必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Zimbabwe

运营商(isp): Telone Pvt Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attackspambots
Lines containing failures of 197.221.254.2
Jul 13 16:57:36 mellenthin postfix/smtpd[5323]: connect from unknown[197.221.254.2]
Jul x@x
Jul 13 16:57:45 mellenthin postfix/smtpd[5323]: lost connection after DATA from unknown[197.221.254.2]
Jul 13 16:57:45 mellenthin postfix/smtpd[5323]: disconnect from unknown[197.221.254.2] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=197.221.254.2
2019-07-14 08:02:14
相同子网IP讨论:
IP 类型 评论内容 时间
197.221.254.22 attack
Port Scan detected!
...
2020-07-14 08:05:45
197.221.254.235 attack
Logged onto my email
2020-07-05 03:55:10
197.221.254.235 attackspam
"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:
2020-05-29 06:30:57
197.221.254.79 attack
Fail2Ban - HTTP Auth Bruteforce Attempt
2020-05-12 05:24:46
197.221.254.176 attackbotsspam
2019-03-12 20:37:49 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25129 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-03-12 20:38:40 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25137 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-03-12 20:39:11 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25138 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
...
2020-01-30 04:45:43
197.221.254.63 attack
Unauthorized connection attempt detected from IP address 197.221.254.63 to port 445
2019-12-11 21:32:25
197.221.254.96 attack
2019-11-20 14:13:49 H=(16.96.telone.co.zw) [197.221.254.96]:6050 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.96)
2019-11-20 14:13:49 unexpected disconnection while reading SMTP command from (16.96.telone.co.zw) [197.221.254.96]:6050 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-11-20 15:33:34 H=(16.96.telone.co.zw) [197.221.254.96]:6523 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.96)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=197.221.254.96
2019-11-21 00:42:21
197.221.254.6 attackspambots
2019-11-20 15:12:24 H=(16.6.telone.co.zw) [197.221.254.6]:31578 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.6)
2019-11-20 15:12:25 unexpected disconnection while reading SMTP command from (16.6.telone.co.zw) [197.221.254.6]:31578 I=[10.100.18.25]:25 (error: Connection reset by peer)
2019-11-20 15:29:34 H=(16.6.telone.co.zw) [197.221.254.6]:31622 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.6)

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=197.221.254.6
2019-11-20 22:54:01
197.221.254.40 attack
firewall-block, port(s): 1433/tcp
2019-11-20 00:40:13
197.221.254.172 attackspambots
Hello!

As you may have noticed, I sent you an email from your account.
This means that I have full access to your device.

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks...
2019-10-13 06:30:27
197.221.254.157 attack
Spam
2019-08-14 23:36:14
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.221.254.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18659
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.221.254.2.			IN	A

