66.70.142.231 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): Alink West Africa SA

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	2020-10-10T12:39:04.357180hostname sshd[124691]: Failed password for invalid user pcap from 66.70.142.231 port 42394 ssh2 ...	2020-10-12 05:44:31
attack	Oct 11 15:19:54 sso sshd[22095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 Oct 11 15:19:56 sso sshd[22095]: Failed password for invalid user kjayroe from 66.70.142.231 port 35352 ssh2 ...	2020-10-11 21:51:39
attack	Oct 11 01:08:11 buvik sshd[32233]: Failed password for invalid user install from 66.70.142.231 port 55348 ssh2 Oct 11 01:13:24 buvik sshd[642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 user=root Oct 11 01:13:26 buvik sshd[642]: Failed password for root from 66.70.142.231 port 60488 ssh2 ...	2020-10-11 13:48:58
attackspam	Oct 11 00:52:29 buvik sshd[29539]: Failed password for root from 66.70.142.231 port 39902 ssh2 Oct 11 00:57:43 buvik sshd[30284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 user=root Oct 11 00:57:45 buvik sshd[30284]: Failed password for root from 66.70.142.231 port 45034 ssh2 ...	2020-10-11 07:11:44
attack	Sep 30 15:03:42 124388 sshd[24460]: Invalid user bocloud from 66.70.142.231 port 55610 Sep 30 15:03:42 124388 sshd[24460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 Sep 30 15:03:42 124388 sshd[24460]: Invalid user bocloud from 66.70.142.231 port 55610 Sep 30 15:03:44 124388 sshd[24460]: Failed password for invalid user bocloud from 66.70.142.231 port 55610 ssh2 Sep 30 15:05:41 124388 sshd[24535]: Invalid user git from 66.70.142.231 port 50158	2020-10-01 03:36:42
attack	Sep 29 20:31:53 logopedia-1vcpu-1gb-nyc1-01 sshd[245171]: Failed password for root from 66.70.142.231 port 37104 ssh2 ...	2020-09-30 12:10:27
attackbots	Sep 22 15:32:50 firewall sshd[25823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 Sep 22 15:32:50 firewall sshd[25823]: Invalid user cubrid from 66.70.142.231 Sep 22 15:32:52 firewall sshd[25823]: Failed password for invalid user cubrid from 66.70.142.231 port 38716 ssh2 ...	2020-09-23 03:35:11
attack	SSH auth scanning - multiple failed logins	2020-09-22 19:46:52
attack	(sshd) Failed SSH login from 66.70.142.231 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 12 11:08:16 server5 sshd[3528]: Invalid user fishers from 66.70.142.231 Sep 12 11:08:16 server5 sshd[3528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 Sep 12 11:08:18 server5 sshd[3528]: Failed password for invalid user fishers from 66.70.142.231 port 53438 ssh2 Sep 12 11:14:01 server5 sshd[6160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 user=root Sep 12 11:14:03 server5 sshd[6160]: Failed password for root from 66.70.142.231 port 37896 ssh2	2020-09-13 02:06:06
attackbots	...	2020-09-12 18:06:00
attackbotsspam	Sep 8 06:53:49 gw1 sshd[6434]: Failed password for root from 66.70.142.231 port 45192 ssh2 Sep 8 06:58:56 gw1 sshd[6537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 ...	2020-09-08 21:01:29
attackspambots	Sep 8 06:53:49 gw1 sshd[6434]: Failed password for root from 66.70.142.231 port 45192 ssh2 Sep 8 06:58:56 gw1 sshd[6537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 ...	2020-09-08 12:54:09
attackbots	Sep 7 21:39:24 eventyay sshd[3029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 Sep 7 21:39:27 eventyay sshd[3029]: Failed password for invalid user javier from 66.70.142.231 port 55556 ssh2 Sep 7 21:44:34 eventyay sshd[3162]: Failed password for root from 66.70.142.231 port 59684 ssh2 ...	2020-09-08 05:29:37
attackbots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-02 04:42:30
