城市(city): unknown
省份(region): unknown
国家(country): United States of America (the)
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 66.249.68.30 | attackspam | 404 NOT FOUND |
2020-09-27 02:02:20 |
| 66.249.68.30 | attack | 404 NOT FOUND |
2020-09-26 17:56:37 |
| 66.249.68.52 | attackspam | [Tue Aug 25 03:14:51.658211 2020] [:error] [pid 26844:tid 139693576779520] [client 66.249.68.52:62139] [client 66.249.68.52] ModSecurity: Access denied with code 403 (phase 2). Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\*\\\\(\\\\)\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\|:;\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\*\\\\(\\\\)\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\|:;\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){6})" at ARGS:id. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1526"] [id "942431"] [msg "Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (6)"] [data "Matched Data: :analisis-dinamika-atmosfer-dan-laut- found within ARGS:id: 656:analisis-dinamika-atmosfer-dan-laut-dasarian-i-agustus-2017"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS"] [tag "OWASP_CRS/WEB
... |
2020-08-25 06:22:38 |
| 66.249.68.50 | attack | Unauthorized connection attempt detected, IP banned. |
2020-07-05 01:30:33 |
| 66.249.68.26 | attack | MYH,DEF GET /_adminer/adminer.php |
2020-06-24 14:04:37 |
| 66.249.68.16 | attackbots | $f2bV_matches |
2020-06-04 05:57:43 |
| 66.249.68.18 | attackspambots | $f2bV_matches |
2020-05-31 16:33:19 |
| 66.249.68.28 | attack | MYH,DEF GET /adminer123.php |
2020-03-03 15:44:47 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.249.68.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51120
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;66.249.68.12. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025012301 1800 900 604800 86400
;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 24 06:21:11 CST 2025
;; MSG SIZE rcvd: 10512.68.249.66.in-addr.arpa domain name pointer crawl-66-249-68-12.googlebot.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
12.68.249.66.in-addr.arpa name = crawl-66-249-68-12.googlebot.com.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 213.234.26.179 | attack | /var/log/secure-20190901:Aug 27 05:28:11 XXX sshd[6450]: Invalid user vivian from 213.234.26.179 port 59184 |
2019-09-11 22:49:40 |
| 113.164.244.98 | attackspambots | 2019-09-11T13:12:57.360588abusebot-7.cloudsearch.cf sshd\[15258\]: Invalid user sammy from 113.164.244.98 port 44436 |
2019-09-11 22:38:00 |
| 94.191.58.157 | attackspambots | Sep 11 04:29:16 php1 sshd\[6334\]: Invalid user ftpuser2 from 94.191.58.157 Sep 11 04:29:16 php1 sshd\[6334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.58.157 Sep 11 04:29:19 php1 sshd\[6334\]: Failed password for invalid user ftpuser2 from 94.191.58.157 port 48350 ssh2 Sep 11 04:38:50 php1 sshd\[7755\]: Invalid user 1q2w3e4r from 94.191.58.157 Sep 11 04:38:50 php1 sshd\[7755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.58.157 |
2019-09-11 22:41:38 |
| 186.213.225.107 | attackspam | Sep 10 07:03:41 dax sshd[683]: warning: /etc/hosts.deny, line 15136: can't verify hostname: getaddrinfo(186.213.225.107.static.host.gvt.net.br, AF_INET) failed Sep 10 07:03:42 dax sshd[683]: reveeclipse mapping checking getaddrinfo for 186.213.225.107.static.host.gvt.net.br [186.213.225.107] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 10 07:03:42 dax sshd[683]: Invalid user mcserver from 186.213.225.107 Sep 10 07:03:42 dax sshd[683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.213.225.107 Sep 10 07:03:45 dax sshd[683]: Failed password for invalid user mcserver from 186.213.225.107 port 51752 ssh2 Sep 10 07:03:45 dax sshd[683]: Received disconnect from 186.213.225.107: 11: Bye Bye [preauth] Sep 10 07:22:48 dax sshd[3441]: warning: /etc/hosts.deny, line 15136: can't verify hostname: getaddrinfo(186.213.225.107.static.host.gvt.net.br, AF_INET) failed Sep 10 07:22:49 dax sshd[3441]: reveeclipse mapping checking getaddrinfo for 18........ ------------------------------- |
