104.21.4.71 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.4.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39767
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.21.4.71.			IN	A

;; AUTHORITY SECTION:
.			149	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 17 21:51:33 CST 2022
;; MSG SIZE  rcvd: 104

HOST信息:

Host 71.4.21.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 71.4.21.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
124.156.245.162	attack	[Sat Jun 13 00:16:26 2020] - DDoS Attack From IP: 124.156.245.162 Port: 34027	2020-07-13 03:24:39
61.151.130.22	attackbots	DATE:2020-07-12 20:38:10, IP:61.151.130.22, PORT:ssh SSH brute force auth (docker-dc)	2020-07-13 03:54:37
124.156.208.90	attackspam	[Fri Jun 12 12:29:21 2020] - DDoS Attack From IP: 124.156.208.90 Port: 38190	2020-07-13 03:27:03
184.105.247.240	attackspambots	TCP (SYN) 184.105.247.240:34135 -> port 548, len 40	2020-07-13 03:32:58
162.243.145.36	attackbots	[Fri Jun 12 05:30:59 2020] - DDoS Attack From IP: 162.243.145.36 Port: 35586	2020-07-13 03:28:40
212.64.43.52	attackbots	Jul 12 17:16:33 cp sshd[16534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.43.52	2020-07-13 03:46:20
106.12.197.165	attackspam	2020-07-12T08:36:18.489376morrigan.ad5gb.com sshd[1254326]: Failed password for invalid user yk from 106.12.197.165 port 41884 ssh2 2020-07-12T08:36:18.857927morrigan.ad5gb.com sshd[1254326]: Disconnected from invalid user yk 106.12.197.165 port 41884 [preauth]	2020-07-13 03:35:17
141.98.80.52	attack	Jul 12 20:45:18 mail postfix/smtpd\[24176\]: warning: unknown\[141.98.80.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 20:45:37 mail postfix/smtpd\[24176\]: warning: unknown\[141.98.80.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 21:16:07 mail postfix/smtpd\[24737\]: warning: unknown\[141.98.80.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 12 21:16:25 mail postfix/smtpd\[24737\]: warning: unknown\[141.98.80.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-07-13 03:30:21
54.37.235.195	attackbotsspam	$f2bV_matches	2020-07-13 03:41:57
222.186.175.151	attackspam	Jul 12 21:21:18 ns381471 sshd[12347]: Failed password for root from 222.186.175.151 port 39980 ssh2 Jul 12 21:21:30 ns381471 sshd[12347]: error: maximum authentication attempts exceeded for root from 222.186.175.151 port 39980 ssh2 [preauth]	2020-07-13 03:23:26
162.243.136.186	attack	[Wed Jun 10 05:55:45 2020] - DDoS Attack From IP: 162.243.136.186 Port: 40597	2020-07-13 03:51:17
149.129.254.65	attack	Invalid user comer from 149.129.254.65 port 43614	2020-07-13 03:22:03
185.53.88.236	attack	[2020-07-12 14:05:54] NOTICE[1150] chan_sip.c: Registration from '"804" ' failed for '185.53.88.236:5102' - Wrong password [2020-07-12 14:05:54] SECURITY[1167] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-12T14:05:54.666-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="804",SessionID="0x7fcb4c4c4328",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.236/5102",Challenge="7234b267",ReceivedChallenge="7234b267",ReceivedHash="d7a9de9fc803b6ffd7005700212006e6" [2020-07-12 14:05:54] NOTICE[1150] chan_sip.c: Registration from '"804" ' failed for '185.53.88.236:5102' - Wrong password [2020-07-12 14:05:54] SECURITY[1167] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-12T14:05:54.822-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="804",SessionID="0x7fcb4c25c888",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.8 ...	2020-07-13 03:45:36
184.105.247.194	attack	Unauthorized connection attempt detected from IP address 184.105.247.194 to port 23	2020-07-13 03:46:45
13.72.119.20	attackspambots	[SunJul1213:52:44.1718772020][:error][pid2266:tid47244872001280][client13.72.119.20:51795][client13.72.119.20]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"pet-com.it"][uri"/.env"][unique_id"Xwr5jHjsp77@OMxq1rnO7QAAAAk"][SunJul1213:52:46.7857102020][:error][pid2266:tid47244857292544][client13.72.119.20:51822][client13.72.119.20]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boo	2020-07-13 03:36:11

最近上报的IP列表

104.21.4.70	104.21.4.76	104.21.4.8	104.21.4.81
104.21.4.84	101.2.155.153	104.21.4.85	104.21.4.87
59.123.82.196	104.21.4.98	104.21.40.10	145.104.117.210
104.21.40.100	104.21.40.104	104.21.40.107	104.21.40.11
104.21.40.112	104.21.40.118	104.21.40.121	104.21.40.125