80.66.76.134 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Vulnerability Scanner	2024-04-21 12:55:22
attack	Vulnerability Scanner	2024-04-21 12:54:57

Comments on same subnet:

IP	Type	Details	Datetime
80.66.76.121	attackproxy	Vulnerability Scanner	2024-04-30 13:02:34
80.66.76.130	attack	Vulnerability Scanner	2024-04-22 20:50:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.66.76.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35100
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;80.66.76.134.			IN	A

;; AUTHORITY SECTION:
.			124	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024042001 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 21 12:54:56 CST 2024
;; MSG SIZE  rcvd: 105

Host info

Host 134.76.66.80.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 134.76.66.80.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.119.212.93	attack	45.119.212.93 - - [28/Jul/2020:15:30:22 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.119.212.93 - - [28/Jul/2020:15:30:24 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.119.212.93 - - [28/Jul/2020:15:30:25 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-29 00:02:27
106.13.50.145	attackbots	Jul 28 14:05:21 h2829583 sshd[9558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.50.145	2020-07-28 23:33:16
202.115.30.5	attack	$f2bV_matches	2020-07-28 23:21:32
112.169.9.160	attackspam	Brute force SMTP login attempted. ...	2020-07-28 23:52:30
159.89.174.224	attackbots	SSH Brute Force	2020-07-28 23:16:29
50.62.160.239	attack	LGS,WP GET /www/wp-includes/wlwmanifest.xml	2020-07-28 23:44:12
179.191.153.245	attackbots	Automatic report - XMLRPC Attack	2020-07-29 00:01:50
212.70.149.19	attack	2020-07-28 18:53:25 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=tear@org.ua$2020-07-28 18:53:48 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=teatime@org.ua$2020-07-28 18:54:10 dovecot_login authenticator failed for $User$ \[212.70.149.19\]: 535 Incorrect authentication data $set_id=tebenihinas@org.ua$ ...	2020-07-28 23:54:49
111.229.167.91	attackspambots	Jul 28 15:09:30 pve1 sshd[10647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.167.91 Jul 28 15:09:32 pve1 sshd[10647]: Failed password for invalid user bepadm from 111.229.167.91 port 36536 ssh2 ...	2020-07-28 23:16:11
42.159.228.125	attackspam	Jul 28 17:03:37 mout sshd[17530]: Invalid user fjseclib from 42.159.228.125 port 62168	2020-07-28 23:51:17
84.17.46.203	attackspam	Fail2Ban Ban Triggered HTTP Exploit Attempt	2020-07-28 23:43:48
46.83.46.174	attackbots	Jul 28 16:15:25 minden010 postfix/smtpd[3015]: NOQUEUE: reject: RCPT from p2e532eae.dip0.t-ipconnect.de[46.83.46.174]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Jul 28 16:15:25 minden010 postfix/smtpd[26614]: NOQUEUE: reject: RCPT from p2e532eae.dip0.t-ipconnect.de[46.83.46.174]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Jul 28 16:15:25 minden010 postfix/smtpd[32625]: NOQUEUE: reject: RCPT from p2e532eae.dip0.t-ipconnect.de[46.83.46.174]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Jul 28 16:25:22 minden010 postfix/smtpd[32625]: NOQUEUE: reject: RCPT from p2e532eae.dip0.t-ipconnect.de[46.83.46.174]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Jul ...	2020-07-28 23:33:58
14.169.139.82	attack	xmlrpc attack	2020-07-28 23:20:30
45.129.33.16	attack	scans 6 times in preceeding hours on the ports (in chronological order) 4962 4966 4968 4961 4967 4969 resulting in total of 115 scans from 45.129.33.0/24 block.	2020-07-28 23:18:07
111.72.198.47	attackbots	Jul 28 13:16:51 nirvana postfix/smtpd[12193]: connect from unknown[111.72.198.47] Jul 28 13:16:51 nirvana postfix/smtpd[12193]: lost connection after EHLO from unknown[111.72.198.47] Jul 28 13:16:51 nirvana postfix/smtpd[12193]: disconnect from unknown[111.72.198.47] Jul 28 13:20:18 nirvana postfix/smtpd[12575]: connect from unknown[111.72.198.47] Jul 28 13:20:19 nirvana postfix/smtpd[12575]: warning: unknown[111.72.198.47]: SASL LOGIN authentication failed: authentication failure Jul 28 13:20:19 nirvana postfix/smtpd[12575]: lost connection after AUTH from unknown[111.72.198.47] Jul 28 13:20:19 nirvana postfix/smtpd[12575]: disconnect from unknown[111.72.198.47] Jul 28 13:23:46 nirvana postfix/smtpd[13064]: connect from unknown[111.72.198.47] Jul 28 13:23:48 nirvana postfix/smtpd[13064]: warning: unknown[111.72.198.47]: SASL LOGIN authentication failed: authentication failure Jul 28 13:23:50 nirvana postfix/smtpd[13064]: warning: unknown[111.72.198.47]: SASL LOGIN auth........ -------------------------------	2020-07-28 23:50:24

Recently Reported IPs

23.225.221.222	113.108.28.63	23.225.221.76	23.225.221.209
185.65.253.224	185.65.253.206	120.245.61.100	2.57.205.12
2.58.95.38	2.58.95.31	2.58.95.35	23.225.221.197
230.221.64.94	171.8.173.204	185.181.42.1	45.56.111.247
145.171.63.104	45.76.33.202	171.8.173.127	222.137.85.69