166.62.92.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Sep 25 15:23:11 vpn sshd[26143]: Invalid user uftp from 166.62.92.18 Sep 25 15:23:11 vpn sshd[26143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.62.92.18 Sep 25 15:23:14 vpn sshd[26143]: Failed password for invalid user uftp from 166.62.92.18 port 53612 ssh2 Sep 25 15:25:59 vpn sshd[26147]: Invalid user weblogic from 166.62.92.18 Sep 25 15:25:59 vpn sshd[26147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.62.92.18	2019-07-19 10:17:53

Type

Details

Datetime

attackbots

Sep 25 15:23:11 vpn sshd[26143]: Invalid user uftp from 166.62.92.18
Sep 25 15:23:11 vpn sshd[26143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.62.92.18
Sep 25 15:23:14 vpn sshd[26143]: Failed password for invalid user uftp from 166.62.92.18 port 53612 ssh2
Sep 25 15:25:59 vpn sshd[26147]: Invalid user weblogic from 166.62.92.18
Sep 25 15:25:59 vpn sshd[26147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.62.92.18

2019-07-19 10:17:53

Comments on same subnet:

IP	Type	Details	Datetime
166.62.92.37	attackspam	21 attempts against mh-misbehave-ban on star	2020-05-28 12:52:20
166.62.92.37	attack	Portscan or hack attempt detected by psad/fwsnort	2019-12-05 19:04:48
166.62.92.48	attackbots	Wordpress brute-force	2019-10-17 20:36:35
166.62.92.37	attack	ThinkPHP, Drupal Remote Code Execution attempt	2019-09-05 21:30:10
166.62.92.37	attack	ECShop Remote Code Execution Vulnerability, PTR: ip-166-62-92-37.ip.secureserver.net.	2019-08-23 04:20:06
166.62.92.48	attack	C1,WP GET /wp-login.php	2019-08-22 22:21:59
166.62.92.48	attack	Wordpress Admin Login attack	2019-08-17 07:45:17
166.62.92.37	attackspambots	10 attempts against mh-pma-try-ban on pine.magehost.pro	2019-08-06 23:24:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.62.92.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17288
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;166.62.92.18.			IN	A

;; AUTHORITY SECTION:
.			2095	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071801 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 19 10:17:46 CST 2019
;; MSG SIZE  rcvd: 116

Host info

18.92.62.166.in-addr.arpa domain name pointer ip-166-62-92-18.ip.secureserver.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
18.92.62.166.in-addr.arpa	name = ip-166-62-92-18.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
164.77.117.10	attackspam	Apr 21 14:48:51 meumeu sshd[12400]: Failed password for root from 164.77.117.10 port 54358 ssh2 Apr 21 14:53:45 meumeu sshd[13263]: Failed password for root from 164.77.117.10 port 41314 ssh2 ...	2020-04-21 23:23:56
70.125.240.42	attack	Apr 21 16:44:45 nextcloud sshd\[25456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.125.240.42 user=root Apr 21 16:44:46 nextcloud sshd\[25456\]: Failed password for root from 70.125.240.42 port 37376 ssh2 Apr 21 16:51:48 nextcloud sshd\[2985\]: Invalid user yh from 70.125.240.42 Apr 21 16:51:48 nextcloud sshd\[2985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.125.240.42	2020-04-22 00:04:37
116.105.215.232	attackbots	Apr 21 15:12:27 ns1 sshd[19060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.105.215.232 Apr 21 15:12:29 ns1 sshd[19060]: Failed password for invalid user admin from 116.105.215.232 port 40000 ssh2	2020-04-21 23:42:38
68.183.23.118	attack	Invalid user admin from 68.183.23.118 port 42390	2020-04-22 00:05:40
82.65.35.189	attackbotsspam	(sshd) Failed SSH login from 82.65.35.189 (FR/France/82-65-35-189.subs.proxad.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 21 10:11:49 localhost sshd[16129]: Invalid user admin from 82.65.35.189 port 51452 Apr 21 10:11:50 localhost sshd[16129]: Failed password for invalid user admin from 82.65.35.189 port 51452 ssh2 Apr 21 10:16:29 localhost sshd[16470]: Invalid user ow from 82.65.35.189 port 40706 Apr 21 10:16:31 localhost sshd[16470]: Failed password for invalid user ow from 82.65.35.189 port 40706 ssh2 Apr 21 10:19:36 localhost sshd[16688]: Invalid user mq from 82.65.35.189 port 39918	2020-04-22 00:01:36
113.141.166.40	attackbotsspam	Apr 21 22:07:08 itv-usvr-01 sshd[32589]: Invalid user dv from 113.141.166.40 Apr 21 22:07:08 itv-usvr-01 sshd[32589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.141.166.40 Apr 21 22:07:08 itv-usvr-01 sshd[32589]: Invalid user dv from 113.141.166.40 Apr 21 22:07:10 itv-usvr-01 sshd[32589]: Failed password for invalid user dv from 113.141.166.40 port 42784 ssh2 Apr 21 22:12:26 itv-usvr-01 sshd[458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.141.166.40 user=root Apr 21 22:12:27 itv-usvr-01 sshd[458]: Failed password for root from 113.141.166.40 port 38722 ssh2	2020-04-21 23:46:28
120.237.159.248	attackspam	Invalid user d from 120.237.159.248 port 58368	2020-04-21 23:37:13
165.227.101.226	attackbots	Apr 21 15:25:00 jane sshd[6028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.101.226 Apr 21 15:25:01 jane sshd[6028]: Failed password for invalid user tx from 165.227.101.226 port 59610 ssh2 ...	2020-04-21 23:22:58
161.35.97.13	attackbotsspam	Invalid user ubnt from 161.35.97.13 port 42302	2020-04-21 23:24:55
80.211.45.85	attack	2020-04-21T16:45:56.797558amanda2.illicoweb.com sshd\[10873\]: Invalid user admin3 from 80.211.45.85 port 44272 2020-04-21T16:45:56.800958amanda2.illicoweb.com sshd\[10873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.45.85 2020-04-21T16:45:59.057334amanda2.illicoweb.com sshd\[10873\]: Failed password for invalid user admin3 from 80.211.45.85 port 44272 ssh2 2020-04-21T16:53:49.015722amanda2.illicoweb.com sshd\[11392\]: Invalid user ftpuser1 from 80.211.45.85 port 38454 2020-04-21T16:53:49.018103amanda2.illicoweb.com sshd\[11392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.45.85 ...	2020-04-22 00:02:34
106.12.23.198	attackbotsspam	prod8 ...	2020-04-21 23:51:53
54.37.66.7	attackbotsspam	Bruteforce detected by fail2ban	2020-04-22 00:07:23
128.199.182.158	attack	Invalid user fk from 128.199.182.158 port 47828	2020-04-21 23:34:04
139.99.98.248	attack	(sshd) Failed SSH login from 139.99.98.248 (SG/Singapore/248.ip-139-99-98.eu): 5 in the last 3600 secs	2020-04-21 23:29:57
117.184.119.10	attackbots	Invalid user ftpuser from 117.184.119.10 port 2451	2020-04-21 23:40:57

Recently Reported IPs

80.67.53.93	177.105.66.146	78.186.159.63	177.84.197.234
165.227.79.73	165.227.79.177	125.230.241.155	165.255.158.7
209.54.235.43	171.221.200.49	247.215.149.215	95.233.13.87
226.53.173.224	195.254.249.50	238.163.23.40	203.54.5.251
57.200.215.66	173.246.110.147	191.183.91.224	250.9.225.6