104.26.12.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.26.12.141	attack	From: "Amazon.com" Amazon account phishing/fraud - MALICIOUS REDIRECT UBE aimanbauk ([40.87.105.33]) Microsoft Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT: - sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304 - amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google	2020-07-30 03:35:15

类型

评论内容

时间

104.26.12.141

attack

From: "Amazon.com" 
Amazon account phishing/fraud - MALICIOUS REDIRECT

UBE aimanbauk ([40.87.105.33]) Microsoft

Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT:
-	sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304
-	amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop

SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google

2020-07-30 03:35:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.26.12.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23603
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.26.12.5.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 04:03:19 CST 2022
;; MSG SIZE  rcvd: 104

HOST信息:

Host 5.12.26.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.12.26.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
153.36.236.35	attackspam	Sep 9 08:59:00 server2 sshd\[16910\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 08:59:00 server2 sshd\[16911\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 08:59:00 server2 sshd\[16916\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 08:59:00 server2 sshd\[16914\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 08:59:00 server2 sshd\[16918\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 9 09:01:54 server2 sshd\[17193\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers	2019-09-09 14:55:15
123.21.33.151	attackspam	Sep 9 12:03:21 areeb-Workstation sshd[3095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.21.33.151 Sep 9 12:03:23 areeb-Workstation sshd[3095]: Failed password for invalid user www-upload from 123.21.33.151 port 10814 ssh2 ...	2019-09-09 14:36:57
142.93.151.152	attack	Sep 8 20:31:35 tdfoods sshd\[1468\]: Invalid user server from 142.93.151.152 Sep 8 20:31:35 tdfoods sshd\[1468\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.152 Sep 8 20:31:36 tdfoods sshd\[1468\]: Failed password for invalid user server from 142.93.151.152 port 37614 ssh2 Sep 8 20:37:46 tdfoods sshd\[2113\]: Invalid user user from 142.93.151.152 Sep 8 20:37:46 tdfoods sshd\[2113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.152	2019-09-09 14:45:40
119.145.142.86	attackbotsspam	Sep 8 19:44:55 lcdev sshd\[3355\]: Invalid user dev from 119.145.142.86 Sep 8 19:44:55 lcdev sshd\[3355\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.145.142.86 Sep 8 19:44:56 lcdev sshd\[3355\]: Failed password for invalid user dev from 119.145.142.86 port 58783 ssh2 Sep 8 19:47:28 lcdev sshd\[3557\]: Invalid user git from 119.145.142.86 Sep 8 19:47:28 lcdev sshd\[3557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.145.142.86	2019-09-09 14:07:32
100.26.104.241	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-09-09 14:51:09
106.243.162.3	attackspambots	Sep 8 20:31:55 wbs sshd\[7183\]: Invalid user dspace from 106.243.162.3 Sep 8 20:31:55 wbs sshd\[7183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.243.162.3 Sep 8 20:31:57 wbs sshd\[7183\]: Failed password for invalid user dspace from 106.243.162.3 port 42077 ssh2 Sep 8 20:38:51 wbs sshd\[7810\]: Invalid user postgres from 106.243.162.3 Sep 8 20:38:51 wbs sshd\[7810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.243.162.3	2019-09-09 14:46:08
171.244.36.103	attackbotsspam	Sep 9 08:04:40 meumeu sshd[28098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.36.103 Sep 9 08:04:43 meumeu sshd[28098]: Failed password for invalid user 1 from 171.244.36.103 port 38068 ssh2 Sep 9 08:11:52 meumeu sshd[28962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.36.103 ...	2019-09-09 14:19:03
85.144.226.170	attackspam	" "	2019-09-09 14:59:14
159.89.188.167	attack	Sep 9 08:45:10 dedicated sshd[29842]: Invalid user 12345 from 159.89.188.167 port 36952	2019-09-09 14:47:04
94.23.38.46	attackbots	DATE:2019-09-09 06:39:09, IP:94.23.38.46, PORT:3306 - MySQL/MariaDB brute force auth on a honeypot server (epe-dc)	2019-09-09 14:58:40
125.215.207.40	attackspambots	Sep 9 08:10:05 andromeda sshd\[56352\]: Invalid user dbuser from 125.215.207.40 port 48464 Sep 9 08:10:06 andromeda sshd\[56352\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.215.207.40 Sep 9 08:10:08 andromeda sshd\[56352\]: Failed password for invalid user dbuser from 125.215.207.40 port 48464 ssh2	2019-09-09 14:28:18
106.75.215.100	attackspam	Sep 9 08:47:15 h2177944 sshd\[5281\]: Invalid user teste from 106.75.215.100 port 57246 Sep 9 08:47:15 h2177944 sshd\[5281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.215.100 Sep 9 08:47:17 h2177944 sshd\[5281\]: Failed password for invalid user teste from 106.75.215.100 port 57246 ssh2 Sep 9 08:50:26 h2177944 sshd\[5413\]: Invalid user factorio from 106.75.215.100 port 34348 ...	2019-09-09 14:53:00
144.217.234.174	attackbots	Sep 9 08:05:19 SilenceServices sshd[8870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.234.174 Sep 9 08:05:21 SilenceServices sshd[8870]: Failed password for invalid user 123456 from 144.217.234.174 port 59861 ssh2 Sep 9 08:11:12 SilenceServices sshd[11116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.234.174	2019-09-09 14:21:48
1.224.163.125	attackbots	firewall-block, port(s): 445/tcp	2019-09-09 14:27:02
132.145.162.191	attackbots	2019-09-09T06:28:09.463368abusebot-8.cloudsearch.cf sshd\[13829\]: Invalid user sammy from 132.145.162.191 port 48114	2019-09-09 14:33:50

最近上报的IP列表

104.26.12.48	104.26.12.47	104.26.12.52	104.26.12.50
104.26.12.53	104.26.12.58	104.26.12.59	104.26.12.51
104.26.12.55	104.26.12.57	104.26.12.54	104.26.12.61
104.26.12.60	104.26.12.6	104.26.12.62	104.26.12.65
104.26.12.63	104.26.12.64	104.26.12.67	104.26.12.69