118.45.172.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	20 attempts against mh-ssh on comet.magehost.pro	2019-07-16 13:20:38

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.45.172.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41967
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;118.45.172.66.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 16 13:20:18 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 66.172.45.118.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 66.172.45.118.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.164.63.234	attack	2019-08-22T22:50:04.788609mizuno.rwx.ovh sshd[29630]: Connection from 185.164.63.234 port 53542 on 78.46.61.178 port 22 2019-08-22T22:50:04.947585mizuno.rwx.ovh sshd[29630]: Invalid user lilycity from 185.164.63.234 port 53542 2019-08-22T22:50:04.956785mizuno.rwx.ovh sshd[29630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.63.234 2019-08-22T22:50:04.788609mizuno.rwx.ovh sshd[29630]: Connection from 185.164.63.234 port 53542 on 78.46.61.178 port 22 2019-08-22T22:50:04.947585mizuno.rwx.ovh sshd[29630]: Invalid user lilycity from 185.164.63.234 port 53542 2019-08-22T22:50:06.354180mizuno.rwx.ovh sshd[29630]: Failed password for invalid user lilycity from 185.164.63.234 port 53542 ssh2 ...	2019-08-23 12:47:01
79.17.4.197	attackbotsspam	Aug 22 22:23:01 www sshd\[5540\]: Invalid user michey from 79.17.4.197Aug 22 22:23:03 www sshd\[5540\]: Failed password for invalid user michey from 79.17.4.197 port 37636 ssh2Aug 22 22:24:50 www sshd\[5545\]: Invalid user nu from 79.17.4.197 ...	2019-08-23 12:38:22
103.126.100.120	attackspam	Aug 23 03:55:29 MK-Soft-VM4 sshd\[634\]: Invalid user pb from 103.126.100.120 port 42626 Aug 23 03:55:29 MK-Soft-VM4 sshd\[634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.126.100.120 Aug 23 03:55:31 MK-Soft-VM4 sshd\[634\]: Failed password for invalid user pb from 103.126.100.120 port 42626 ssh2 ...	2019-08-23 12:17:49
159.89.194.160	attack	Automatic report - Banned IP Access	2019-08-23 12:18:44
193.70.36.161	attackbotsspam	Aug 22 18:55:23 web1 sshd\[22317\]: Invalid user deploy from 193.70.36.161 Aug 22 18:55:23 web1 sshd\[22317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.36.161 Aug 22 18:55:25 web1 sshd\[22317\]: Failed password for invalid user deploy from 193.70.36.161 port 41381 ssh2 Aug 22 18:59:53 web1 sshd\[22777\]: Invalid user share from 193.70.36.161 Aug 22 18:59:53 web1 sshd\[22777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.36.161	2019-08-23 13:14:52
134.209.81.63	attack	Aug 22 23:10:27 legacy sshd[9909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.81.63 Aug 22 23:10:29 legacy sshd[9909]: Failed password for invalid user r from 134.209.81.63 port 33550 ssh2 Aug 22 23:15:11 legacy sshd[10006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.81.63 ...	2019-08-23 12:22:41
187.35.191.231	attackspam	Aug 23 05:47:24 icinga sshd[31155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.35.191.231 Aug 23 05:47:25 icinga sshd[31155]: Failed password for invalid user lorelei from 187.35.191.231 port 45434 ssh2 ...	2019-08-23 12:37:57
42.112.208.52	attack	Splunk® : port scan detected: Aug 22 16:44:40 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=42.112.208.52 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=101 ID=256 PROTO=TCP SPT=6000 DPT=8089 WINDOW=16384 RES=0x00 SYN URGP=0	2019-08-23 12:24:21
107.172.251.113	attackspam	Aug 23 00:55:32 ny01 sshd[25058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.172.251.113 Aug 23 00:55:33 ny01 sshd[25058]: Failed password for invalid user eddie from 107.172.251.113 port 42716 ssh2 Aug 23 00:59:59 ny01 sshd[25429]: Failed password for root from 107.172.251.113 port 33290 ssh2	2019-08-23 13:08:33
5.196.75.178	attackbots	Aug 22 22:14:10 server sshd[18549]: Failed password for invalid user weblogic from 5.196.75.178 port 57834 ssh2 Aug 22 22:30:19 server sshd[20068]: Failed password for invalid user marketing from 5.196.75.178 port 57270 ssh2 Aug 22 22:38:30 server sshd[20793]: Failed password for invalid user loveture from 5.196.75.178 port 55034 ssh2	2019-08-23 12:14:55
159.89.165.127	attackspam	$f2bV_matches	2019-08-23 13:17:21
54.36.148.172	attack	Automatic report - Banned IP Access	2019-08-23 12:30:40
197.248.205.54	attackbotsspam	Aug 23 05:43:19 nextcloud sshd\[26395\]: Invalid user xie from 197.248.205.54 Aug 23 05:43:19 nextcloud sshd\[26395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.205.54 Aug 23 05:43:22 nextcloud sshd\[26395\]: Failed password for invalid user xie from 197.248.205.54 port 56708 ssh2 ...	2019-08-23 12:53:58
104.248.150.23	attack	Aug 22 21:52:10 hb sshd\[17743\]: Invalid user google from 104.248.150.23 Aug 22 21:52:10 hb sshd\[17743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.23 Aug 22 21:52:12 hb sshd\[17743\]: Failed password for invalid user google from 104.248.150.23 port 39986 ssh2 Aug 22 21:57:03 hb sshd\[18201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.23 user=root Aug 22 21:57:05 hb sshd\[18201\]: Failed password for root from 104.248.150.23 port 58024 ssh2	2019-08-23 12:50:55
167.249.9.169	attackspambots	Port Scan detected from 167.249.9.169 (PE/Peru/-). 4 hits in the last 235 seconds	2019-08-23 12:26:44

Recently Reported IPs

115.51.53.231	152.168.242.60	165.22.54.217	201.217.58.113
197.34.236.56	185.175.93.27	173.187.81.98	91.67.43.182
128.199.129.239	109.94.114.1	195.254.135.76	188.128.39.131
218.164.110.64	49.79.91.215	180.241.41.93	174.195.11.214
14.162.170.174	182.240.246.171	77.42.74.55	190.56.4.45