;; AUTHORITY SECTION:
.			2356	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071301 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 08:02:07 CST 2019
;; MSG SIZE  rcvd: 117
HOST信息:
2.254.221.197.in-addr.arpa domain name pointer 16.2.telone.co.zw.
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
2.254.221.197.in-addr.arpa	name = 16.2.telone.co.zw.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
38.78.210.125 attackbots
2020-04-14T14:07:04.278165rocketchat.forhosting.nl sshd[4447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.78.210.125
2020-04-14T14:07:04.274299rocketchat.forhosting.nl sshd[4447]: Invalid user neel from 38.78.210.125 port 55971
2020-04-14T14:07:06.117479rocketchat.forhosting.nl sshd[4447]: Failed password for invalid user neel from 38.78.210.125 port 55971 ssh2
...
2020-04-14 20:15:40
223.240.84.49 attackspambots
Apr 14 14:37:40 srv-ubuntu-dev3 sshd[87198]: Invalid user doliska from 223.240.84.49
Apr 14 14:37:40 srv-ubuntu-dev3 sshd[87198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.84.49
Apr 14 14:37:40 srv-ubuntu-dev3 sshd[87198]: Invalid user doliska from 223.240.84.49
Apr 14 14:37:42 srv-ubuntu-dev3 sshd[87198]: Failed password for invalid user doliska from 223.240.84.49 port 43520 ssh2
Apr 14 14:40:27 srv-ubuntu-dev3 sshd[87632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.84.49  user=root
Apr 14 14:40:29 srv-ubuntu-dev3 sshd[87632]: Failed password for root from 223.240.84.49 port 43094 ssh2
Apr 14 14:43:15 srv-ubuntu-dev3 sshd[88079]: Invalid user business from 223.240.84.49
Apr 14 14:43:15 srv-ubuntu-dev3 sshd[88079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.84.49
Apr 14 14:43:15 srv-ubuntu-dev3 sshd[88079]: Invalid user business
...
2020-04-14 20:45:43
175.107.212.12 attack
WordPress wp-login brute force :: 175.107.212.12 0.068 BYPASS [14/Apr/2020:12:15:28  0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2254 "https://[censored_2]/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
2020-04-14 20:58:23
45.134.179.57 attackbots
Apr 14 14:15:44 debian-2gb-nbg1-2 kernel: \[9125534.381377\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=22120 PROTO=TCP SPT=49134 DPT=33856 WINDOW=1024 RES=0x00 SYN URGP=0
2020-04-14 20:33:58
177.207.204.230 attackbots
Unauthorized connection attempt from IP address 177.207.204.230 on Port 445(SMB)
2020-04-14 20:32:56
45.155.125.123 attackspam
from bottlesenior.icu (camsa.mozambia.com [45.155.125.123]) by cauvin.org with ESMTP ; Tue, 14 Apr 2020 07:14:07 -0500
2020-04-14 20:49:29
172.96.205.199 attackbots
Apr 14 09:29:32 ws24vmsma01 sshd[155789]: Failed password for root from 172.96.205.199 port 56994 ssh2
...
2020-04-14 20:47:03
40.117.102.205 attackbotsspam
fail2ban - Attack against Apache (too many 404s)
2020-04-14 20:37:41
172.245.80.72 attackspam
Registration form abuse
2020-04-14 20:14:23
120.132.11.186 attack
Apr 14 08:31:22 srv206 sshd[18226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.11.186  user=root
Apr 14 08:31:25 srv206 sshd[18226]: Failed password for root from 120.132.11.186 port 35288 ssh2
Apr 14 08:40:47 srv206 sshd[18343]: Invalid user gennadi from 120.132.11.186
...
2020-04-14 20:10:00
77.39.9.4 attackbots
Unauthorized connection attempt from IP address 77.39.9.4 on Port 445(SMB)
2020-04-14 20:18:31
104.248.185.245 attackspambots
Automatic report - XMLRPC Attack
2020-04-14 20:42:52
49.149.75.49 attackbots
WordPress wp-login brute force :: 49.149.75.49 0.072 BYPASS [14/Apr/2020:12:15:37  0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "https://[censored_2]/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
2020-04-14 20:43:33
222.186.30.35 attackbots
Apr 14 12:56:43 scw-6657dc sshd[9340]: Failed password for root from 222.186.30.35 port 45693 ssh2
Apr 14 12:56:43 scw-6657dc sshd[9340]: Failed password for root from 222.186.30.35 port 45693 ssh2
Apr 14 12:56:46 scw-6657dc sshd[9340]: Failed password for root from 222.186.30.35 port 45693 ssh2
...
2020-04-14 20:57:15
191.8.187.253 attackspambots
Unauthorized connection attempt from IP address 191.8.187.253 on Port 445(SMB)
2020-04-14 20:21:12

最近上报的IP列表

109.75.37.9 117.69.30.138 105.112.50.72 170.82.22.45
78.190.215.155 60.178.47.102 178.63.53.43 5.153.187.232
45.118.188.44 49.148.216.113 85.202.56.87 187.101.236.171
190.38.165.84 190.3.130.107 180.252.31.122 37.32.41.168
61.19.40.38 88.114.86.83 187.8.168.57 134.209.169.72