117.30.52.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
117.30.52.35	attackbots	[MK-VM4] Blocked by UFW	2020-07-29 03:08:29
117.30.52.24	attack	Web Server Attack	2020-01-20 03:36:04
117.30.52.106	attackbotsspam	Microsoft-Windows-Security-Auditing	2020-01-02 19:52:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.30.52.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35162
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;117.30.52.66.			IN	A

;; AUTHORITY SECTION:
.			288	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030600 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 06 16:49:22 CST 2022
;; MSG SIZE  rcvd: 105

Host info

66.52.30.117.in-addr.arpa domain name pointer 66.52.30.117.broad.xm.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.52.30.117.in-addr.arpa	name = 66.52.30.117.broad.xm.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.144.150.232	attack	Oct 10 16:44:07 dedicated sshd[12779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.144.150.232 user=root Oct 10 16:44:09 dedicated sshd[12779]: Failed password for root from 58.144.150.232 port 60336 ssh2	2019-10-11 02:09:48
51.77.145.97	attack	Oct 10 16:39:22 localhost sshd\[7356\]: Invalid user q1w2e3r4t5y6u7 from 51.77.145.97 port 36768 Oct 10 16:39:22 localhost sshd\[7356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.145.97 Oct 10 16:39:24 localhost sshd\[7356\]: Failed password for invalid user q1w2e3r4t5y6u7 from 51.77.145.97 port 36768 ssh2 Oct 10 16:42:50 localhost sshd\[7504\]: Invalid user Bonjour from 51.77.145.97 port 46258 Oct 10 16:42:50 localhost sshd\[7504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.145.97 ...	2019-10-11 02:07:04
95.237.81.75	attackspam	firewall-block, port(s): 80/tcp	2019-10-11 02:15:47
201.95.82.97	attack	Lines containing failures of 201.95.82.97 Oct 7 04:21:26 shared01 sshd[15111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.95.82.97 user=r.r Oct 7 04:21:29 shared01 sshd[15111]: Failed password for r.r from 201.95.82.97 port 49894 ssh2 Oct 7 04:21:29 shared01 sshd[15111]: Received disconnect from 201.95.82.97 port 49894:11: Bye Bye [preauth] Oct 7 04:21:29 shared01 sshd[15111]: Disconnected from authenticating user r.r 201.95.82.97 port 49894 [preauth] Oct 7 04:32:25 shared01 sshd[18157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.95.82.97 user=r.r Oct 7 04:32:27 shared01 sshd[18157]: Failed password for r.r from 201.95.82.97 port 52888 ssh2 Oct 7 04:32:28 shared01 sshd[18157]: Received disconnect from 201.95.82.97 port 52888:11: Bye Bye [preauth] Oct 7 04:32:28 shared01 sshd[18157]: Disconnected from authenticating user r.r 201.95.82.97 port 52888 [preauth] Oct 7 ........ ------------------------------	2019-10-11 02:12:31
187.188.193.211	attackbotsspam	SSH Brute-Forcing (ownc)	2019-10-11 02:30:45
89.223.30.218	attack	Brute force SMTP login attempted. ...	2019-10-11 02:28:45
190.9.130.159	attack	Oct 10 19:02:47 markkoudstaal sshd[17860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.130.159 Oct 10 19:02:49 markkoudstaal sshd[17860]: Failed password for invalid user Lyon2017 from 190.9.130.159 port 45037 ssh2 Oct 10 19:07:59 markkoudstaal sshd[18435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.130.159	2019-10-11 02:04:37
89.47.39.36	attackspambots	" "	2019-10-11 02:20:03
91.121.114.69	attackbotsspam	Oct 10 11:50:19 *** sshd[17994]: User root from 91.121.114.69 not allowed because not listed in AllowUsers	2019-10-11 02:11:10
74.82.47.57	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-11 02:25:08
223.25.101.76	attack	2019-10-10T18:20:12.205754abusebot-4.cloudsearch.cf sshd\[4521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.25.101.76 user=root	2019-10-11 02:38:05
112.85.42.174	attackspambots	Oct 10 19:52:21 debian64 sshd\[28716\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root Oct 10 19:52:23 debian64 sshd\[28716\]: Failed password for root from 112.85.42.174 port 8593 ssh2 Oct 10 19:52:26 debian64 sshd\[28716\]: Failed password for root from 112.85.42.174 port 8593 ssh2 ...	2019-10-11 02:06:09
191.33.222.141	attackspam	Oct 10 11:34:10 riskplan-s sshd[25654]: reveeclipse mapping checking getaddrinfo for 191.33.222.141.dynamic.adsl.gvt.net.br [191.33.222.141] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 10 11:34:10 riskplan-s sshd[25654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.33.222.141 user=r.r Oct 10 11:34:12 riskplan-s sshd[25654]: Failed password for r.r from 191.33.222.141 port 54436 ssh2 Oct 10 11:34:13 riskplan-s sshd[25654]: Received disconnect from 191.33.222.141: 11: Bye Bye [preauth] Oct 10 11:39:05 riskplan-s sshd[25706]: reveeclipse mapping checking getaddrinfo for 191.33.222.141.dynamic.adsl.gvt.net.br [191.33.222.141] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 10 11:39:05 riskplan-s sshd[25706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.33.222.141 user=r.r Oct 10 11:39:06 riskplan-s sshd[25706]: Failed password for r.r from 191.33.222.141 port 37250 ssh2 Oct 10 11:39:07 riskp........ -------------------------------	2019-10-11 02:35:34
188.213.49.210	attackbots	10.10.2019 19:19:38 - Wordpress fail Detected by ELinOX-ALM	2019-10-11 02:25:58
86.14.146.148	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/86.14.146.148/ GB - 1H : (80) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN5089 IP : 86.14.146.148 CIDR : 86.14.0.0/15 PREFIX COUNT : 259 UNIQUE IP COUNT : 9431296 WYKRYTE ATAKI Z ASN5089 : 1H - 1 3H - 1 6H - 2 12H - 3 24H - 6 DateTime : 2019-10-10 13:49:37 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-11 02:39:23

Recently Reported IPs

117.30.52.62	117.30.52.7	115.216.76.203	115.216.76.222
115.218.208.36	115.216.76.207	115.216.76.215	115.218.208.35
115.216.76.22	115.216.76.217	115.216.76.220	117.30.52.75
115.218.208.38	115.216.76.208	115.218.208.45	115.218.208.4
115.216.76.218	115.218.208.42	115.218.208.46	115.218.208.50