66.220.149.112

基本信息:

城市(city): Prineville

省份(region): Oregon

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
66.220.149.116	attackbotsspam	[Tue Aug 04 16:24:30.790807 2020] [:error] [pid 14894:tid 140628092200704] [client 66.220.149.116:37524] [client 66.220.149.116] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/OneSignalSDKWorker.js"] [unique_id "XykpTj91R1FPAUbVCY2u6AACdgM"], referer: https://karangploso.jatim.bmkg.go.id/ ...	2020-08-04 21:18:01
66.220.149.118	attackspambots	[Tue Jul 21 20:00:49.531939 2020] [:error] [pid 27371:tid 140185811801856] [client 66.220.149.118:49158] [client 66.220.149.118] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian/Prakiraan_Probabilistik_Curah_Hujan_Dasarian/Prakiraan_Probabilistik_Curah_Hujan_Dasarian_Provinsi_Jawa_Timur/2020/07_Juli_2020/Das-II/Peta_Prakiraan-Dasarian-Probabilistik_Curah_Hujan_Dasarian-III-JULI_2020_Provinsi_Jawa_Timur_Upda ...	2020-07-21 22:43:40
66.220.149.2	attackbotsspam	[Sat Apr 11 19:12:34.543703 2020] [:error] [pid 7575:tid 139985730885376] [client 66.220.149.2:51290] [client 66.220.149.2] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/02-Analisis_Dasarian/Analisis_Monitoring_Hari_Tanpa_Hujan_Berturut-Turut_Dasarian/Analisis_Monitoring_Hari_Tanpa_Hujan_Berturut-Turut_Dasarian_Provinsi_Jawa_Timur/2020/04_April_2020/Das-I/Peta_Analisis_Dasarian_Monitoring_Hari_Tanpa_Hujan_Berturut-Turut_Update ...	2020-04-12 03:58:37
66.220.149.2	attack	php vulnerability probing	2020-04-09 15:25:42
66.220.149.43	attack	[Tue Mar 31 05:33:53.081131 2020] [:error] [pid 5763:tid 139799432206080] [client 66.220.149.43:49504] [client 66.220.149.43] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v1.js"] [unique_id "XoJz0U07RG1ngMpxToXy3gAAAAE"] ...	2020-03-31 07:18:36
66.220.149.6	attackbots	[Tue Mar 31 05:33:54.008670 2020] [:error] [pid 3070:tid 139799432206080] [client 66.220.149.6:54644] [client 66.220.149.6] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/total-v45.js"] [unique_id "XoJz0m7Sv2H0ZtKh3G0HfgAAAAE"] ...	2020-03-31 07:12:51
66.220.149.2	attackspambots	[Tue Mar 31 05:33:56.608295 2020] [:error] [pid 3020:tid 139799432206080] [client 66.220.149.2:33696] [client 66.220.149.2] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/swiper-v46.js"] [unique_id "XoJz1GnZvc7ospYZ3BELFAAAAAE"] ...	2020-03-31 07:10:48
66.220.149.15	attackbotsspam	[Sat Mar 21 05:06:54.238367 2020] [:error] [pid 15471:tid 140719603767040] [client 66.220.149.15:51164] [client 66.220.149.15] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman/555557941-prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman-di-jawa-timur-untuk-bulan-mei-2020-update-dari-analisis-bulan-februari-2020"] [unique_id "XnU@fnSgGZCQuiPkFx7dHAAAAAE"] ...	2020-03-21 09:02:55
66.220.149.29	attackspam	[Sat Mar 21 05:06:56.181533 2020] [:error] [pid 15471:tid 140719603767040] [client 66.220.149.29:60660] [client 66.220.149.29] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/IcoMoon.woff"] [unique_id "XnU@gHSgGZCQuiPkFx7dIAAAAAE"] ...	2020-03-21 09:00:59
66.220.149.27	attack	[Sat Mar 21 05:06:56.192841 2020] [:error] [pid 15461:tid 140719612159744] [client 66.220.149.27:39448] [client 66.220.149.27] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v1.js"] [unique_id "XnU@gBotaJdlQvWXwpYWqwAAAAE"] ...	2020-03-21 08:58:35
66.220.149.38	attackbotsspam	[Sat Mar 21 05:06:56.301285 2020] [:error] [pid 15461:tid 140719620552448] [client 66.220.149.38:61814] [client 66.220.149.38] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/system-v95.css"] [unique_id "XnU@gBotaJdlQvWXwpYWrAAAAAE"] ...	2020-03-21 08:57:02
66.220.149.22	attackbots	[Wed Feb 12 05:23:57.865880 2020] [:error] [pid 17173:tid 140476512638720] [client 66.220.149.22:40672] [client 66.220.149.22] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categories/555557850-prakiraan-cuaca-harian-tiap-3-jam-sekali-di-kabupaten-malang"] [unique_id "XkMpfRpeLICRfEyFYGnDvgAAADg"] ...	2020-02-12 11:03:09
66.220.149.36	attackspambots	[Wed Feb 12 05:23:57.874345 2020] [:error] [pid 17174:tid 140476426479360] [client 66.220.149.36:50900] [client 66.220.149.36] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categories/555557850-prakiraan-cuaca-harian-tiap-3-jam-sekali-di-kabupaten-malang"] [unique_id "XkMpfcX5geykIQSsu003vQAAAHE"] ...	2020-02-12 11:00:22
66.220.149.15	attackspambots	[Tue Feb 04 20:50:11.983466 2020] [:error] [pid 2034:tid 140558491895552] [client 66.220.149.15:40430] [client 66.220.149.15] ModSecurity: Access denied with code 403 (phase 2). Found 3 byte(s) in REQUEST_URI outside range: 32-36,38-126. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1304"] [id "920272"] [msg "Invalid character in request (outside of printable chars below ascii 127)"] [data "REQUEST_URI=/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika/2020/01_Januari_2020/Das-III/Analisis_Dinamika_Atmosfer\\xe2\\x80\\x93Laut_Dan_Prediksi_Curah_Hujan_Update_Dasarian_III_Januari_2020.jpg"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [tag "paranoia-level/3"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika/ ...	2020-02-05 01:39:46
66.220.149.28	attackbotsspam	[Tue Feb 04 07:07:33.501108 2020] [:error] [pid 18719:tid 139896723326720] [client 66.220.149.28:52886] [client 66.220.149.28] ModSecurity: Access denied with code 403 (phase 2). Found 3 byte(s) in REQUEST_URI outside range: 32-36,38-126. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1304"] [id "920272"] [msg "Invalid character in request (outside of printable chars below ascii 127)"] [data "REQUEST_URI=/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika/2020/01_Januari_2020/Das-III/Analisis_Dinamika_Atmosfer\\xe2\\x80\\x93Laut_Dan_Prediksi_Curah_Hujan_Update_Dasarian_III_Januari_2020.jpg"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/EVASION"] [tag "paranoia-level/3"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/02-Analisis_Dasarian/Dinamika ...	2020-02-04 08:23:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.220.149.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13458
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;66.220.149.112.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024122700 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 27 15:21:23 CST 2024
;; MSG SIZE  rcvd: 107

