必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Zimbabwe

运营商(isp): Telone Pvt Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attackspambots
Lines containing failures of 197.221.254.2
Jul 13 16:57:36 mellenthin postfix/smtpd[5323]: connect from unknown[197.221.254.2]
Jul x@x
Jul 13 16:57:45 mellenthin postfix/smtpd[5323]: lost connection after DATA from unknown[197.221.254.2]
Jul 13 16:57:45 mellenthin postfix/smtpd[5323]: disconnect from unknown[197.221.254.2] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=197.221.254.2
2019-07-14 08:02:14
相同子网IP讨论:
IP 类型 评论内容 时间
197.221.254.22 attack
Port Scan detected!
...
2020-07-14 08:05:45
197.221.254.235 attack
Logged onto my email
2020-07-05 03:55:10
197.221.254.235 attackspam
"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:
2020-05-29 06:30:57
197.221.254.79 attack
Fail2Ban - HTTP Auth Bruteforce Attempt
2020-05-12 05:24:46
197.221.254.176 attackbotsspam
2019-03-12 20:37:49 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25129 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-03-12 20:38:40 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25137 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2019-03-12 20:39:11 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25138 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
...
2020-01-30 04:45:43
197.221.254.63 attack
Unauthorized connection attempt detected from IP address 197.221.254.63 to port 445
2019-12-11 21:32:25
197.221.254.96 attack
2019-11-20 14:13:49 H=(16.96.telone.co.zw) [197.221.254.96]:6050 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.96)
2019-11-20 14:13:49 unexpected disconnection while reading SMTP command from (16.96.telone.co.zw) [197.221.254.96]:6050 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-11-20 15:33:34 H=(16.96.telone.co.zw) [197.221.254.96]:6523 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.96)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=197.221.254.96
2019-11-21 00:42:21
197.221.254.6 attackspambots
2019-11-20 15:12:24 H=(16.6.telone.co.zw) [197.221.254.6]:31578 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.6)
2019-11-20 15:12:25 unexpected disconnection while reading SMTP command from (16.6.telone.co.zw) [197.221.254.6]:31578 I=[10.100.18.25]:25 (error: Connection reset by peer)
2019-11-20 15:29:34 H=(16.6.telone.co.zw) [197.221.254.6]:31622 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.6)

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=197.221.254.6
2019-11-20 22:54:01
197.221.254.40 attack
firewall-block, port(s): 1433/tcp
2019-11-20 00:40:13
197.221.254.172 attackspambots
Hello!

As you may have noticed, I sent you an email from your account.
This means that I have full access to your device.

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks...
2019-10-13 06:30:27
197.221.254.157 attack
Spam
2019-08-14 23:36:14
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.221.254.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18659
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.221.254.2.			IN	A

;; AUTHORITY SECTION:
.			2356	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071301 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 08:02:07 CST 2019
;; MSG SIZE  rcvd: 117
HOST信息:
2.254.221.197.in-addr.arpa domain name pointer 16.2.telone.co.zw.
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
2.254.221.197.in-addr.arpa	name = 16.2.telone.co.zw.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
222.186.180.223 attackspam
Dec 12 09:19:15 marvibiene sshd[50244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223  user=root
Dec 12 09:19:16 marvibiene sshd[50244]: Failed password for root from 222.186.180.223 port 29722 ssh2
Dec 12 09:19:20 marvibiene sshd[50244]: Failed password for root from 222.186.180.223 port 29722 ssh2
Dec 12 09:19:15 marvibiene sshd[50244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223  user=root
Dec 12 09:19:16 marvibiene sshd[50244]: Failed password for root from 222.186.180.223 port 29722 ssh2
Dec 12 09:19:20 marvibiene sshd[50244]: Failed password for root from 222.186.180.223 port 29722 ssh2
...
2019-12-12 17:21:34
180.244.14.118 attackbots
Unauthorized connection attempt detected from IP address 180.244.14.118 to port 445
2019-12-12 17:20:30
103.19.129.194 attackbots
Unauthorized connection attempt detected from IP address 103.19.129.194 to port 445
2019-12-12 17:39:58
116.110.220.28 attackbotsspam
Dec 12 11:27:43 sauna sshd[223524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.110.220.28
...
2019-12-12 17:34:11
179.98.87.153 attackspam
fail2ban
2019-12-12 17:30:16
185.176.27.254 attackbots
12/12/2019-04:36:51.156413 185.176.27.254 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2019-12-12 17:39:02
103.206.114.104 attack
Unauthorised access (Dec 12) SRC=103.206.114.104 LEN=40 TTL=51 ID=35425 TCP DPT=23 WINDOW=52117 SYN
2019-12-12 17:30:37
89.205.126.245 attackbotsspam
Port Scan
2019-12-12 17:32:12
184.105.247.207 attack
IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.
2019-12-12 17:29:50
188.213.49.210 attackbots
WordPress wp-login brute force :: 188.213.49.210 0.208 - [12/Dec/2019:06:27:39  0000] www.[censored_1] "POST /wp-login.php HTTP/1.1" 200 2042 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.90 Safari/537.36 2345Explorer/9.3.2.17331" "HTTP/1.1"
2019-12-12 17:27:18
81.213.214.225 attack
Dec 12 09:17:11 server sshd\[25676\]: Invalid user berrie from 81.213.214.225
Dec 12 09:17:11 server sshd\[25676\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.213.214.225 
Dec 12 09:17:12 server sshd\[25676\]: Failed password for invalid user berrie from 81.213.214.225 port 37533 ssh2
Dec 12 09:27:46 server sshd\[28719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.213.214.225  user=root
Dec 12 09:27:48 server sshd\[28719\]: Failed password for root from 81.213.214.225 port 48864 ssh2
...
2019-12-12 17:16:31
80.211.59.160 attackspambots
2019-12-12T07:22:27.689083abusebot.cloudsearch.cf sshd\[12640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.59.160  user=root
2019-12-12T07:22:29.469287abusebot.cloudsearch.cf sshd\[12640\]: Failed password for root from 80.211.59.160 port 46594 ssh2
2019-12-12T07:27:42.267534abusebot.cloudsearch.cf sshd\[12710\]: Invalid user santucci from 80.211.59.160 port 55150
2019-12-12T07:27:42.274454abusebot.cloudsearch.cf sshd\[12710\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.59.160
2019-12-12 17:25:33
206.189.138.22 attackbotsspam
2019-12-12T08:01:25.931135shield sshd\[15753\]: Invalid user ubuntu from 206.189.138.22 port 52914
2019-12-12T08:01:25.935474shield sshd\[15753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.138.22
2019-12-12T08:01:28.015857shield sshd\[15753\]: Failed password for invalid user ubuntu from 206.189.138.22 port 52914 ssh2
2019-12-12T08:02:39.372110shield sshd\[16273\]: Invalid user ubuntu from 206.189.138.22 port 23775
2019-12-12T08:02:39.376457shield sshd\[16273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.138.22
2019-12-12 17:41:29
104.236.239.60 attackbots
$f2bV_matches
2019-12-12 17:31:29
220.136.25.82 attack
Unauthorized connection attempt detected from IP address 220.136.25.82 to port 445
2019-12-12 17:16:05

最近上报的IP列表

109.75.37.9 117.69.30.138 105.112.50.72 170.82.22.45
78.190.215.155 60.178.47.102 178.63.53.43 5.153.187.232
45.118.188.44 49.148.216.113 85.202.56.87 187.101.236.171
190.38.165.84 190.3.130.107 180.252.31.122 37.32.41.168
61.19.40.38 88.114.86.83 187.8.168.57 134.209.169.72