66.70.130.152 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: Private Customer

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Oct 9 18:41:19 lnxded64 sshd[19268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152	2020-10-10 01:08:18
attack	Oct 9 10:06:46 buvik sshd[16597]: Failed password for invalid user t3st from 66.70.130.152 port 46866 ssh2 Oct 9 10:18:00 buvik sshd[18255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 user=root Oct 9 10:18:02 buvik sshd[18255]: Failed password for root from 66.70.130.152 port 38292 ssh2 ...	2020-10-09 16:55:27
attackspambots	Aug 16 12:49:20 ny01 sshd[24851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Aug 16 12:49:22 ny01 sshd[24851]: Failed password for invalid user sunrise from 66.70.130.152 port 50470 ssh2 Aug 16 12:54:48 ny01 sshd[25559]: Failed password for root from 66.70.130.152 port 57612 ssh2	2020-08-17 01:05:34
attack	Aug 16 09:05:08 db sshd[8477]: User root from 66.70.130.152 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 15:35:05
attackspam	(sshd) Failed SSH login from 66.70.130.152 (CA/Canada/ip152.ip-66-70-130.net): 10 in the last 3600 secs	2020-08-03 05:12:53
attack	Invalid user play from 66.70.130.152 port 56548	2020-08-02 13:27:19
attackspambots	Invalid user play from 66.70.130.152 port 56548	2020-07-31 16:39:57
attack	1419. On Jul 15 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 66.70.130.152.	2020-07-16 06:20:11
attack	Jul 15 10:21:14 mail sshd\[42402\]: Invalid user a from 66.70.130.152 Jul 15 10:21:14 mail sshd\[42402\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 ...	2020-07-15 23:13:53
attackbots	'Fail2Ban'	2020-07-11 00:12:38
attack	Jun 29 09:56:59 r.ca sshd[31654]: Failed password for invalid user joomla from 66.70.130.152 port 48044 ssh2	2020-06-29 22:32:18
attack	Jun 19 07:41:39 rush sshd[19164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Jun 19 07:41:41 rush sshd[19164]: Failed password for invalid user acct from 66.70.130.152 port 40070 ssh2 Jun 19 07:48:19 rush sshd[19290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 ...	2020-06-19 15:58:44
attackspambots	Jun 14 18:07:40 gw1 sshd[21798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Jun 14 18:07:42 gw1 sshd[21798]: Failed password for invalid user git from 66.70.130.152 port 58792 ssh2 ...	2020-06-14 21:24:28
attack	May 20 11:21:30 lnxded64 sshd[23170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152	2020-05-20 18:08:37
attackbotsspam	May 12 23:12:51 vmd26974 sshd[24060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 May 12 23:12:53 vmd26974 sshd[24060]: Failed password for invalid user kitti from 66.70.130.152 port 33312 ssh2 ...	2020-05-13 06:56:35
attackspambots	Invalid user solr from 66.70.130.152 port 55010	2020-05-11 17:09:59
attack	Apr 14 21:29:01 ws12vmsma01 sshd[24836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip152.ip-66-70-130.net Apr 14 21:29:01 ws12vmsma01 sshd[24836]: Invalid user t3rr0r from 66.70.130.152 Apr 14 21:29:04 ws12vmsma01 sshd[24836]: Failed password for invalid user t3rr0r from 66.70.130.152 port 41552 ssh2 ...	2020-04-15 08:52:53
attack	2020-04-12T13:19:52.860485shield sshd\[16827\]: Invalid user jamesk from 66.70.130.152 port 32776 2020-04-12T13:19:52.865330shield sshd\[16827\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip152.ip-66-70-130.net 2020-04-12T13:19:55.262383shield sshd\[16827\]: Failed password for invalid user jamesk from 66.70.130.152 port 32776 ssh2 2020-04-12T13:29:49.631033shield sshd\[18427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip152.ip-66-70-130.net user=root 2020-04-12T13:29:51.671601shield sshd\[18427\]: Failed password for root from 66.70.130.152 port 41894 ssh2	2020-04-12 21:42:13
attackspam	Apr 8 10:55:22 lukav-desktop sshd\[28724\]: Invalid user ansible from 66.70.130.152 Apr 8 10:55:22 lukav-desktop sshd\[28724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Apr 8 10:55:24 lukav-desktop sshd\[28724\]: Failed password for invalid user ansible from 66.70.130.152 port 37404 ssh2 Apr 8 11:05:16 lukav-desktop sshd\[5660\]: Invalid user tomcat from 66.70.130.152 Apr 8 11:05:16 lukav-desktop sshd\[5660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152	2020-04-08 16:55:05
attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-04-06 08:32:44
attack	(sshd) Failed SSH login from 66.70.130.152 (CA/Canada/ip152.ip-66-70-130.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 1 22:52:06 amsweb01 sshd[26015]: Invalid user ftpuser from 66.70.130.152 port 43010 Apr 1 22:52:08 amsweb01 sshd[26015]: Failed password for invalid user ftpuser from 66.70.130.152 port 43010 ssh2 Apr 1 23:05:32 amsweb01 sshd[27726]: Invalid user kk from 66.70.130.152 port 57062 Apr 1 23:05:35 amsweb01 sshd[27726]: Failed password for invalid user kk from 66.70.130.152 port 57062 ssh2 Apr 1 23:12:38 amsweb01 sshd[28607]: Invalid user kk from 66.70.130.152 port 40640	2020-04-02 07:54:39
attackbotsspam	Mar 25 06:29:36 OPSO sshd\[27671\]: Invalid user zhon from 66.70.130.152 port 40798 Mar 25 06:29:36 OPSO sshd\[27671\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Mar 25 06:29:38 OPSO sshd\[27671\]: Failed password for invalid user zhon from 66.70.130.152 port 40798 ssh2 Mar 25 06:36:43 OPSO sshd\[29403\]: Invalid user chilton from 66.70.130.152 port 56716 Mar 25 06:36:43 OPSO sshd\[29403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152	2020-03-25 13:52:22
attackbotsspam	Mar 24 04:12:32 game-panel sshd[15183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Mar 24 04:12:34 game-panel sshd[15183]: Failed password for invalid user i from 66.70.130.152 port 47158 ssh2 Mar 24 04:18:39 game-panel sshd[15345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152	2020-03-24 12:47:04
attackbotsspam	Mar 9 00:11:05 pornomens sshd\[2497\]: Invalid user fujino from 66.70.130.152 port 44042 Mar 9 00:11:05 pornomens sshd\[2497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Mar 9 00:11:08 pornomens sshd\[2497\]: Failed password for invalid user fujino from 66.70.130.152 port 44042 ssh2 ...	2020-03-09 07:11:28
attackbots	(sshd) Failed SSH login from 66.70.130.152 (BR/Brazil/ip152.ip-66-70-130.net): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 4 09:31:21 ubnt-55d23 sshd[11532]: Invalid user dab from 66.70.130.152 port 46024 Mar 4 09:31:23 ubnt-55d23 sshd[11532]: Failed password for invalid user dab from 66.70.130.152 port 46024 ssh2	2020-03-04 17:37:44
attackspambots	Feb 25 08:00:42 XXXXXX sshd[49489]: Invalid user test from 66.70.130.152 port 47314	2020-02-25 18:32:12
attackbots	Feb 4 20:04:23 roki sshd[31049]: Invalid user mujr from 66.70.130.152 Feb 4 20:04:23 roki sshd[31049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Feb 4 20:04:25 roki sshd[31049]: Failed password for invalid user mujr from 66.70.130.152 port 50590 ssh2 Feb 4 20:27:20 roki sshd[32697]: Invalid user cms from 66.70.130.152 Feb 4 20:27:20 roki sshd[32697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 ...	2020-02-05 03:41:06
attackbotsspam	2020-01-29T05:50:00.281646shield sshd\[27403\]: Invalid user devender from 66.70.130.152 port 58258 2020-01-29T05:50:00.288442shield sshd\[27403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip152.ip-66-70-130.net 2020-01-29T05:50:01.899287shield sshd\[27403\]: Failed password for invalid user devender from 66.70.130.152 port 58258 ssh2 2020-01-29T05:53:02.678574shield sshd\[28189\]: Invalid user lalitaka from 66.70.130.152 port 57532 2020-01-29T05:53:02.682891shield sshd\[28189\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip152.ip-66-70-130.net	2020-01-29 13:55:09
attackbots	ssh brute force	2020-01-16 23:09:05
attackspam	Jan 12 22:26:15 meumeu sshd[25228]: Failed password for root from 66.70.130.152 port 55730 ssh2 Jan 12 22:29:01 meumeu sshd[25677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Jan 12 22:29:03 meumeu sshd[25677]: Failed password for invalid user testuser from 66.70.130.152 port 56988 ssh2 ...	2020-01-13 05:53:16

