197.221.254.96

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Zimbabwe

运营商(isp): Telone Pvt Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-11-20 14:13:49 H=(16.96.telone.co.zw) [197.221.254.96]:6050 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.96) 2019-11-20 14:13:49 unexpected disconnection while reading SMTP command from (16.96.telone.co.zw) [197.221.254.96]:6050 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-11-20 15:33:34 H=(16.96.telone.co.zw) [197.221.254.96]:6523 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.96) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.221.254.96	2019-11-21 00:42:21

类型

评论内容

时间

attack

2019-11-20 14:13:49 H=(16.96.telone.co.zw) [197.221.254.96]:6050 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.96)
2019-11-20 14:13:49 unexpected disconnection while reading SMTP command from (16.96.telone.co.zw) [197.221.254.96]:6050 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-11-20 15:33:34 H=(16.96.telone.co.zw) [197.221.254.96]:6523 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.96)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=197.221.254.96

2019-11-21 00:42:21

相同子网IP讨论:

IP	类型	评论内容	时间
197.221.254.22	attack	Port Scan detected! ...	2020-07-14 08:05:45
197.221.254.235	attack	Logged onto my email	2020-07-05 03:55:10
197.221.254.235	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-29 06:30:57
197.221.254.79	attack	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-05-12 05:24:46
197.221.254.176	attackbotsspam	2019-03-12 20:37:49 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25129 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-12 20:38:40 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25137 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-12 20:39:11 H=\(16.176.telone.co.zw\) \[197.221.254.176\]:25138 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-01-30 04:45:43
197.221.254.63	attack	Unauthorized connection attempt detected from IP address 197.221.254.63 to port 445	2019-12-11 21:32:25
197.221.254.6	attackspambots	2019-11-20 15:12:24 H=(16.6.telone.co.zw) [197.221.254.6]:31578 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.6) 2019-11-20 15:12:25 unexpected disconnection while reading SMTP command from (16.6.telone.co.zw) [197.221.254.6]:31578 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-11-20 15:29:34 H=(16.6.telone.co.zw) [197.221.254.6]:31622 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=197.221.254.6) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.221.254.6	2019-11-20 22:54:01
197.221.254.40	attack	firewall-block, port(s): 1433/tcp	2019-11-20 00:40:13
197.221.254.172	attackspambots	Hello! As you may have noticed, I sent you an email from your account. This means that I have full access to your device. I've been watching you for a few months now. The fact is that you were infected with malware through an adult site that you visited. If you are not familiar with this, I will explain. Trojan Virus gives me full access and control over a computer or other device. This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it. I also have access to all your contacts and all your correspondence. Why your antivirus did not detect malware? Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent. I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched. With one click of the mouse, I can send this video to all your emails and contacts on social networks...	2019-10-13 06:30:27
197.221.254.157	attack	Spam	2019-08-14 23:36:14
197.221.254.2	attackspambots	Lines containing failures of 197.221.254.2 Jul 13 16:57:36 mellenthin postfix/smtpd[5323]: connect from unknown[197.221.254.2] Jul x@x Jul 13 16:57:45 mellenthin postfix/smtpd[5323]: lost connection after DATA from unknown[197.221.254.2] Jul 13 16:57:45 mellenthin postfix/smtpd[5323]: disconnect from unknown[197.221.254.2] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.221.254.2	2019-07-14 08:02:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.221.254.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60758
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.221.254.96.			IN	A

;; AUTHORITY SECTION:
.			186	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112000 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 21 00:42:16 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

96.254.221.197.in-addr.arpa domain name pointer 16.96.telone.co.zw.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
96.254.221.197.in-addr.arpa	name = 16.96.telone.co.zw.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
125.127.33.42	attackbots	UTC: 2019-10-21 port: 23/tcp	2019-10-22 17:31:23
162.248.54.39	attackbots	Oct 22 08:52:29 game-panel sshd[11044]: Failed password for root from 162.248.54.39 port 57336 ssh2 Oct 22 08:56:05 game-panel sshd[11137]: Failed password for root from 162.248.54.39 port 41072 ssh2	2019-10-22 17:19:02
103.81.85.21	attackbotsspam	xmlrpc attack	2019-10-22 17:23:57
118.25.103.132	attackspam	Oct 22 06:57:07 OPSO sshd\[12059\]: Invalid user boc from 118.25.103.132 port 56774 Oct 22 06:57:07 OPSO sshd\[12059\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.103.132 Oct 22 06:57:09 OPSO sshd\[12059\]: Failed password for invalid user boc from 118.25.103.132 port 56774 ssh2 Oct 22 07:01:30 OPSO sshd\[13008\]: Invalid user legal2 from 118.25.103.132 port 34946 Oct 22 07:01:30 OPSO sshd\[13008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.103.132	2019-10-22 17:46:23
58.217.157.209	attackspambots	UTC: 2019-10-21 pkts: 2 port: 23/tcp	2019-10-22 17:20:47
193.151.13.22	attackbotsspam	UTC: 2019-10-21 port: 80/tcp	2019-10-22 17:33:37
124.166.111.138	attackspam	UTC: 2019-10-21 port: 123/udp	2019-10-22 17:19:44
196.200.181.2	attack	Oct 22 11:38:20 server sshd\[27634\]: Invalid user ghosts from 196.200.181.2 Oct 22 11:38:20 server sshd\[27634\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.200.181.2 Oct 22 11:38:22 server sshd\[27634\]: Failed password for invalid user ghosts from 196.200.181.2 port 42421 ssh2 Oct 22 11:43:33 server sshd\[28797\]: Invalid user ghosts from 196.200.181.2 Oct 22 11:43:33 server sshd\[28797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.200.181.2 ...	2019-10-22 17:40:40
222.186.173.215	attack	Oct 22 05:31:21 ny01 sshd[15909]: Failed password for root from 222.186.173.215 port 24984 ssh2 Oct 22 05:31:39 ny01 sshd[15909]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 24984 ssh2 [preauth] Oct 22 05:31:50 ny01 sshd[15956]: Failed password for root from 222.186.173.215 port 12486 ssh2	2019-10-22 17:37:06
95.158.165.23	attack	UTC: 2019-10-21 pkts: 2 ports(tcp): 81, 85	2019-10-22 17:53:12
207.46.13.53	attack	Automatic report - Banned IP Access	2019-10-22 17:35:50
190.156.216.192	attack	Excessive Port-Scanning	2019-10-22 17:52:46
106.12.206.53	attackbotsspam	2019-10-22T15:26:06.371833enmeeting.mahidol.ac.th sshd\[14006\]: User root from 106.12.206.53 not allowed because not listed in AllowUsers 2019-10-22T15:26:06.493020enmeeting.mahidol.ac.th sshd\[14006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.53 user=root 2019-10-22T15:26:08.245491enmeeting.mahidol.ac.th sshd\[14006\]: Failed password for invalid user root from 106.12.206.53 port 41388 ssh2 ...	2019-10-22 17:50:41
97.79.238.200	attackspambots	Automatic report - XMLRPC Attack	2019-10-22 17:43:58
201.212.216.79	attackspam	UTC: 2019-10-21 port: 23/tcp	2019-10-22 17:45:09

最近上报的IP列表

1.160.5.71	103.98.129.230	88.153.178.250	35.182.180.105
179.189.204.205	165.227.28.181	117.3.179.228	51.39.177.222
195.91.48.5	128.75.170.151	102.65.126.237	190.42.17.67
220.255.237.149	113.167.142.86	139.59.17.193	192.168.1.178
14.141.45.114	95.155.6.181	179.6.197.77	190.210.223.166