66.102.6.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Google LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 5437e31cf9dac560 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: US \| CF_IPClass: searchEngine \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 4.2.1; en-us; Nexus 5 Build/JOP40D) AppleWebKit/535.19 (KHTML, like Gecko; googleweblight) Chrome/38.0.1025.166 Mobile Safari/535.19 \| CF_DC: ORD. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:02:50

类型

评论内容

时间

attackbotsspam

The IP has triggered Cloudflare WAF. CF-Ray: 5437e31cf9dac560 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: US | CF_IPClass: searchEngine | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (Linux; Android 4.2.1; en-us; Nexus 5 Build/JOP40D) AppleWebKit/535.19 (KHTML, like Gecko; googleweblight) Chrome/38.0.1025.166 Mobile Safari/535.19 | CF_DC: ORD. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 02:02:50

相同子网IP讨论:

IP	类型	评论内容	时间
66.102.6.10	attackbotsspam	[Mon Apr 27 18:48:56.427777 2020] [:error] [pid 5592:tid 140574997767936] [client 66.102.6.10:63881] [client 66.102.6.10] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/2787-kalender-tanam-katam-terpadu-pulau-sulawesi/kalender-tanam-katam-terpadu-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-kabupaten-mamasa-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-ke ...	2020-04-28 03:48:25
66.102.6.6	attackbotsspam	[Mon Apr 27 10:53:12.561278 2020] [:error] [pid 11638:tid 139751813748480] [client 66.102.6.6:51847] [client 66.102.6.6] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/analisis-klimatologi"] [unique_id "XqZXKNsUVPp--jG8n2jRgQAAALU"] ...	2020-04-27 16:59:31
66.102.6.93	attackspambots	This is supposedly my IP. I've been hacked for 4years. I'm in Canada	2020-03-28 18:14:53
66.102.6.34	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5413884e7a2d9d83 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: US \| CF_IPClass: searchEngine \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 4.2.1; en-us; Nexus 5 Build/JOP40D) AppleWebKit/535.19 (KHTML, like Gecko; googleweblight) Chrome/38.0.1025.166 Mobile Safari/535.19 \| CF_DC: ORD. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:04:47
66.102.6.185	attackspambots	Automatic report - Banned IP Access	2019-07-30 07:23:10
66.102.6.14	bots	也是谷歌爬虫不是真实流量 66.102.6.14 - - [29/Mar/2019:08:22:44 +0800] "GET / HTTP/1.1" 200 3237 "http://www.google.com/search" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko; Google Web Preview) Chrome/41.0.2272.118 Safari/537.36"	2019-03-29 09:19:24
66.102.6.142	bots	谷歌icon爬虫 66.102.6.142 - - [29/Mar/2019:09:01:33 +0800] "GET / HTTP/1.1" 200 29010 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.75 Safari/537.36 Google Favicon"	2019-03-29 09:18:49

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.102.6.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31951
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;66.102.6.55.			IN	A

;; AUTHORITY SECTION:
.			532	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 210 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 02:02:46 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

