164.155.66.214

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
164.155.66.26	attackspam	Jul 15 04:02:47 [host] sshd[26421]: Invalid user h Jul 15 04:02:47 [host] sshd[26421]: pam_unix(sshd: Jul 15 04:02:49 [host] sshd[26421]: Failed passwor	2020-07-15 13:44:04
164.155.66.25	attack	Jul 14 20:26:24 server1 sshd\[28027\]: Failed password for invalid user save from 164.155.66.25 port 54974 ssh2 Jul 14 20:29:13 server1 sshd\[28966\]: Invalid user cristian from 164.155.66.25 Jul 14 20:29:13 server1 sshd\[28966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.155.66.25 Jul 14 20:29:16 server1 sshd\[28966\]: Failed password for invalid user cristian from 164.155.66.25 port 56418 ssh2 Jul 14 20:32:03 server1 sshd\[29636\]: Invalid user ki from 164.155.66.25 ...	2020-07-15 10:51:15

Type

Details

Datetime

164.155.66.26

attackspam

Jul 15 04:02:47 [host] sshd[26421]: Invalid user h
Jul 15 04:02:47 [host] sshd[26421]: pam_unix(sshd:
Jul 15 04:02:49 [host] sshd[26421]: Failed passwor

2020-07-15 13:44:04

164.155.66.25

attack

Jul 14 20:26:24 server1 sshd\[28027\]: Failed password for invalid user save from 164.155.66.25 port 54974 ssh2
Jul 14 20:29:13 server1 sshd\[28966\]: Invalid user cristian from 164.155.66.25
Jul 14 20:29:13 server1 sshd\[28966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.155.66.25 
Jul 14 20:29:16 server1 sshd\[28966\]: Failed password for invalid user cristian from 164.155.66.25 port 56418 ssh2
Jul 14 20:32:03 server1 sshd\[29636\]: Invalid user ki from 164.155.66.25
...

2020-07-15 10:51:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.155.66.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6467
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;164.155.66.214.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 14:34:34 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 214.66.155.164.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 164.155.66.214.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.82.114.15	attackbots	Unauthorized connection attempt from IP address 183.82.114.15 on Port 445(SMB)	2020-09-04 17:10:10
106.13.167.3	attack	2020-09-04T09:46:55+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-09-04 17:02:51
115.217.19.85	attackspambots	Lines containing failures of 115.217.19.85 Sep 2 10:52:38 ntop sshd[300]: Invalid user user3 from 115.217.19.85 port 45284 Sep 2 10:52:38 ntop sshd[300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.217.19.85 Sep 2 10:52:40 ntop sshd[300]: Failed password for invalid user user3 from 115.217.19.85 port 45284 ssh2 Sep 2 10:52:42 ntop sshd[300]: Received disconnect from 115.217.19.85 port 45284:11: Bye Bye [preauth] Sep 2 10:52:42 ntop sshd[300]: Disconnected from invalid user user3 115.217.19.85 port 45284 [preauth] Sep 2 10:59:31 ntop sshd[1233]: Invalid user monte from 115.217.19.85 port 40006 Sep 2 10:59:31 ntop sshd[1233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.217.19.85 Sep 2 10:59:33 ntop sshd[1233]: Failed password for invalid user monte from 115.217.19.85 port 40006 ssh2 Sep 2 10:59:35 ntop sshd[1233]: Received disconnect from 115.217.19.85 port 40006:11: ........ ------------------------------	2020-09-04 16:55:48
51.178.215.200	attack	Sep 4 11:52:24 server2 sshd\[19756\]: Invalid user ubnt from 51.178.215.200 Sep 4 11:52:24 server2 sshd\[19758\]: Invalid user admin from 51.178.215.200 Sep 4 11:52:24 server2 sshd\[19760\]: User root from ip200.ip-51-178-215.eu not allowed because not listed in AllowUsers Sep 4 11:52:25 server2 sshd\[19762\]: Invalid user 1234 from 51.178.215.200 Sep 4 11:52:25 server2 sshd\[19764\]: Invalid user usuario from 51.178.215.200 Sep 4 11:52:25 server2 sshd\[19766\]: Invalid user support from 51.178.215.200	2020-09-04 16:58:26
85.185.83.162	attackspambots	Unauthorized connection attempt from IP address 85.185.83.162 on Port 445(SMB)	2020-09-04 17:08:21
138.97.242.113	attackbotsspam	Sep 3 18:45:37 mellenthin postfix/smtpd[20478]: NOQUEUE: reject: RCPT from unknown[138.97.242.113]: 554 5.7.1 Service unavailable; Client host [138.97.242.113] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/138.97.242.113; from= to= proto=ESMTP helo=<138-97-242-113.altavelocidade>	2020-09-04 17:18:53
128.199.106.46	attackbotsspam	SSH Scan	2020-09-04 17:30:25
104.206.128.14	attackspambots	TCP (SYN) 104.206.128.14:60394 -> port 3389, len 44	2020-09-04 17:06:36
174.217.29.33	attackbots	Brute forcing email accounts	2020-09-04 16:54:43
61.100.3.100	attackbots	Port Scan: TCP/445	2020-09-04 16:53:55
111.229.78.120	attack	2020-08-25 04:12:50,034 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 2020-08-25 04:28:50,339 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 2020-08-25 04:44:57,219 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 2020-08-25 05:01:03,098 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 2020-08-25 05:17:26,672 fail2ban.actions [1312]: NOTICE [sshd] Ban 111.229.78.120 ...	2020-09-04 17:07:33
190.39.57.12	attackspam	Honeypot attack, port: 445, PTR: 190-39-57-12.dyn.dsl.cantv.net.	2020-09-04 16:47:43
192.236.193.38	attackspam	Lines containing failures of 192.236.193.38 Sep 2 10:09:31 expertgeeks postfix/smtpd[6080]: connect from mail-dm01nam07on7895.outbound.protection.noreply-adsreport.com[192.236.193.38] Sep 2 10:09:31 expertgeeks postfix/smtpd[6080]: Anonymous TLS connection established from mail-dm01nam07on7895.outbound.protection.noreply-adsreport.com[192.236.193.38]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Sep x@x Sep 2 10:09:31 expertgeeks postfix/smtpd[6080]: disconnect from mail-dm01nam07on7895.outbound.protection.noreply-adsreport.com[192.236.193.38] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.236.193.38	2020-09-04 17:24:52
171.35.177.228	attackspam	Attempted connection to port 1433.	2020-09-04 17:23:55
177.46.143.216	attack	Unauthorized connection attempt from IP address 177.46.143.216 on Port 445(SMB)	2020-09-04 17:11:48

Recently Reported IPs

164.155.66.250	164.155.66.246	164.155.66.244	164.155.66.29
164.155.66.52	164.155.66.53	164.155.66.40	164.155.66.6
164.155.66.62	164.155.66.75	164.155.66.66	164.155.66.83
164.155.66.95	164.155.67.103	164.155.66.70	164.155.67.11
164.155.66.78	164.155.67.104	164.155.67.1	164.155.67.123