必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
暂无关于此IP的讨论, 沙发请点上方按钮
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.22.21.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45485
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.22.21.195.			IN	A

;; AUTHORITY SECTION:
.			96	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400

;; Query time: 85 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 03:27:59 CST 2022
;; MSG SIZE  rcvd: 106
HOST信息:
Host 195.21.22.104.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 195.21.22.104.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
1.161.121.195 attackspam
37215/tcp
[2019-06-23]1pkt
2019-06-24 00:52:19
162.243.149.130 attackbots
27357/tcp 59911/tcp 41498/tcp...
[2019-04-22/06-23]64pkt,50pt.(tcp),3pt.(udp)
2019-06-24 00:09:31
201.33.18.201 attackspambots
firewall-block, port(s): 445/tcp
2019-06-24 00:58:45
206.253.226.18 attack
Automatic report - Web App Attack
2019-06-24 01:05:10
190.7.146.165 attackbots
Jun 22 22:52:11 rama sshd[683530]: Address 190.7.146.165 maps to dinamic-cable-190-7-146-165.epm.net.co, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jun 22 22:52:11 rama sshd[683530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.7.146.165  user=r.r
Jun 22 22:52:12 rama sshd[683530]: Failed password for r.r from 190.7.146.165 port 57489 ssh2
Jun 22 22:52:13 rama sshd[683530]: Received disconnect from 190.7.146.165: 11: Bye Bye [preauth]
Jun 22 22:58:28 rama sshd[684925]: Address 190.7.146.165 maps to dinamic-cable-190-7-146-165.epm.net.co, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jun 22 22:58:28 rama sshd[684925]: Invalid user admin from 190.7.146.165
Jun 22 22:58:28 rama sshd[684925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.7.146.165 
Jun 22 22:58:30 rama sshd[684925]: Failed password for invalid user admin from 190.........
-------------------------------
2019-06-24 00:33:22
58.215.198.2 attack
Jun 23 12:52:45 diego dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 9 secs\): user=\, method=PLAIN, rip=58.215.198.2, lip=172.104.242.163, TLS, session=\<0DrJp/qL3sU618YC\>
...
2019-06-24 00:10:29
116.203.68.175 attackbots
20 attempts against mh-ssh on milky.magehost.pro
2019-06-24 00:49:25
109.234.38.15 attack
Jun 22 17:22:51 josie sshd[13245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.234.38.15  user=r.r
Jun 22 17:22:53 josie sshd[13245]: Failed password for r.r from 109.234.38.15 port 51976 ssh2
Jun 22 17:22:53 josie sshd[13253]: Received disconnect from 109.234.38.15: 11: Bye Bye
Jun 22 17:25:03 josie sshd[15677]: Invalid user admin from 109.234.38.15
Jun 22 17:25:03 josie sshd[15677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.234.38.15 
Jun 22 17:25:05 josie sshd[15677]: Failed password for invalid user admin from 109.234.38.15 port 48512 ssh2
Jun 22 17:25:05 josie sshd[15679]: Received disconnect from 109.234.38.15: 11: Bye Bye
Jun 22 17:26:11 josie sshd[16721]: Invalid user admin from 109.234.38.15
Jun 22 17:26:11 josie sshd[16721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.234.38.15 
Jun 22 17:26:13 josie sshd[16721]: Fai........
-------------------------------
2019-06-24 00:34:49
185.208.208.198 attackbotsspam
Jun 23 16:47:31 box kernel: [418373.838069] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=185.208.208.198 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=2900 PROTO=TCP SPT=47705 DPT=6018 WINDOW=1024 RES=0x00 SYN URGP=0 
Jun 23 17:17:55 box kernel: [420197.599773] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=185.208.208.198 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=46665 PROTO=TCP SPT=47705 DPT=13340 WINDOW=1024 RES=0x00 SYN URGP=0 
Jun 23 17:46:55 box kernel: [421937.919640] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=185.208.208.198 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=20906 PROTO=TCP SPT=47705 DPT=15158 WINDOW=1024 RES=0x00 SYN URGP=0 
Jun 23 17:49:19 box kernel: [422082.443763] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=185.208.208.198 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=32349 PROTO=TCP SPT=47705 DPT=6886 WINDOW=1024 RES=0x00 SYN URGP=0 
Jun 23 17:49:48 box kernel: [422110.982563] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=185.208.208.198 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 T
2019-06-24 00:34:20
89.255.243.139 attackspam
89.255.243.139 - - \[23/Jun/2019:15:15:11 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
89.255.243.139 - - \[23/Jun/2019:15:15:11 +0200\] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
89.255.243.139 - - \[23/Jun/2019:15:15:12 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
89.255.243.139 - - \[23/Jun/2019:15:15:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
89.255.243.139 - - \[23/Jun/2019:15:15:13 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
89.255.243.139 - - \[23/Jun/2019:15:15:13 +0200\] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:6
2019-06-24 00:21:34
164.132.192.219 attackspam
Jun 23 09:56:49 server1 sshd\[15255\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.192.219  user=nagios
Jun 23 09:56:52 server1 sshd\[15255\]: Failed password for nagios from 164.132.192.219 port 35881 ssh2
Jun 23 09:58:04 server1 sshd\[15648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.192.219  user=ubuntu
Jun 23 09:58:06 server1 sshd\[15648\]: Failed password for ubuntu from 164.132.192.219 port 42930 ssh2
Jun 23 09:59:16 server1 sshd\[15956\]: Invalid user jocelyn from 164.132.192.219
...
2019-06-24 00:23:40
106.75.2.81 attackspambots
1561283460 - 06/23/2019 16:51:00 Host: 106.75.2.81/106.75.2.81 Port: 67 TCP Blocked
...
2019-06-24 00:49:54
81.89.56.241 attackspambots
SSH-BRUTEFORCE
2019-06-24 00:10:05
186.223.229.247 attackspam
SSH/22 MH Probe, BF, Hack -
2019-06-24 00:17:10
91.236.116.253 attackbotsspam
TCP port 445 (SMB) attempt blocked by firewall. [2019-06-23 11:51:53]
2019-06-24 00:06:03

最近上报的IP列表

104.22.21.176 104.22.21.175 104.22.21.207 104.22.21.209
104.22.21.199 104.22.21.214 104.22.21.213 104.22.21.218
104.22.21.220 104.22.21.217 104.22.21.227 104.22.21.247
104.22.21.231 104.22.21.233 104.22.21.254 104.22.21.76
104.22.21.74 104.22.21.95 104.22.22.117 104.22.22.102