104.247.75.48 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.247.75.1	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/104.247.75.1/ US - 1H : (107) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN22611 IP : 104.247.75.1 CIDR : 104.247.74.0/23 PREFIX COUNT : 74 UNIQUE IP COUNT : 46336 ATTACKS DETECTED ASN22611 : 1H - 2 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2019-12-13 16:59:59 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-12-14 00:17:26
104.247.75.218	attackspambots	From: Digital Federal Credit Union [mailto:onlinemessage@armstong.com] DCU phishing/fraud; illicit use of entity name/credentials/copyright. Unsolicited bulk spam - zid-vpns-8-48.uibk.ac.at, University Of Innsbruck - 138.232.8.48 Spam link www.28niubi1.com = 58.64.157.132 NWT iDC Data Service – BLACKLISTED - phishing redirect: - northernexpressions.com.au = 104.247.75.218 InMotion Hosting, Inc. Appear to redirect/replicate valid DCU web site: - Spam link u6118461.ct.sendgrid.net = repeat IP 167.89.123.16, 167.89.115.54, 167.89.118.35 – SendGrid - Spam link media.whatcounts.com = 99.84.13.60, 99.84.13.158, 99.84.13.67, 99.84.13.207 – Amazon	2019-11-14 23:44:45

类型

评论内容

时间

104.247.75.1

attackbots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/104.247.75.1/ 
 
 US - 1H : (107)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : US 
 NAME ASN : ASN22611 
 
 IP : 104.247.75.1 
 
 CIDR : 104.247.74.0/23 
 
 PREFIX COUNT : 74 
 
 UNIQUE IP COUNT : 46336 
 
 
 ATTACKS DETECTED ASN22611 :  
  1H - 2 
  3H - 2 
  6H - 2 
 12H - 2 
 24H - 2 
 
 DateTime : 2019-12-13 16:59:59 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-12-14 00:17:26

104.247.75.218

attackspambots

From: Digital Federal Credit Union [mailto:onlinemessage@armstong.com] 
DCU phishing/fraud; illicit use of entity name/credentials/copyright.

Unsolicited bulk spam - zid-vpns-8-48.uibk.ac.at, University Of Innsbruck - 138.232.8.48

Spam link www.28niubi1.com = 58.64.157.132 NWT iDC Data Service – BLACKLISTED - phishing redirect:
-	northernexpressions.com.au = 104.247.75.218 InMotion Hosting, Inc.

Appear to redirect/replicate valid DCU web site:
-	Spam link u6118461.ct.sendgrid.net = repeat IP 167.89.123.16, 167.89.115.54, 167.89.118.35 – SendGrid
-	Spam link media.whatcounts.com = 99.84.13.60, 99.84.13.158, 99.84.13.67, 99.84.13.207 – Amazon

