66.70.240.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: Anthony Mac Inc

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	web Attack on Wordpress site	2019-11-18 23:53:19

Comments on same subnet:

IP	Type	Details	Datetime
66.70.240.214	attackspam	Unauthorized SSH login attempts	2019-11-23 06:12:56
66.70.240.214	attack	masscan/1.0 (https://github.com/robertdavidgraham/masscan)	2019-11-22 16:50:40
66.70.240.214	attack	Detected by Maltrail	2019-11-14 09:11:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.70.240.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50531
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.70.240.2.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111800 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 18 23:53:04 CST 2019
;; MSG SIZE  rcvd: 115

Host info

2.240.70.66.in-addr.arpa domain name pointer ip2.ip-66-70-240.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.240.70.66.in-addr.arpa	name = ip2.ip-66-70-240.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.54.239.184	attack	Port Scan: TCP/443	2020-10-11 19:54:35
49.234.182.99	attack	Oct 11 11:17:14 sigma sshd\[26420\]: Invalid user lipp from 49.234.182.99Oct 11 11:17:16 sigma sshd\[26420\]: Failed password for invalid user lipp from 49.234.182.99 port 33626 ssh2 ...	2020-10-11 20:17:30
122.51.82.22	attack	122.51.82.22 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 10 23:36:54 server5 sshd[30730]: Failed password for root from 139.99.98.248 port 48506 ssh2 Oct 10 23:41:25 server5 sshd[342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.82.22 user=root Oct 10 23:32:18 server5 sshd[28540]: Failed password for root from 49.235.142.96 port 57062 ssh2 Oct 10 23:39:07 server5 sshd[31857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.88.12.72 user=root Oct 10 23:39:09 server5 sshd[31857]: Failed password for root from 45.88.12.72 port 51972 ssh2 Oct 10 23:36:52 server5 sshd[30730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.98.248 user=root IP Addresses Blocked: 139.99.98.248 (SG/Singapore/-)	2020-10-11 20:13:53
51.38.129.120	attackspambots	Oct 11 13:52:29 rancher-0 sshd[597929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.129.120 user=root Oct 11 13:52:31 rancher-0 sshd[597929]: Failed password for root from 51.38.129.120 port 53260 ssh2 ...	2020-10-11 20:32:17
5.188.210.36	attack	hzb4 5.188.210.36 [11/Oct/2020:02:14:28 "http://beritaspb.com/daerah/52-desa-dan-kelurahan-di-kalbar-terima-sertifikasi-kadarkum-dari-kemenkumham/" "POST /wp-comments-post.php 302 1456 5.188.210.36 [11/Oct/2020:03:35:34 "http://beritaspb.com/imigrasi/dpr-ri-puji-kinerja-kanimsus-surabaya/" "POST /wp-comments-post.php 302 1382 5.188.210.36 [11/Oct/2020:03:46:48 "http://umrahmurahsurabaya.com/umroh-murah-surabaya-biaya-umroh-surabaya-pahala-umroh/" "POST /wp-comments-post.php 302 868	2020-10-11 20:19:26
111.231.71.157	attackspam	Oct 2 02:43:00 roki-contabo sshd\[21767\]: Invalid user vyatta from 111.231.71.157 Oct 2 02:43:00 roki-contabo sshd\[21767\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 Oct 2 02:43:02 roki-contabo sshd\[21767\]: Failed password for invalid user vyatta from 111.231.71.157 port 35362 ssh2 Oct 2 02:59:02 roki-contabo sshd\[22163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 user=root Oct 2 02:59:04 roki-contabo sshd\[22163\]: Failed password for root from 111.231.71.157 port 39768 ssh2 Oct 2 02:43:00 roki-contabo sshd\[21767\]: Invalid user vyatta from 111.231.71.157 Oct 2 02:43:00 roki-contabo sshd\[21767\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 Oct 2 02:43:02 roki-contabo sshd\[21767\]: Failed password for invalid user vyatta from 111.231.71.157 port 35362 ssh2 Oct 2 02:59:02 roki-conta ...	2020-10-11 19:54:10
34.94.155.56	attackspambots	34.94.155.56 - - [11/Oct/2020:12:36:05 +0100] "POST /wp-login.php HTTP/1.1" 200 2475 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.94.155.56 - - [11/Oct/2020:12:36:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2481 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.94.155.56 - - [11/Oct/2020:12:36:08 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-11 19:57:52
46.101.173.231	attackbots	Oct 11 11:24:07 XXX sshd[16187]: Invalid user zabbix from 46.101.173.231 port 57352	2020-10-11 20:32:37
45.143.221.101	attackspam	TCP port : 5060	2020-10-11 20:07:10
14.161.45.187	attackbots	Oct 11 16:13:39 mx sshd[1351830]: Failed password for root from 14.161.45.187 port 47020 ssh2 Oct 11 16:14:33 mx sshd[1351838]: Invalid user uu from 14.161.45.187 port 52915 Oct 11 16:14:33 mx sshd[1351838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 Oct 11 16:14:33 mx sshd[1351838]: Invalid user uu from 14.161.45.187 port 52915 Oct 11 16:14:35 mx sshd[1351838]: Failed password for invalid user uu from 14.161.45.187 port 52915 ssh2 ...	2020-10-11 20:07:57
218.75.156.247	attack	$f2bV_matches	2020-10-11 20:08:14
181.30.28.133	attackspambots	$f2bV_matches	2020-10-11 20:02:34
45.14.224.182	attackbots	SSH login attempts.	2020-10-11 20:18:24
74.82.47.62	attack	firewall-block, port(s): 5555/tcp	2020-10-11 20:15:43
79.124.62.66	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 68 - port: 1578 proto: tcp cat: Misc Attackbytes: 60	2020-10-11 20:05:40

Recently Reported IPs

178.93.58.1	193.112.197.1	150.136.201.2	94.102.124.1
62.141.103.146	198.20.103.2	101.128.72.4	51.15.75.6
41.136.155.1	195.154.56.5	111.203.197.1	87.117.8.2
142.105.13.1	114.5.81.6	110.235.251.1	165.16.37.1
139.255.101.2	101.234.76.51	61.219.11.1	60.248.178.1