4.48.254.141 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 4.48.254.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52428
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;4.48.254.141.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025010300 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 15:43:23 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

Host 141.254.48.4.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

server can't find 4.48.254.141.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
196.203.108.34	attack	Unauthorised access (Aug 12) SRC=196.203.108.34 LEN=52 TOS=0x10 PREC=0x40 TTL=107 ID=8357 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-13 00:53:20
217.172.104.240	attackbotsspam	Aug1214:38:24server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=217.172.104.240DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=54ID=31390PROTO=TCPSPT=30118DPT=23WINDOW=4302RES=0x00SYNURGP=0Aug1214:38:28server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=217.172.104.240DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=54ID=31390PROTO=TCPSPT=30118DPT=23WINDOW=4302RES=0x00SYNURGP=0Aug1214:38:29server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=217.172.104.240DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=54ID=31390PROTO=TCPSPT=30118DPT=23WINDOW=4302RES=0x00SYNURGP=0Aug1214:38:31server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:43:52:54:00:a2:7f:43:08:00SRC=217.172.104.240DST=136.243.224.58LEN=40TOS=0x00PREC=0x00TTL=54ID=31390PROTO=TCPSPT=30118DPT=23WINDOW=4302RES=0x00SYNURGP=0Aug1214:38:32server2kernel:Firewall:\TCP_INBlocked\IN=eth0OUT=MAC=00:16:3e:3f:7a:4	2020-08-13 00:42:30
187.189.241.135	attackbotsspam	Aug 12 17:12:27 rancher-0 sshd[1022439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.241.135 user=root Aug 12 17:12:29 rancher-0 sshd[1022439]: Failed password for root from 187.189.241.135 port 3496 ssh2 ...	2020-08-13 00:40:33
92.222.79.157	attackbots	Aug 12 14:38:31 hidden sshd[51437]: Failed password for hidden from 92.222.79.157 port 41192 ssh2 Aug 12 14:42:58 hidden sshd[61916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.79.157 user=root Aug 12 14:43:00 hidden sshd[61916]: Failed password for hidden from 92.222.79.157 port 51710 ssh2 Aug 12 14:47:23 hidden sshd[7314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.79.157 user=root Aug 12 14:47:25 hidden sshd[7314]: Failed password for hidden from 92.222.79.157 port 33988 ssh2	2020-08-13 01:00:58
222.186.175.154	attackbots	Aug 12 19:03:04 nextcloud sshd\[20514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Aug 12 19:03:06 nextcloud sshd\[20514\]: Failed password for root from 222.186.175.154 port 48670 ssh2 Aug 12 19:03:24 nextcloud sshd\[20713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root	2020-08-13 01:05:08
51.77.200.4	attackbots	Aug 10 07:32:09 Horstpolice sshd[13828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.200.4 user=r.r Aug 10 07:32:11 Horstpolice sshd[13828]: Failed password for r.r from 51.77.200.4 port 45774 ssh2 Aug 10 07:32:11 Horstpolice sshd[13828]: Received disconnect from 51.77.200.4 port 45774:11: Bye Bye [preauth] Aug 10 07:32:11 Horstpolice sshd[13828]: Disconnected from 51.77.200.4 port 45774 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=51.77.200.4	2020-08-13 00:50:39
5.196.8.72	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-08-13 00:33:26
200.54.78.178	attackspam	$f2bV_matches	2020-08-13 00:32:51
122.182.245.143	attackspambots	WordPress XMLRPC scan :: 122.182.245.143 0.368 - [12/Aug/2020:12:39:32 0000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 503 18225 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "HTTP/1.1"	2020-08-13 00:58:44
180.76.54.86	attack	Fail2Ban - SSH Bruteforce Attempt	2020-08-13 00:28:04
47.201.10.192	attackspam	IP 47.201.10.192 attacked honeypot on port: 23 at 8/12/2020 5:39:06 AM	2020-08-13 00:41:06
141.85.216.231	attack	141.85.216.231 - - [12/Aug/2020:16:18:16 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 141.85.216.231 - - [12/Aug/2020:16:18:16 +0200] "POST /wp-login.php HTTP/1.1" 200 1811 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 141.85.216.231 - - [12/Aug/2020:16:18:16 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 141.85.216.231 - - [12/Aug/2020:16:18:17 +0200] "POST /wp-login.php HTTP/1.1" 200 1799 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 141.85.216.231 - - [12/Aug/2020:16:18:17 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 141.85.216.231 - - [12/Aug/2020:16:18:18 +0200] "POST /wp-login.php HTTP/1.1" 200 1798 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-08-13 00:55:14
106.54.56.45	attackspambots	srvr2: (mod_security) mod_security (id:920350) triggered by 106.54.56.45 (CN/-/-): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/12 14:40:04 [error] 3708#0: 18422 [client 106.54.56.45] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/TP/public/index.php"] [unique_id "159723600412.419418"] [ref "o0,12v40,12"], client: 106.54.56.45, [redacted] request: "GET /TP/public/index.php HTTP/1.1" [redacted]	2020-08-13 00:32:30
45.148.121.3	attackspam	Automatic report - Banned IP Access	2020-08-13 00:28:26
23.129.64.182	attackspambots	bruteforce detected	2020-08-13 00:52:26

最近上报的IP列表

197.198.221.29	109.164.3.138	92.165.87.125	240.188.191.88
248.177.184.199	3.39.83.157	192.168.31.177	58.137.242.142
208.10.35.0	144.80.150.0	171.208.197.113	10.10.111.10
85.1.132.100	125.166.16.211	10.36.76.01	21.7.95.244
124.65.8.52	123.160.122.100	148.135.184.231	69.171.249.112