51.116.180.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Microsoft Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jun 23 01:12:45 roki-contabo sshd\[15188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.116.180.66 user=root Jun 23 01:12:47 roki-contabo sshd\[15188\]: Failed password for root from 51.116.180.66 port 33938 ssh2 Jun 23 01:23:39 roki-contabo sshd\[15388\]: Invalid user protocol from 51.116.180.66 Jun 23 01:23:39 roki-contabo sshd\[15388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.116.180.66 Jun 23 01:23:41 roki-contabo sshd\[15388\]: Failed password for invalid user protocol from 51.116.180.66 port 60246 ssh2 ...	2020-06-23 07:55:27
attackspambots	2020-06-15T04:01:14.746116upcloud.m0sh1x2.com sshd[1603]: Invalid user testing from 51.116.180.66 port 37182	2020-06-15 12:09:22
attack	SSH Invalid Login	2020-05-22 06:37:03
attackbotsspam	Unauthorized SSH login attempts	2020-05-16 03:00:03
attack	(sshd) Failed SSH login from 51.116.180.66 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 10 10:10:22 elude sshd[31209]: Invalid user ubuntu from 51.116.180.66 port 49998 May 10 10:10:24 elude sshd[31209]: Failed password for invalid user ubuntu from 51.116.180.66 port 49998 ssh2 May 10 10:12:42 elude sshd[31738]: Invalid user demo8 from 51.116.180.66 port 33192 May 10 10:12:44 elude sshd[31738]: Failed password for invalid user demo8 from 51.116.180.66 port 33192 ssh2 May 10 10:14:51 elude sshd[32151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.116.180.66 user=root	2020-05-10 19:37:38
attackbots	ssh brute force	2020-05-07 14:21:36
attack	Bruteforce detected by fail2ban	2020-05-06 02:38:22

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 51.116.180.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61405
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;51.116.180.66.			IN	A

;; AUTHORITY SECTION:
.			371	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050501 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 02:38:16 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 66.180.116.51.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 66.180.116.51.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.8	attack	Nov 24 05:58:01 dev0-dcde-rnet sshd[16509]: Failed password for root from 222.186.180.8 port 59944 ssh2 Nov 24 05:58:14 dev0-dcde-rnet sshd[16509]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 59944 ssh2 [preauth] Nov 24 05:58:21 dev0-dcde-rnet sshd[16511]: Failed password for root from 222.186.180.8 port 24036 ssh2	2019-11-24 13:00:19
175.176.91.220	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 24-11-2019 04:55:18.	2019-11-24 13:13:11
68.183.153.161	attackbotsspam	Nov 24 07:13:13 server sshd\[7762\]: User root from 68.183.153.161 not allowed because listed in DenyUsers Nov 24 07:13:13 server sshd\[7762\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.153.161 user=root Nov 24 07:13:15 server sshd\[7762\]: Failed password for invalid user root from 68.183.153.161 port 41404 ssh2 Nov 24 07:19:24 server sshd\[6319\]: User root from 68.183.153.161 not allowed because listed in DenyUsers Nov 24 07:19:24 server sshd\[6319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.153.161 user=root	2019-11-24 13:24:02
45.175.188.1	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 24-11-2019 04:55:21.	2019-11-24 13:09:55
46.38.144.146	attackbotsspam	$f2bV_matches	2019-11-24 13:04:25
38.142.21.58	attack	Nov 24 00:30:22 Tower sshd[41570]: Connection from 38.142.21.58 port 60814 on 192.168.10.220 port 22 Nov 24 00:30:22 Tower sshd[41570]: Invalid user kober from 38.142.21.58 port 60814 Nov 24 00:30:22 Tower sshd[41570]: error: Could not get shadow information for NOUSER Nov 24 00:30:22 Tower sshd[41570]: Failed password for invalid user kober from 38.142.21.58 port 60814 ssh2 Nov 24 00:30:22 Tower sshd[41570]: Received disconnect from 38.142.21.58 port 60814:11: Bye Bye [preauth] Nov 24 00:30:22 Tower sshd[41570]: Disconnected from invalid user kober 38.142.21.58 port 60814 [preauth]	2019-11-24 13:30:54
85.248.42.101	attack	Automatic report - Banned IP Access	2019-11-24 13:33:36
222.186.180.6	attackbots	Nov 24 06:00:39 SilenceServices sshd[21236]: Failed password for root from 222.186.180.6 port 11012 ssh2 Nov 24 06:00:43 SilenceServices sshd[21236]: Failed password for root from 222.186.180.6 port 11012 ssh2 Nov 24 06:00:52 SilenceServices sshd[21236]: Failed password for root from 222.186.180.6 port 11012 ssh2 Nov 24 06:00:52 SilenceServices sshd[21236]: error: maximum authentication attempts exceeded for root from 222.186.180.6 port 11012 ssh2 [preauth]	2019-11-24 13:04:42
180.106.81.168	attackbots	Nov 23 21:10:01 mockhub sshd[19560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.106.81.168 Nov 23 21:10:04 mockhub sshd[19560]: Failed password for invalid user do from 180.106.81.168 port 35906 ssh2 ...	2019-11-24 13:27:58
150.109.106.224	attackspam	5x Failed Password	2019-11-24 13:36:47
14.177.162.18	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 24-11-2019 04:55:17.	2019-11-24 13:16:17
188.162.245.213	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 24-11-2019 04:55:19.	2019-11-24 13:12:13
159.203.197.22	attackbotsspam	404 NOT FOUND	2019-11-24 13:19:52
185.209.0.32	attackbots	Nov 24 06:22:57 mc1 kernel: \[5859216.636441\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.209.0.32 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=30921 PROTO=TCP SPT=48363 DPT=3036 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 24 06:23:14 mc1 kernel: \[5859233.093041\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.209.0.32 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=24182 PROTO=TCP SPT=48363 DPT=3016 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 24 06:24:24 mc1 kernel: \[5859303.269114\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.209.0.32 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=9217 PROTO=TCP SPT=48363 DPT=3014 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-24 13:38:32
80.179.37.78	attack	24.11.2019 05:54:41 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2019-11-24 13:39:16

Recently Reported IPs

79.52.22.192	192.163.207.200	218.7.116.210	190.145.20.106
36.197.143.130	165.22.243.42	162.253.131.19	159.203.181.247
140.238.187.34	106.13.150.200	64.225.21.19	41.67.137.243
200.38.239.177	91.234.99.209	253.118.169.204	185.206.225.140
193.95.62.242	31.170.62.245	144.217.255.56	95.92.110.33