66.42.29.248 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Telastic

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 66.42.29.248 to port 23	2020-07-22 14:49:32

Comments on same subnet:

IP	Type	Details	Datetime
66.42.29.0	attack	Unauthorized connection attempt detected from IP address 66.42.29.0 to port 23	2020-06-29 02:45:21
66.42.29.82	attack	Unauthorized connection attempt detected from IP address 66.42.29.82 to port 23	2020-06-13 08:27:58
66.42.29.165	attackbots	Unauthorized connection attempt detected from IP address 66.42.29.165 to port 5358	2020-05-13 04:16:40
66.42.29.72	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.29.72 to port 23	2020-04-13 04:02:55
66.42.29.159	attackspambots	Unauthorized connection attempt detected from IP address 66.42.29.159 to port 23	2020-01-06 18:09:12
66.42.29.145	attack	Telnet Server BruteForce Attack	2020-01-06 04:24:55
66.42.29.220	attackspambots	Unauthorized connection attempt detected from IP address 66.42.29.220 to port 23 [J]	2020-01-05 23:55:43
66.42.29.157	attackbotsspam	Unauthorized connection attempt detected from IP address 66.42.29.157 to port 23	2020-01-05 23:26:00
66.42.29.157	attack	Unauthorized connection attempt detected from IP address 66.42.29.157 to port 23	2019-12-29 08:23:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.42.29.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6640
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.42.29.248.			IN	A