attack	2020-09-01T06:04:20.824688cyberdyne sshd[2674400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 user=root 2020-09-01T06:04:22.871889cyberdyne sshd[2674400]: Failed password for root from 66.70.142.231 port 48840 ssh2 2020-09-01T06:07:03.089676cyberdyne sshd[2675166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 user=root 2020-09-01T06:07:04.845350cyberdyne sshd[2675166]: Failed password for root from 66.70.142.231 port 51542 ssh2 ...	2020-09-01 12:58:22
attackspam	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-08-24 05:05:09
attack	Aug 19 10:40:08 sip sshd[1354553]: Failed password for invalid user sambauser from 66.70.142.231 port 42026 ssh2 Aug 19 10:45:25 sip sshd[1354615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 user=root Aug 19 10:45:27 sip sshd[1354615]: Failed password for root from 66.70.142.231 port 48902 ssh2 ...	2020-08-19 18:41:45
attackspambots	Aug 16 01:12:40 hosting sshd[5011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 user=root Aug 16 01:12:42 hosting sshd[5011]: Failed password for root from 66.70.142.231 port 58054 ssh2 ...	2020-08-16 06:36:29
attack	Aug 14 09:09:51 marvibiene sshd[26117]: Failed password for root from 66.70.142.231 port 58478 ssh2 Aug 14 09:24:34 marvibiene sshd[26756]: Failed password for root from 66.70.142.231 port 50292 ssh2	2020-08-14 17:34:15
attackbots	Aug 9 03:51:23 scw-tender-jepsen sshd[23339]: Failed password for root from 66.70.142.231 port 54698 ssh2	2020-08-09 12:11:08
attack	Aug 4 11:27:50 mail sshd[9781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 user=root Aug 4 11:27:52 mail sshd[9781]: Failed password for root from 66.70.142.231 port 49590 ssh2 ...	2020-08-04 18:17:05
attack	Jul 24 07:10:47 ns382633 sshd\[3413\]: Invalid user deploy from 66.70.142.231 port 39078 Jul 24 07:10:47 ns382633 sshd\[3413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 Jul 24 07:10:49 ns382633 sshd\[3413\]: Failed password for invalid user deploy from 66.70.142.231 port 39078 ssh2 Jul 24 07:20:03 ns382633 sshd\[4709\]: Invalid user sjx from 66.70.142.231 port 42964 Jul 24 07:20:03 ns382633 sshd\[4709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231	2020-07-24 14:42:53
attackbots	Invalid user testing from 66.70.142.231 port 46402	2020-07-23 06:14:30
attack	2020-07-18T20:04:01.013709shield sshd\[28578\]: Invalid user kodi from 66.70.142.231 port 48388 2020-07-18T20:04:01.019623shield sshd\[28578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 2020-07-18T20:04:02.919012shield sshd\[28578\]: Failed password for invalid user kodi from 66.70.142.231 port 48388 ssh2 2020-07-18T20:10:12.649178shield sshd\[30520\]: Invalid user fierro from 66.70.142.231 port 36400 2020-07-18T20:10:12.659094shield sshd\[30520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231	2020-07-19 04:15:02
attack	SSH invalid-user multiple login attempts	2020-07-17 23:35:49
attack	2020-07-17T02:17:37.639489afi-git.jinr.ru sshd[23247]: Invalid user devor from 66.70.142.231 port 32908 2020-07-17T02:17:37.642640afi-git.jinr.ru sshd[23247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.231 2020-07-17T02:17:37.639489afi-git.jinr.ru sshd[23247]: Invalid user devor from 66.70.142.231 port 32908 2020-07-17T02:17:39.451430afi-git.jinr.ru sshd[23247]: Failed password for invalid user devor from 66.70.142.231 port 32908 ssh2 2020-07-17T02:22:29.239449afi-git.jinr.ru sshd[24928]: Invalid user siraj from 66.70.142.231 port 36108 ...	2020-07-17 08:17:05

相同子网IP讨论:

IP	类型	评论内容	时间
66.70.142.214	attackspam	Sep 21 19:02:33 funkybot sshd[19945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.214 Sep 21 19:02:35 funkybot sshd[19945]: Failed password for invalid user testtest from 66.70.142.214 port 36688 ssh2 ...	2020-09-22 07:11:29
66.70.142.214	attack	$f2bV_matches	2020-09-03 02:40:06
