66.147.2.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
66.147.225.146	attack	Unauthorized connection attempt detected from IP address 66.147.225.146 to port 1433 [T]	2020-08-14 03:34:51
66.147.240.156	attack	404 /wordpress/wp-admin/	2020-07-19 20:48:58
66.147.244.172	attack	Automatic report - XMLRPC Attack	2020-06-22 15:54:28
66.147.225.110	attackbots	Jun 8 19:22:33 lukav-desktop sshd\[27999\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.147.225.110 user=root Jun 8 19:22:35 lukav-desktop sshd\[27999\]: Failed password for root from 66.147.225.110 port 39118 ssh2 Jun 8 19:26:11 lukav-desktop sshd\[28041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.147.225.110 user=root Jun 8 19:26:13 lukav-desktop sshd\[28041\]: Failed password for root from 66.147.225.110 port 37652 ssh2 Jun 8 19:29:46 lukav-desktop sshd\[28098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.147.225.110 user=root	2020-06-09 00:47:50
66.147.225.110	attackbots	SSH brute force attempt	2020-05-27 12:34:51
66.147.225.110	attackbots	2020-05-26T22:56:15.603703vps773228.ovh.net sshd[8980]: Failed password for root from 66.147.225.110 port 33156 ssh2 2020-05-26T23:00:46.857877vps773228.ovh.net sshd[9108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.147.225.110 user=root 2020-05-26T23:00:48.796662vps773228.ovh.net sshd[9108]: Failed password for root from 66.147.225.110 port 36025 ssh2 2020-05-26T23:05:22.642581vps773228.ovh.net sshd[9169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.147.225.110 user=root 2020-05-26T23:05:24.470756vps773228.ovh.net sshd[9169]: Failed password for root from 66.147.225.110 port 38897 ssh2 ...	2020-05-27 05:17:20
66.147.244.172	attack	xmlrpc attack	2020-04-26 03:39:07
66.147.244.172	attack	Automatic report - XMLRPC Attack	2020-04-24 12:06:09
66.147.237.24	attackspam	Honeypot attack, port: 445, PTR: server.sapkalicocuk.com.	2020-04-05 04:25:01
66.147.240.191	attackspambots	SSH login attempts.	2020-03-29 17:33:29
66.147.244.126	spam	Dear Ms. ; We compromised your devices and we have all your information related to your personal life and your adventures during travels (you know exactly what we mean). You have 24 hours to pay 50 USD, we do not want to expose you since we do not have any benefit doing troubles. We will delete everything related to you and leave you alone (sure 50 USD means nothing to you). If you want to contact the police you are free to do so and we are free to expose you too. We are not criminals, we just need some money, so be gentle and everything will pass safely for you. See how deep we know about you, if you want more we will email your advantures to your relatives: Pay the 50 USD to XMR (if you face problems pay using Bitcoin) (find out in Google how to): XMR: 46JJs5ttxR9jdNR2jmNiAbX5QtK3M9faBPPhh7WQwvrs8NLFpsagtZ3gnA6K6pSrm53JefbXGok6GTn7UexPHSBC2w2aN6j Bitcoin: 3NQCHf924JYzU2LfziVpfrX9cvJGwTCmvi You can buy XMR from https://localmonero.co/. Received: from cmgw14.unifiedlayer.com (unknown [66.147.244.17]) by soproxy11.mail.unifiedlayer.com (Postfix) with ESMTP id 3C4AB24B488 for ; Fri, 20 Mar 2020 19:25:26 -0600 (MDT) Received: from md-26.webhostbox.net ([208.91.199.22]) by cmsmtp with ESMTP id FStBj4x60KxvrFStCj7sth; Fri, 20 Mar 2020 19:25:26 -0600	2020-03-21 23:29:32
66.147.244.126	spam	Dear Ms. ; We compromised your devices and we have all your information related to your personal life and your adventures during travels (you know exactly what we mean). You have 24 hours to pay 50 USD, we do not want to expose you since we do not have any benefit doing troubles. We will delete everything related to you and leave you alone (sure 50 USD means nothing to you). If you want to contact the police you are free to do so and we are free to expose you too. We are not criminals, we just need some money, so be gentle and everything will pass safely for you. See how deep we know about you, if you want more we will email your advantures to your relatives: Pay the 50 USD to XMR (if you face problems pay using Bitcoin) (find out in Google how to): XMR: 46JJs5ttxR9jdNR2jmNiAbX5QtK3M9faBPPhh7WQwvrs8NLFpsagtZ3gnA6K6pSrm53JefbXGok6GTn7UexPHSBC2w2aN6j Bitcoin: 3NQCHf924JYzU2LfziVpfrX9cvJGwTCmvi You can buy XMR from https://localmonero.co/. Received: from cmgw14.unifiedlayer.com (unknown [66.147.244.17]) by soproxy11.mail.unifiedlayer.com (Postfix) with ESMTP id 3C4AB24B488 for ; Fri, 20 Mar 2020 19:25:26 -0600 (MDT) Received: from md-26.webhostbox.net ([208.91.199.22]) by cmsmtp with ESMTP id FStBj4x60KxvrFStCj7sth; Fri, 20 Mar 2020 19:25:26 -0600	2020-03-21 23:29:23
66.147.237.24	attack	Unauthorized connection attempt detected from IP address 66.147.237.24 to port 445	2020-03-17 20:06:22
66.147.237.34	attackspam	Unauthorized connection attempt from IP address 66.147.237.34 on Port 445(SMB)	2020-02-10 10:01:56
66.147.237.24	attackbotsspam	02/09/2020-10:46:49.887603 66.147.237.24 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-09 23:49:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.147.2.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56187
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.147.2.54.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 07 20:20:46 CST 2019
;; MSG SIZE  rcvd: 115

