66.117.9.222 Threat Intelligence and Host Information

Share on:
Jul 07, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 66.117.9.222 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: Nextray, cyber security, ioc, malicious, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network: AS17139 corporate colocation inc.
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 12 ccb813079fe65e2e6d70a7ba16b1a4122466ad6f1725ca58a2af6aad82c83927 c410bec80329ad1b379f87767cd1f2d7a6a7cf454bc40a6fa4943baa1be5fbad cc757c065017d851a79d819b95ca5677980e7fcbd3f3e10ba4b4c0714811fefd f372976893af5f86a37028a8313c605ffcd0d6ac69304f9b2f34b2044d2e848f aa7f26656f4b440971dc8f388b92e0775b141145f8b5ba25f204cddd90954cce ca63f21a619240b7537bdd4ed21d7749b1fc4866438c9e960aa39668b2ab428b f6ab7147ec3a3605c5f52b64a51c409dfee95c263ed4e47eeb0ad64d323ea2a9 6614b5bd1be83a57df9e9d35642ea2954b1580851dc7e2a7e2d4042de0e7fddd 492facd4ebd66f2c3559b125bd311d3fcf4244a090f68df2d771453a89afb0de 11e18847fe3b2979d9a1cbe97fa42ce4d589a1320c5e86eaaaea8613b2e1b32a

Map

Whois Information

  • NetRange: 66.117.6.0 - 66.117.13.255
  • CIDR: 66.117.6.0/23, 66.117.12.0/23, 66.117.8.0/22
  • NetName: CORPCOLO-NET02
  • NetHandle: NET-66-117-6-0-1
  • Parent: NET66 (NET-66-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Corporate Colocation Inc. (CORPO-6)
  • RegDate: 2006-10-27
  • Updated: 2022-08-04
  • Ref: https://rdap.arin.net/registry/ip/66.117.6.0
  • OrgName: Corporate Colocation Inc.
  • OrgId: CORPO-6
  • Address: 2109 Micheltornea Street
  • City: Los Angeles
  • StateProv: CA
  • PostalCode: 90039
  • Country: US
  • RegDate: 2003-11-11
  • Updated: 2017-01-28
  • Ref: https://rdap.arin.net/registry/entity/CORPO-6
  • OrgAbuseHandle: ABUSE657-ARIN
  • OrgAbuseName: Abuse Department
  • OrgAbusePhone: +1-888-742-4147
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE657-ARIN
  • OrgTechHandle: NOC1601-ARIN
  • OrgTechName: Network Operations Center
  • OrgTechPhone: +1-323-350-5596
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/NOC1601-ARIN
  • RAbuseHandle: NOC1601-ARIN
  • RAbuseName: Network Operations Center
  • RAbusePhone: +1-323-350-5596
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/NOC1601-ARIN
  • RTechHandle: NOC1601-ARIN
  • RTechName: Network Operations Center
  • RTechPhone: +1-323-350-5596
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/NOC1601-ARIN
  • RNOCHandle: NOC1601-ARIN
  • RNOCName: Network Operations Center
  • RNOCPhone: +1-323-350-5596
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC1601-ARIN
  • NetRange: 66.117.9.216 - 66.117.9.223
  • CIDR: 66.117.9.216/29
  • NetName: NASNET-66-117-9-216-29
  • NetHandle: NET-66-117-9-216-1
  • Parent: CORPCOLO-NET02 (NET-66-117-6-0-1)
  • NetType: Reassigned
  • OriginAS:
  • Customer: China Outcom-urhosts.net (C04676191)
  • RegDate: 2013-08-20
  • Updated: 2022-08-04
  • Ref: https://rdap.arin.net/registry/ip/66.117.9.216
  • CustName: China Outcom-urhosts.net
  • Address: 313 Pasli Rd
  • City: Beijing
  • StateProv: BEIJING
  • PostalCode: 116001
  • Country: CN
  • RegDate: 2013-08-20
  • Updated: 2013-08-20
  • Ref: https://rdap.arin.net/registry/entity/C04676191
  • OrgAbuseHandle: ABUSE657-ARIN
  • OrgAbuseName: Abuse Department
  • OrgAbusePhone: +1-888-742-4147
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE657-ARIN
  • OrgTechHandle: NOC1601-ARIN
  • OrgTechName: Network Operations Center
  • OrgTechPhone: +1-323-350-5596
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/NOC1601-ARIN
  • RAbuseHandle: NOC1601-ARIN
  • RAbuseName: Network Operations Center
  • RAbusePhone: +1-323-350-5596
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/NOC1601-ARIN
  • RTechHandle: NOC1601-ARIN
  • RTechName: Network Operations Center
  • RTechPhone: +1-323-350-5596
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/NOC1601-ARIN
  • RNOCHandle: NOC1601-ARIN
  • RNOCName: Network Operations Center
  • RNOCPhone: +1-323-350-5596
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC1601-ARIN

Links to attack logs

sip-bruteforce-ip-list-2020-07-30