HOST信息:

112.149.220.66.in-addr.arpa domain name pointer fwdproxy-prn-112.fbsv.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.149.220.66.in-addr.arpa	name = fwdproxy-prn-112.fbsv.net.

Authoritative answers can be found from:

IP	类型	评论内容	时间
49.233.47.104	attackbots	Invalid user arthur from 49.233.47.104 port 42806	2020-10-02 05:20:29
188.0.192.176	attackspam	Port probing on unauthorized port 445	2020-10-02 05:25:12
189.112.42.197	attackbotsspam	Oct 1 23:06:35 [host] sshd[1438]: Invalid user da Oct 1 23:06:35 [host] sshd[1438]: pam_unix(sshd:a Oct 1 23:06:37 [host] sshd[1438]: Failed password	2020-10-02 05:35:33
134.73.154.173	attackbotsspam	$f2bV_matches	2020-10-02 05:18:39
64.227.61.176	attack	srv02 SSH BruteForce Attacks 22 ..	2020-10-02 05:16:45
103.44.253.18	attack	Invalid user oracle from 103.44.253.18 port 51010	2020-10-02 05:25:31
49.3.140.135	botsattack	Brute force attacker ...	2020-10-02 05:26:46
81.68.77.53	attackspambots	" "	2020-10-02 05:32:58
103.212.43.8	attackspambots	15 attempts against mh-modsecurity-ban on ice	2020-10-02 05:27:19
51.178.87.50	attack	2020-10-01T15:32:43.0283311495-001 sshd[11388]: Invalid user main from 51.178.87.50 port 45250 2020-10-01T15:32:44.9200871495-001 sshd[11388]: Failed password for invalid user main from 51.178.87.50 port 45250 ssh2 2020-10-01T15:39:30.9209331495-001 sshd[11739]: Invalid user student from 51.178.87.50 port 53218 2020-10-01T15:39:30.9239351495-001 sshd[11739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-66bbf513.vps.ovh.net 2020-10-01T15:39:30.9209331495-001 sshd[11739]: Invalid user student from 51.178.87.50 port 53218 2020-10-01T15:39:33.0188131495-001 sshd[11739]: Failed password for invalid user student from 51.178.87.50 port 53218 ssh2 ...	2020-10-02 05:12:53
222.186.42.155	attackspam	Oct 1 23:14:13 abendstille sshd\[5216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Oct 1 23:14:14 abendstille sshd\[5216\]: Failed password for root from 222.186.42.155 port 26082 ssh2 Oct 1 23:14:21 abendstille sshd\[5250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Oct 1 23:14:23 abendstille sshd\[5250\]: Failed password for root from 222.186.42.155 port 63115 ssh2 Oct 1 23:14:29 abendstille sshd\[5549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root ...	2020-10-02 05:24:07
154.126.107.132	attackbots	Unauthorized access to SSH at 30/Sep/2020:20:40:22 +0000.	2020-10-02 05:29:29
162.142.125.22	attackbots	47808/udp 110/tcp 23/tcp... [2020-09-01/10-01]226pkt,62pt.(tcp),8pt.(udp)	2020-10-02 05:32:39
199.195.254.38	attackbots	400 BAD REQUEST	2020-10-02 05:24:52
49.232.8.218	attackspambots	Oct 1 22:59:44 minden010 sshd[10799]: Failed password for mysql from 49.232.8.218 port 60964 ssh2 Oct 1 23:03:40 minden010 sshd[11789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.8.218 Oct 1 23:03:42 minden010 sshd[11789]: Failed password for invalid user webmaster from 49.232.8.218 port 37112 ssh2 ...	2020-10-02 05:23:31

最近上报的IP列表

223.206.214.89	223.206.12.60	46.3.240.108	118.140.159.5
168.235.0.89	250.48.176.143	251.184.221.252	18.129.174.29
196.78.218.22	129.250.10.252	227.131.167.130	30.160.47.252
129.3.155.158	202.47.103.171	6.219.253.233	227.48.101.239
124.81.213.209	103.142.86.21	147.215.107.155	37.57.116.226