104.26.13.133 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.26.13.141	attackbotsspam	From: "Amazon.com" Amazon account phishing/fraud - MALICIOUS REDIRECT UBE aimanbauk ([40.87.105.33]) Microsoft Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT: - sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304 - amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google	2020-07-30 02:47:10

类型

评论内容

时间

104.26.13.141

attackbotsspam

From: "Amazon.com" 
Amazon account phishing/fraud - MALICIOUS REDIRECT

UBE aimanbauk ([40.87.105.33]) Microsoft

Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT:
-	sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304
-	amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop

SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google

2020-07-30 02:47:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.26.13.133
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50417
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.26.13.133.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 04:03:54 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 133.13.26.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 133.13.26.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
189.206.249.66	attackspambots	189.206.249.66 - - \[06/Aug/2019:23:49:11 +0200\] "POST /wuwu11.php HTTP/1.1" 302 228 "-" "Mozilla/5.0 $Windows NT 6.1$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0" 189.206.249.66 - - \[06/Aug/2019:23:49:11 +0200\] "POST /xw.php HTTP/1.1" 302 224 "-" "Mozilla/5.0 $Windows NT 6.1$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0" 189.206.249.66 - - \[06/Aug/2019:23:49:12 +0200\] "POST /xw1.php HTTP/1.1" 302 225 "-" "Mozilla/5.0 $Windows NT 6.1$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0" 189.206.249.66 - - \[06/Aug/2019:23:49:12 +0200\] "POST /9678.php HTTP/1.1" 302 226 "-" "Mozilla/5.0 $Windows NT 6.1$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0" 189.206.249.66 - - \[06/Aug/2019:23:49:13 +0200\] "POST /wc.php HTTP/1.1" 302 224 "-" "Mozilla/5.0 $Windows NT 6.1$ AppleWebKit/537.36 \(KH ...	2019-08-07 06:48:22
187.115.128.212	attackspambots	$f2bV_matches	2019-08-07 06:48:49
23.254.228.8	attackspam	Aug 7 04:05:35 vibhu-HP-Z238-Microtower-Workstation sshd\[19524\]: Invalid user admins from 23.254.228.8 Aug 7 04:05:35 vibhu-HP-Z238-Microtower-Workstation sshd\[19524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.254.228.8 Aug 7 04:05:37 vibhu-HP-Z238-Microtower-Workstation sshd\[19524\]: Failed password for invalid user admins from 23.254.228.8 port 37640 ssh2 Aug 7 04:15:24 vibhu-HP-Z238-Microtower-Workstation sshd\[19910\]: Invalid user joyce from 23.254.228.8 Aug 7 04:15:24 vibhu-HP-Z238-Microtower-Workstation sshd\[19910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.254.228.8 ...	2019-08-07 07:03:10
61.227.243.214	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-06 20:12:52,883 INFO [amun_request_handler] PortScan Detected on Port: 445 (61.227.243.214)	2019-08-07 06:37:31
193.233.70.19	attackbotsspam	Aug 7 00:02:39 microserver sshd[27359]: Invalid user chad from 193.233.70.19 port 8557 Aug 7 00:02:39 microserver sshd[27359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.233.70.19 Aug 7 00:02:41 microserver sshd[27359]: Failed password for invalid user chad from 193.233.70.19 port 8557 ssh2 Aug 7 00:07:44 microserver sshd[29136]: Invalid user zz from 193.233.70.19 port 5800 Aug 7 00:07:44 microserver sshd[29136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.233.70.19 Aug 7 00:17:59 microserver sshd[30698]: Invalid user rolph from 193.233.70.19 port 6118 Aug 7 00:17:59 microserver sshd[30698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.233.70.19 Aug 7 00:18:01 microserver sshd[30698]: Failed password for invalid user rolph from 193.233.70.19 port 6118 ssh2 Aug 7 00:23:07 microserver sshd[31459]: Invalid user buero from 193.233.70.19 port 9003 Aug 7 00:23:07	2019-08-07 06:48:04
93.51.241.216	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-06 20:51:54,661 INFO [shellcode_manager] (93.51.241.216) no match, writing hexdump (06cb1cdc794ded1faa9f8ed0bf4f6df0 :10711) - SMB (Unknown)	2019-08-07 06:53:25
138.186.135.240	attackbotsspam	Aug 6 23:28:53 tamoto postfix/smtpd[31473]: connect from unknown[138.186.135.240] Aug 6 23:28:54 tamoto postfix/smtpd[31473]: warning: unknown[138.186.135.240]: SASL PLAIN authentication failed: authentication failure Aug 6 23:28:54 tamoto postfix/smtpd[31473]: warning: unknown[138.186.135.240]: SASL PLAIN authentication failed: authentication failure Aug 6 23:28:55 tamoto postfix/smtpd[31473]: warning: unknown[138.186.135.240]: SASL PLAIN authentication failed: authentication failure Aug 6 23:28:55 tamoto postfix/smtpd[31473]: warning: unknown[138.186.135.240]: SASL PLAIN authentication failed: authentication failure ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.186.135.240	2019-08-07 06:36:35
186.112.85.98	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-06 20:53:11,377 INFO [shellcode_manager] (186.112.85.98) no match, writing hexdump (d7c8e2a3988bdae188850b13eea8a146 :2964049) - MS17010 (EternalBlue)	2019-08-07 06:38:54
122.225.42.178	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-06 20:58:46,592 INFO [shellcode_manager] (122.225.42.178) no match, writing hexdump (a4f77032051a2cd8f41951ec198a5295 :1969762) - MS17010 (EternalBlue)	2019-08-07 06:26:22
173.249.59.104	attackspambots	Aug 6 20:32:59 srv00 sshd[46208]: fatal: Unable to negotiate whostnameh 173.249.59.104 port 59922: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Aug 6 20:33:07 srv00 sshd[46222]: fatal: Unable to negotiate whostnameh 173.249.59.104 port 45336: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Aug 6 20:33:14 srv00 sshd[46225]: fatal: Unable to negotiate whostnameh 173.249.59.104 port 58972: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Aug 6 20:33:23 srv00 sshd[46227]: fatal: Unable to negotiate whostnameh 173.249.59.104 port 44376: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman........ ------------------------------	2019-08-07 06:18:17
118.191.216.250	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-06 20:14:20,074 INFO [amun_request_handler] PortScan Detected on Port: 445 (118.191.216.250)	2019-08-07 06:28:15
206.189.55.217	attackspam	28015/tcp 5632/tcp 2376/tcp... [2019-08-02/06]8pkt,8pt.(tcp)	2019-08-07 07:05:07
110.139.130.99	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-06 20:07:25,699 INFO [amun_request_handler] PortScan Detected on Port: 445 (110.139.130.99)	2019-08-07 06:52:26
187.62.151.67	attackbotsspam	failed_logins	2019-08-07 06:45:04
221.162.255.82	attack	Aug 6 23:03:44 ns341937 sshd[5123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.162.255.82 Aug 6 23:03:47 ns341937 sshd[5123]: Failed password for invalid user fabian from 221.162.255.82 port 32928 ssh2 Aug 6 23:50:02 ns341937 sshd[13825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.162.255.82 ...	2019-08-07 06:22:46

最近上报的IP列表

159.149.160.72	104.26.13.137	104.26.13.14	104.26.13.138
104.26.13.139	104.26.13.140	104.26.13.143	104.26.13.142
104.26.13.144	104.26.13.145	104.26.13.146	104.26.13.149
104.26.13.147	104.26.13.15	104.26.13.150	104.26.13.153
104.26.13.151	104.26.13.154	104.26.13.155	104.26.13.152