66.42.52.214 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Choopa LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	[Aegis] @ 2019-07-26 05:30:25 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-04-29 20:22:51
attack	2019-08-16T17:50:03.932960abusebot-7.cloudsearch.cf sshd\[26708\]: Invalid user system from 66.42.52.214 port 59328	2019-08-17 01:54:13
attackbotsspam	Aug 2 05:45:54 raspberrypi sshd\[2123\]: Invalid user dropbox from 66.42.52.214 port 58892 Aug 2 05:45:54 raspberrypi sshd\[2123\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.42.52.214 Aug 2 05:45:56 raspberrypi sshd\[2123\]: Failed password for invalid user dropbox from 66.42.52.214 port 58892 ssh2 Aug 2 05:50:44 raspberrypi sshd\[2132\]: Invalid user gnuworld from 66.42.52.214 port 52236 Aug 2 05:50:45 raspberrypi sshd\[2132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.42.52.214 ...	2019-08-02 12:46:55

类型

评论内容

时间

attackbots

[Aegis] @ 2019-07-26 05:30:25  0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack

2020-04-29 20:22:51

attack

2019-08-16T17:50:03.932960abusebot-7.cloudsearch.cf sshd\[26708\]: Invalid user system from 66.42.52.214 port 59328

2019-08-17 01:54:13

attackbotsspam

Aug  2 05:45:54 raspberrypi sshd\[2123\]: Invalid user dropbox from 66.42.52.214 port 58892
Aug  2 05:45:54 raspberrypi sshd\[2123\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.42.52.214
Aug  2 05:45:56 raspberrypi sshd\[2123\]: Failed password for invalid user dropbox from 66.42.52.214 port 58892 ssh2
Aug  2 05:50:44 raspberrypi sshd\[2132\]: Invalid user gnuworld from 66.42.52.214 port 52236
Aug  2 05:50:45 raspberrypi sshd\[2132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.42.52.214
...

2019-08-02 12:46:55

相同子网IP讨论:

IP	类型	评论内容	时间
66.42.52.160	attackspam	Automatic report - XMLRPC Attack	2020-04-22 19:05:09
66.42.52.160	attackspambots	ENG,WP GET /wp-login.php	2020-04-22 03:58:45
66.42.52.9	attack	Registration form abuse	2020-02-21 03:05:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.42.52.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32915
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.42.52.214.			IN	A

;; AUTHORITY SECTION:
.			1739	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080101 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 12:46:47 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

214.52.42.66.in-addr.arpa domain name pointer 66.42.52.214.vultr.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
214.52.42.66.in-addr.arpa	name = 66.42.52.214.vultr.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
165.227.161.23	attack	Unauthorized connection attempt detected from IP address 165.227.161.23 to port 5901 [T]	2020-05-09 03:57:39
101.200.180.119	attackspambots	Unauthorized connection attempt detected from IP address 101.200.180.119 to port 8080 [T]	2020-05-09 03:38:20
42.235.57.39	attack	20/5/8@13:39:54: FAIL: IoT-Telnet address from=42.235.57.39 ...	2020-05-09 03:45:56
47.96.224.58	attackbots	Unauthorized connection attempt detected from IP address 47.96.224.58 to port 1987 [T]	2020-05-09 03:44:51
171.38.192.191	attackbotsspam	20/5/8@13:54:00: FAIL: IoT-Telnet address from=171.38.192.191 ...	2020-05-09 03:23:28
35.229.214.34	attack	Unauthorized connection attempt detected from IP address 35.229.214.34 to port 9200 [T]	2020-05-09 03:48:13
66.240.236.119	attack	05/08/2020-15:20:01.491531 66.240.236.119 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 68	2020-05-09 03:40:13
113.237.251.90	attackbotsspam	Unauthorized connection attempt detected from IP address 113.237.251.90 to port 23 [T]	2020-05-09 03:34:05
171.119.195.13	attackspam	Unauthorized connection attempt detected from IP address 171.119.195.13 to port 23 [T]	2020-05-09 03:57:19
113.141.70.240	attackspam	Unauthorized connection attempt detected from IP address 113.141.70.240 to port 1433 [T]	2020-05-09 03:34:38
150.158.110.27	attackspam	Unauthorized connection attempt detected from IP address 150.158.110.27 to port 3491 [T]	2020-05-09 03:25:08
218.94.58.194	attackspam	Unauthorized connection attempt detected from IP address 218.94.58.194 to port 22 [T]	2020-05-09 03:52:00
139.219.6.50	attackspam	Unauthorized connection attempt detected from IP address 139.219.6.50 to port 2838 [T]	2020-05-09 03:59:22
27.205.208.233	attackbotsspam	Unauthorized connection attempt detected from IP address 27.205.208.233 to port 23 [T]	2020-05-09 03:48:37
1.54.84.234	attackspambots	Unauthorized connection attempt detected from IP address 1.54.84.234 to port 9530 [T]	2020-05-09 03:51:01

最近上报的IP列表

2604:a880:0:1010::22e:c001	107.158.217.196	118.24.246.208	1.183.72.221
155.94.221.163	49.83.33.122	187.37.1.171	179.108.244.133
197.98.180.107	34.219.156.194	89.224.214.171	137.135.90.103
138.122.37.189	137.135.88.106	118.25.80.127	188.246.236.122
77.42.79.94	187.1.28.108	217.61.6.112	192.71.55.33