Host info

54.2.147.66.in-addr.arpa domain name pointer nsc66.147.2-54.newsouth.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
54.2.147.66.in-addr.arpa	name = nsc66.147.2-54.newsouth.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.43.79.31	attackspambots	suspicious action Mon, 24 Feb 2020 01:42:41 -0300	2020-02-24 21:15:01
217.107.219.12	attackspam	217.107.219.12 - - [24/Feb/2020:10:54:02 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.107.219.12 - - [24/Feb/2020:10:54:03 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-02-24 20:41:54
59.126.109.145	attackspam	unauthorized connection attempt	2020-02-24 20:39:27
180.153.194.60	attackbots	1582519410 - 02/24/2020 05:43:30 Host: 180.153.194.60/180.153.194.60 Port: 445 TCP Blocked	2020-02-24 20:42:51
113.161.54.14	attack	Invalid user www from 113.161.54.14 port 48298	2020-02-24 21:11:54
39.33.82.178	attack	Email rejected due to spam filtering	2020-02-24 21:06:10
216.244.66.248	attackbotsspam	21 attempts against mh-misbehave-ban on leaf	2020-02-24 20:35:26
59.127.165.230	attackspambots	unauthorized connection attempt	2020-02-24 21:02:36
83.142.197.99	attack	Lines containing failures of 83.142.197.99 Feb 23 02:23:39 penfold postfix/smtpd[22754]: connect from unknown[83.142.197.99] Feb x@x Feb 23 02:23:41 penfold postfix/smtpd[22754]: lost connection after RCPT from unknown[83.142.197.99] Feb 23 02:23:41 penfold postfix/smtpd[22754]: disconnect from unknown[83.142.197.99] ehlo=1 mail=1 rcpt=0/1 commands=2/3 Feb 23 02:28:02 penfold postfix/smtpd[23358]: connect from unknown[83.142.197.99] Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x Feb 23 02:28:06 penfold postfix/smtpd[23358]: lost connection after RCPT from unknown[83.142.197.99] Feb 23 02:28:06 penfold postfix/smtpd[23358]: disconnect from unknown[83.142.197.99] ehlo=1 mail=1 rcpt=0/5 commands=2/7 Feb 23 07:09:38 penfold postfix/smtpd[27734]: connect from unknown[83.142.197.99] Feb x@x Feb 23 07:09:39 penfold postfix/smtpd[27734]: lost connection after RCPT from unknown[83.142.197.99] Feb 23 07:09:39 penfold postfix/smtpd[27734]: disconnect from unknown[83.142.197.99] ehlo=1 mai........ ------------------------------	2020-02-24 20:32:18
212.154.136.236	attackspambots	firewall-block, port(s): 3389/tcp	2020-02-24 20:55:07
114.33.90.230	attackspambots	suspicious action Mon, 24 Feb 2020 01:43:47 -0300	2020-02-24 20:30:58
197.234.179.102	attack	Potential Directory Traversal Attempt.	2020-02-24 20:50:38
113.163.50.4	attackbots	Email rejected due to spam filtering	2020-02-24 20:38:54
49.248.95.146	attackbotsspam	Unauthorized connection attempt from IP address 49.248.95.146 on Port 445(SMB)	2020-02-24 20:59:59
171.236.165.114	attackbots	Email rejected due to spam filtering	2020-02-24 20:39:06

Recently Reported IPs

58.47.177.160	170.233.172.251	171.79.183.246	144.20.161.129
188.234.242.19	139.28.69.176	125.93.200.95	78.129.204.100
113.123.0.134	13.61.232.57	182.133.55.159	5.204.95.100
103.252.94.253	206.196.110.140	116.110.247.191	191.53.58.44
36.234.18.79	125.165.62.119	74.125.34.46	138.97.247.38