104.248.144.195

基本信息:

城市(city): Singapore

省份(region): unknown

国家(country): Singapore

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.248.144.94	attackbots	sshd jail - ssh hack attempt	2020-07-11 00:48:47
104.248.144.94	attackbotsspam	$f2bV_matches	2020-07-10 16:55:02
104.248.144.208	attack	104.248.144.208 - - [30/Jun/2020:13:44:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [30/Jun/2020:13:44:13 +0100] "POST /wp-login.php HTTP/1.1" 200 1924 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [30/Jun/2020:13:44:15 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-01 00:47:22
104.248.144.208	attackspambots	104.248.144.208 - - [29/Jun/2020:04:58:23 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [29/Jun/2020:04:58:26 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [29/Jun/2020:04:58:27 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-29 12:14:39
104.248.144.208	attackspam	Attempt to log in with non-existing username: admin	2020-06-04 14:33:13
104.248.144.208	attackbots	104.248.144.208 - - [01/Jun/2020:14:27:58 +0200] "GET /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [01/Jun/2020:14:28:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6615 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [01/Jun/2020:14:28:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 23:04:31
104.248.144.208	attackspambots	104.248.144.208 - - [28/May/2020:14:03:14 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [28/May/2020:14:03:17 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [28/May/2020:14:03:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-28 20:54:25
104.248.144.208	attack	abasicmove.de 104.248.144.208 [10/May/2020:15:30:29 +0200] "POST /wp-login.php HTTP/1.1" 200 6098 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" abasicmove.de 104.248.144.208 [10/May/2020:15:30:30 +0200] "POST /wp-login.php HTTP/1.1" 200 5957 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-16 19:13:49
104.248.144.208	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-15 08:20:54
104.248.144.208	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-11 04:01:42
104.248.144.208	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-03-26 03:27:09
104.248.144.147	attack	Mar 16 15:35:18 sshd\[11502\]: User root from 104.248.144.147 not allowed because not listed in AllowUsersMar 16 15:35:20 sshd\[11502\]: Failed password for invalid user root from 104.248.144.147 port 39346 ssh2 ...	2020-03-17 07:07:58
104.248.144.208	attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-14 09:32:48
104.248.144.208	attackspam	xmlrpc attack	2020-02-19 21:43:52
104.248.144.208	attack	Automatic report - XMLRPC Attack	2020-02-03 14:06:18

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.144.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18784
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.144.195.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 07:23:37 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 195.144.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 195.144.248.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.117.105.194	attackspambots	Telnet Server BruteForce Attack	2020-06-05 02:01:41
139.186.69.92	attackbotsspam	SSH bruteforce	2020-06-05 02:19:54
36.92.174.133	attack	Jun 4 10:37:04 propaganda sshd[9883]: Connection from 36.92.174.133 port 39733 on 10.0.0.160 port 22 rdomain "" Jun 4 10:37:04 propaganda sshd[9883]: Connection closed by 36.92.174.133 port 39733 [preauth]	2020-06-05 01:48:46
85.132.67.86	attackbots	TCP (SYN) 85.132.67.86:29440 -> port 8080, len 40	2020-06-05 01:59:51
185.53.168.96	attack	DATE:2020-06-04 14:03:17, IP:185.53.168.96, PORT:ssh SSH brute force auth (docker-dc)	2020-06-05 02:01:07
104.248.149.130	attackspam	Jun 4 14:17:44 jumpserver sshd[73710]: Failed password for root from 104.248.149.130 port 49494 ssh2 Jun 4 14:21:48 jumpserver sshd[73725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.149.130 user=root Jun 4 14:21:49 jumpserver sshd[73725]: Failed password for root from 104.248.149.130 port 53700 ssh2 ...	2020-06-05 02:03:04
195.54.167.117	attack	SQL Injection Attempts	2020-06-05 02:13:22
36.237.203.142	attack	Jun 4 15:03:20 debian kernel: [174763.732795] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=36.237.203.142 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=6806 PROTO=TCP SPT=29944 DPT=23 WINDOW=34102 RES=0x00 SYN URGP=0	2020-06-05 01:58:45
37.49.224.162	attack	Jun 4 19:34:44 ucs sshd\[26894\]: Invalid user admin from 37.49.224.162 port 60330 Jun 4 19:35:23 ucs sshd\[27127\]: Invalid user oracle from 37.49.224.162 port 42446 Jun 4 19:36:02 ucs sshd\[27466\]: Invalid user ubuntu from 37.49.224.162 port 52916 ...	2020-06-05 01:58:19
107.175.197.150	attackbots	Jun 4 19:52:00 vpn01 sshd[2668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.175.197.150 Jun 4 19:52:02 vpn01 sshd[2668]: Failed password for invalid user jenkins from 107.175.197.150 port 34994 ssh2 ...	2020-06-05 02:21:52
41.128.164.83	attackspambots	Unauthorized connection attempt detected from IP address 41.128.164.83 to port 445	2020-06-05 01:45:06
112.85.42.89	attackbotsspam	Jun 4 20:13:55 ns381471 sshd[22052]: Failed password for root from 112.85.42.89 port 22616 ssh2	2020-06-05 02:22:21
69.175.97.171	attackbots	Jun 4 19:42:30 debian-2gb-nbg1-2 kernel: \[13551306.911951\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=69.175.97.171 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=24794 PROTO=TCP SPT=30311 DPT=3389 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-05 01:46:12
46.188.98.10	attackbotsspam	Illegal actions on webapp	2020-06-05 02:12:43
122.114.223.78	attackspambots	[MK-VM5] Blocked by UFW	2020-06-05 01:55:43

最近上报的IP列表

114.80.216.162	106.51.64.85	106.51.53.212	103.115.195.42
103.87.31.205	103.48.21.58	101.99.6.122	92.252.166.85
92.252.156.184	77.247.108.127	59.124.222.3	46.98.80.163
200.66.113.88	168.228.148.167	106.52.104.231	95.64.77.154
14.173.5.58	187.109.59.1	207.46.13.21	180.244.102.126