66.117.12.196 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Corporate Colocation Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-25 11:34:32
attack	" "	2020-08-18 17:54:11
attack	Unauthorized connection attempt detected from IP address 66.117.12.196 to port 3728	2020-07-14 01:40:24
attack	Jul 6 23:03:15 debian-2gb-nbg1-2 kernel: \[16328002.085917\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=66.117.12.196 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=33053 PROTO=TCP SPT=50070 DPT=22195 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-07 05:15:23
attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 7132 7132	2020-07-06 23:31:05
attackspambots	Unauthorized connection attempt detected from IP address 66.117.12.196 to port 889	2020-06-24 23:47:55
attackspambots	Jun 19 22:39:05 debian-2gb-nbg1-2 kernel: \[14857832.725492\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=66.117.12.196 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=14988 PROTO=TCP SPT=56887 DPT=20285 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-20 05:44:08
attackbotsspam	Port Scan detected from 66.117.12.196 (US/United States/California/Los Angeles (Silver Lake)/-). 4 hits in the last 255 seconds	2020-06-14 13:10:36
attack	firewall-block, port(s): 8088/tcp	2020-05-31 22:59:20
attackspam	Multiport scan 47 ports : 395 2107 2186 2483 4012 4943 5047 6595 7261 7679 7998 8657 9035 10445 10519 11339 13291 13533 13667 13808 15248 15284 15647 15788 15995 16006 17328 17908 18494 20311 21519 22680 22706 23272 23875 23972 24982 25211 25394 26200 26482 27171 28141 28514 29865 29938 32354	2020-05-12 08:46:17
attackspam	scans 2 times in preceeding hours on the ports (in chronological order) 16006 16006	2020-05-01 21:06:25
attack	04/26/2020-23:59:54.234228 66.117.12.196 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-27 12:15:20
attack	scans 2 times in preceeding hours on the ports (in chronological order) 29865 29865	2020-04-19 00:28:13
attackbots	15248/tcp 32354/tcp 2107/tcp... [2020-04-04/12]28pkt,10pt.(tcp)	2020-04-13 05:19:41
attack	Mar 20 09:52:12 vpn sshd[29783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.117.12.196 Mar 20 09:52:15 vpn sshd[29783]: Failed password for invalid user www from 66.117.12.196 port 37980 ssh2 Mar 20 10:00:15 vpn sshd[29834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.117.12.196	2020-01-05 18:22:01

