104.248.139.52

基本信息:

城市(city): Frankfurt am Main

省份(region): Hesse

国家(country): Germany

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.248.139.121	attackspambots	May 14 08:55:32 NPSTNNYC01T sshd[14068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 May 14 08:55:34 NPSTNNYC01T sshd[14068]: Failed password for invalid user user from 104.248.139.121 port 49288 ssh2 May 14 08:59:01 NPSTNNYC01T sshd[14354]: Failed password for root from 104.248.139.121 port 56564 ssh2 ...	2020-05-14 21:25:45
104.248.139.121	attackbotsspam	May 3 06:22:00 legacy sshd[5370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 May 3 06:22:02 legacy sshd[5370]: Failed password for invalid user mf from 104.248.139.121 port 40166 ssh2 May 3 06:25:38 legacy sshd[5637]: Failed password for root from 104.248.139.121 port 49638 ssh2 ...	2020-05-03 12:34:29
104.248.139.121	attackspam	SSH auth scanning - multiple failed logins	2020-04-30 07:33:34
104.248.139.121	attack	2020-04-27T13:03:38.800886abusebot-3.cloudsearch.cf sshd[30948]: Invalid user hung from 104.248.139.121 port 41966 2020-04-27T13:03:38.810081abusebot-3.cloudsearch.cf sshd[30948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 2020-04-27T13:03:38.800886abusebot-3.cloudsearch.cf sshd[30948]: Invalid user hung from 104.248.139.121 port 41966 2020-04-27T13:03:40.381859abusebot-3.cloudsearch.cf sshd[30948]: Failed password for invalid user hung from 104.248.139.121 port 41966 ssh2 2020-04-27T13:07:22.168837abusebot-3.cloudsearch.cf sshd[31229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 user=root 2020-04-27T13:07:24.161636abusebot-3.cloudsearch.cf sshd[31229]: Failed password for root from 104.248.139.121 port 53746 ssh2 2020-04-27T13:11:04.475551abusebot-3.cloudsearch.cf sshd[31503]: Invalid user znc from 104.248.139.121 port 37302 ...	2020-04-27 22:58:33
104.248.139.121	attackbots	Apr 27 11:44:11 dev0-dcde-rnet sshd[22559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 Apr 27 11:44:14 dev0-dcde-rnet sshd[22559]: Failed password for invalid user udp from 104.248.139.121 port 52906 ssh2 Apr 27 11:50:16 dev0-dcde-rnet sshd[22729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121	2020-04-27 18:07:05
104.248.139.121	attackspam	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-24 23:09:01
104.248.139.121	attackbotsspam	Invalid user od from 104.248.139.121 port 53734	2020-04-23 04:11:27
104.248.139.121	attack	Wordpress malicious attack:[sshd]	2020-04-20 12:17:42
104.248.139.121	attackspam	Apr 20 00:12:29 debian-2gb-nbg1-2 kernel: \[9593314.391754\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.248.139.121 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=23968 PROTO=TCP SPT=59620 DPT=19842 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-20 08:07:04
104.248.139.121	attackbots	scans once in preceeding hours on the ports (in chronological order) 19153 resulting in total of 5 scans from 104.248.0.0/16 block.	2020-04-20 00:13:49
104.248.139.121	attack	Apr 17 13:56:38 sso sshd[29563]: Failed password for root from 104.248.139.121 port 42032 ssh2 Apr 17 14:00:28 sso sshd[30000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 ...	2020-04-17 22:34:21
104.248.139.121	attackbotsspam	Apr 17 09:49:30 vpn01 sshd[24030]: Failed password for root from 104.248.139.121 port 47328 ssh2 ...	2020-04-17 16:50:57
104.248.139.121	attackspambots	Apr 8 06:00:12 sso sshd[10238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 Apr 8 06:00:14 sso sshd[10238]: Failed password for invalid user aman from 104.248.139.121 port 60516 ssh2 ...	2020-04-08 12:18:20
104.248.139.121	attackspam	(sshd) Failed SSH login from 104.248.139.121 (DE/Germany/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 4 09:34:42 ubnt-55d23 sshd[17241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 user=root Apr 4 09:34:44 ubnt-55d23 sshd[17241]: Failed password for root from 104.248.139.121 port 43664 ssh2	2020-04-04 16:11:55
104.248.139.121	attack	Mar 28 16:31:05 dev0-dcde-rnet sshd[3144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 Mar 28 16:31:06 dev0-dcde-rnet sshd[3144]: Failed password for invalid user oracle from 104.248.139.121 port 41678 ssh2 Mar 28 16:41:28 dev0-dcde-rnet sshd[3230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121	2020-03-29 00:22:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.139.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44587
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.139.52.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 09:34:31 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

