248.48.1.140 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 248.48.1.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49523
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;248.48.1.140.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021901 1800 900 604800 86400

;; Query time: 163 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 03:57:00 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

Host 140.1.48.248.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.1.48.248.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
111.253.218.144	attackbotsspam	Unauthorized access to SSH at 8/Sep/2019:19:26:12 +0000.	2019-09-09 11:27:06
207.154.192.36	attack	$f2bV_matches	2019-09-09 11:31:47
187.120.134.81	attack	$f2bV_matches	2019-09-09 11:30:35
141.98.9.5	attack	Sep 9 05:31:43 webserver postfix/smtpd\[8099\]: warning: unknown\[141.98.9.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 05:32:28 webserver postfix/smtpd\[8099\]: warning: unknown\[141.98.9.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 05:33:15 webserver postfix/smtpd\[8099\]: warning: unknown\[141.98.9.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 05:34:02 webserver postfix/smtpd\[8099\]: warning: unknown\[141.98.9.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 9 05:34:48 webserver postfix/smtpd\[8065\]: warning: unknown\[141.98.9.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-09 11:34:38
198.108.66.99	attackspambots	8888/tcp 22/tcp 82/tcp... [2019-07-14/09-08]14pkt,6pt.(tcp),2pt.(udp)	2019-09-09 11:04:46
172.96.81.181	attackbotsspam	WordPress XMLRPC scan :: 172.96.81.181 0.192 BYPASS [09/Sep/2019:05:26:07 1000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 382 "https://www.[censored_1]/" "PHP/5.3.38"	2019-09-09 11:31:31
138.68.208.159	attack	SASL Brute Force	2019-09-09 11:31:02
207.154.227.200	attackbots	Sep 8 19:54:52 game-panel sshd[20917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.227.200 Sep 8 19:54:54 game-panel sshd[20917]: Failed password for invalid user deploy from 207.154.227.200 port 60558 ssh2 Sep 8 19:59:09 game-panel sshd[21101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.227.200	2019-09-09 11:13:28
185.244.25.230	attack	scan z	2019-09-09 11:03:01
218.188.210.214	attackbotsspam	2019-09-08T23:33:44.490764abusebot-7.cloudsearch.cf sshd\[28950\]: Invalid user sinusbot from 218.188.210.214 port 38206	2019-09-09 11:27:54
138.68.101.199	attackspambots	Sep 8 23:06:40 server sshd\[8616\]: Invalid user bot123 from 138.68.101.199 port 51876 Sep 8 23:06:40 server sshd\[8616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.101.199 Sep 8 23:06:42 server sshd\[8616\]: Failed password for invalid user bot123 from 138.68.101.199 port 51876 ssh2 Sep 8 23:10:11 server sshd\[28076\]: Invalid user a from 138.68.101.199 port 37498 Sep 8 23:10:11 server sshd\[28076\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.101.199	2019-09-09 11:00:12
165.22.58.108	attackspambots	Sep 8 09:56:54 kapalua sshd\[5357\]: Invalid user ftp123 from 165.22.58.108 Sep 8 09:56:54 kapalua sshd\[5357\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.58.108 Sep 8 09:56:56 kapalua sshd\[5357\]: Failed password for invalid user ftp123 from 165.22.58.108 port 41536 ssh2 Sep 8 10:01:26 kapalua sshd\[5821\]: Invalid user 123456 from 165.22.58.108 Sep 8 10:01:26 kapalua sshd\[5821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.58.108	2019-09-09 11:48:52
198.108.66.164	attackbotsspam	591/tcp 1521/tcp 1911/tcp... [2019-07-18/09-08]15pkt,8pt.(tcp),1pt.(udp)	2019-09-09 11:08:00
177.75.111.61	attack	$f2bV_matches	2019-09-09 11:08:35
124.74.131.106	attack	[SunSep0821:25:58.1932582019][:error][pid26868:tid47825462339328][client124.74.131.106:55673][client124.74.131.106]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\$\\|\?=\?f$\?:open\\|write$\?\\\\\\\\$\\|\\\\\\\\b\(\?:passthru\\|serialize\\|php_uname\\|phpinfo\\|shell_exec\\|preg_\\\\\\\\w \\|mysql_query\\|exec\\|eval\\|base64_decode\\|decode_base64\\|rot13\\|base64_url_decode\\|gz\(\?:inflate\\|decode\\|uncompress$\\|strrev\\|zlib_\\\\\\\\w \)\\\\\\\\b\?$\?..."atARGS:admin.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"767"][id"340095"][rev"53"][msg"Atomicorp.comWAFRules:AttackBlocked-PHPfunctioninArgument-thismaybeanattack."][data"die\(@md5\,ARGS:admin"][severity"CRITICAL"][hostname"148.251.104.84"][uri"/App.php"][unique_id"XXVVxnXRRDaOkurNzma-DwAAAMU"][SunSep0821:26:29.9051722019][:error][pid26868:tid47825547187968][client124.74.131.106:63148][client124.74.131.106]ModSecurity:Accessdeniedwithcode403\(phase2$.Pa	2019-09-09 11:12:15

最近上报的IP列表

238.225.102.138	114.68.243.216	66.180.206.22	188.69.237.197
168.22.53.15	49.137.28.186	56.19.143.220	225.57.243.195
214.117.144.208	97.246.251.253	220.145.115.129	6.82.203.96
219.186.144.147	48.21.16.10	101.53.90.188	74.122.95.177
26.34.37.15	14.222.169.22	172.242.29.165	3.216.233.83