66.111.4.71 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 66.111.4.71 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• Tags: tsec

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS19151 broadbandone llc
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: 8648dl.com 759655.com 812937.com jlbaobao.cn stopic.com jingseyantu.com 97575dz.com mail.quaack.info mx2.messagingengine.com smtp.us.messagingengine.com in1-smtp.messagingengine.com smtp.us2.fastmail.fm in1.smtp.messagingengine.com

Malware Detected on Host

Count: 372 a561c99db6fb1cf48c919762cf9930ad6edb6db1b0223d7d686209744ded5cea 7c1d1a2b0d4d596ff8ee5b4cd5fb082d05e1fa04cb24a5c468cba065495772e3 8b208716ed9027c704511a4cd7b8e1dc7c89dfc1093fd8f53d8a05a53cf2aea5 8eb21ca6ebe50702879f5b6ff19437a6805a7215738a8bdb4aa2f94e672e7b2e 671ffdea0a93023e45381b3cc10b5ef10d0c61b0cb3d4df499835811ef0930e0 2584c0c857e4bdbfb00adbd30fc198e9a80d49b48535a1fd612352a0bf6c4d29 bef48f0b75db9b99c696bf84df69ea68e169d238e2fb15e3d866410f97a03f28 77c0048a10d556a80f2b2fd9c5e1f3b42876fb42cce8dc4d51c4ae2259abec52 6f3243d30570d930096785c063118e7c17d9b5d20d067f7448b23733b551e525 8f85d2a56de45193ea1804a0b2352576db51cffc8ae2a92adbfbe398a2de6a9e

Open Ports Detected

25

Map

Whois Information

• NetRange: 66.111.0.0 - 66.111.15.255
• CIDR: 66.111.0.0/20
• NetName: NYIC-2BLK
• NetHandle: NET-66-111-0-0-1
• Parent: NET66 (NET-66-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: NYI (NHL-79)
• RegDate: 2001-05-24
• Updated: 2017-12-12
• Ref: https://rdap.arin.net/registry/ip/66.111.0.0
• OrgName: NYI
• OrgId: NHL-79
• Address: 100 William Street, Suite 318
• City: New York
• StateProv: NY
• PostalCode: 10038
• Country: US
• RegDate: 2017-11-16
• Updated: 2020-02-17
• Comment: is available at
• Ref: https://rdap.arin.net/registry/entity/NHL-79
• OrgAbuseHandle: NAD111-ARIN
• OrgAbuseName: NYI Abuse Department
• OrgAbusePhone: +1-212-269-1999
• OrgAbuseEmail: abuse@nyi.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NAD111-ARIN
• OrgTechHandle: NIE6-ARIN
• OrgTechName: NYI Internet Engineering
• OrgTechPhone: +1-212-269-1999
• OrgTechEmail: inter-eng@nyi.net
• OrgTechRef: https://rdap.arin.net/registry/entity/NIE6-ARIN
• network:Class-Name:network
• network:ID:NYIC.66.111.0.0/20
• network:Auth-Area:66.111.0.0/20
• network:Network-Name:NYIC-66.111.4.0
• network:IP-Network:66.111.4.0/24
• network:IP-Network-Block:66.111.4.0 - 66.111.4.255
• network:Organization;I:FASTMAIL-66.111
• network:Tech-Contact;I:hostmaster@fastmail.fm
• network:Created:20080625
• network:Updated:20080625
• network:Updated-By:hostmaster@nyi.net
• network:Class-Name:network
• network:ID:NYIC.66.111.0.0/20
• network:Auth-Area:66.111.0.0/20
• network:Network-Name:NYIC-66.111.0.0
• network:IP-Network:66.111.0.0/20
• network:IP-Network-Block:66.111.0.0 - 66.111.15.255
• network:Organization;I:NYIC-66.111
• network:Tech-Contact;I:hostmaster@nyi.net
• network:Created:20080625
• network:Updated:20080625
• network:Updated-By:hostmaster@nyi.net

Links to attack logs

****** ****** ******