104.26.12.114 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.26.12.141	attack	From: "Amazon.com" Amazon account phishing/fraud - MALICIOUS REDIRECT UBE aimanbauk ([40.87.105.33]) Microsoft Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT: - sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304 - amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google	2020-07-30 03:35:15

类型

评论内容

时间

104.26.12.141

attack

From: "Amazon.com" 
Amazon account phishing/fraud - MALICIOUS REDIRECT

UBE aimanbauk ([40.87.105.33]) Microsoft

Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT:
-	sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304
-	amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop

SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google

2020-07-30 03:35:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.26.12.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9797
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.26.12.114.			IN	A

;; AUTHORITY SECTION:
.			20	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 04:02:10 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 114.12.26.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 114.12.26.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
124.128.39.226	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-10-09 21:48:48
129.204.166.67	attackbotsspam	2020-10-09T11:56:04.411360Z f9622f700c47 New connection: 129.204.166.67:36822 (172.17.0.5:2222) [session: f9622f700c47] 2020-10-09T12:01:37.912286Z 3748653817f5 New connection: 129.204.166.67:37006 (172.17.0.5:2222) [session: 3748653817f5]	2020-10-09 21:55:18
150.136.208.168	attackbotsspam	Oct 9 14:43:08 sshd\[4685\]: User root from 150.136.208.168 not allowed because not listed in AllowUsersOct 9 14:43:10 sshd\[4685\]: Failed password for invalid user root from 150.136.208.168 port 42020 ssh2 ...	2020-10-09 21:52:09
212.83.186.26	attackbots	2020-10-09 06:46:58.467943-0500 localhost sshd[76901]: Failed password for root from 212.83.186.26 port 26677 ssh2	2020-10-09 21:53:50
218.92.0.173	attack	Oct 9 13:14:46 ip-172-31-61-156 sshd[31785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root Oct 9 13:14:49 ip-172-31-61-156 sshd[31785]: Failed password for root from 218.92.0.173 port 5595 ssh2 ...	2020-10-09 21:29:19
154.221.28.224	attackspam	(sshd) Failed SSH login from 154.221.28.224 (HK/Hong Kong/-): 5 in the last 3600 secs	2020-10-09 22:01:35
185.244.41.7	attackbotsspam	Oct 9 11:47:03 mail.srvfarm.net postfix/smtps/smtpd[290488]: warning: unknown[185.244.41.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 9 11:47:03 mail.srvfarm.net postfix/smtps/smtpd[290488]: lost connection after AUTH from unknown[185.244.41.7] Oct 9 11:47:06 mail.srvfarm.net postfix/smtps/smtpd[286842]: lost connection after AUTH from unknown[185.244.41.7] Oct 9 11:50:54 mail.srvfarm.net postfix/smtps/smtpd[291007]: warning: unknown[185.244.41.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 9 11:50:54 mail.srvfarm.net postfix/smtps/smtpd[291007]: lost connection after AUTH from unknown[185.244.41.7]	2020-10-09 21:48:02
45.142.120.52	attack	2020-10-08T19:48:33.612538linuxbox-skyline auth[56796]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=webpop rhost=45.142.120.52 ...	2020-10-09 21:28:16
45.55.41.113	attackspam	Oct 9 14:55:31 vpn01 sshd[3438]: Failed password for root from 45.55.41.113 port 35716 ssh2 ...	2020-10-09 21:44:41
171.239.252.230	attackspambots	Unauthorized SSH connection attempt	2020-10-09 21:34:39
119.96.237.94	attack	" "	2020-10-09 21:35:03
61.144.20.51	attackbots	SSH invalid-user multiple login attempts	2020-10-09 21:50:23
112.85.42.174	attackbotsspam	Oct 9 09:45:01 NPSTNNYC01T sshd[32661]: Failed password for root from 112.85.42.174 port 37788 ssh2 Oct 9 09:45:15 NPSTNNYC01T sshd[32661]: Failed password for root from 112.85.42.174 port 37788 ssh2 Oct 9 09:45:15 NPSTNNYC01T sshd[32661]: error: maximum authentication attempts exceeded for root from 112.85.42.174 port 37788 ssh2 [preauth] ...	2020-10-09 21:46:32
104.248.70.30	attackspambots	[ThuOct0822:46:50.5155032020][:error][pid27673:tid47492339201792][client104.248.70.30:34960][client104.248.70.30]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\$mozilla\^\\|mozilla/[45]\\\\\\\\.[1-9]\\|\^mozilla/4\\\\\\\\.0\$$"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"426"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:MaliciousBotBlocked$FakeMozillaUserAgentStringDetected$"][severity"CRITICAL"][hostname"www.restaurantgandria.ch"][uri"/index.php"][unique_id"X396ujgSbtvwjJCGO1WJZQAAAIY"]\,referer:www.restaurantgandria.ch[ThuOct0822:47:42.0453082020][:error][pid27605:tid47492377024256][client104.248.70.30:38934][client104.248.70.30]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\$mozilla\^\\|mozilla/[45]\\\\\\\\.[1-9]\\|\^mozilla/4\\\\\\\\.0\$$"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"426"][id"330131"][rev"3"][msg"Atomico	2020-10-09 21:43:05
183.82.121.34	attackspam	Oct 9 15:03:16 host2 sshd[2100465]: Failed password for root from 183.82.121.34 port 36794 ssh2 Oct 9 15:04:13 host2 sshd[2100474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34 user=root Oct 9 15:04:16 host2 sshd[2100474]: Failed password for root from 183.82.121.34 port 48764 ssh2 Oct 9 15:05:13 host2 sshd[2100511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34 user=root Oct 9 15:05:15 host2 sshd[2100511]: Failed password for root from 183.82.121.34 port 60732 ssh2 ...	2020-10-09 21:38:24

最近上报的IP列表

104.26.12.112	104.26.12.113	104.26.12.117	104.26.12.111
20.219.33.105	104.26.12.115	104.26.12.119	104.26.12.12
104.26.12.118	104.26.12.120	104.26.12.121	104.26.12.123
104.26.12.124	104.26.12.122	104.26.12.126	104.26.12.128
104.26.12.125	104.26.12.129	104.26.12.127	104.26.12.131