66.70.142.214	attack	Port Scan detected from 66.70.142.214 (CI/Ivory Coast/Abidjan/Abidjan (Cocody)/-). 4 hits in the last 225 seconds	2020-09-02 18:11:04
66.70.142.214	attack	Invalid user developer from 66.70.142.214 port 57654	2020-08-21 06:16:44
66.70.142.214	attack	Aug 17 13:53:40 host sshd\[13488\]: Invalid user mongo from 66.70.142.214 Aug 17 13:53:40 host sshd\[13488\]: Failed password for invalid user mongo from 66.70.142.214 port 53692 ssh2 Aug 17 14:05:33 host sshd\[16502\]: Invalid user man1 from 66.70.142.214 Aug 17 14:05:33 host sshd\[16502\]: Failed password for invalid user man1 from 66.70.142.214 port 32768 ssh2 ...	2020-08-18 02:36:55
66.70.142.214	attackspambots	2020-08-04T12:21:55.956207vps751288.ovh.net sshd\[17484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.214 user=root 2020-08-04T12:21:58.447735vps751288.ovh.net sshd\[17484\]: Failed password for root from 66.70.142.214 port 52668 ssh2 2020-08-04T12:25:23.781350vps751288.ovh.net sshd\[17532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.214 user=root 2020-08-04T12:25:25.495041vps751288.ovh.net sshd\[17532\]: Failed password for root from 66.70.142.214 port 41970 ssh2 2020-08-04T12:28:55.896579vps751288.ovh.net sshd\[17572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.214 user=root	2020-08-04 18:36:07
66.70.142.214	attackspambots	Fail2Ban Ban Triggered	2020-07-28 05:43:54
66.70.142.214	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-25T07:15:29Z and 2020-07-25T07:22:53Z	2020-07-25 16:03:30
66.70.142.214	attackbotsspam	Jul 16 09:09:10 *** sshd[27683]: Invalid user lxd from 66.70.142.214	2020-07-16 22:23:16
66.70.142.220	attack	SSH invalid-user multiple login try	2020-03-30 18:07:07
66.70.142.220	attack	Mar 27 04:24:44 gw1 sshd[17968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.220 Mar 27 04:24:46 gw1 sshd[17968]: Failed password for invalid user rv from 66.70.142.220 port 46876 ssh2 ...	2020-03-27 08:12:07
66.70.142.220	attackspambots	Mar 19 16:18:31 ns3042688 sshd\[15540\]: Invalid user 1 from 66.70.142.220 Mar 19 16:18:31 ns3042688 sshd\[15540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.220 Mar 19 16:18:32 ns3042688 sshd\[15540\]: Failed password for invalid user 1 from 66.70.142.220 port 36488 ssh2 Mar 19 16:25:02 ns3042688 sshd\[16803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.220 user=root Mar 19 16:25:04 ns3042688 sshd\[16803\]: Failed password for root from 66.70.142.220 port 48464 ssh2 ...	2020-03-20 01:04:40
66.70.142.220	attackbotsspam	Mar 11 09:12:28 ns41 sshd[16966]: Failed password for root from 66.70.142.220 port 53126 ssh2 Mar 11 09:17:07 ns41 sshd[17189]: Failed password for root from 66.70.142.220 port 56790 ssh2	2020-03-11 16:30:37
66.70.142.211	attackbots	Mar 10 23:34:59 santamaria sshd\[17549\]: Invalid user svnuser from 66.70.142.211 Mar 10 23:34:59 santamaria sshd\[17549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.142.211 Mar 10 23:35:01 santamaria sshd\[17549\]: Failed password for invalid user svnuser from 66.70.142.211 port 44630 ssh2 ...	2020-03-11 06:46:08
66.70.142.210	attackspam	Mar 9 16:39:40 vpn01 sshd[3495]: Failed password for root from 66.70.142.210 port 54406 ssh2 ...	2020-03-10 00:28:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.70.142.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57187
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.70.142.231.			IN	A

;; AUTHORITY SECTION:
.			433	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071604 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 17 08:17:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 231.142.70.66.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 231.142.70.66.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
