66.140.170.253

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Sunflower Broadcasting Inc dba KWCH TV

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-11 03:21:56,749 INFO [amun_request_handler] PortScan Detected on Port: 445 (66.140.170.253)	2019-07-11 17:14:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.140.170.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7138
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.140.170.253.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071002 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 11 17:14:03 CST 2019
;; MSG SIZE  rcvd: 118

Host info

253.170.140.66.in-addr.arpa is an alias for 253.128/25.170.140.66.in-addr.arpa.
253.128/25.170.140.66.in-addr.arpa domain name pointer 66-140-170-253.kwch.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
253.170.140.66.in-addr.arpa	canonical name = 253.128/25.170.140.66.in-addr.arpa.
253.128/25.170.140.66.in-addr.arpa	name = 66-140-170-253.kwch.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
197.1.168.207	attackspam	Email rejected due to spam filtering	2020-03-09 23:18:58
131.196.155.151	attackbots	Email rejected due to spam filtering	2020-03-09 23:22:43
216.58.213.90	attack	bouncing off USA/ISP/part of normal route/d3m6sept6cnil5.cloudfront.net -99.86.113.210/there is USA involvement also/likely mobile addicted snowflakes/next rain drops -AMAZING???/GSTATIC.COM FETISH WITH CHILDRENS BUSES PICTURES/USA KIDS buses/worrying pedo fonts.gstatic.com/ hackers tend to have mental health issues	2020-03-09 23:44:06
190.210.225.120	attack	2020-03-09 13:29:25 dovecot_login authenticator failed for \(windows\) \[190.210.225.120\]: 535 Incorrect authentication data \(set_id=general\) 2020-03-09 13:29:26 dovecot_login authenticator failed for \(windows\) \[190.210.225.120\]: 535 Incorrect authentication data \(set_id=general\) 2020-03-09 13:29:26 dovecot_login authenticator failed for \(windows\) \[190.210.225.120\]: 535 Incorrect authentication data \(set_id=general\) 2020-03-09 13:29:32 dovecot_login authenticator failed for \(windows\) \[190.210.225.120\]: 535 Incorrect authentication data \(set_id=general\) 2020-03-09 13:29:34 dovecot_login authenticator failed for \(windows\) \[190.210.225.120\]: 535 Incorrect authentication data \(set_id=general\)	2020-03-09 23:22:24
197.214.196.115	attackspambots	Email rejected due to spam filtering	2020-03-09 23:32:32
223.9.42.133	attackbotsspam	Honeypot Attack, Port 23	2020-03-09 23:45:42
222.186.180.147	attackbotsspam	Mar 9 16:05:42 eventyay sshd[9833]: Failed password for root from 222.186.180.147 port 19444 ssh2 Mar 9 16:05:56 eventyay sshd[9833]: error: maximum authentication attempts exceeded for root from 222.186.180.147 port 19444 ssh2 [preauth] Mar 9 16:06:03 eventyay sshd[9836]: Failed password for root from 222.186.180.147 port 28916 ssh2 ...	2020-03-09 23:15:30
195.54.166.249	attackbotsspam	Mar 9 16:03:39 debian-2gb-nbg1-2 kernel: \[6025370.605926\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.166.249 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=53724 PROTO=TCP SPT=58557 DPT=22396 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-09 23:20:04
24.2.205.235	attackbotsspam	Mar 9 13:29:36 amit sshd\[25801\]: Invalid user oracle from 24.2.205.235 Mar 9 13:29:36 amit sshd\[25801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.2.205.235 Mar 9 13:29:37 amit sshd\[25801\]: Failed password for invalid user oracle from 24.2.205.235 port 39834 ssh2 ...	2020-03-09 23:18:40
31.40.210.38	attack	B: Magento admin pass test (wrong country)	2020-03-09 23:34:46
167.172.245.109	attack	Mar 9 16:42:12 lukav-desktop sshd\[28036\]: Invalid user suporte from 167.172.245.109 Mar 9 16:42:12 lukav-desktop sshd\[28036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.245.109 Mar 9 16:42:14 lukav-desktop sshd\[28036\]: Failed password for invalid user suporte from 167.172.245.109 port 36984 ssh2 Mar 9 16:46:46 lukav-desktop sshd\[28096\]: Invalid user mattermos from 167.172.245.109 Mar 9 16:46:46 lukav-desktop sshd\[28096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.245.109	2020-03-09 23:23:04
122.246.144.137	attackbots	Automatic report - Port Scan Attack	2020-03-09 23:04:31
106.54.20.26	attack	Mar 9 14:32:06 MK-Soft-Root1 sshd[24013]: Failed password for root from 106.54.20.26 port 54206 ssh2 ...	2020-03-09 23:25:07
149.28.8.137	attack	CMS (WordPress or Joomla) login attempt.	2020-03-09 23:17:15
87.236.212.51	attack	scans 2 times in preceeding hours on the ports (in chronological order) 3388 3387	2020-03-09 23:24:42

Recently Reported IPs

37.193.66.161	180.182.245.132	117.3.0.248	66.96.204.156
14.231.175.94	87.118.38.242	122.248.111.61	202.78.69.122
162.62.20.74	109.111.2.12	71.6.233.84	31.135.49.153
109.186.171.129	84.80.157.102	60.220.187.108	42.113.173.155
119.40.103.142	110.37.224.243	96.53.39.18	106.91.189.71