69.94.140.116 - IPInfo

基本信息:

城市(city): Sacramento

省份(region): California

国家(country): United States

运营商(isp): Lanset America Corporation

主机名(hostname): unknown

机构(organization): Lanset America Corporation

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Lines containing failures of 69.94.140.116 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=69.94.140.116	2019-07-24 01:29:56

相同子网IP讨论:

IP	类型	评论内容	时间
69.94.140.208	attackspambots	Aug 24 04:35:07 tempelhof postfix/smtpd[8630]: connect from flower.filinhost.com[69.94.140.208] Aug 24 04:35:08 tempelhof postfix/smtpd[8630]: 095815D6305B: client=flower.filinhost.com[69.94.140.208] Aug 24 04:35:08 tempelhof postfix/smtpd[8630]: disconnect from flower.filinhost.com[69.94.140.208] Aug 24 04:35:41 tempelhof postfix/smtpd[6439]: connect from flower.filinhost.com[69.94.140.208] Aug 24 04:35:41 tempelhof postfix/smtpd[6439]: C3C335D6305B: client=flower.filinhost.com[69.94.140.208] Aug 24 04:35:42 tempelhof postfix/smtpd[6439]: disconnect from flower.filinhost.com[69.94.140.208] Aug 24 04:53:51 tempelhof postfix/smtpd[10804]: connect from flower.filinhost.com[69.94.140.208] Aug x@x Aug 24 04:53:52 tempelhof postfix/smtpd[10804]: disconnect from flower.filinhost.com[69.94.140.208] Aug 24 05:00:11 tempelhof postfix/smtpd[11571]: connect from flower.filinhost.com[69.94.140.208] Aug x@x Aug 24 05:00:11 tempelhof postfix/smtpd[11571]: disconnect from flower.filin........ -------------------------------	2020-08-24 19:51:56
69.94.140.230	attackbotsspam	Postfix attempt blocked due to public blacklist entry	2020-08-22 00:07:06
69.94.140.99	attack	TCP Port: 25 invalid blocked Listed on spamcop also spam-sorbs and MailSpike L3-L5 (124)	2020-08-20 02:12:38
69.94.140.203	attackspambots	E-Mail Spam (RBL) [REJECTED]	2020-08-16 07:34:51
69.94.140.235	attackspam	E-Mail Spam (RBL) [REJECTED]	2020-08-14 07:29:07
69.94.140.244	attack	Aug 10 13:37:11 web01 postfix/smtpd[26588]: connect from rod.filinhost.com[69.94.140.244] Aug 10 13:37:11 web01 policyd-spf[26624]: None; identhostnamey=helo; client-ip=69.94.140.244; helo=rod.filinhost.com; envelope-from=x@x Aug 10 13:37:11 web01 policyd-spf[26624]: Pass; identhostnamey=mailfrom; client-ip=69.94.140.244; helo=rod.filinhost.com; envelope-from=x@x Aug x@x Aug 10 13:37:11 web01 postfix/smtpd[26588]: disconnect from rod.filinhost.com[69.94.140.244] Aug 10 13:47:19 web01 postfix/smtpd[26939]: connect from rod.filinhost.com[69.94.140.244] Aug 10 13:47:19 web01 policyd-spf[28049]: None; identhostnamey=helo; client-ip=69.94.140.244; helo=rod.filinhost.com; envelope-from=x@x Aug 10 13:47:19 web01 policyd-spf[28049]: Pass; identhostnamey=mailfrom; client-ip=69.94.140.244; helo=rod.filinhost.com; envelope-from=x@x Aug x@x Aug 10 13:47:19 web01 postfix/smtpd[26939]: disconnect from rod.filinhost.com[69.94.140.244] Aug 10 13:47:59 web01 postfix/smtpd[26588]: connec........ -------------------------------	2020-08-10 21:30:01
