66.68.187.140 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Charter Communications Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	SSH login attempts.	2020-10-01 07:47:51
attack	Invalid user ftptest from 66.68.187.140 port 53444	2020-10-01 00:17:41
attackspambots	$f2bV_matches	2020-09-30 16:38:30
attack	Invalid user hduser from 66.68.187.140 port 44006	2020-09-12 20:29:00
attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-12 12:31:30
attack	[ssh] SSH attack	2020-09-12 04:20:42
attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-03T14:45:35Z and 2020-09-03T14:55:51Z	2020-09-03 23:15:04
attack	Sep 3 12:47:44 itv-usvr-02 sshd[13720]: Invalid user cumulus from 66.68.187.140 port 45294 Sep 3 12:47:44 itv-usvr-02 sshd[13720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.140 Sep 3 12:47:44 itv-usvr-02 sshd[13720]: Invalid user cumulus from 66.68.187.140 port 45294 Sep 3 12:47:46 itv-usvr-02 sshd[13720]: Failed password for invalid user cumulus from 66.68.187.140 port 45294 ssh2 Sep 3 12:51:44 itv-usvr-02 sshd[13865]: Invalid user dxp from 66.68.187.140 port 53324	2020-09-03 14:48:53
attackbotsspam	Sep 2 17:28:45 scw-focused-cartwright sshd[13665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.140 Sep 2 17:28:47 scw-focused-cartwright sshd[13665]: Failed password for invalid user fedora from 66.68.187.140 port 53658 ssh2	2020-09-03 07:02:22
attack	Sep 1 14:44:30 lnxmail61 sshd[28245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.140	2020-09-01 21:11:59
attack	$lgm	2020-08-30 07:41:41
attackbots	Aug 29 13:19:22 l02a sshd[24219]: Invalid user admin from 66.68.187.140 Aug 29 13:19:22 l02a sshd[24219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-66-68-187-140.austin.res.rr.com Aug 29 13:19:22 l02a sshd[24219]: Invalid user admin from 66.68.187.140 Aug 29 13:19:25 l02a sshd[24219]: Failed password for invalid user admin from 66.68.187.140 port 45184 ssh2	2020-08-30 01:57:03
attack	Aug 24 14:53:28 gutwein sshd[624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-66-68-187-140.austin.res.rr.com Aug 24 14:53:30 gutwein sshd[624]: Failed password for invalid user kk from 66.68.187.140 port 53802 ssh2 Aug 24 14:53:30 gutwein sshd[624]: Received disconnect from 66.68.187.140: 11: Bye Bye [preauth] Aug 24 14:56:12 gutwein sshd[1218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-66-68-187-140.austin.res.rr.com Aug 24 14:56:15 gutwein sshd[1218]: Failed password for invalid user caffe from 66.68.187.140 port 36910 ssh2 Aug 24 14:56:15 gutwein sshd[1218]: Received disconnect from 66.68.187.140: 11: Bye Bye [preauth] Aug 24 14:58:14 gutwein sshd[1652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-66-68-187-140.austin.res.rr.com Aug 24 14:58:16 gutwein sshd[1652]: Failed password for invalid user helper from 66.68.187.140........ -------------------------------	2020-08-27 09:34:56

相同子网IP讨论:

IP	类型	评论内容	时间
66.68.187.145	attackspam	Invalid user cmc from 66.68.187.145 port 39850	2020-08-18 18:14:08
66.68.187.145	attackbots	Aug 11 13:58:00 marvibiene sshd[20468]: Failed password for root from 66.68.187.145 port 53606 ssh2 Aug 11 14:09:53 marvibiene sshd[21072]: Failed password for root from 66.68.187.145 port 34314 ssh2	2020-08-11 21:37:00
66.68.187.145	attackspambots	2020-07-30T14:06:39.382543v22018076590370373 sshd[18954]: Failed password for root from 66.68.187.145 port 38024 ssh2 2020-07-30T14:11:00.182963v22018076590370373 sshd[13681]: Invalid user kcyong from 66.68.187.145 port 51712 2020-07-30T14:11:00.188522v22018076590370373 sshd[13681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.145 2020-07-30T14:11:00.182963v22018076590370373 sshd[13681]: Invalid user kcyong from 66.68.187.145 port 51712 2020-07-30T14:11:02.787658v22018076590370373 sshd[13681]: Failed password for invalid user kcyong from 66.68.187.145 port 51712 ssh2 ...	2020-07-30 22:43:28
66.68.187.145	attack	SSH Invalid Login	2020-07-30 05:58:40
66.68.187.145	attackspambots	Jul 28 22:18:04 host sshd[5713]: Invalid user vnc from 66.68.187.145 port 58042 ...	2020-07-29 04:36:19
66.68.187.145	attackspam	Total attacks: 2	2020-07-27 07:24:26
66.68.187.145	attack	Fail2Ban - SSH Bruteforce Attempt	2020-07-19 21:24:26
66.68.187.145	attackbotsspam	Invalid user admin from 66.68.187.145 port 47708	2020-07-18 07:10:46
66.68.187.145	attackbots	detected by Fail2Ban	2020-07-16 02:12:22
66.68.187.145	attack	2020-07-07T23:04:34.925693abusebot-7.cloudsearch.cf sshd[21200]: Invalid user public from 66.68.187.145 port 38298 2020-07-07T23:04:34.929481abusebot-7.cloudsearch.cf sshd[21200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-66-68-187-145.austin.res.rr.com 2020-07-07T23:04:34.925693abusebot-7.cloudsearch.cf sshd[21200]: Invalid user public from 66.68.187.145 port 38298 2020-07-07T23:04:37.647861abusebot-7.cloudsearch.cf sshd[21200]: Failed password for invalid user public from 66.68.187.145 port 38298 ssh2 2020-07-07T23:07:47.552160abusebot-7.cloudsearch.cf sshd[21207]: Invalid user gulliver from 66.68.187.145 port 35350 2020-07-07T23:07:47.556097abusebot-7.cloudsearch.cf sshd[21207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-66-68-187-145.austin.res.rr.com 2020-07-07T23:07:47.552160abusebot-7.cloudsearch.cf sshd[21207]: Invalid user gulliver from 66.68.187.145 port 35350 2020-07-07T23:07:4 ...	2020-07-08 08:58:30
66.68.187.145	attackbots	DATE:2020-05-16 04:25:21, IP:66.68.187.145, PORT:ssh SSH brute force auth (docker-dc)	2020-05-16 12:27:19
66.68.187.145	attack	5x Failed Password	2020-04-26 19:43:34
66.68.187.145	attackspambots	Apr 23 13:25:33 vlre-nyc-1 sshd\[13372\]: Invalid user ubuntu from 66.68.187.145 Apr 23 13:25:33 vlre-nyc-1 sshd\[13372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.145 Apr 23 13:25:35 vlre-nyc-1 sshd\[13372\]: Failed password for invalid user ubuntu from 66.68.187.145 port 53900 ssh2 Apr 23 13:28:54 vlre-nyc-1 sshd\[13405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.145 user=root Apr 23 13:28:56 vlre-nyc-1 sshd\[13405\]: Failed password for root from 66.68.187.145 port 48226 ssh2 Apr 23 13:30:57 vlre-nyc-1 sshd\[13443\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.145 user=root Apr 23 13:30:59 vlre-nyc-1 sshd\[13443\]: Failed password for root from 66.68.187.145 port 52958 ssh2 Apr 23 13:33:00 vlre-nyc-1 sshd\[13466\]: Invalid user ty from 66.68.187.145 Apr 23 13:33:00 vlre-nyc-1 sshd\[13466\]: pam_unix\(sshd:a ...	2020-04-26 07:44:18
66.68.187.145	attackspambots	" "	2020-04-21 14:19:52
66.68.187.145	attackbots	Apr 15 15:15:27 game-panel sshd[22793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.145 Apr 15 15:15:29 game-panel sshd[22793]: Failed password for invalid user oem from 66.68.187.145 port 47454 ssh2 Apr 15 15:19:23 game-panel sshd[22962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.68.187.145	2020-04-15 23:21:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.68.187.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23823
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.68.187.140.			IN	A

