104.248.0.0 - IPInfo

基本信息:

城市(city): Clifton

省份(region): New Jersey

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.248.0.215	attackbots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-03-06 15:50:30
104.248.0.33	attack	joshuajohannes.de 104.248.0.33 \[04/Jul/2019:16:08:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 5606 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" joshuajohannes.de 104.248.0.33 \[04/Jul/2019:16:08:56 +0200\] "POST /wp-login.php HTTP/1.1" 200 5572 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-07-04 23:55:30

类型

评论内容

时间

104.248.0.215

attackbots

IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.

2020-03-06 15:50:30

104.248.0.33

attack

joshuajohannes.de 104.248.0.33 \[04/Jul/2019:16:08:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 5606 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
joshuajohannes.de 104.248.0.33 \[04/Jul/2019:16:08:56 +0200\] "POST /wp-login.php HTTP/1.1" 200 5572 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-07-04 23:55:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.0.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61008
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.0.0.			IN	A

;; AUTHORITY SECTION:
.			350	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2021102801 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 29 11:06:22 CST 2021
;; MSG SIZE  rcvd: 104

HOST信息:

Host 0.0.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 0.0.248.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.175.232.155	attack	2020-02-15 05:51:35,005 [snip] proftpd[20548] [snip] (112.175.232.155[112.175.232.155]): USER uupc: no such user found from 112.175.232.155 [112.175.232.155] to ::ffff:[snip]:22 2020-02-15 05:53:37,743 [snip] proftpd[20823] [snip] (112.175.232.155[112.175.232.155]): USER test: no such user found from 112.175.232.155 [112.175.232.155] to ::ffff:[snip]:22 2020-02-15 05:55:45,498 [snip] proftpd[21092] [snip] (112.175.232.155[112.175.232.155]): USER admin: no such user found from 112.175.232.155 [112.175.232.155] to ::ffff:[snip]:22[...]	2020-02-15 13:29:02
191.180.106.110	attackspam	Feb 15 06:34:19 v22018076622670303 sshd\[26622\]: Invalid user webcam from 191.180.106.110 port 38656 Feb 15 06:34:19 v22018076622670303 sshd\[26622\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.180.106.110 Feb 15 06:34:21 v22018076622670303 sshd\[26622\]: Failed password for invalid user webcam from 191.180.106.110 port 38656 ssh2 ...	2020-02-15 13:46:53
111.35.154.116	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 13:38:52
164.132.201.87	attackbots	0,17-01/01 [bc01/m18] PostRequest-Spammer scoring: Lusaka01	2020-02-15 13:54:14
106.13.140.138	attackspam	Feb 14 19:23:18 auw2 sshd\[29149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.138 user=root Feb 14 19:23:20 auw2 sshd\[29149\]: Failed password for root from 106.13.140.138 port 55812 ssh2 Feb 14 19:27:23 auw2 sshd\[29555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.138 user=root Feb 14 19:27:25 auw2 sshd\[29555\]: Failed password for root from 106.13.140.138 port 51800 ssh2 Feb 14 19:31:26 auw2 sshd\[29902\]: Invalid user brigit from 106.13.140.138	2020-02-15 13:32:11
152.249.122.91	attackbots	02/15/2020-05:55:33.801260 152.249.122.91 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-15 13:38:19
111.35.154.167	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 13:36:52
222.186.180.142	attackbotsspam	Feb 15 06:01:07 host sshd\[3099\]: User user from 222.186.180.142 not allowed because none of user's groups are listed in AllowGroups	2020-02-15 13:15:36
80.82.78.192	attack	Feb 15 06:30:33 debian-2gb-nbg1-2 kernel: \[4003857.462830\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.78.192 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=60013 PROTO=TCP SPT=50680 DPT=1789 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-15 13:30:49
210.99.216.205	attack	Feb 14 19:18:23 web9 sshd\[4036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.99.216.205 user=root Feb 14 19:18:25 web9 sshd\[4036\]: Failed password for root from 210.99.216.205 port 55530 ssh2 Feb 14 19:23:49 web9 sshd\[5135\]: Invalid user vazquez from 210.99.216.205 Feb 14 19:23:49 web9 sshd\[5135\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.99.216.205 Feb 14 19:23:52 web9 sshd\[5135\]: Failed password for invalid user vazquez from 210.99.216.205 port 50558 ssh2	2020-02-15 13:46:32
49.234.108.12	attackbotsspam	Feb 15 06:09:47 silence02 sshd[8207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.108.12 Feb 15 06:09:49 silence02 sshd[8207]: Failed password for invalid user zakku from 49.234.108.12 port 42216 ssh2 Feb 15 06:13:22 silence02 sshd[8489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.108.12	2020-02-15 13:35:15
85.93.20.150	attack	200214 23:42:02 [Warning] Access denied for user 'root'@'85.93.20.150' (using password: NO) 200214 23:42:03 [Warning] Access denied for user 'root'@'85.93.20.150' (using password: YES) 200214 23:42:05 [Warning] Access denied for user 'root'@'85.93.20.150' (using password: YES) ...	2020-02-15 13:34:43
14.98.213.14	attack	ssh brute force	2020-02-15 13:35:29
220.134.44.142	attack	firewall-block, port(s): 8083/udp	2020-02-15 13:20:26
198.98.62.220	attackbotsspam	scan z	2020-02-15 13:22:40

最近上报的IP列表

168.196.203.248	216.238.8.120	193.142.59.148	103.141.158.251
172.70.147.177	194.230.145.157	177.249.160.233	189.168.104.111
99.84.133.26	103.130.145.14	51.77.234.91	145.239.116.27
162.125.66.19	104.237.8.128	101.33.11.60	201.175.158.157
172.12.2.10	195.65.190.48	36.144.41.132	167.114.24.143