69.94.140.195	attackspam	Postfix RBL failed	2020-07-23 03:24:28
69.94.140.231	attack	Jul 20 22:38:45 mail postfix/smtpd[717]: connect from left.filinhost.com[69.94.140.231] Jul x@x Jul x@x Jul x@x Jul 20 22:38:45 mail postfix/smtpd[717]: disconnect from left.filinhost.com[69.94.140.231] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Jul 20 22:45:19 mail postfix/anvil[3531]: statistics: max message rate 1/60s for (smtp:69.94.140.231) at Jul 20 22:38:45 Jul 20 22:46:08 mail postfix/smtpd[13342]: connect from left.filinhost.com[69.94.140.231] Jul x@x Jul x@x Jul x@x Jul 20 22:46:09 mail postfix/smtpd[13342]: disconnect from left.filinhost.com[69.94.140.231] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=69.94.140.231	2020-07-21 07:20:43
69.94.140.225	attackspambots	Email Spam	2020-07-21 01:57:41
69.94.140.114	attackbotsspam	TCP src-port=37223 dst-port=25 Listed on dnsbl-sorbs spamcop zen-spamhaus (95)	2020-07-15 00:53:02
69.94.140.213	attackspambots	Jun 23 12:13:18 web01 postfix/smtpd[28671]: connect from dear.filinhost.com[69.94.140.213] Jun 23 12:13:18 web01 policyd-spf[29425]: None; identhostnamey=helo; client-ip=69.94.140.213; helo=dear.filinhost.com; envelope-from=x@x Jun 23 12:13:18 web01 policyd-spf[29425]: Pass; identhostnamey=mailfrom; client-ip=69.94.140.213; helo=dear.filinhost.com; envelope-from=x@x Jun x@x Jun 23 12:13:19 web01 postfix/smtpd[28671]: disconnect from dear.filinhost.com[69.94.140.213] Jun 23 12:13:45 web01 postfix/smtpd[28599]: connect from dear.filinhost.com[69.94.140.213] Jun 23 12:13:45 web01 policyd-spf[29703]: None; identhostnamey=helo; client-ip=69.94.140.213; helo=dear.filinhost.com; envelope-from=x@x Jun 23 12:13:45 web01 policyd-spf[29703]: Pass; identhostnamey=mailfrom; client-ip=69.94.140.213; helo=dear.filinhost.com; envelope-from=x@x Jun x@x Jun 23 12:13:45 web01 postfix/smtpd[28599]: disconnect from dear.filinhost.com[69.94.140.213] Jun 23 12:13:52 web01 postfix/smtpd[27748]........ -------------------------------	2020-06-23 20:14:54
69.94.140.123	attack	TCP src-port=49317 dst-port=25 Listed on dnsbl-sorbs spamcop zen-spamhaus (542)	2019-11-30 01:50:49
69.94.140.109	attack	Non-stop spam.	2019-08-07 04:47:40
69.94.140.118	attackbotsspam	TCP src-port=59437 dst-port=25 zen-spamhaus spam-sorbs megarbl (828)	2019-07-31 06:18:05
69.94.140.121	attackbots	TCP src-port=35788 dst-port=25 dnsbl-sorbs spamcop zen-spamhaus (Project Honey Pot rated Suspicious) (343)	2019-07-21 05:16:52

