169.0.166.54 - IPInfo

Basic Info

City: Durban

Region: KwaZulu-Natal

Country: South Africa

Internet Service Provider: Afrihost (Pty) Ltd

Hostname: unknown

Organization: Afrihost

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	May 6 01:50:38 server sshd\[136559\]: Invalid user www from 169.0.166.54 May 6 01:50:38 server sshd\[136559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.0.166.54 May 6 01:50:41 server sshd\[136559\]: Failed password for invalid user www from 169.0.166.54 port 47265 ssh2 ...	2019-10-09 12:52:06

Type

Details

Datetime

attack

May  6 01:50:38 server sshd\[136559\]: Invalid user www from 169.0.166.54
May  6 01:50:38 server sshd\[136559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.0.166.54
May  6 01:50:41 server sshd\[136559\]: Failed password for invalid user www from 169.0.166.54 port 47265 ssh2
...

2019-10-09 12:52:06

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 169.0.166.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20203
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;169.0.166.54.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 20:59:10 +08 2019
;; MSG SIZE  rcvd: 116

Host info

54.166.0.169.in-addr.arpa domain name pointer 169-0-166-54.ip.afrihost.co.za.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
54.166.0.169.in-addr.arpa	name = 169-0-166-54.ip.afrihost.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.76.91	attack	Apr 7 21:34:37 webhost01 sshd[25707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.76.91 Apr 7 21:34:39 webhost01 sshd[25707]: Failed password for invalid user sysadm from 106.12.76.91 port 58480 ssh2 ...	2020-04-08 00:03:34
46.50.174.214	attackbotsspam	Honeypot attack, port: 5555, PTR: host-46-50-174-214.bbcustomer.zsttk.net.	2020-04-07 23:58:01
92.222.94.46	attack	B: Abusive ssh attack	2020-04-08 00:13:04
134.209.74.129	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-08 00:34:17
109.191.42.161	attackbots	Honeypot attack, port: 445, PTR: pool-109-191-42-161.is74.ru.	2020-04-08 00:41:21
110.19.105.124	attack	Apr 7 20:58:54 itv-usvr-01 sshd[15685]: Invalid user minecraft1 from 110.19.105.124 Apr 7 20:58:54 itv-usvr-01 sshd[15685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.19.105.124 Apr 7 20:58:54 itv-usvr-01 sshd[15685]: Invalid user minecraft1 from 110.19.105.124 Apr 7 20:58:55 itv-usvr-01 sshd[15685]: Failed password for invalid user minecraft1 from 110.19.105.124 port 8956 ssh2 Apr 7 21:06:53 itv-usvr-01 sshd[16085]: Invalid user ts3server from 110.19.105.124	2020-04-07 23:56:52
78.84.6.75	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-08 00:40:22
51.15.140.60	attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-04-08 00:34:50
222.186.175.202	attackbotsspam	Apr 7 18:04:00 plex sshd[3646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Apr 7 18:04:01 plex sshd[3646]: Failed password for root from 222.186.175.202 port 59942 ssh2	2020-04-08 00:19:44
89.82.248.54	attackspam	$f2bV_matches	2020-04-07 23:42:09
106.12.174.111	attack	Apr 7 15:32:04 markkoudstaal sshd[32463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.174.111 Apr 7 15:32:06 markkoudstaal sshd[32463]: Failed password for invalid user tu from 106.12.174.111 port 55330 ssh2 Apr 7 15:37:09 markkoudstaal sshd[689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.174.111	2020-04-08 00:36:45
93.41.145.109	attack	Automatic report - Port Scan Attack	2020-04-07 23:50:35
124.50.82.209	attack	Web Server Attack	2020-04-08 00:27:30
122.51.219.2	attackbotsspam	Apr 7 17:24:56 minden010 sshd[17903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.219.2 Apr 7 17:24:58 minden010 sshd[17903]: Failed password for invalid user svn from 122.51.219.2 port 47422 ssh2 Apr 7 17:30:14 minden010 sshd[21323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.219.2 ...	2020-04-07 23:46:15
35.231.219.146	attackbots	2020-04-07T08:49:00.041307mail.thespaminator.com sshd[16653]: Invalid user user from 35.231.219.146 port 46688 2020-04-07T08:49:01.528761mail.thespaminator.com sshd[16653]: Failed password for invalid user user from 35.231.219.146 port 46688 ssh2 ...	2020-04-08 00:26:21

Recently Reported IPs

92.99.15.199	105.14.3.215	154.119.182.162	95.87.44.104
27.64.115.141	12.53.228.33	64.127.138.229	14.231.188.61
156.213.58.46	103.231.3.42	176.165.202.253	14.247.1.99
190.241.5.224	114.216.198.131	27.239.127.217	193.188.254.166
74.251.127.57	160.177.46.189	124.166.24.20	80.244.90.182