Host 52.139.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.139.248.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
89.240.140.109	attackbotsspam	DATE:2019-09-05 10:31:55, IP:89.240.140.109, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-09-05 20:18:45
115.150.99.149	attackbots	Unauthorized connection attempt from IP address 115.150.99.149 on Port 445(SMB)	2019-09-05 20:03:50
78.132.104.111	attack	Automatic report - Banned IP Access	2019-09-05 20:14:54
117.207.110.66	attackspam	Unauthorized connection attempt from IP address 117.207.110.66 on Port 445(SMB)	2019-09-05 20:11:31
42.235.59.117	attack	" "	2019-09-05 19:47:10
36.67.177.115	attackspambots	Unauthorized connection attempt from IP address 36.67.177.115 on Port 445(SMB)	2019-09-05 20:23:44
39.49.28.28	attackbots	Automatic report - Port Scan Attack	2019-09-05 19:42:06
165.22.203.184	attack	Sep 5 13:39:55 lnxded64 sshd[8984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.203.184	2019-09-05 19:40:29
218.92.0.189	attack	Sep 5 13:15:45 dcd-gentoo sshd[7724]: User root from 218.92.0.189 not allowed because none of user's groups are listed in AllowGroups Sep 5 13:15:48 dcd-gentoo sshd[7724]: error: PAM: Authentication failure for illegal user root from 218.92.0.189 Sep 5 13:15:45 dcd-gentoo sshd[7724]: User root from 218.92.0.189 not allowed because none of user's groups are listed in AllowGroups Sep 5 13:15:48 dcd-gentoo sshd[7724]: error: PAM: Authentication failure for illegal user root from 218.92.0.189 Sep 5 13:15:45 dcd-gentoo sshd[7724]: User root from 218.92.0.189 not allowed because none of user's groups are listed in AllowGroups Sep 5 13:15:48 dcd-gentoo sshd[7724]: error: PAM: Authentication failure for illegal user root from 218.92.0.189 Sep 5 13:15:48 dcd-gentoo sshd[7724]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.189 port 29883 ssh2 ...	2019-09-05 20:06:36
36.22.77.234	attack	Sep 5 10:31:39 localhost postfix/smtpd\[26384\]: warning: unknown\[36.22.77.234\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 10:31:48 localhost postfix/smtpd\[26365\]: warning: unknown\[36.22.77.234\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 10:32:02 localhost postfix/smtpd\[26384\]: warning: unknown\[36.22.77.234\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 10:32:18 localhost postfix/smtpd\[26384\]: warning: unknown\[36.22.77.234\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 10:32:27 localhost postfix/smtpd\[26358\]: warning: unknown\[36.22.77.234\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-05 19:38:58
199.87.154.255	attackspam	Sep 5 11:18:04 thevastnessof sshd[23527]: Failed password for root from 199.87.154.255 port 49645 ssh2 ...	2019-09-05 19:48:34
208.115.196.14	attack	CloudCIX Reconnaissance Scan Detected, PTR: 14-196-115-208.static.reverse.lstn.net.	2019-09-05 19:46:06
49.49.237.109	attackspam	Unauthorized connection attempt from IP address 49.49.237.109 on Port 445(SMB)	2019-09-05 19:49:54
182.61.185.77	attack	Sep 5 13:07:13 DAAP sshd[20689]: Invalid user mcserver from 182.61.185.77 port 45680 Sep 5 13:07:13 DAAP sshd[20689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.185.77 Sep 5 13:07:13 DAAP sshd[20689]: Invalid user mcserver from 182.61.185.77 port 45680 Sep 5 13:07:15 DAAP sshd[20689]: Failed password for invalid user mcserver from 182.61.185.77 port 45680 ssh2 Sep 5 13:11:41 DAAP sshd[20789]: Invalid user webcam from 182.61.185.77 port 33970 ...	2019-09-05 20:17:55
172.103.172.7	attack	Unauthorized connection attempt from IP address 172.103.172.7 on Port 445(SMB)	2019-09-05 20:21:09

最近上报的IP列表

104.248.31.121	104.244.225.193	104.247.208.125	104.244.75.172
104.248.8.234	104.248.9.210	104.251.243.254	104.249.62.103
104.248.156.29	104.252.179.162	104.255.72.29	104.37.76.19
104.32.132.24	104.252.179.180	104.45.210.140	104.252.179.120
104.47.4.254	104.35.46.131	105.100.12.44	105.0.6.208