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 69.94.140.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28945
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;69.94.140.116.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 24 01:29:46 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

116.140.94.69.in-addr.arpa domain name pointer configuration.careated.pro.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
116.140.94.69.in-addr.arpa	name = configuration.careated.pro.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
41.207.184.179	attackbotsspam	Jan 3 21:24:19 work-partkepr sshd\[27192\]: Invalid user vriese from 41.207.184.179 port 47906 Jan 3 21:24:19 work-partkepr sshd\[27192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.207.184.179 ...	2020-01-04 05:54:28
164.52.24.173	attack	Jan 3 22:24:29 debian-2gb-nbg1-2 kernel: \[345995.724714\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=164.52.24.173 DST=195.201.40.59 LEN=68 TOS=0x00 PREC=0x00 TTL=240 ID=54321 PROTO=UDP SPT=45120 DPT=111 LEN=48	2020-01-04 05:41:47
175.143.175.154	attack	firewall-block, port(s): 4567/tcp	2020-01-04 06:16:34
162.158.167.12	attack	Scan for word-press application/login	2020-01-04 06:05:21
112.85.42.227	attackbots	Jan 3 17:00:38 TORMINT sshd\[17895\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root Jan 3 17:00:40 TORMINT sshd\[17895\]: Failed password for root from 112.85.42.227 port 32017 ssh2 Jan 3 17:05:58 TORMINT sshd\[18136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root ...	2020-01-04 06:14:51
106.12.16.140	attackbots	Jan 3 22:36:50 markkoudstaal sshd[27964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.16.140 Jan 3 22:36:52 markkoudstaal sshd[27964]: Failed password for invalid user kwonms from 106.12.16.140 port 35754 ssh2 Jan 3 22:41:04 markkoudstaal sshd[28266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.16.140	2020-01-04 05:53:29
183.157.172.133	attackbots	Caught in portsentry honeypot	2020-01-04 05:50:13
142.44.251.207	attackbotsspam	Jan 3 21:31:33 *** sshd[15656]: Invalid user faic from 142.44.251.207	2020-01-04 05:56:51
159.65.12.204	attackbots	Automatic report - Banned IP Access	2020-01-04 06:01:37
139.198.191.217	attackbots	Jan 3 22:46:57 localhost sshd\[27153\]: Invalid user tester from 139.198.191.217 port 52426 Jan 3 22:46:57 localhost sshd\[27153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.191.217 Jan 3 22:46:58 localhost sshd\[27153\]: Failed password for invalid user tester from 139.198.191.217 port 52426 ssh2	2020-01-04 05:53:52
222.186.175.163	attackbots	Jan 3 22:42:23 host sshd[16224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Jan 3 22:42:24 host sshd[16224]: Failed password for root from 222.186.175.163 port 5450 ssh2 ...	2020-01-04 05:43:55
222.186.173.238	attackbotsspam	Jan 3 22:38:06 minden010 sshd[31424]: Failed password for root from 222.186.173.238 port 41244 ssh2 Jan 3 22:38:19 minden010 sshd[31424]: error: maximum authentication attempts exceeded for root from 222.186.173.238 port 41244 ssh2 [preauth] Jan 3 22:38:25 minden010 sshd[31519]: Failed password for root from 222.186.173.238 port 3190 ssh2 ...	2020-01-04 05:41:29
50.35.30.243	attackspam	Jan 3 22:24:06 nextcloud sshd\[6871\]: Invalid user www from 50.35.30.243 Jan 3 22:24:06 nextcloud sshd\[6871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.35.30.243 Jan 3 22:24:08 nextcloud sshd\[6871\]: Failed password for invalid user www from 50.35.30.243 port 37765 ssh2 ...	2020-01-04 05:59:44
106.12.185.54	attack	Jan 3 21:16:22 ip-172-31-62-245 sshd\[32090\]: Invalid user info from 106.12.185.54\ Jan 3 21:16:25 ip-172-31-62-245 sshd\[32090\]: Failed password for invalid user info from 106.12.185.54 port 56042 ssh2\ Jan 3 21:20:32 ip-172-31-62-245 sshd\[32151\]: Invalid user buh from 106.12.185.54\ Jan 3 21:20:34 ip-172-31-62-245 sshd\[32151\]: Failed password for invalid user buh from 106.12.185.54 port 56032 ssh2\ Jan 3 21:24:30 ip-172-31-62-245 sshd\[32183\]: Invalid user jyf from 106.12.185.54\	2020-01-04 05:42:25
51.68.180.1	attack	WordPress wp-login brute force :: 51.68.180.1 0.148 - [03/Jan/2020:21:24:03 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-04 06:03:47

最近上报的IP列表

83.219.12.178	211.201.14.71	2003:dd:6f2e:9375:69db:34e5:88b7:9a4d	108.95.57.68
91.185.114.147	189.89.221.175	81.188.132.242	90.134.33.214
119.90.224.217	81.197.161.179	128.170.209.151	2a01:598:ff04:9e26:1:2:e4ad:784a
221.149.134.160	117.177.153.52	103.78.181.184	49.147.67.243
179.162.178.244	51.175.75.105	110.253.76.167	60.191.195.150