66.249.68.31 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
66.249.68.30	attackspam	404 NOT FOUND	2020-09-27 02:02:20
66.249.68.30	attack	404 NOT FOUND	2020-09-26 17:56:37
66.249.68.52	attackspam	[Tue Aug 25 03:14:51.658211 2020] [:error] [pid 26844:tid 139693576779520] [client 66.249.68.52:62139] [client 66.249.68.52] ModSecurity: Access denied with code 403 (phase 2). Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){6})" at ARGS:id. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1526"] [id "942431"] [msg "Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (6)"] [data "Matched Data: :analisis-dinamika-atmosfer-dan-laut- found within ARGS:id: 656:analisis-dinamika-atmosfer-dan-laut-dasarian-i-agustus-2017"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS"] [tag "OWASP_CRS/WEB ...	2020-08-25 06:22:38
66.249.68.50	attack	Unauthorized connection attempt detected, IP banned.	2020-07-05 01:30:33
66.249.68.26	attack	MYH,DEF GET /_adminer/adminer.php	2020-06-24 14:04:37
66.249.68.16	attackbots	$f2bV_matches	2020-06-04 05:57:43
66.249.68.18	attackspambots	$f2bV_matches	2020-05-31 16:33:19
66.249.68.28	attack	MYH,DEF GET /adminer123.php	2020-03-03 15:44:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 66.249.68.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;66.249.68.31.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025030201 1800 900 604800 86400

;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 03 05:54:08 CST 2025
;; MSG SIZE  rcvd: 105

Host info

31.68.249.66.in-addr.arpa domain name pointer crawl-66-249-68-31.googlebot.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
31.68.249.66.in-addr.arpa	name = crawl-66-249-68-31.googlebot.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.184.85.114	attackspam	Jan 1 23:31:26 plesk sshd[15429]: Address 179.184.85.114 maps to abatedouro.static.vivo.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jan 1 23:31:26 plesk sshd[15429]: Invalid user pulse from 179.184.85.114 Jan 1 23:31:26 plesk sshd[15429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.85.114 Jan 1 23:31:28 plesk sshd[15429]: Failed password for invalid user pulse from 179.184.85.114 port 40422 ssh2 Jan 1 23:31:28 plesk sshd[15429]: Received disconnect from 179.184.85.114: 11: Bye Bye [preauth] Jan 1 23:44:02 plesk sshd[16045]: Address 179.184.85.114 maps to abatedouro.static.vivo.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jan 1 23:44:02 plesk sshd[16045]: Invalid user useruser from 179.184.85.114 Jan 1 23:44:02 plesk sshd[16045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.85.114 Jan 1 23:4........ -------------------------------	2020-01-04 01:31:38
148.70.212.162	attackspambots	Jan 3 06:48:35 web9 sshd\[24815\]: Invalid user splunk from 148.70.212.162 Jan 3 06:48:35 web9 sshd\[24815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.212.162 Jan 3 06:48:36 web9 sshd\[24815\]: Failed password for invalid user splunk from 148.70.212.162 port 40340 ssh2 Jan 3 06:53:25 web9 sshd\[25540\]: Invalid user postgres from 148.70.212.162 Jan 3 06:53:25 web9 sshd\[25540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.212.162	2020-01-04 01:21:19
87.6.77.117	attackbotsspam	Lines containing failures of 87.6.77.117 Jan 3 14:00:31 shared03 sshd[13671]: Invalid user operator from 87.6.77.117 port 45318 Jan 3 14:00:32 shared03 sshd[13671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.6.77.117 Jan 3 14:00:33 shared03 sshd[13671]: Failed password for invalid user operator from 87.6.77.117 port 45318 ssh2 Jan 3 14:00:33 shared03 sshd[13671]: Connection closed by invalid user operator 87.6.77.117 port 45318 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=87.6.77.117	2020-01-04 01:44:31
213.217.5.23	attack	SSH/22 MH Probe, BF, Hack -	2020-01-04 01:29:23
91.232.12.86	attackbots	Jan 3 14:49:51 srv01 sshd[27462]: Invalid user phpmy from 91.232.12.86 port 18771 Jan 3 14:49:51 srv01 sshd[27462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.232.12.86 Jan 3 14:49:51 srv01 sshd[27462]: Invalid user phpmy from 91.232.12.86 port 18771 Jan 3 14:49:53 srv01 sshd[27462]: Failed password for invalid user phpmy from 91.232.12.86 port 18771 ssh2 Jan 3 14:51:59 srv01 sshd[27663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.232.12.86 user=sshd Jan 3 14:52:01 srv01 sshd[27663]: Failed password for sshd from 91.232.12.86 port 54483 ssh2 ...	2020-01-04 01:28:34
210.212.194.113	attackbots	Jan 3 17:20:21 ns381471 sshd[13730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.212.194.113 Jan 3 17:20:23 ns381471 sshd[13730]: Failed password for invalid user te from 210.212.194.113 port 33312 ssh2	2020-01-04 01:59:38
74.82.47.28	attackspam	Fail2Ban Ban Triggered	2020-01-04 01:17:18
13.85.68.8	attackbots	$f2bV_matches	2020-01-04 01:40:32
49.207.139.153	attack	Unauthorized connection attempt from IP address 49.207.139.153 on Port 445(SMB)	2020-01-04 01:59:05
46.38.144.146	attackbots	Jan 3 18:16:58 relay postfix/smtpd\[7549\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 18:17:20 relay postfix/smtpd\[29818\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 18:17:59 relay postfix/smtpd\[7552\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 18:18:19 relay postfix/smtpd\[28316\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 18:18:35 relay postfix/smtpd\[29818\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-01-04 01:23:04
94.158.89.194	attack	port scan and connect, tcp 23 (telnet)	2020-01-04 01:51:26
106.12.78.161	attackspambots	Automatic report - Banned IP Access	2020-01-04 01:34:24
14.228.16.82	attackbots	$f2bV_matches	2020-01-04 01:28:51
62.210.116.103	attackbotsspam	03.01.2020 16:07:12 Connection to port 137 blocked by firewall	2020-01-04 01:43:29
195.128.100.65	attack	SSH/22 MH Probe, BF, Hack -	2020-01-04 01:34:55

Recently Reported IPs

45.76.36.41	2.98.50.210	230.155.84.101	241.105.187.63
100.229.200.92	218.68.154.5	243.27.142.213	30.56.255.24
97.254.117.16	61.39.196.184	32.95.181.135	69.197.37.156
241.140.183.240	156.31.38.201	20.248.187.150	210.106.62.162
188.25.90.64	186.159.211.20	186.252.32.242	201.220.221.105