104.26.12.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.26.12.141	attack	From: "Amazon.com" Amazon account phishing/fraud - MALICIOUS REDIRECT UBE aimanbauk ([40.87.105.33]) Microsoft Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT: - sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304 - amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google	2020-07-30 03:35:15

Type

Details

Datetime

104.26.12.141

attack

From: "Amazon.com" 
Amazon account phishing/fraud - MALICIOUS REDIRECT

UBE aimanbauk ([40.87.105.33]) Microsoft

Spam link parg.co = 178.238.224.248 Contabo GmbH – BLACKLISTED MALICIOUS REDIRECT:
-	sum.vn = 104.26.12.141, 104.26.13.141, 172.67.73.189 Cloudflare – blacklisted see https://www.phishtank.com/phish_detail.php?phish_id=6360304
-	amazon.verification.kozow.com = 94.249.167.244 GHOSTnet GmbH – blacklisted see https://transparencyreport.google.com/safe-browsing/search?url=http%3A%2F%2Famazon.verification.kozow.com%2F%3F16shop

SPF fxamplwo395845.com = aspmx.l.google.com 108.177.15.26, 108.177.15.27 Google

2020-07-30 03:35:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.26.12.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.26.12.48.			IN	A

;; AUTHORITY SECTION:
.			542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 04:03:19 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 48.12.26.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.12.26.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.73.235.149	attackbots	Nov 22 14:51:48 server sshd\[18601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.73.235.149 user=root Nov 22 14:51:50 server sshd\[18601\]: Failed password for root from 49.73.235.149 port 56327 ssh2 Nov 22 15:21:48 server sshd\[26262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.73.235.149 user=root Nov 22 15:21:50 server sshd\[26262\]: Failed password for root from 49.73.235.149 port 51448 ssh2 Nov 22 15:26:22 server sshd\[27411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.73.235.149 user=root ...	2019-11-22 22:16:57
49.88.112.71	attackbotsspam	2019-11-22T14:53:03.725333abusebot-6.cloudsearch.cf sshd\[7040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root	2019-11-22 22:54:00
171.67.70.184	attack	" "	2019-11-22 22:19:00
158.69.223.91	attack	Invalid user fayth from 158.69.223.91 port 39602	2019-11-22 22:52:20
118.99.100.199	attack	Unauthorized connection attempt from IP address 118.99.100.199 on Port 445(SMB)	2019-11-22 22:48:54
137.74.171.160	attackbots	Nov 22 09:38:23 sd-53420 sshd\[1672\]: Invalid user dbus from 137.74.171.160 Nov 22 09:38:23 sd-53420 sshd\[1672\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.171.160 Nov 22 09:38:26 sd-53420 sshd\[1672\]: Failed password for invalid user dbus from 137.74.171.160 port 33154 ssh2 Nov 22 09:41:46 sd-53420 sshd\[2717\]: Invalid user caila from 137.74.171.160 Nov 22 09:41:46 sd-53420 sshd\[2717\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.171.160 ...	2019-11-22 22:12:18
89.37.56.138	attackbots	Absender hat Spam-Falle ausgel?st	2019-11-22 22:41:30
196.157.4.221	attack	Unauthorized connection attempt from IP address 196.157.4.221 on Port 445(SMB)	2019-11-22 22:30:37
27.75.143.244	attackbotsspam	Unauthorized connection attempt from IP address 27.75.143.244 on Port 445(SMB)	2019-11-22 22:20:23
185.143.223.149	attackspam	Port scan on 11 port(s): 33138 33157 33171 33197 33273 33478 33547 33588 33692 33761 33924	2019-11-22 22:57:08
113.87.160.180	attack	Unauthorized connection attempt from IP address 113.87.160.180 on Port 445(SMB)	2019-11-22 22:29:43
176.31.217.184	attackbots	<6 unauthorized SSH connections	2019-11-22 22:21:26
113.165.166.144	attackbots	Unauthorized connection attempt from IP address 113.165.166.144 on Port 445(SMB)	2019-11-22 22:34:53
116.236.185.64	attackbots	Invalid user jerrylee from 116.236.185.64 port 3138	2019-11-22 22:33:59
36.68.237.102	attackspambots	Unauthorized connection attempt from IP address 36.68.237.102 on Port 445(SMB)	2019-11-22 22:44:13

Recently Reported IPs

104.26.12.46	104.26.12.5	104.26.12.47	104.26.12.52
104.26.12.50	104.26.12.53	104.26.12.58	104.26.12.59
104.26.12.51	104.26.12.55	104.26.12.57	104.26.12.54
104.26.12.61	104.26.12.60	104.26.12.6	104.26.12.62
104.26.12.65	104.26.12.63	104.26.12.64	104.26.12.67