2019-11-14 23:44:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.247.75.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65381
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.247.75.48.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022052602 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 27 07:49:30 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 48.75.247.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.75.247.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.203.39.156	attack	3389BruteforceFW23	2019-12-29 05:31:07
95.110.235.17	attack	Invalid user admin from 95.110.235.17 port 45708	2019-12-29 05:27:22
62.197.214.199	attackspam	Dec 28 18:07:53 prox sshd[31596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.197.214.199 Dec 28 18:07:56 prox sshd[31596]: Failed password for invalid user whiting from 62.197.214.199 port 55874 ssh2	2019-12-29 05:45:54
123.110.137.28	attack	Dec 28 15:25:04 grey postfix/smtpd\[28948\]: NOQUEUE: reject: RCPT from unknown\[123.110.137.28\]: 554 5.7.1 Service unavailable\; Client host \[123.110.137.28\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?123.110.137.28\; from=\ to=\ proto=ESMTP helo=\<123-110-137-28.best.dynamic.tbcnet.net.tw\> ...	2019-12-29 05:38:58
159.65.246.30	attackspambots	xmlrpc attack	2019-12-29 05:55:50
78.128.113.182	attack	20 attempts against mh-misbehave-ban on tree.magehost.pro	2019-12-29 05:54:12
218.92.0.155	attack	Dec 29 01:59:20 gw1 sshd[27696]: Failed password for root from 218.92.0.155 port 19945 ssh2 Dec 29 01:59:33 gw1 sshd[27696]: error: maximum authentication attempts exceeded for root from 218.92.0.155 port 19945 ssh2 [preauth] ...	2019-12-29 05:27:08
181.176.164.178	attackspam	181.176.164.178 - - [28/Dec/2019:09:24:49 -0500] "GET /?page=..%2f..%2f..%2fetc%2fpasswd&action=view& HTTP/1.1" 200 17542 "https://ccbrass.com/?page=..%2f..%2f..%2fetc%2fpasswd&action=view&" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-12-29 05:46:59
147.139.135.52	attackbots	Dec 28 21:09:25 localhost sshd[33679]: Failed password for invalid user caryn from 147.139.135.52 port 47630 ssh2 Dec 28 21:29:10 localhost sshd[34818]: Failed password for invalid user phil from 147.139.135.52 port 52248 ssh2 Dec 28 21:32:16 localhost sshd[34985]: Failed password for root from 147.139.135.52 port 45732 ssh2	2019-12-29 05:22:00
188.131.142.109	attackspambots	Dec 28 09:24:43 TORMINT sshd\[21808\]: Invalid user valenta from 188.131.142.109 Dec 28 09:24:43 TORMINT sshd\[21808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.142.109 Dec 28 09:24:45 TORMINT sshd\[21808\]: Failed password for invalid user valenta from 188.131.142.109 port 48202 ssh2 ...	2019-12-29 05:52:49
148.70.223.115	attack	Dec 28 16:28:25 [host] sshd[9242]: Invalid user bailey from 148.70.223.115 Dec 28 16:28:25 [host] sshd[9242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.223.115 Dec 28 16:28:27 [host] sshd[9242]: Failed password for invalid user bailey from 148.70.223.115 port 55208 ssh2	2019-12-29 05:45:22
185.156.73.49	attackspambots	firewall-block, port(s): 6090/tcp, 6091/tcp, 6092/tcp, 6095/tcp, 6097/tcp, 6111/tcp, 6117/tcp	2019-12-29 05:53:33
78.111.56.16	attackbotsspam	scan r	2019-12-29 05:36:29
209.107.214.56	attackspam	Port Scan detected from 209.107.214.56 (US/United States/209-107-214-56.ipvanish.com). 4 hits in the last 50 seconds	2019-12-29 05:42:08
202.73.9.76	attackbots	2019-12-28T21:14:55.834898abusebot-7.cloudsearch.cf sshd[3126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=smartspace.wenet.my user=root 2019-12-28T21:14:57.717163abusebot-7.cloudsearch.cf sshd[3126]: Failed password for root from 202.73.9.76 port 34709 ssh2 2019-12-28T21:18:06.773262abusebot-7.cloudsearch.cf sshd[3167]: Invalid user ident from 202.73.9.76 port 37830 2019-12-28T21:18:06.778078abusebot-7.cloudsearch.cf sshd[3167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=smartspace.wenet.my 2019-12-28T21:18:06.773262abusebot-7.cloudsearch.cf sshd[3167]: Invalid user ident from 202.73.9.76 port 37830 2019-12-28T21:18:08.880949abusebot-7.cloudsearch.cf sshd[3167]: Failed password for invalid user ident from 202.73.9.76 port 37830 ssh2 2019-12-28T21:21:10.964598abusebot-7.cloudsearch.cf sshd[3174]: Invalid user nippes from 202.73.9.76 port 40604 ...	2019-12-29 05:49:48

最近上报的IP列表

104.247.75.129	104.247.76.27	104.247.78.116	104.247.78.64
104.248.104.45	104.248.113.127	104.248.120.17	104.248.129.116
104.248.129.211	104.248.133.21	104.248.137.61	104.248.139.214
104.248.14.184	72.158.100.0	104.248.140.5	104.248.140.55
104.248.142.213	104.248.144.244	104.248.144.50	104.248.145.43