATAKI Z ASN4134 : 1H - 13 3H - 32 6H - 59 12H - 115 24H - 217 DateTime : 2019-10-09 15:06:38 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 21:23:04
116.55.123.190	attackbots	firewall-block, port(s): 5555/tcp	2019-07-07 10:33:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.55.1.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10536
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.55.1.5.			IN	A

;; AUTHORITY SECTION:
.			419	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 16:22:59 CST 2022
;; MSG SIZE  rcvd: 103

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 116.55.1.5.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.161.13	attackbotsspam	Unauthorised access (Jul 12) SRC=92.118.161.13 LEN=44 TTL=238 ID=54248 TCP DPT=138 WINDOW=1024 SYN	2019-07-12 13:50:51
103.84.39.49	attackspam	Unauthorized IMAP connection attempt	2019-07-12 13:53:51
185.126.199.90	attack	[ ?? ] From bounce5@corretor-10-online.com.br Thu Jul 11 20:57:12 2019 Received: from host6.corretor-10-online.com.br ([185.126.199.90]:35770)	2019-07-12 14:12:41
222.186.15.217	attack	2019-07-12T07:55:02.626855scmdmz1 sshd\[17563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.217 user=root 2019-07-12T07:55:04.767478scmdmz1 sshd\[17563\]: Failed password for root from 222.186.15.217 port 64663 ssh2 2019-07-12T07:55:07.064745scmdmz1 sshd\[17563\]: Failed password for root from 222.186.15.217 port 64663 ssh2 ...	2019-07-12 14:15:41
58.220.51.158	attackbots	Jul 12 04:08:36 hal sshd[3035]: Bad protocol version identification '' from 58.220.51.158 port 54378 Jul 12 04:08:38 hal sshd[3036]: Invalid user support from 58.220.51.158 port 58448 Jul 12 04:08:38 hal sshd[3036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.220.51.158 Jul 12 04:08:40 hal sshd[3036]: Failed password for invalid user support from 58.220.51.158 port 58448 ssh2 Jul 12 04:08:40 hal sshd[3036]: Connection closed by 58.220.51.158 port 58448 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=58.220.51.158	2019-07-12 13:29:26
179.158.60.95	attackspam	Jul 12 04:56:38 s64-1 sshd[3726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.158.60.95 Jul 12 04:56:40 s64-1 sshd[3726]: Failed password for invalid user max from 179.158.60.95 port 51262 ssh2 Jul 12 05:03:31 s64-1 sshd[3793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.158.60.95 ...	2019-07-12 14:08:26
167.71.204.13	attackbots	(sshd) Failed SSH login from 167.71.204.13 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 12 01:12:02 testbed sshd[13652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.204.13 user=root Jul 12 01:12:04 testbed sshd[13652]: Failed password for root from 167.71.204.13 port 50706 ssh2 Jul 12 01:12:06 testbed sshd[13657]: Invalid user admin from 167.71.204.13 port 60326 Jul 12 01:12:08 testbed sshd[13657]: Failed password for invalid user admin from 167.71.204.13 port 60326 ssh2 Jul 12 01:12:10 testbed sshd[13662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.204.13 user=root	2019-07-12 13:21:01
45.55.187.39	attack	Jul 12 02:35:33 * sshd[9634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.187.39 Jul 12 02:35:35 * sshd[9634]: Failed password for invalid user 10 from 45.55.187.39 port 36014 ssh2	2019-07-12 13:56:56
106.12.28.36	attackbots	Jul 12 07:31:42 legacy sshd[28950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.36 Jul 12 07:31:45 legacy sshd[28950]: Failed password for invalid user webmaster from 106.12.28.36 port 53696 ssh2 Jul 12 07:35:09 legacy sshd[29055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.36 ...	2019-07-12 13:50:20
175.98.115.247	attack	Jul 12 06:19:20 localhost sshd\[53889\]: Invalid user james from 175.98.115.247 port 54814 Jul 12 06:19:20 localhost sshd\[53889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.98.115.247 ...	2019-07-12 13:20:17
216.185.36.175	attackbotsspam	Chat Spam	2019-07-12 13:42:41
142.93.178.87	attackspam	Jul 12 07:00:40 localhost sshd\[56839\]: Invalid user jenkins from 142.93.178.87 port 54068 Jul 12 07:00:40 localhost sshd\[56839\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.178.87 ...	2019-07-12 14:03:48
138.255.148.5	attackbots	2019-07-12T01:56:53.061091mail01 postfix/smtpd[4414]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-07-12T01:57:00.423487mail01 postfix/smtpd[11248]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-07-12T01:59:48.495639mail01 postfix/smtpd[17219]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-12 13:24:38
157.55.39.214	attackbots	Automatic report - Web App Attack	2019-07-12 14:13:48
183.131.82.99	attackbotsspam	Jul 12 09:21:13 hosting sshd[1733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.131.82.99 user=root Jul 12 09:21:15 hosting sshd[1733]: Failed password for root from 183.131.82.99 port 28393 ssh2 ...	2019-07-12 14:24:23

Recently Reported IPs

116.54.98.69	116.54.98.54	116.54.98.93	116.55.246.163
116.55.13.36	116.74.157.13	116.74.126.78	116.74.18.161
116.74.134.141	116.74.254.196	116.74.18.35	116.74.125.185
116.74.27.246	116.74.20.72	116.74.32.164	116.74.33.160
116.74.22.36	116.74.34.195	116.74.59.209	116.74.47.244