55.6.102.66.in-addr.arpa domain name pointer google-proxy-66-102-6-55.google.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
55.6.102.66.in-addr.arpa	name = google-proxy-66-102-6-55.google.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.20.188.9	attack	Host Scan	2019-12-20 18:36:29
113.161.34.79	attackbots	Dec 20 10:43:14 MK-Soft-VM7 sshd[11775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.34.79 Dec 20 10:43:16 MK-Soft-VM7 sshd[11775]: Failed password for invalid user admin from 113.161.34.79 port 54032 ssh2 ...	2019-12-20 18:26:26
118.126.112.72	attack	Dec 20 07:39:32 ns3042688 sshd\[25777\]: Invalid user garron from 118.126.112.72 Dec 20 07:39:32 ns3042688 sshd\[25777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.112.72 Dec 20 07:39:34 ns3042688 sshd\[25777\]: Failed password for invalid user garron from 118.126.112.72 port 34918 ssh2 Dec 20 07:46:20 ns3042688 sshd\[29318\]: Invalid user policeauctions from 118.126.112.72 Dec 20 07:46:20 ns3042688 sshd\[29318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.112.72 ...	2019-12-20 18:25:17
83.103.98.211	attackspambots	Dec 19 23:56:52 hanapaa sshd\[4960\]: Invalid user webmaster from 83.103.98.211 Dec 19 23:56:52 hanapaa sshd\[4960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83-103-98-211.ip.fastwebnet.it Dec 19 23:56:54 hanapaa sshd\[4960\]: Failed password for invalid user webmaster from 83.103.98.211 port 35329 ssh2 Dec 20 00:02:22 hanapaa sshd\[5492\]: Invalid user vandusen from 83.103.98.211 Dec 20 00:02:22 hanapaa sshd\[5492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83-103-98-211.ip.fastwebnet.it	2019-12-20 18:41:49
141.98.81.38	attack	Dec 20 09:57:50 hell sshd[22586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.38 Dec 20 09:57:52 hell sshd[22586]: Failed password for invalid user admin from 141.98.81.38 port 11162 ssh2 Dec 20 09:57:52 hell sshd[22596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.38 ...	2019-12-20 18:47:26
49.235.219.96	attack	Dec 20 10:11:54 marvibiene sshd[18757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.219.96 user=www-data Dec 20 10:11:56 marvibiene sshd[18757]: Failed password for www-data from 49.235.219.96 port 38094 ssh2 Dec 20 10:26:03 marvibiene sshd[18882]: Invalid user ivar from 49.235.219.96 port 45198 ...	2019-12-20 18:34:42
1.55.100.187	attack	1576823211 - 12/20/2019 07:26:51 Host: 1.55.100.187/1.55.100.187 Port: 445 TCP Blocked	2019-12-20 18:31:33
45.136.108.68	attack	RDP over non-standard port attempt	2019-12-20 18:29:23
77.247.110.58	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-20 18:42:11
87.248.100.137	attack	TCP Port Scanning	2019-12-20 18:44:51
88.214.26.102	attackbotsspam	12/20/2019-10:53:40.054652 88.214.26.102 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 96	2019-12-20 18:29:09
165.231.178.18	attack	C1,WP GET /nelson/wp-login.php	2019-12-20 18:23:33
222.186.180.6	attackbots	2019-12-20T11:15:16.040615scmdmz1 sshd[8758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root 2019-12-20T11:15:17.358235scmdmz1 sshd[8758]: Failed password for root from 222.186.180.6 port 65116 ssh2 2019-12-20T11:15:20.514218scmdmz1 sshd[8758]: Failed password for root from 222.186.180.6 port 65116 ssh2 2019-12-20T11:15:16.040615scmdmz1 sshd[8758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root 2019-12-20T11:15:17.358235scmdmz1 sshd[8758]: Failed password for root from 222.186.180.6 port 65116 ssh2 2019-12-20T11:15:20.514218scmdmz1 sshd[8758]: Failed password for root from 222.186.180.6 port 65116 ssh2 2019-12-20T11:15:16.040615scmdmz1 sshd[8758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root 2019-12-20T11:15:17.358235scmdmz1 sshd[8758]: Failed password for root from 222.186.180.6 port 65116 ssh2 2019-12-20T11:15:	2019-12-20 18:21:47
51.77.220.183	attack	Invalid user test from 51.77.220.183 port 38558	2019-12-20 18:26:06
89.46.238.133	attack	2019-12-20 00:26:41 H=(tigertuna.com) [89.46.238.133]:36766 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/89.46.238.133) 2019-12-20 00:26:41 H=(tigertuna.com) [89.46.238.133]:36766 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/89.46.238.133) 2019-12-20 00:26:42 H=(tigertuna.com) [89.46.238.133]:36766 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-12-20 18:36:44

最近上报的IP列表

168.61.185.32	182.245.41.66	182.148.201.188	182.138.162.203
182.46.142.170	173.244.36.40	171.116.46.221	171.34.178.157
124.235.138.177	124.235.138.128	124.88.113.104	123.191.132.148
122.96.130.46	120.33.34.112	119.118.24.84	117.136.72.150
152.128.193.200	116.249.91.253	105.19.213.208	115.198.204.137