104.247.75.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.247.75.1	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/104.247.75.1/ US - 1H : (107) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN22611 IP : 104.247.75.1 CIDR : 104.247.74.0/23 PREFIX COUNT : 74 UNIQUE IP COUNT : 46336 ATTACKS DETECTED ASN22611 : 1H - 2 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2019-12-13 16:59:59 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-12-14 00:17:26
104.247.75.218	attackspambots	From: Digital Federal Credit Union [mailto:onlinemessage@armstong.com] DCU phishing/fraud; illicit use of entity name/credentials/copyright. Unsolicited bulk spam - zid-vpns-8-48.uibk.ac.at, University Of Innsbruck - 138.232.8.48 Spam link www.28niubi1.com = 58.64.157.132 NWT iDC Data Service – BLACKLISTED - phishing redirect: - northernexpressions.com.au = 104.247.75.218 InMotion Hosting, Inc. Appear to redirect/replicate valid DCU web site: - Spam link u6118461.ct.sendgrid.net = repeat IP 167.89.123.16, 167.89.115.54, 167.89.118.35 – SendGrid - Spam link media.whatcounts.com = 99.84.13.60, 99.84.13.158, 99.84.13.67, 99.84.13.207 – Amazon	2019-11-14 23:44:45

类型

评论内容

时间

104.247.75.1

attackbots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/104.247.75.1/ 
 
 US - 1H : (107)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : US 
 NAME ASN : ASN22611 
 
 IP : 104.247.75.1 
 
 CIDR : 104.247.74.0/23 
 
 PREFIX COUNT : 74 
 
 UNIQUE IP COUNT : 46336 
 
 
 ATTACKS DETECTED ASN22611 :  
  1H - 2 
  3H - 2 
  6H - 2 
 12H - 2 
 24H - 2 
 
 DateTime : 2019-12-13 16:59:59 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-12-14 00:17:26

104.247.75.218

attackspambots

From: Digital Federal Credit Union [mailto:onlinemessage@armstong.com] 
DCU phishing/fraud; illicit use of entity name/credentials/copyright.

Unsolicited bulk spam - zid-vpns-8-48.uibk.ac.at, University Of Innsbruck - 138.232.8.48

Spam link www.28niubi1.com = 58.64.157.132 NWT iDC Data Service – BLACKLISTED - phishing redirect:
-	northernexpressions.com.au = 104.247.75.218 InMotion Hosting, Inc.

Appear to redirect/replicate valid DCU web site:
-	Spam link u6118461.ct.sendgrid.net = repeat IP 167.89.123.16, 167.89.115.54, 167.89.118.35 – SendGrid
-	Spam link media.whatcounts.com = 99.84.13.60, 99.84.13.158, 99.84.13.67, 99.84.13.207 – Amazon

2019-11-14 23:44:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.247.75.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8185
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.247.75.5.			IN	A

;; AUTHORITY SECTION:
.			385	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 12:15:37 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

5.75.247.104.in-addr.arpa domain name pointer ded3552.inmotionhosting.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
5.75.247.104.in-addr.arpa	name = ded3552.inmotionhosting.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
200.121.91.74	attackbotsspam	Unauthorized connection attempt detected from IP address 200.121.91.74 to port 4343 [T]	2020-08-16 18:15:11
190.231.64.251	attackspambots	TCP (SYN) 190.231.64.251:52144 -> port 23, len 44	2020-08-16 17:39:18
77.27.168.117	attackbotsspam	Aug 16 11:42:58 vpn01 sshd[8832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.27.168.117 Aug 16 11:43:00 vpn01 sshd[8832]: Failed password for invalid user lol from 77.27.168.117 port 53156 ssh2 ...	2020-08-16 17:53:17
111.229.57.138	attackbots	Aug 16 09:00:19 db sshd[8145]: User root from 111.229.57.138 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 18:04:57
94.10.215.17	attackspambots	Aug 16 08:54:25 * sshd[21946]: Failed password for root from 94.10.215.17 port 54130 ssh2	2020-08-16 17:51:18
106.12.105.130	attackspambots	Aug 16 05:49:30 db sshd[20735]: User root from 106.12.105.130 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 17:52:23
223.204.233.203	attackspambots	1597549780 - 08/16/2020 05:49:40 Host: 223.204.233.203/223.204.233.203 Port: 445 TCP Blocked	2020-08-16 17:44:35
27.254.137.144	attackspam	(sshd) Failed SSH login from 27.254.137.144 (TH/Thailand/-): 5 in the last 3600 secs	2020-08-16 17:49:07
189.236.242.146	attackbotsspam	Unauthorized connection attempt detected from IP address 189.236.242.146 to port 445 [T]	2020-08-16 18:10:10
202.88.241.107	attack	1909/tcp 19191/tcp 191/tcp... [2020-08-11/16]10pkt,4pt.(tcp)	2020-08-16 18:14:43
138.99.194.171	attackspam	Unauthorized IMAP connection attempt	2020-08-16 17:59:45
206.253.226.7	attack	16.08.2020 05:49:30 - Bad Robot Ignore Robots.txt	2020-08-16 17:54:14
117.69.190.90	attack	Aug 16 07:17:51 srv01 postfix/smtpd\[2753\]: warning: unknown\[117.69.190.90\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 07:21:22 srv01 postfix/smtpd\[4156\]: warning: unknown\[117.69.190.90\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 07:28:20 srv01 postfix/smtpd\[31881\]: warning: unknown\[117.69.190.90\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 07:31:48 srv01 postfix/smtpd\[5061\]: warning: unknown\[117.69.190.90\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 07:32:00 srv01 postfix/smtpd\[5061\]: warning: unknown\[117.69.190.90\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-16 18:01:46
35.199.73.100	attackspam	Aug 16 06:01:08 inter-technics sshd[9811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.199.73.100 user=root Aug 16 06:01:10 inter-technics sshd[9811]: Failed password for root from 35.199.73.100 port 40660 ssh2 Aug 16 06:05:03 inter-technics sshd[10076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.199.73.100 user=root Aug 16 06:05:05 inter-technics sshd[10076]: Failed password for root from 35.199.73.100 port 41210 ssh2 Aug 16 06:08:58 inter-technics sshd[10337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.199.73.100 user=root Aug 16 06:09:00 inter-technics sshd[10337]: Failed password for root from 35.199.73.100 port 41754 ssh2 ...	2020-08-16 17:49:29
62.48.215.5	attack	Unauthorized IMAP connection attempt	2020-08-16 17:59:29

最近上报的IP列表

104.21.61.174	104.21.61.245	104.21.62.205	104.21.61.88
104.21.62.254	104.21.62.14	104.21.63.174	104.247.75.55
104.21.64.153	104.21.64.109	104.21.63.170	104.21.65.110
45.146.119.83	104.247.75.9	104.247.76.184	104.247.76.216
104.247.76.230	104.247.76.51	104.247.76.62	104.247.77.100