68.100.148.45 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 68.100.148.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20208
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;68.100.148.45.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022600 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 26 19:14:56 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

45.148.100.68.in-addr.arpa domain name pointer ip68-100-148-45.dc.dc.cox.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.148.100.68.in-addr.arpa	name = ip68-100-148-45.dc.dc.cox.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
219.124.144.179	attackbotsspam	(Sep 26) LEN=40 PREC=0x20 TTL=39 ID=2450 TCP DPT=8080 WINDOW=34628 SYN (Sep 25) LEN=40 PREC=0x20 TTL=40 ID=63806 TCP DPT=8080 WINDOW=34628 SYN (Sep 25) LEN=40 PREC=0x20 TTL=39 ID=53888 TCP DPT=8080 WINDOW=34628 SYN (Sep 25) LEN=40 PREC=0x20 TTL=39 ID=42296 TCP DPT=8080 WINDOW=34628 SYN (Sep 25) LEN=40 PREC=0x20 TTL=39 ID=42983 TCP DPT=8080 WINDOW=34628 SYN (Sep 25) LEN=40 PREC=0x20 TTL=39 ID=48972 TCP DPT=8080 WINDOW=34628 SYN (Sep 24) LEN=40 PREC=0x20 TTL=39 ID=62657 TCP DPT=8080 WINDOW=34628 SYN (Sep 23) LEN=40 PREC=0x20 TTL=39 ID=21585 TCP DPT=8080 WINDOW=34628 SYN (Sep 23) LEN=40 PREC=0x20 TTL=39 ID=32306 TCP DPT=8080 WINDOW=34628 SYN	2019-09-26 14:54:58
111.231.94.138	attack	Sep 26 08:50:43 OPSO sshd\[16849\]: Invalid user earl from 111.231.94.138 port 44722 Sep 26 08:50:43 OPSO sshd\[16849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.94.138 Sep 26 08:50:44 OPSO sshd\[16849\]: Failed password for invalid user earl from 111.231.94.138 port 44722 ssh2 Sep 26 08:55:21 OPSO sshd\[17436\]: Invalid user murai1 from 111.231.94.138 port 54240 Sep 26 08:55:21 OPSO sshd\[17436\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.94.138	2019-09-26 15:14:07
37.44.252.211	attack	B: Magento admin pass test (wrong country)	2019-09-26 15:29:58
210.56.194.73	attackspam	Sep 23 08:25:09 rb06 sshd[4148]: Failed password for invalid user abuse from 210.56.194.73 port 55501 ssh2 Sep 23 08:25:10 rb06 sshd[4148]: Received disconnect from 210.56.194.73: 11: Bye Bye [preauth] Sep 23 08:35:21 rb06 sshd[17898]: Failed password for invalid user admin from 210.56.194.73 port 55276 ssh2 Sep 23 08:35:21 rb06 sshd[17898]: Received disconnect from 210.56.194.73: 11: Bye Bye [preauth] Sep 23 08:41:25 rb06 sshd[8915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.56.194.73 user=list Sep 23 08:41:27 rb06 sshd[8915]: Failed password for list from 210.56.194.73 port 42917 ssh2 Sep 23 08:41:27 rb06 sshd[8915]: Received disconnect from 210.56.194.73: 11: Bye Bye [preauth] Sep 23 08:46:42 rb06 sshd[13904]: Failed password for invalid user dighostnameal from 210.56.194.73 port 58791 ssh2 Sep 23 08:46:42 rb06 sshd[13904]: Received disconnect from 210.56.194.73: 11: Bye Bye [preauth] Sep 23 08:52:00 rb06 sshd[16946]........ -------------------------------	2019-09-26 15:29:26
106.245.160.140	attack	Sep 26 08:27:47 dedicated sshd[6940]: Invalid user ljy from 106.245.160.140 port 55170	2019-09-26 14:49:43
95.154.18.99	attackspam	RDPBruteGSL24	2019-09-26 15:29:13
167.114.152.139	attackspam	$f2bV_matches	2019-09-26 15:10:54
110.49.4.5	attack	SPF Fail sender not permitted to send mail for @lrmmotors.it / Sent mail to address hacked/leaked from Dailymotion	2019-09-26 14:52:42
114.40.158.126	attack	" "	2019-09-26 15:04:48
104.236.39.136	attack	Sep 25 20:09:40 lcdev sshd\[5779\]: Invalid user ts3 from 104.236.39.136 Sep 25 20:09:40 lcdev sshd\[5779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.39.136 Sep 25 20:09:42 lcdev sshd\[5779\]: Failed password for invalid user ts3 from 104.236.39.136 port 57822 ssh2 Sep 25 20:10:14 lcdev sshd\[5821\]: Invalid user teamspeak3 from 104.236.39.136 Sep 25 20:10:14 lcdev sshd\[5821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.39.136	2019-09-26 15:10:03