;; AUTHORITY SECTION:
.			535	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072200 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 22 14:49:27 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 248.29.42.66.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 248.29.42.66.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.33.79.142	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-02-22 16:54:03
92.63.194.59	attackspambots	Feb 22 13:51:33 areeb-Workstation sshd[31959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.59 Feb 22 13:51:34 areeb-Workstation sshd[31959]: Failed password for invalid user admin from 92.63.194.59 port 37885 ssh2 ...	2020-02-22 16:26:54
218.29.83.38	attackbotsspam	Total attacks: 2	2020-02-22 16:30:39
212.237.30.205	attack	Invalid user omsagent from 212.237.30.205 port 41302	2020-02-22 16:27:22
159.89.160.91	attack	firewall-block, port(s): 3984/tcp	2020-02-22 16:47:46
52.170.252.155	attackspam	[2020-02-22 03:33:36] NOTICE[1148] chan_sip.c: Registration from '' failed for '52.170.252.155:57727' - Wrong password [2020-02-22 03:33:36] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-22T03:33:36.240-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="110",SessionID="0x7fd82c4c0778",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/52.170.252.155/57727",Challenge="2f78aaba",ReceivedChallenge="2f78aaba",ReceivedHash="db700c364dd71c43af63ccb108d28937" [2020-02-22 03:34:04] NOTICE[1148] chan_sip.c: Registration from '' failed for '52.170.252.155:56924' - Wrong password [2020-02-22 03:34:04] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-22T03:34:04.458-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1000",SessionID="0x7fd82c9bc688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/52.170.252.1 ...	2020-02-22 16:52:49
58.254.132.49	attackspam	Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: Invalid user admin from 58.254.132.49 Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: Invalid user admin from 58.254.132.49 Feb 22 09:11:12 srv-ubuntu-dev3 sshd[46657]: Failed password for invalid user admin from 58.254.132.49 port 31915 ssh2 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: Invalid user hadoop from 58.254.132.49 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: Invalid user hadoop from 58.254.132.49 Feb 22 09:14:50 srv-ubuntu-dev3 sshd[46903]: Failed password for invalid user hadoop from 58.254.132.49 port 31918 ssh2 Feb 22 09:18:37 srv-ubuntu-dev3 sshd[47184]: Invalid user ll from 58.254.132.49 ...	2020-02-22 16:34:26
82.149.13.45	attackbots	Feb 22 09:01:22 plex sshd[31487]: Invalid user teamcity from 82.149.13.45 port 49910 Feb 22 09:01:22 plex sshd[31487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.149.13.45 Feb 22 09:01:22 plex sshd[31487]: Invalid user teamcity from 82.149.13.45 port 49910 Feb 22 09:01:23 plex sshd[31487]: Failed password for invalid user teamcity from 82.149.13.45 port 49910 ssh2 Feb 22 09:03:06 plex sshd[31526]: Invalid user default from 82.149.13.45 port 39510	2020-02-22 16:19:10
167.172.118.117	attackspam	Feb 21 22:47:38 dallas01 sshd[1689]: Failed password for uucp from 167.172.118.117 port 59912 ssh2 Feb 21 22:49:34 dallas01 sshd[2036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.118.117 Feb 21 22:49:36 dallas01 sshd[2036]: Failed password for invalid user asterisk from 167.172.118.117 port 42254 ssh2	2020-02-22 16:17:53
116.102.202.183	attackbots	DATE:2020-02-22 05:47:14, IP:116.102.202.183, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-22 16:40:42
124.74.248.218	attackspambots	Feb 22 08:38:49 silence02 sshd[30154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.248.218 Feb 22 08:38:51 silence02 sshd[30154]: Failed password for invalid user ts from 124.74.248.218 port 51286 ssh2 Feb 22 08:41:59 silence02 sshd[30342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.248.218	2020-02-22 16:54:18
189.39.112.220	attackbotsspam	Feb 21 07:19:59 new sshd[17285]: Address 189.39.112.220 maps to monhostnameoramento.s4networks.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 21 07:20:01 new sshd[17285]: Failed password for invalid user lisha from 189.39.112.220 port 52776 ssh2 Feb 21 07:20:01 new sshd[17285]: Received disconnect from 189.39.112.220: 11: Bye Bye [preauth] Feb 21 07:38:46 new sshd[22301]: Address 189.39.112.220 maps to monhostnameoramento.s4networks.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 21 07:38:47 new sshd[22301]: Failed password for invalid user smbread from 189.39.112.220 port 46596 ssh2 Feb 21 07:38:47 new sshd[22301]: Received disconnect from 189.39.112.220: 11: Bye Bye [preauth] Feb 21 07:41:57 new sshd[23332]: Address 189.39.112.220 maps to monhostnameoramento.s4networks.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Feb 21 07:42:01 new sshd[23332]: Failed password for........ -------------------------------	2020-02-22 16:42:29
46.101.103.191	attackbots	Feb 20 19:12:25 giraffe sshd[3414]: Did not receive identification string from 46.101.103.191 Feb 20 19:12:48 giraffe sshd[3415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.191 user=r.r Feb 20 19:12:50 giraffe sshd[3415]: Failed password for r.r from 46.101.103.191 port 42430 ssh2 Feb 20 19:12:50 giraffe sshd[3415]: Received disconnect from 46.101.103.191 port 42430:11: Normal Shutdown, Thank you for playing [preauth] Feb 20 19:12:50 giraffe sshd[3415]: Disconnected from 46.101.103.191 port 42430 [preauth] Feb 20 19:13:31 giraffe sshd[3419]: Invalid user oracle from 46.101.103.191 Feb 20 19:13:31 giraffe sshd[3419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.191 Feb 20 19:13:33 giraffe sshd[3419]: Failed password for invalid user oracle from 46.101.103.191 port 60122 ssh2 Feb 20 19:13:33 giraffe sshd[3419]: Received disconnect from 46.101.103.191 port 60122:1........ -------------------------------	2020-02-22 16:19:55
202.53.37.183	attack	Feb 21 18:46:40 eddieflores sshd\[14812\]: Invalid user testuser from 202.53.37.183 Feb 21 18:46:40 eddieflores sshd\[14812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.53.37.183 Feb 21 18:46:42 eddieflores sshd\[14812\]: Failed password for invalid user testuser from 202.53.37.183 port 55306 ssh2 Feb 21 18:49:01 eddieflores sshd\[15006\]: Invalid user factorio from 202.53.37.183 Feb 21 18:49:01 eddieflores sshd\[15006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.53.37.183	2020-02-22 16:47:30
110.45.146.126	attackspam	Feb 22 09:18:12 vps647732 sshd[14186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.45.146.126 Feb 22 09:18:14 vps647732 sshd[14186]: Failed password for invalid user infowarelab from 110.45.146.126 port 44438 ssh2 ...	2020-02-22 16:35:09

Recently Reported IPs

177.74.157.117	167.99.203.124	155.4.49.126	134.175.245.162
121.154.186.117	115.22.25.212	109.194.35.33	85.209.0.182
80.13.134.136	78.189.19.31	75.80.228.21	50.235.76.162
45.179.52.149	45.175.181.15	27.155.197.51	89.94.252.214
9.152.202.32	14.213.126.130	14.154.29.1	2.179.235.41