66.111.4.70 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 66.111.4.70 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• Tags: tsec

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS19151 broadbandone llc
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: 8648dl.com mx1.messagingengine.com 759655.com 812937.com jlbaobao.cn stopic.com jingseyantu.com 97575dz.com mail.quaack.info in1-smtp.messagingengine.com smtp.us.messagingengine.com in1.smtp.messagingengine.com

Malware Detected on Host

Count: 346 5d39d06da63faa83f48256f5ff75d570d88b91ab952bedfbe35b47a63937ee3c dbff03dbd1e5e7690f0c8ac8e3d143a22424c6da5ea3da5fb1e87e04652dd2de 6a617328f1971019eb82261656ecb6065143048e6105bc295bd198d53e2402d1 7d6372c8e7f0efd8b99a83e3836985d1389b30c6bb89578735851f30f0f2612a 7c1d1a2b0d4d596ff8ee5b4cd5fb082d05e1fa04cb24a5c468cba065495772e3 ab3da44ddc3f2aaf9cc761b2a3719239f2ed126bbd2e67e70bc8fe5857fc9f63 42eb043796c5fd953ff71003b0dc9e5216d8055ce238c0975be9320441b00ea1 801a2c21e4c448d7b0e8944fced5a08064ce8c498fe4c38f9a5e8389dabd9e7b b420b8a06fe0edceae7009384ecf95583972ec70fd029ebb8513b431ecbaa942 6f5716964a93fc07152b998d4bbf6fe422ac062b311351d3d81ae1139e8ef76b

Open Ports Detected

25

Map

Whois Information

• NetRange: 66.111.0.0 - 66.111.15.255
• CIDR: 66.111.0.0/20
• NetName: NYIC-2BLK
• NetHandle: NET-66-111-0-0-1
• Parent: NET66 (NET-66-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: NYI (NHL-79)
• RegDate: 2001-05-24
• Updated: 2017-12-12
• Ref: https://rdap.arin.net/registry/ip/66.111.0.0
• OrgName: NYI
• OrgId: NHL-79
• Address: 100 William Street, Suite 318
• City: New York
• StateProv: NY
• PostalCode: 10038
• Country: US
• RegDate: 2017-11-16
• Updated: 2020-02-17
• Comment: is available at
• Ref: https://rdap.arin.net/registry/entity/NHL-79
• OrgAbuseHandle: NAD111-ARIN
• OrgAbuseName: NYI Abuse Department
• OrgAbusePhone: +1-212-269-1999
• OrgAbuseEmail: abuse@nyi.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NAD111-ARIN
• OrgTechHandle: NIE6-ARIN
• OrgTechName: NYI Internet Engineering
• OrgTechPhone: +1-212-269-1999
• OrgTechEmail: inter-eng@nyi.net
• OrgTechRef: https://rdap.arin.net/registry/entity/NIE6-ARIN
• network:Class-Name:network
• network:ID:NYIC.66.111.0.0/20
• network:Auth-Area:66.111.0.0/20
• network:Network-Name:NYIC-66.111.4.0
• network:IP-Network:66.111.4.0/24
• network:IP-Network-Block:66.111.4.0 - 66.111.4.255
• network:Organization;I:FASTMAIL-66.111
• network:Tech-Contact;I:hostmaster@fastmail.fm
• network:Created:20080625
• network:Updated:20080625
• network:Updated-By:hostmaster@nyi.net
• network:Class-Name:network
• network:ID:NYIC.66.111.0.0/20
• network:Auth-Area:66.111.0.0/20
• network:Network-Name:NYIC-66.111.0.0
• network:IP-Network:66.111.0.0/20
• network:IP-Network-Block:66.111.0.0 - 66.111.15.255
• network:Organization;I:NYIC-66.111
• network:Tech-Contact;I:hostmaster@nyi.net
• network:Created:20080625
• network:Updated:20080625
• network:Updated-By:hostmaster@nyi.net

Links to attack logs

****** ****** ******