2019-09-11 22:44:19 |
| 51.75.65.209 | attackbots | Sep 11 11:33:48 SilenceServices sshd[22430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.65.209 Sep 11 11:33:50 SilenceServices sshd[22430]: Failed password for invalid user bkpuser from 51.75.65.209 port 41632 ssh2 Sep 11 11:39:11 SilenceServices sshd[24504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.65.209 |
2019-09-11 22:34:13 |
| 106.12.27.205 | attackspambots | Sep 11 10:20:58 ny01 sshd[5988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.27.205 Sep 11 10:20:59 ny01 sshd[5988]: Failed password for invalid user nagiospass from 106.12.27.205 port 35628 ssh2 Sep 11 10:26:50 ny01 sshd[7362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.27.205 |
2019-09-11 22:26:53 |
| 51.77.150.235 | attackbots | Sep 11 11:42:40 SilenceServices sshd[25816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.150.235 Sep 11 11:42:42 SilenceServices sshd[25816]: Failed password for invalid user !QAZ1qaz from 51.77.150.235 port 58743 ssh2 Sep 11 11:48:28 SilenceServices sshd[27941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.150.235 |
2019-09-11 23:18:36 |
| 78.140.221.186 | attack | *** Phishing website that camouflaged Amazon.com. http://resetting-account-recovery-support-amazn.com/ |
2019-09-11 22:17:59 |
| 187.207.201.194 | attack | Sep 11 17:27:08 www2 sshd\[28743\]: Invalid user postgres from 187.207.201.194Sep 11 17:27:10 www2 sshd\[28743\]: Failed password for invalid user postgres from 187.207.201.194 port 8475 ssh2Sep 11 17:34:08 www2 sshd\[29388\]: Invalid user git from 187.207.201.194 ... |
2019-09-11 22:46:29 |
| 185.232.67.6 | attackspambots | Sep 11 15:57:10 lenivpn01 kernel: \[443032.761054\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.67.6 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=55733 DF PROTO=TCP SPT=48247 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 11 15:57:11 lenivpn01 kernel: \[443033.759394\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.67.6 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=55734 DF PROTO=TCP SPT=48247 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Sep 11 15:57:13 lenivpn01 kernel: \[443035.763965\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.67.6 DST=195.201.121.15 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=55735 DF PROTO=TCP SPT=48247 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 ... |
2019-09-11 22:29:09 |
| 110.5.238.112 | attack | Port scan attempt detected by AWS-CCS, CTS, India |
2019-09-11 23:06:40 |
| 185.173.35.5 | attackspam | [portscan] tcp/139 [NetBIOS Session Service] *(RWIN=65535)(09111103) |
2019-09-11 22:22:22 |
| 52.80.96.153 | attackspambots | Sep 11 14:25:32 localhost sshd\[117956\]: Invalid user www-data123 from 52.80.96.153 port 46470 Sep 11 14:25:32 localhost sshd\[117956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.80.96.153 Sep 11 14:25:35 localhost sshd\[117956\]: Failed password for invalid user www-data123 from 52.80.96.153 port 46470 ssh2 Sep 11 14:34:17 localhost sshd\[118235\]: Invalid user p@ssw0rd from 52.80.96.153 port 49874 Sep 11 14:34:17 localhost sshd\[118235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.80.96.153 ... |
2019-09-11 22:53:26 |
| 183.164.247.81 | attackbotsspam | st-nyc1-01 recorded 3 login violations from 183.164.247.81 and was blocked at 2019-09-11 13:02:57. 183.164.247.81 has been blocked on 0 previous occasions. 183.164.247.81's first attempt was recorded at 2019-09-11 13:02:57 |
2019-09-11 23:23:01 |
| 187.8.159.140 | attackspam | Sep 11 03:42:58 ny01 sshd[24181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.8.159.140 Sep 11 03:42:59 ny01 sshd[24181]: Failed password for invalid user 12 from 187.8.159.140 port 33509 ssh2 Sep 11 03:50:46 ny01 sshd[25621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.8.159.140 |
2019-09-11 22:47:06 |