82.146.42.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: JSC IOT

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	DATE:2020-04-27 16:19:26, IP:82.146.42.66, PORT:ssh SSH brute force auth (docker-dc)	2020-04-27 23:33:11
attackspam	2020-04-16T19:58:41.441675amanda2.illicoweb.com sshd\[27795\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.146.42.66 user=root 2020-04-16T19:58:43.628989amanda2.illicoweb.com sshd\[27795\]: Failed password for root from 82.146.42.66 port 56906 ssh2 2020-04-16T20:02:21.591976amanda2.illicoweb.com sshd\[28195\]: Invalid user test1 from 82.146.42.66 port 35064 2020-04-16T20:02:21.594777amanda2.illicoweb.com sshd\[28195\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.146.42.66 2020-04-16T20:02:22.984145amanda2.illicoweb.com sshd\[28195\]: Failed password for invalid user test1 from 82.146.42.66 port 35064 ssh2 ...	2020-04-17 03:21:50

Type

Details

Datetime

attackspam

DATE:2020-04-27 16:19:26, IP:82.146.42.66, PORT:ssh SSH brute force auth (docker-dc)

2020-04-27 23:33:11

attackspam

2020-04-16T19:58:41.441675amanda2.illicoweb.com sshd\[27795\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.146.42.66  user=root
2020-04-16T19:58:43.628989amanda2.illicoweb.com sshd\[27795\]: Failed password for root from 82.146.42.66 port 56906 ssh2
2020-04-16T20:02:21.591976amanda2.illicoweb.com sshd\[28195\]: Invalid user test1 from 82.146.42.66 port 35064
2020-04-16T20:02:21.594777amanda2.illicoweb.com sshd\[28195\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.146.42.66
2020-04-16T20:02:22.984145amanda2.illicoweb.com sshd\[28195\]: Failed password for invalid user test1 from 82.146.42.66 port 35064 ssh2
...

2020-04-17 03:21:50

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 82.146.42.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57668
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;82.146.42.66.			IN	A

;; AUTHORITY SECTION:
.			594	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041602 1800 900 604800 86400

;; Query time: 157 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 17 03:21:47 CST 2020
;; MSG SIZE  rcvd: 116

Host info

66.42.146.82.in-addr.arpa domain name pointer viking51.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.42.146.82.in-addr.arpa	name = viking51.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.155.108.162	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:44:48
142.44.243.161	attackspam	Nov 2 22:54:24 h2177944 kernel: \[5607354.351930\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=47309 PROTO=TCP SPT=50898 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 2 22:54:36 h2177944 kernel: \[5607366.493998\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=62777 PROTO=TCP SPT=35399 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 2 22:55:10 h2177944 kernel: \[5607400.863459\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=35029 PROTO=TCP SPT=11008 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 2 22:55:19 h2177944 kernel: \[5607410.179296\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=46821 PROTO=TCP SPT=56382 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 2 22:56:12 h2177944 kernel: \[5607462.536175\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x0	2019-11-03 07:54:58
117.239.232.253	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-11-03 08:12:28
125.8.92.229	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-11-03 08:02:31
141.212.123.197	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:55:24
118.172.47.18	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-11-03 08:09:19
118.163.45.178	attack	11/02/2019-20:00:42.912965 118.163.45.178 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-03 08:09:49
136.232.12.70	attackbots	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:57:31
152.32.98.139	attack	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:52:32
116.87.24.115	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-11-03 08:18:57
117.218.221.86	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-11-03 08:13:37
140.255.32.222	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:55:37
123.30.169.85	attack	Scanning random ports - tries to find possible vulnerable services	2019-11-03 08:04:49
125.62.85.63	attackbots	Scanning random ports - tries to find possible vulnerable services	2019-11-03 08:01:18
148.238.49.84	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-11-03 07:53:43

Recently Reported IPs

52.250.205.125	12.206.1.140	31.48.253.246	27.50.159.224
239.32.28.155	82.19.109.13	10.197.104.62	145.125.213.236
42.61.202.115	53.12.216.71	187.189.27.21	192.144.199.95
2a01:cb1d:8a0c:4f00:e1cb:ea5b:4564:3cbb	183.88.234.22	14.160.8.210	62.210.125.29
54.169.38.121	209.126.1.183	42.114.168.2	150.136.172.94