18.191.66.14 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Automatic report - Banned IP Access	2019-09-03 20:29:24
attack	Aug 29 01:54:45 dedicated sshd[14603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.191.66.14 user=root Aug 29 01:54:48 dedicated sshd[14603]: Failed password for root from 18.191.66.14 port 60014 ssh2	2019-08-29 08:04:27

类型

评论内容

时间

attack

Automatic report - Banned IP Access

2019-09-03 20:29:24

attack

Aug 29 01:54:45 dedicated sshd[14603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.191.66.14  user=root
Aug 29 01:54:48 dedicated sshd[14603]: Failed password for root from 18.191.66.14 port 60014 ssh2

2019-08-29 08:04:27

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.191.66.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60805
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;18.191.66.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082802 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 29 08:04:22 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

14.66.191.18.in-addr.arpa domain name pointer ec2-18-191-66-14.us-east-2.compute.amazonaws.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
14.66.191.18.in-addr.arpa	name = ec2-18-191-66-14.us-east-2.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
46.38.150.153	attackspam	Jul 8 13:07:51 relay postfix/smtpd\[3507\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 13:08:37 relay postfix/smtpd\[4469\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 13:09:19 relay postfix/smtpd\[6344\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 13:10:09 relay postfix/smtpd\[9160\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 13:10:52 relay postfix/smtpd\[7338\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-08 19:11:31
36.112.131.191	attackspambots	TCP ports : 1160 / 5258 / 18221 / 19936 / 24577	2020-07-08 19:24:27
164.132.47.139	attack	odoo8 ...	2020-07-08 19:17:18
118.24.18.226	attackbotsspam	2020-07-08T08:22:29.052819lavrinenko.info sshd[11117]: Invalid user test from 118.24.18.226 port 56312 2020-07-08T08:22:29.058869lavrinenko.info sshd[11117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.18.226 2020-07-08T08:22:29.052819lavrinenko.info sshd[11117]: Invalid user test from 118.24.18.226 port 56312 2020-07-08T08:22:30.654256lavrinenko.info sshd[11117]: Failed password for invalid user test from 118.24.18.226 port 56312 ssh2 2020-07-08T08:24:58.711092lavrinenko.info sshd[11213]: Invalid user annike from 118.24.18.226 port 56156 ...	2020-07-08 18:59:12
83.97.20.35	attack	Jul 8 13:02:21 debian-2gb-nbg1-2 kernel: \[16464740.976764\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=83.97.20.35 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=39888 DPT=2082 WINDOW=65535 RES=0x00 SYN URGP=0	2020-07-08 19:19:14
128.1.135.158	attackbotsspam	Lines containing failures of 128.1.135.158 Jul 8 01:43:32 kmh-vmh-002-fsn07 sshd[13141]: Invalid user iocha from 128.1.135.158 port 57468 Jul 8 01:43:32 kmh-vmh-002-fsn07 sshd[13141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.135.158 Jul 8 01:43:34 kmh-vmh-002-fsn07 sshd[13141]: Failed password for invalid user iocha from 128.1.135.158 port 57468 ssh2 Jul 8 01:43:35 kmh-vmh-002-fsn07 sshd[13141]: Received disconnect from 128.1.135.158 port 57468:11: Bye Bye [preauth] Jul 8 01:43:35 kmh-vmh-002-fsn07 sshd[13141]: Disconnected from invalid user iocha 128.1.135.158 port 57468 [preauth] Jul 8 01:50:25 kmh-vmh-002-fsn07 sshd[23801]: Invalid user olaf from 128.1.135.158 port 49318 Jul 8 01:50:25 kmh-vmh-002-fsn07 sshd[23801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.1.135.158 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=128.1.135.158	2020-07-08 19:03:52
63.143.32.122	attack	UDP 63.143.32.122:5091 -> port 1025, len 433	2020-07-08 19:23:04
92.222.77.150	attackbotsspam	Jul 8 07:24:53 NPSTNNYC01T sshd[26195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.77.150 Jul 8 07:24:54 NPSTNNYC01T sshd[26195]: Failed password for invalid user jenkinsssh from 92.222.77.150 port 45596 ssh2 Jul 8 07:27:50 NPSTNNYC01T sshd[26448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.77.150 ...	2020-07-08 19:28:31
113.241.143.156	attack	firewall-block, port(s): 5555/tcp	2020-07-08 19:12:11
167.99.66.193	attackbotsspam	Jul 8 10:57:23 game-panel sshd[6580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.66.193 Jul 8 10:57:25 game-panel sshd[6580]: Failed password for invalid user emelie from 167.99.66.193 port 57878 ssh2 Jul 8 11:00:44 game-panel sshd[6767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.66.193	2020-07-08 19:06:56
178.128.103.151	attackbotsspam	178.128.103.151 - - [08/Jul/2020:07:29:18 +0100] "POST /wp-login.php HTTP/1.1" 200 2345 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.103.151 - - [08/Jul/2020:07:29:20 +0100] "POST /wp-login.php HTTP/1.1" 200 2350 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.103.151 - - [08/Jul/2020:07:29:21 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-08 19:21:52
51.15.118.114	attack	Jul 8 07:06:22 NPSTNNYC01T sshd[24131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.118.114 Jul 8 07:06:24 NPSTNNYC01T sshd[24131]: Failed password for invalid user lencia from 51.15.118.114 port 55630 ssh2 Jul 8 07:09:23 NPSTNNYC01T sshd[24519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.118.114 ...	2020-07-08 19:15:58
37.152.181.151	attackbotsspam	Jul 8 12:08:46 mail sshd[26715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.152.181.151 Jul 8 12:08:48 mail sshd[26715]: Failed password for invalid user admin from 37.152.181.151 port 47658 ssh2 ...	2020-07-08 19:15:16
49.235.90.32	attackspam	Jul 8 05:40:37 sxvn sshd[155024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.90.32	2020-07-08 18:56:55
192.35.168.224	attackspam	Jul 8 12:26:22 debian-2gb-nbg1-2 kernel: \[16462581.724215\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=192.35.168.224 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=34 ID=36096 PROTO=TCP SPT=21544 DPT=21313 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-08 19:06:08

最近上报的IP列表

176.215.4.72	147.139.135.52	168.96.118.23	95.141.37.33
211.221.191.106	182.117.68.245	212.129.52.3	163.172.52.206
44.6.91.55	48.47.73.223	115.48.180.152	49.234.236.126
212.64.91.187	197.89.255.23	103.243.24.217	39.106.85.98
129.226.56.24	164.77.210.118	50.60.129.33	244.154.74.152