103.80.117.214	attackbots	Oct 8 23:42:27 game-panel sshd[22197]: Failed password for root from 103.80.117.214 port 58546 ssh2 Oct 8 23:46:29 game-panel sshd[22306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.80.117.214 Oct 8 23:46:32 game-panel sshd[22306]: Failed password for invalid user 123 from 103.80.117.214 port 42070 ssh2	2019-10-09 08:00:09
69.176.95.240	attackspam	2019-10-09T03:57:45.144373abusebot-5.cloudsearch.cf sshd\[13285\]: Invalid user waggoner from 69.176.95.240 port 40281	2019-10-09 12:10:34
172.105.201.62	attackspambots	Aug 12 14:41:43 server sshd\[90487\]: Invalid user uftp from 172.105.201.62 Aug 12 14:41:43 server sshd\[90487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.105.201.62 Aug 12 14:41:45 server sshd\[90487\]: Failed password for invalid user uftp from 172.105.201.62 port 56016 ssh2 ...	2019-10-09 12:10:05
177.20.163.65	attackspambots	Unauthorized connection attempt from IP address 177.20.163.65 on Port 445(SMB)	2019-10-09 07:59:30
93.90.82.2	attackspam	[portscan] Port scan	2019-10-09 12:14:56
187.33.237.86	attackbotsspam	Unauthorized connection attempt from IP address 187.33.237.86 on Port 445(SMB)	2019-10-09 07:53:32
187.102.71.1	attackspam	2019-10-08 16:54:49 H=(187-102-71-1.customer.foxinternet.com.br) [187.102.71.1]:34128 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-10-08 16:54:50 H=(187-102-71-1.customer.foxinternet.com.br) [187.102.71.1]:34128 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-10-08 16:54:50 H=(187-102-71-1.customer.foxinternet.com.br) [187.102.71.1]:34128 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-10-09 07:56:25
62.30.148.38	attackspam	Automatic report - Port Scan Attack	2019-10-09 12:16:42
138.197.195.52	attackspambots	2019-10-08T22:12:35.775987hub.schaetter.us sshd\[19409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 user=root 2019-10-08T22:12:37.555684hub.schaetter.us sshd\[19409\]: Failed password for root from 138.197.195.52 port 52588 ssh2 2019-10-08T22:16:49.475111hub.schaetter.us sshd\[19467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 user=root 2019-10-08T22:16:51.791673hub.schaetter.us sshd\[19467\]: Failed password for root from 138.197.195.52 port 36110 ssh2 2019-10-08T22:20:57.584189hub.schaetter.us sshd\[19492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 user=root ...	2019-10-09 08:06:09
223.202.201.138	attackspam	Oct 9 01:23:41 mail sshd[7690]: Failed password for root from 223.202.201.138 port 39573 ssh2 Oct 9 01:28:13 mail sshd[9428]: Failed password for root from 223.202.201.138 port 59384 ssh2	2019-10-09 07:48:30
171.25.193.77	attack	2019-10-09T03:59:02.116647abusebot.cloudsearch.cf sshd\[10388\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tor-exit1-readme.dfri.se user=root	2019-10-09 12:14:10
119.29.224.141	attackspambots	Oct 9 07:11:47 tuotantolaitos sshd[4626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.224.141 Oct 9 07:11:49 tuotantolaitos sshd[4626]: Failed password for invalid user 7ygv6tfc from 119.29.224.141 port 47144 ssh2 ...	2019-10-09 12:16:10
103.233.206.214	attackbots	Unauthorized connection attempt from IP address 103.233.206.214 on Port 445(SMB)	2019-10-09 07:48:02
36.68.17.173	attackspambots	Unauthorized connection attempt from IP address 36.68.17.173 on Port 445(SMB)	2019-10-09 07:56:01
148.255.163.77	attack	firewall-block, port(s): 445/tcp	2019-10-09 07:53:49

最近上报的IP列表

20.192.189.29	93.206.243.208	109.46.80.45	159.148.0.102
197.63.200.245	151.224.32.120	83.241.193.23	109.25.119.54
12.237.46.230	103.39.135.50	23.248.74.36	129.152.186.13
132.154.25.91	83.248.105.83	75.193.166.164	24.118.95.94
160.162.152.93	119.51.87.117	63.245.30.217	99.190.23.223