;; AUTHORITY SECTION:
.			182	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082602 1800 900 604800 86400

;; Query time: 78 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 27 09:34:53 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

140.187.68.66.in-addr.arpa domain name pointer cpe-66-68-187-140.austin.res.rr.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.187.68.66.in-addr.arpa	name = cpe-66-68-187-140.austin.res.rr.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
51.79.54.234	attack	prod8 ...	2020-09-26 02:57:06
142.0.38.58	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 142.0.38.58 (samego.modestionsm.net): 5 in the last 3600 secs - Thu Aug 23 07:42:56 2018	2020-09-26 03:05:10
47.50.246.114	attackbots	2020-09-25T00:52:43.658829hostname sshd[72807]: Failed password for invalid user kiosk from 47.50.246.114 port 35442 ssh2 ...	2020-09-26 02:37:18
137.135.125.41	attack	"Unauthorized connection attempt on SSHD detected"	2020-09-26 02:48:49
49.235.217.169	attack	Sep 25 23:43:21 NG-HHDC-SVS-001 sshd[9709]: Invalid user zero from 49.235.217.169 ...	2020-09-26 02:38:56
51.116.182.194	attackbots	[f2b] sshd bruteforce, retries: 1	2020-09-26 02:47:02
74.120.14.64	attackbotsspam	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-26 02:40:21
49.89.196.167	attackbotsspam	Brute force blocker - service: proftpd1 - aantal: 82 - Fri Aug 24 12:50:15 2018	2020-09-26 03:00:34
104.131.60.112	attackbotsspam	Port 22 Scan, PTR: None	2020-09-26 02:41:47
115.42.127.133	attackspambots	TCP (SYN) 115.42.127.133:48628 -> port 18014, len 44	2020-09-26 02:43:08
209.85.216.65	attackbotsspam	NETFLIX FRAUD.	2020-09-26 02:39:27
196.52.43.92	attack	Fail2Ban Ban Triggered	2020-09-26 03:01:13
124.109.35.17	attackspam	lfd: (smtpauth) Failed SMTP AUTH login from 124.109.35.17 (mbl-109-35-17.dsl.net.pk): 5 in the last 3600 secs - Thu Aug 23 12:57:50 2018	2020-09-26 03:04:52
78.128.113.121	attackspambots	Sep 25 20:21:28 relay postfix/smtpd\[20520\]: warning: unknown\[78.128.113.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 25 20:21:46 relay postfix/smtpd\[17158\]: warning: unknown\[78.128.113.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 25 20:28:20 relay postfix/smtpd\[20515\]: warning: unknown\[78.128.113.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 25 20:28:38 relay postfix/smtpd\[20515\]: warning: unknown\[78.128.113.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 25 20:32:58 relay postfix/smtpd\[20516\]: warning: unknown\[78.128.113.121\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-26 02:35:01
68.148.133.128	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-26 02:58:45

最近上报的IP列表

216.196.16.58	35.241.75.144	47.192.158.107	185.195.237.31
138.197.12.179	122.99.86.224	124.109.51.179	208.153.65.135
121.230.211.112	90.84.189.254	181.177.246.91	236.127.237.131
124.200.190.22	45.232.244.5	159.203.32.17	149.115.16.10
141.91.182.193	106.75.189.109	165.227.95.163	183.88.232.183