Comments on same subnet:

IP	Type	Details	Datetime
66.70.130.155	attackspambots	ssh brute force	2020-08-15 15:51:17
66.70.130.151	attackbots	Aug 11 03:55:10 web9 sshd\[7960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.151 user=root Aug 11 03:55:12 web9 sshd\[7960\]: Failed password for root from 66.70.130.151 port 52858 ssh2 Aug 11 03:59:28 web9 sshd\[8516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.151 user=root Aug 11 03:59:30 web9 sshd\[8516\]: Failed password for root from 66.70.130.151 port 36096 ssh2 Aug 11 04:03:29 web9 sshd\[9014\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.151 user=root	2020-08-12 01:24:52
66.70.130.155	attackbots	Aug 11 17:15:25 rancher-0 sshd[996421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.155 user=root Aug 11 17:15:26 rancher-0 sshd[996421]: Failed password for root from 66.70.130.155 port 55982 ssh2 ...	2020-08-12 00:01:08
66.70.130.149	attackspam	$f2bV_matches	2020-08-09 15:55:59
66.70.130.144	attackspambots	(sshd) Failed SSH login from 66.70.130.144 (CA/Canada/ip144.ip-66-70-130.net): 10 in the last 3600 secs	2020-08-07 16:47:03
66.70.130.155	attack	Port Scan detected from 66.70.130.155 (US/United States/Georgia/Duluth/ip155.ip-66-70-130.net). 4 hits in the last 240 seconds	2020-08-07 14:59:23
66.70.130.151	attackspambots	2020-08-06T00:40:12.8669741495-001 sshd[10553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip151.ip-66-70-130.net user=root 2020-08-06T00:40:15.1245051495-001 sshd[10553]: Failed password for root from 66.70.130.151 port 33164 ssh2 2020-08-06T00:51:41.1132041495-001 sshd[11225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip151.ip-66-70-130.net user=root 2020-08-06T00:51:42.9604061495-001 sshd[11225]: Failed password for root from 66.70.130.151 port 45554 ssh2 2020-08-06T01:03:22.0627871495-001 sshd[11963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip151.ip-66-70-130.net user=root 2020-08-06T01:03:24.1438321495-001 sshd[11963]: Failed password for root from 66.70.130.151 port 57924 ssh2 ...	2020-08-06 14:24:21
66.70.130.151	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-06 02:48:11
66.70.130.149	attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-08-05 20:25:05
66.70.130.151	attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-08-04 08:24:22
66.70.130.149	attackspam	2020-08-02T15:44:26.4232891495-001 sshd[40513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip149.ip-66-70-130.net user=root 2020-08-02T15:44:28.6178611495-001 sshd[40513]: Failed password for root from 66.70.130.149 port 34780 ssh2 2020-08-02T15:52:20.9494311495-001 sshd[40928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip149.ip-66-70-130.net user=root 2020-08-02T15:52:23.2180631495-001 sshd[40928]: Failed password for root from 66.70.130.149 port 47286 ssh2 2020-08-02T16:00:41.0052851495-001 sshd[41390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip149.ip-66-70-130.net user=root 2020-08-02T16:00:42.9113721495-001 sshd[41390]: Failed password for root from 66.70.130.149 port 59826 ssh2 ...	2020-08-03 08:07:34
66.70.130.144	attackbotsspam	Invalid user xionghui from 66.70.130.144 port 36006	2020-08-02 14:27:20
66.70.130.144	attackbots	Invalid user xionghui from 66.70.130.144 port 59026	2020-08-01 12:18:33
66.70.130.151	attackbots	Jul 30 05:55:45 master sshd[30588]: Failed password for invalid user lgx from 66.70.130.151 port 44190 ssh2 Jul 30 06:21:05 master sshd[31318]: Failed password for invalid user qianru from 66.70.130.151 port 55814 ssh2 Jul 30 06:34:22 master sshd[32036]: Failed password for invalid user office2 from 66.70.130.151 port 56150 ssh2 Jul 30 06:47:53 master sshd[32243]: Failed password for invalid user jinshuo from 66.70.130.151 port 56126 ssh2 Jul 30 07:01:51 master sshd[365]: Failed password for invalid user jingke from 66.70.130.151 port 55142 ssh2 Jul 30 07:15:07 master sshd[592]: Failed password for invalid user billing from 66.70.130.151 port 54314 ssh2 Jul 30 07:28:52 master sshd[779]: Failed password for invalid user yuancanzhou from 66.70.130.151 port 52462 ssh2 Jul 30 07:42:48 master sshd[1399]: Failed password for invalid user cqi from 66.70.130.151 port 50844 ssh2 Jul 30 07:55:47 master sshd[1601]: Failed password for invalid user poli from 66.70.130.151 port 43432 ssh2	2020-07-30 19:54:20
66.70.130.155	attackspambots	Jul 26 08:39:55 ny01 sshd[1831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.155 Jul 26 08:39:57 ny01 sshd[1831]: Failed password for invalid user mumbleserver from 66.70.130.155 port 51276 ssh2 Jul 26 08:43:58 ny01 sshd[2525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.155	2020-07-26 20:49:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.70.130.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10421
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.70.130.152.			IN	A

