164.155.66.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
164.155.66.26	attackspam	Jul 15 04:02:47 [host] sshd[26421]: Invalid user h Jul 15 04:02:47 [host] sshd[26421]: pam_unix(sshd: Jul 15 04:02:49 [host] sshd[26421]: Failed passwor	2020-07-15 13:44:04
164.155.66.25	attack	Jul 14 20:26:24 server1 sshd\[28027\]: Failed password for invalid user save from 164.155.66.25 port 54974 ssh2 Jul 14 20:29:13 server1 sshd\[28966\]: Invalid user cristian from 164.155.66.25 Jul 14 20:29:13 server1 sshd\[28966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.155.66.25 Jul 14 20:29:16 server1 sshd\[28966\]: Failed password for invalid user cristian from 164.155.66.25 port 56418 ssh2 Jul 14 20:32:03 server1 sshd\[29636\]: Invalid user ki from 164.155.66.25 ...	2020-07-15 10:51:15

Type

Details

Datetime

164.155.66.26

attackspam

Jul 15 04:02:47 [host] sshd[26421]: Invalid user h
Jul 15 04:02:47 [host] sshd[26421]: pam_unix(sshd:
Jul 15 04:02:49 [host] sshd[26421]: Failed passwor

2020-07-15 13:44:04

164.155.66.25

attack

Jul 14 20:26:24 server1 sshd\[28027\]: Failed password for invalid user save from 164.155.66.25 port 54974 ssh2
Jul 14 20:29:13 server1 sshd\[28966\]: Invalid user cristian from 164.155.66.25
Jul 14 20:29:13 server1 sshd\[28966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.155.66.25 
Jul 14 20:29:16 server1 sshd\[28966\]: Failed password for invalid user cristian from 164.155.66.25 port 56418 ssh2
Jul 14 20:32:03 server1 sshd\[29636\]: Invalid user ki from 164.155.66.25
...

2020-07-15 10:51:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.155.66.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26055
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;164.155.66.29.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 14:34:36 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 29.66.155.164.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 164.155.66.29.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.93.204.221	attackspam	$f2bV_matches	2020-02-01 16:10:53
163.172.127.251	attackspambots	Unauthorized connection attempt detected from IP address 163.172.127.251 to port 2220 [J]	2020-02-01 15:55:45
13.56.77.247	attackbots	[SatFeb0106:02:11.8889132020][:error][pid24188:tid47392774641408][client13.56.77.247:48550][client13.56.77.247]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"mail.acquacruda.ch"][uri"/.env"][unique_id"XjUGU5lcfRG8Izvxj6Pn0AAAAQc"][SatFeb0106:32:19.4805462020][:error][pid23763:tid47392774641408][client13.56.77.247:33898][client13.56.77.247]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\	2020-02-01 15:58:47
52.66.136.113	attack	[SatFeb0107:51:58.0132962020][:error][pid12204:tid47392804058880][client52.66.136.113:36372][client52.66.136.113]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"www.parrocchiaditesserete.ch"][uri"/.env"][unique_id"XjUgDlBIXxWR23kZycYuOwAAAJU"][SatFeb0108:32:02.0148982020][:error][pid12116:tid47392795653888][client52.66.136.113:48978][client52.66.136.113]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\	2020-02-01 15:37:05
185.86.164.106	attack	Automatic report - Banned IP Access	2020-02-01 16:01:17
45.76.232.166	attackbots	scan z	2020-02-01 15:41:33
46.229.173.66	attackspam	Fail2Ban Ban Triggered	2020-02-01 15:37:29
200.62.99.13	attackbots	(imapd) Failed IMAP login from 200.62.99.13 (NI/Nicaragua/13-99-62-200.enitel.net.ni): 1 in the last 3600 secs	2020-02-01 15:43:22
222.186.175.216	attack	Feb 1 08:57:37 ks10 sshd[1819543]: Failed password for root from 222.186.175.216 port 26416 ssh2 Feb 1 08:57:41 ks10 sshd[1819543]: Failed password for root from 222.186.175.216 port 26416 ssh2 ...	2020-02-01 15:59:55
109.95.177.87	attackbots	Automatic report - SSH Brute-Force Attack	2020-02-01 16:07:56
222.186.175.167	attackspambots	Feb 1 08:49:12 legacy sshd[10679]: Failed password for root from 222.186.175.167 port 58732 ssh2 Feb 1 08:49:15 legacy sshd[10679]: Failed password for root from 222.186.175.167 port 58732 ssh2 Feb 1 08:49:18 legacy sshd[10679]: Failed password for root from 222.186.175.167 port 58732 ssh2 Feb 1 08:49:22 legacy sshd[10679]: Failed password for root from 222.186.175.167 port 58732 ssh2 ...	2020-02-01 15:55:17
73.203.102.132	attackspam	Unauthorized connection attempt detected from IP address 73.203.102.132 to port 2220 [J]	2020-02-01 16:03:31
106.110.76.102	attack	Feb 1 05:54:37 grey postfix/smtpd\[11451\]: NOQUEUE: reject: RCPT from unknown\[106.110.76.102\]: 554 5.7.1 Service unavailable\; Client host \[106.110.76.102\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[106.110.76.102\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-01 16:02:01
1.2.225.68	attackbots	Unauthorized connection attempt from IP address 1.2.225.68 on Port 445(SMB)	2020-02-01 15:35:44
13.57.231.141	attackbots	Unauthorized connection attempt detected, IP banned.	2020-02-01 16:11:09

Recently Reported IPs

164.155.66.244	164.155.66.52	164.155.66.53	164.155.66.40
164.155.66.6	164.155.66.62	164.155.66.75	164.155.66.66
164.155.66.83	164.155.66.95	164.155.67.103	164.155.66.70
164.155.67.11	164.155.66.78	164.155.67.104	164.155.67.1
164.155.67.123	164.155.67.142	164.155.67.129	164.155.67.119