69.12.66.196 - IPInfo

基本信息:

城市(city): Los Angeles

省份(region): California

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): QuadraNet Enterprises LLC

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
69.12.66.202	attackspambots	Wordpress XMLRPC attack	2020-04-23 15:28:02

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 69.12.66.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26843
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;69.12.66.196.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033102 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 01 20:17:32 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

196.66.12.69.in-addr.arpa domain name pointer 69.12.66.196.static.quadranet.com.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
196.66.12.69.in-addr.arpa	name = 69.12.66.196.static.quadranet.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
159.65.174.81	attackbotsspam	Aug 16 00:23:21 eventyay sshd[29952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.174.81 Aug 16 00:23:23 eventyay sshd[29952]: Failed password for invalid user qhsupport from 159.65.174.81 port 38810 ssh2 Aug 16 00:30:16 eventyay sshd[31770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.174.81 ...	2019-08-16 06:43:45
43.242.210.44	attackspam	23/tcp [2019-08-15]1pkt	2019-08-16 06:18:26
167.71.191.53	attackbotsspam	Aug 15 12:17:34 sachi sshd\[21349\]: Invalid user db2fenc1 from 167.71.191.53 Aug 15 12:17:34 sachi sshd\[21349\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.191.53 Aug 15 12:17:36 sachi sshd\[21349\]: Failed password for invalid user db2fenc1 from 167.71.191.53 port 43026 ssh2 Aug 15 12:22:00 sachi sshd\[21775\]: Invalid user ftpuser from 167.71.191.53 Aug 15 12:22:00 sachi sshd\[21775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.191.53	2019-08-16 06:27:50
139.215.217.181	attack	Aug 15 18:10:17 xtremcommunity sshd\[8312\]: Invalid user 123 from 139.215.217.181 port 47911 Aug 15 18:10:17 xtremcommunity sshd\[8312\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.217.181 Aug 15 18:10:19 xtremcommunity sshd\[8312\]: Failed password for invalid user 123 from 139.215.217.181 port 47911 ssh2 Aug 15 18:13:56 xtremcommunity sshd\[8466\]: Invalid user 123456 from 139.215.217.181 port 35307 Aug 15 18:13:56 xtremcommunity sshd\[8466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.215.217.181 ...	2019-08-16 06:18:53
167.99.87.117	attackspam	Aug 15 12:14:55 php1 sshd\[32362\]: Invalid user bow from 167.99.87.117 Aug 15 12:14:55 php1 sshd\[32362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.87.117 Aug 15 12:14:57 php1 sshd\[32362\]: Failed password for invalid user bow from 167.99.87.117 port 39270 ssh2 Aug 15 12:19:16 php1 sshd\[728\]: Invalid user training from 167.99.87.117 Aug 15 12:19:16 php1 sshd\[728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.87.117	2019-08-16 06:27:07
122.116.233.75	attackbots	23/tcp 23/tcp 23/tcp [2019-08-15]3pkt	2019-08-16 06:42:38
152.136.116.121	attack	Aug 15 17:17:49 aat-srv002 sshd[29383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.116.121 Aug 15 17:17:51 aat-srv002 sshd[29383]: Failed password for invalid user chat from 152.136.116.121 port 35056 ssh2 Aug 15 17:22:35 aat-srv002 sshd[29535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.116.121 Aug 15 17:22:36 aat-srv002 sshd[29535]: Failed password for invalid user oracle from 152.136.116.121 port 54558 ssh2 ...	2019-08-16 06:43:05
202.29.53.131	attack	Aug 15 12:19:08 php1 sshd\[6670\]: Invalid user castro from 202.29.53.131 Aug 15 12:19:08 php1 sshd\[6670\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.53.131 Aug 15 12:19:10 php1 sshd\[6670\]: Failed password for invalid user castro from 202.29.53.131 port 56576 ssh2 Aug 15 12:24:28 php1 sshd\[7305\]: Invalid user clinic from 202.29.53.131 Aug 15 12:24:28 php1 sshd\[7305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.53.131	2019-08-16 06:31:48