;; AUTHORITY SECTION:
.			2365	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 18:37:55 CST 2019
;; MSG SIZE  rcvd: 117

Host info

152.130.70.66.in-addr.arpa domain name pointer ip152.ip-66-70-130.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
152.130.70.66.in-addr.arpa	name = ip152.ip-66-70-130.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.42.98.72	attackbots	Sun, 21 Jul 2019 18:28:55 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:33:18
18.225.36.242	attackbotsspam	Jul 21 18:17:53 xb3 sshd[31590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-225-36-242.us-east-2.compute.amazonaws.com Jul 21 18:17:55 xb3 sshd[31590]: Failed password for invalid user techadmin from 18.225.36.242 port 50390 ssh2 Jul 21 18:17:55 xb3 sshd[31590]: Received disconnect from 18.225.36.242: 11: Bye Bye [preauth] Jul 21 18:29:02 xb3 sshd[32358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-225-36-242.us-east-2.compute.amazonaws.com Jul 21 18:29:04 xb3 sshd[32358]: Failed password for invalid user marimo from 18.225.36.242 port 43624 ssh2 Jul 21 18:29:04 xb3 sshd[32358]: Received disconnect from 18.225.36.242: 11: Bye Bye [preauth] Jul 21 18:33:28 xb3 sshd[29976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-18-225-36-242.us-east-2.compute.amazonaws.com Jul 21 18:33:30 xb3 sshd[29976]: Failed password for invalid u........ -------------------------------	2019-07-22 03:27:15
191.53.251.80	attack	Autoban 191.53.251.80 AUTH/CONNECT	2019-07-22 03:46:10
191.53.57.45	attack	Autoban 191.53.57.45 AUTH/CONNECT	2019-07-22 03:40:30
58.126.87.30	attackbotsspam	Sun, 21 Jul 2019 18:28:51 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:41:50
185.126.197.219	attackbots	[ ?? ] From bounce6@globalsegss.com.br Sun Jul 21 15:28:50 2019 Received: from turva5.globalsegss.com.br ([185.126.197.219]:55228)	2019-07-22 03:49:45
36.66.149.211	attackspambots	Jul 21 20:28:46 cvbmail sshd\[4502\]: Invalid user visitor from 36.66.149.211 Jul 21 20:28:46 cvbmail sshd\[4502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.66.149.211 Jul 21 20:28:48 cvbmail sshd\[4502\]: Failed password for invalid user visitor from 36.66.149.211 port 55096 ssh2	2019-07-22 03:47:54
95.44.230.162	attackbots	Sun, 21 Jul 2019 18:28:53 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:39:03
191.53.250.70	attackbotsspam	Autoban 191.53.250.70 AUTH/CONNECT	2019-07-22 03:49:12
191.81.247.244	attack	Autoban 191.81.247.244 AUTH/CONNECT	2019-07-22 03:28:10
182.70.190.85	attack	Sun, 21 Jul 2019 18:28:46 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:59:29
191.53.57.149	attackbots	Autoban 191.53.57.149 AUTH/CONNECT	2019-07-22 03:42:40
89.43.180.225	attack	Sun, 21 Jul 2019 18:28:50 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:46:40
86.124.8.81	attackspam	Sun, 21 Jul 2019 18:28:56 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:26:32
191.53.57.211	attackbots	Autoban 191.53.57.211 AUTH/CONNECT	2019-07-22 03:40:08

Recently Reported IPs

2001:44c8:448c:39b7:abd4:8a2f:2ce6:d315	204.150.25.139	129.15.105.134	140.169.128.226
218.134.48.15	71.121.251.206	205.34.118.25	59.51.152.27
86.252.22.61	234.99.22.97	155.200.114.237	128.14.209.182
176.76.72.90	12.39.209.73	106.2.12.222	223.32.27.107
144.13.81.135	145.228.174.103	166.205.101.48	243.79.141.204