104.21.54.252 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.54.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12543
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.21.54.252.			IN	A

;; AUTHORITY SECTION:
.			111	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 10:13:09 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 252.54.21.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.54.21.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
134.180.154.14	attack	TCP (SYN) 134.180.154.14:53494 -> port 23, len 44	2020-09-04 04:29:32
182.50.29.236	attackspambots	Port Scan ...	2020-09-04 04:20:40
62.171.161.187	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-03T20:17:57Z and 2020-09-03T20:17:57Z	2020-09-04 04:24:32
187.190.189.68	attack	TCP (SYN) 187.190.189.68:42168 -> port 445, len 48	2020-09-04 04:27:40
188.166.60.28	attackbots	Unauthorized connection attempt detected from IP address 188.166.60.28 to port 23 [T]	2020-09-04 04:14:40
147.158.42.247	attackbots	SS5,WP GET /wp-login.php	2020-09-04 04:29:02
125.211.119.98	attackspambots	TCP (SYN) 125.211.119.98:59792 -> port 1433, len 52	2020-09-04 04:21:42
194.87.139.159	attackspam	DATE:2020-09-03 21:38:21, IP:194.87.139.159, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-04 04:19:16
190.114.246.149	attack	TCP (SYN) 190.114.246.149:54270 -> port 445, len 52	2020-09-04 04:14:24
71.6.232.9	attack	srvr3: (mod_security) mod_security (id:920350) triggered by 71.6.232.9 (US/United States/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/03 15:39:46 [error] 365944#0: 1926 [client 71.6.232.9] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "15991403863.514882"] [ref "o0,11v21,11"], client: 71.6.232.9, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-04 04:07:01
2.58.12.26	attackbotsspam	9/2/2020 5:03am Session activity: Incorrect password entered	2020-09-04 04:37:11
118.76.188.43	attackspam	(Sep 3) LEN=40 TTL=46 ID=35780 TCP DPT=8080 WINDOW=59479 SYN (Sep 3) LEN=40 TTL=46 ID=55373 TCP DPT=8080 WINDOW=54094 SYN (Sep 2) LEN=40 TTL=46 ID=57650 TCP DPT=8080 WINDOW=54094 SYN (Sep 2) LEN=40 TTL=46 ID=15088 TCP DPT=8080 WINDOW=59479 SYN (Sep 2) LEN=40 TTL=46 ID=25431 TCP DPT=8080 WINDOW=59479 SYN (Sep 2) LEN=40 TTL=46 ID=2325 TCP DPT=8080 WINDOW=59479 SYN (Sep 1) LEN=40 TTL=46 ID=61807 TCP DPT=8080 WINDOW=54094 SYN (Aug 31) LEN=40 TTL=46 ID=30372 TCP DPT=8080 WINDOW=54094 SYN (Aug 30) LEN=40 TTL=46 ID=60720 TCP DPT=8080 WINDOW=59479 SYN (Aug 30) LEN=40 TTL=46 ID=54456 TCP DPT=8080 WINDOW=54094 SYN	2020-09-04 04:02:39
220.164.226.212	attackbotsspam	TCP (SYN) 220.164.226.212:65307 -> port 1433, len 48	2020-09-04 04:18:45
192.99.175.184	attack	TCP (SYN) 192.99.175.184:27179 -> port 1080, len 60	2020-09-04 04:19:36
51.158.111.157	attack	Sep 3 22:08:31 icinga sshd[4997]: Failed password for root from 51.158.111.157 port 45228 ssh2 Sep 3 22:08:33 icinga sshd[4997]: Failed password for root from 51.158.111.157 port 45228 ssh2 Sep 3 22:08:35 icinga sshd[4997]: Failed password for root from 51.158.111.157 port 45228 ssh2 Sep 3 22:08:38 icinga sshd[4997]: Failed password for root from 51.158.111.157 port 45228 ssh2 ...	2020-09-04 04:32:20

最近上报的IP列表

104.21.54.245	104.21.54.40	104.21.54.49	104.21.54.48
104.21.54.7	104.21.54.51	104.21.54.91	104.21.54.80
104.21.54.98	13.225.71.36	104.21.55.103	104.21.54.93
104.21.54.87	104.21.55.10	104.21.55.111	101.175.60.224
104.21.55.121	104.21.55.138	104.21.55.159	104.21.55.167