60.165.46.136	attack	445/tcp [2019-08-15]1pkt	2019-08-16 06:20:13
222.139.84.176	attack	Aug 15 22:09:27 online-web-vs-1 sshd[5713]: reveeclipse mapping checking getaddrinfo for hn.kd.ny.adsl [222.139.84.176] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 15 22:09:27 online-web-vs-1 sshd[5713]: Invalid user service from 222.139.84.176 Aug 15 22:09:27 online-web-vs-1 sshd[5713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.139.84.176 Aug 15 22:09:29 online-web-vs-1 sshd[5713]: Failed password for invalid user service from 222.139.84.176 port 54501 ssh2 Aug 15 22:09:31 online-web-vs-1 sshd[5713]: Failed password for invalid user service from 222.139.84.176 port 54501 ssh2 Aug 15 22:09:34 online-web-vs-1 sshd[5713]: Failed password for invalid user service from 222.139.84.176 port 54501 ssh2 Aug 15 22:09:36 online-web-vs-1 sshd[5713]: Failed password for invalid user service from 222.139.84.176 port 54501 ssh2 Aug 15 22:09:39 online-web-vs-1 sshd[5713]: Failed password for invalid user service from 222.139.84.176 port 5........ -------------------------------	2019-08-16 06:30:53
103.73.100.150	attackbots	Aug 15 20:17:24 mxgate1 postfix/postscreen[12543]: CONNECT from [103.73.100.150]:58643 to [176.31.12.44]:25 Aug 15 20:17:24 mxgate1 postfix/dnsblog[12682]: addr 103.73.100.150 listed by domain zen.spamhaus.org as 127.0.0.3 Aug 15 20:17:24 mxgate1 postfix/dnsblog[12682]: addr 103.73.100.150 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 15 20:17:24 mxgate1 postfix/dnsblog[12681]: addr 103.73.100.150 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 15 20:17:24 mxgate1 postfix/dnsblog[12680]: addr 103.73.100.150 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Aug 15 20:17:24 mxgate1 postfix/postscreen[12543]: PREGREET 25 after 0.46 from [103.73.100.150]:58643: EHLO 1stcaphostnamealbank.com Aug 15 20:17:24 mxgate1 postfix/postscreen[12543]: DNSBL rank 4 for [103.73.100.150]:58643 Aug x@x Aug 15 20:17:26 mxgate1 postfix/postscreen[12543]: HANGUP after 1.1 from [103.73.100.150]:58643 in tests after SMTP handshake Aug 15 20:17:26 mxgate1 postfix/postscreen[12543]: DISC........ -------------------------------	2019-08-16 06:04:33
82.165.83.56	attackbots	[ThuAug1522:19:58.7832782019][:error][pid28172:tid47981847934720][client82.165.83.56:57966][client82.165.83.56]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$\^w3c-\\|systran\\\\\\\\$\)"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"205"][id"330039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$libwww-perl$.Disablethisruleifyouuselibwww-perl."][severity"CRITICAL"][hostname"www.callegherie21.it"][uri"/wordpress/wp-admin/setup-config.php"][unique_id"XVW@btPyyQofgLd3PUJ8igAAAMc"][ThuAug1522:19:59.1169732019][:error][pid8908:tid47981839529728][client82.165.83.56:58006][client82.165.83.56]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$\^w3c-\\|systran\\\\\\\\$\)"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"205"][id"330039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(libwww-per	2019-08-16 06:05:23
177.124.89.14	attackspam	Automated report - ssh fail2ban: Aug 15 23:54:39 wrong password, user=server, port=56075, ssh2 Aug 16 00:30:44 wrong password, user=root, port=58238, ssh2 Aug 16 00:36:26 authentication failure	2019-08-16 06:40:27
128.199.118.81	attack	$f2bV_matches	2019-08-16 06:13:48
1.55.102.87	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-08-16 06:22:43

最近上报的IP列表

186.0.181.253	195.24.154.3	201.116.19.37	95.130.125.28
184.22.49.118	91.217.5.108	45.55.157.147	104.203.108.241
77.77.122.56	195.222.160.186	144.217.178.82	73.162.65.136
114.99.14.111	60.167.118.165	167.99.42.182	139.162.99.243
185.244.130.75	52.94.224.103	140.213.15.214	117.139.60.211