45.142.195.5	attackspambots	Sep 26 09:09:05 relay postfix/smtpd\[14895\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 26 09:09:39 relay postfix/smtpd\[22325\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 26 09:10:00 relay postfix/smtpd\[14895\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 26 09:10:34 relay postfix/smtpd\[22325\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 26 09:10:56 relay postfix/smtpd\[10454\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-26 15:17:24
140.255.147.213	attackspam	[ThuSep2605:51:42.4144672019][:error][pid12359:tid46955285743360][client140.255.147.213:49903][client140.255.147.213]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\^Mozilla/4\\\\\\\\.0\\\\\\\\$compatible\;MSIE9.0\;WindowsNT6.1\\\\\\\\$\$"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"430"][id"336656"][rev"2"][msg"Atomicorp.comWAFRules:FakeMSIE9./0browserMozilla/4.0$compatible\;MSIE9.0\;WindowsNT6.1$."][severity"CRITICAL"][hostname"www.agcalposatutto.ch"][uri"/"][unique_id"XYw1zhvHVx6TzhtkpqEjDAAAAA8"]\,referer:http://www.agcalposatutto.ch/[ThuSep2605:51:42.7870782019][:error][pid12359:tid46955285743360][client140.255.147.213:49903][client140.255.147.213]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\$\\|\?=\?f$\?:open\\|write$\?\\\\\\\\\(\\|\\\\\\\\b\(\?:passthru\\|serialize\\|php_uname\\|phpinfo\\|shell_exec\\|preg_\\\\\\\\w \\|mysql_query\\|exec\\|eval\\|bas	2019-09-26 14:57:44
149.202.223.136	attack	\[2019-09-26 02:49:40\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '149.202.223.136:52991' - Wrong password \[2019-09-26 02:49:40\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-26T02:49:40.567-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3433",SessionID="0x7f1e1c011788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/149.202.223.136/52991",Challenge="14428c0a",ReceivedChallenge="14428c0a",ReceivedHash="cea6d0358d70f6a8fbc55cb36cd350f2" \[2019-09-26 02:49:55\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '149.202.223.136:58874' - Wrong password \[2019-09-26 02:49:55\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-26T02:49:55.447-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="88654321",SessionID="0x7f1e1c0e2d88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/149.202.223.136	2019-09-26 15:10:30
103.89.88.64	attack	Sep 26 06:56:00 heicom postfix/smtpd\[16038\]: warning: unknown\[103.89.88.64\]: SASL LOGIN authentication failed: authentication failure Sep 26 06:56:01 heicom postfix/smtpd\[16038\]: warning: unknown\[103.89.88.64\]: SASL LOGIN authentication failed: authentication failure Sep 26 06:56:02 heicom postfix/smtpd\[16038\]: warning: unknown\[103.89.88.64\]: SASL LOGIN authentication failed: authentication failure Sep 26 06:56:04 heicom postfix/smtpd\[16038\]: warning: unknown\[103.89.88.64\]: SASL LOGIN authentication failed: authentication failure Sep 26 06:56:05 heicom postfix/smtpd\[16038\]: warning: unknown\[103.89.88.64\]: SASL LOGIN authentication failed: authentication failure ...	2019-09-26 15:07:16
119.130.169.138	attack	Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=64073 TCP DPT=8080 WINDOW=64900 SYN Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=62156 TCP DPT=8080 WINDOW=12877 SYN Unauthorised access (Sep 26) SRC=119.130.169.138 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=25233 TCP DPT=8080 WINDOW=64900 SYN	2019-09-26 14:53:03

最近上报的IP列表

26.10.61.237	85.192.220.193	68.51.187.162	171.45.213.20
114.6.69.76	62.215.214.29	28.111.157.244	72.247.191.225
198.70.108.91	211.62.82.135	215.221.248.20	234.88.48.34
248.96.155.230	74.125.46.225	120.178.234.100	175.208.39.47
170.225.229.135	40.136.186.202	28.81.241.26	35.96.96.82