66.42.29.0 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Telastic

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 66.42.29.0 to port 23	2020-06-29 02:45:21

Comments on same subnet:

IP	Type	Details	Datetime
66.42.29.248	attackbots	Unauthorized connection attempt detected from IP address 66.42.29.248 to port 23	2020-07-22 14:49:32
66.42.29.82	attack	Unauthorized connection attempt detected from IP address 66.42.29.82 to port 23	2020-06-13 08:27:58
66.42.29.165	attackbots	Unauthorized connection attempt detected from IP address 66.42.29.165 to port 5358	2020-05-13 04:16:40
66.42.29.72	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.29.72 to port 23	2020-04-13 04:02:55
66.42.29.159	attackspambots	Unauthorized connection attempt detected from IP address 66.42.29.159 to port 23	2020-01-06 18:09:12
66.42.29.145	attack	Telnet Server BruteForce Attack	2020-01-06 04:24:55
66.42.29.220	attackspambots	Unauthorized connection attempt detected from IP address 66.42.29.220 to port 23 [J]	2020-01-05 23:55:43
66.42.29.157	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.29.157 to port 23	2020-01-05 23:26:00
66.42.29.157	attack	Unauthorized connection attempt detected from IP address 66.42.29.157 to port 23	2019-12-29 08:23:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.42.29.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47044
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.42.29.0.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062801 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 29 02:45:16 CST 2020
;; MSG SIZE  rcvd: 114

Host info

Host 0.29.42.66.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 0.29.42.66.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.71.214.37	attackspam	Nov 16 03:03:49 TORMINT sshd\[10442\]: Invalid user sabrena from 167.71.214.37 Nov 16 03:03:49 TORMINT sshd\[10442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.214.37 Nov 16 03:03:51 TORMINT sshd\[10442\]: Failed password for invalid user sabrena from 167.71.214.37 port 52952 ssh2 ...	2019-11-16 19:50:09
36.73.65.113	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 16-11-2019 06:20:35.	2019-11-16 20:14:07
154.66.219.20	attackspam	$f2bV_matches	2019-11-16 20:08:49
103.81.86.38	attackbots	103.81.86.38 - - \[16/Nov/2019:08:10:47 +0000\] "POST /wp/wp-login.php HTTP/1.1" 200 4205 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 103.81.86.38 - - \[16/Nov/2019:08:10:49 +0000\] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-16 19:48:04
185.2.5.62	attack	villaromeo.de 185.2.5.62 [16/Nov/2019:07:21:06 +0100] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" villaromeo.de 185.2.5.62 [16/Nov/2019:07:21:07 +0100] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"	2019-11-16 19:51:33
216.144.251.86	attack	ssh failed login	2019-11-16 19:43:07
27.41.37.67	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/27.41.37.67/ CN - 1H : (699) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN17816 IP : 27.41.37.67 CIDR : 27.41.0.0/16 PREFIX COUNT : 512 UNIQUE IP COUNT : 3430656 ATTACKS DETECTED ASN17816 : 1H - 2 3H - 2 6H - 3 12H - 3 24H - 6 DateTime : 2019-11-16 07:20:53 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-11-16 19:56:40
60.30.92.74	attackbotsspam	2019-11-16T11:49:06.949972abusebot-5.cloudsearch.cf sshd\[28077\]: Invalid user cslab from 60.30.92.74 port 33216	2019-11-16 20:00:32
51.77.220.183	attackspambots	Nov 16 02:20:42 Tower sshd[24565]: Connection from 51.77.220.183 port 33928 on 192.168.10.220 port 22 Nov 16 02:20:43 Tower sshd[24565]: Invalid user mirko from 51.77.220.183 port 33928 Nov 16 02:20:43 Tower sshd[24565]: error: Could not get shadow information for NOUSER Nov 16 02:20:43 Tower sshd[24565]: Failed password for invalid user mirko from 51.77.220.183 port 33928 ssh2 Nov 16 02:20:43 Tower sshd[24565]: Received disconnect from 51.77.220.183 port 33928:11: Bye Bye [preauth] Nov 16 02:20:43 Tower sshd[24565]: Disconnected from invalid user mirko 51.77.220.183 port 33928 [preauth]	2019-11-16 20:13:16
149.56.97.251	attackspambots	Nov 16 01:36:11 eddieflores sshd\[17405\]: Invalid user admin from 149.56.97.251 Nov 16 01:36:11 eddieflores sshd\[17405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=251.ip-149-56-97.net Nov 16 01:36:13 eddieflores sshd\[17405\]: Failed password for invalid user admin from 149.56.97.251 port 48448 ssh2 Nov 16 01:39:49 eddieflores sshd\[17730\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=251.ip-149-56-97.net user=daemon Nov 16 01:39:52 eddieflores sshd\[17730\]: Failed password for daemon from 149.56.97.251 port 57124 ssh2	2019-11-16 19:44:42
159.192.221.41	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 16-11-2019 06:20:29.	2019-11-16 20:23:21
192.3.185.78	attackbots	Netis/Netcore Router Default Credential Remote Code Execution Vulnerability, PTR: 192-3-185-78-host.colocrossing.com.	2019-11-16 19:53:11
206.189.134.14	attackbots	206.189.134.14 - - \[16/Nov/2019:11:41:06 +0000\] "POST /wp/wp-login.php HTTP/1.1" 200 4205 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.134.14 - - \[16/Nov/2019:11:41:08 +0000\] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-16 19:59:43
202.129.29.135	attackbots	Nov 16 10:39:12 root sshd[15146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.129.29.135 Nov 16 10:39:14 root sshd[15146]: Failed password for invalid user named from 202.129.29.135 port 35721 ssh2 Nov 16 10:43:33 root sshd[15191]: Failed password for root from 202.129.29.135 port 53809 ssh2 ...	2019-11-16 20:03:56
81.28.100.115	attackbots	Nov 16 07:20:41 smtp postfix/smtpd[30703]: NOQUEUE: reject: RCPT from wry.shrewdmhealth.com[81.28.100.115]: 554 5.7.1 Service unavailable; Client host [81.28.100.115] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= ...	2019-11-16 20:05:20

Recently Reported IPs

190.139.54.76	186.54.30.22	185.195.185.208	183.157.169.213
183.128.203.164	164.180.197.144	183.106.49.74	179.159.165.51
177.86.144.130	176.37.170.214	171.241.8.149	203.119.211.219
100.119.122.84	148.70.138.222	138.0.88.213	122.54.18.185
105.122.46.6	121.154.237.107	161.126.78.35	77.1.223.3