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.117.12.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36785
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.117.12.196.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061002 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 11 07:14:56 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 196.12.117.66.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 196.12.117.66.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
23.254.203.91	attackspambots	Dec 23 07:05:01 webhost01 sshd[26073]: Failed password for root from 23.254.203.91 port 53060 ssh2 ...	2019-12-23 08:39:46
41.242.82.8	attack	Unauthorized connection attempt detected from IP address 41.242.82.8 to port 445	2019-12-23 08:39:25
175.126.38.221	attack	Dec 22 15:09:24 tdfoods sshd\[32666\]: Invalid user jeffrey from 175.126.38.221 Dec 22 15:09:24 tdfoods sshd\[32666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.126.38.221 Dec 22 15:09:26 tdfoods sshd\[32666\]: Failed password for invalid user jeffrey from 175.126.38.221 port 37096 ssh2 Dec 22 15:16:02 tdfoods sshd\[932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.126.38.221 user=root Dec 22 15:16:04 tdfoods sshd\[932\]: Failed password for root from 175.126.38.221 port 41946 ssh2	2019-12-23 09:17:38
41.41.238.84	attackbots	Unauthorized IMAP connection attempt	2019-12-23 08:42:36
103.253.107.43	attackspambots	Dec 23 01:46:44 MK-Soft-VM5 sshd[16791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.253.107.43 Dec 23 01:46:46 MK-Soft-VM5 sshd[16791]: Failed password for invalid user hung from 103.253.107.43 port 33718 ssh2 ...	2019-12-23 09:13:07
186.3.213.164	attackspam	Invalid user eldred from 186.3.213.164 port 50986	2019-12-23 08:54:20
120.76.114.201	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2019-12-23 08:49:57
185.244.167.52	attackbots	Dec 22 14:26:28 hpm sshd\[8348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.244.167.52 user=root Dec 22 14:26:30 hpm sshd\[8348\]: Failed password for root from 185.244.167.52 port 34040 ssh2 Dec 22 14:31:13 hpm sshd\[8825\]: Invalid user lollipop from 185.244.167.52 Dec 22 14:31:13 hpm sshd\[8825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.244.167.52 Dec 22 14:31:15 hpm sshd\[8825\]: Failed password for invalid user lollipop from 185.244.167.52 port 38340 ssh2	2019-12-23 08:49:03
222.186.173.238	attackbotsspam	Dec 22 14:58:58 wbs sshd\[7388\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Dec 22 14:59:00 wbs sshd\[7388\]: Failed password for root from 222.186.173.238 port 27770 ssh2 Dec 22 14:59:03 wbs sshd\[7388\]: Failed password for root from 222.186.173.238 port 27770 ssh2 Dec 22 14:59:17 wbs sshd\[7431\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Dec 22 14:59:19 wbs sshd\[7431\]: Failed password for root from 222.186.173.238 port 45724 ssh2	2019-12-23 09:02:12
167.99.155.36	attack	Dec 23 03:43:49 hosting sshd[25333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=www2.bwell.solutions user=root Dec 23 03:43:51 hosting sshd[25333]: Failed password for root from 167.99.155.36 port 40628 ssh2 Dec 23 03:48:41 hosting sshd[25603]: Invalid user pvaca from 167.99.155.36 port 46608 Dec 23 03:48:41 hosting sshd[25603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=www2.bwell.solutions Dec 23 03:48:41 hosting sshd[25603]: Invalid user pvaca from 167.99.155.36 port 46608 Dec 23 03:48:43 hosting sshd[25603]: Failed password for invalid user pvaca from 167.99.155.36 port 46608 ssh2 ...	2019-12-23 09:01:05
37.187.79.55	attackbotsspam	Dec 22 14:24:09 php1 sshd\[8677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tde.terre-des-elements.net user=root Dec 22 14:24:11 php1 sshd\[8677\]: Failed password for root from 37.187.79.55 port 38218 ssh2 Dec 22 14:29:51 php1 sshd\[9312\]: Invalid user wmcx from 37.187.79.55 Dec 22 14:29:51 php1 sshd\[9312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tde.terre-des-elements.net Dec 22 14:29:53 php1 sshd\[9312\]: Failed password for invalid user wmcx from 37.187.79.55 port 41639 ssh2	2019-12-23 08:55:48
110.53.24.83	attackspambots	110.53.24.83 has been banned for [spam] ...	2019-12-23 09:00:00
103.79.90.72	attackspambots	2019-12-23T00:36:09.773801shield sshd\[13492\]: Invalid user ubnt from 103.79.90.72 port 41812 2019-12-23T00:36:09.777259shield sshd\[13492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.79.90.72 2019-12-23T00:36:11.584094shield sshd\[13492\]: Failed password for invalid user ubnt from 103.79.90.72 port 41812 ssh2 2019-12-23T00:42:33.912864shield sshd\[14958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.79.90.72 user=root 2019-12-23T00:42:35.769925shield sshd\[14958\]: Failed password for root from 103.79.90.72 port 44675 ssh2	2019-12-23 08:55:13
117.184.114.139	attack	Dec 23 01:11:00 legacy sshd[17627]: Failed password for root from 117.184.114.139 port 37050 ssh2 Dec 23 01:17:19 legacy sshd[18026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.184.114.139 Dec 23 01:17:21 legacy sshd[18026]: Failed password for invalid user arbel from 117.184.114.139 port 57830 ssh2 ...	2019-12-23 08:45:11
200.165.167.10	attackbotsspam	Dec 23 01:58:20 legacy sshd[20194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.167.10 Dec 23 01:58:22 legacy sshd[20194]: Failed password for invalid user server from 200.165.167.10 port 42059 ssh2 Dec 23 02:04:35 legacy sshd[20512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.167.10 ...	2019-12-23 09:10:45

Recently Reported IPs

36.7.140.77	183.89.40.196	58.227.101.102	27.13.42.139
81.22.45.49	89.207.66.150	21.134.15.161	54.39.98.253
50.95.194.76	204.247.45.126	117.193.7.210	62.98.44.121
81.12.241.26	103.137.138.2	240.217.80.171	78.57.143.102
161.174.110.78	216.83.53.207	110.202.198.70	93.190.24.117