必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
Port scan
2020-02-20 08:39:28
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3 <<>> 2001:470:dfa9:10ff:0:242:ac11:2e
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18731
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2001:470:dfa9:10ff:0:242:ac11:2e. IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022500 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 100.100.2.138#53(100.100.2.138)
;; WHEN: Tue Feb 25 23:18:29 2020
;; MSG SIZE  rcvd: 125

HOST信息:
Host e.2.0.0.1.1.c.a.2.4.2.0.0.0.0.0.f.f.0.1.9.a.f.d.0.7.4.0.1.0.0.2.ip6.arpa not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find e.2.0.0.1.1.c.a.2.4.2.0.0.0.0.0.f.f.0.1.9.a.f.d.0.7.4.0.1.0.0.2.ip6.arpa: NXDOMAIN
最新评论:
IP 类型 评论内容 时间
97.84.225.94 attackbots
2020-06-08T05:40:11.554860shield sshd\[9368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=097-084-225-094.res.spectrum.com  user=root
2020-06-08T05:40:13.831297shield sshd\[9368\]: Failed password for root from 97.84.225.94 port 54900 ssh2
2020-06-08T05:44:10.386359shield sshd\[10218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=097-084-225-094.res.spectrum.com  user=root
2020-06-08T05:44:12.803734shield sshd\[10218\]: Failed password for root from 97.84.225.94 port 54172 ssh2
2020-06-08T05:47:58.706968shield sshd\[11227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=097-084-225-094.res.spectrum.com  user=root
2020-06-08 16:25:32
68.183.71.55 attackbots
Jun  8 05:44:11 reporting3 sshd[13885]: User r.r from 68.183.71.55 not allowed because not listed in AllowUsers
Jun  8 05:44:11 reporting3 sshd[13885]: Failed password for invalid user r.r from 68.183.71.55 port 56410 ssh2
Jun  8 05:47:43 reporting3 sshd[18301]: User r.r from 68.183.71.55 not allowed because not listed in AllowUsers
Jun  8 05:47:43 reporting3 sshd[18301]: Failed password for invalid user r.r from 68.183.71.55 port 35848 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=68.183.71.55
2020-06-08 16:50:11
121.101.133.37 attackbots
Jun  8 07:46:11 OPSO sshd\[5022\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.101.133.37  user=root
Jun  8 07:46:12 OPSO sshd\[5022\]: Failed password for root from 121.101.133.37 port 49228 ssh2
Jun  8 07:49:11 OPSO sshd\[5257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.101.133.37  user=root
Jun  8 07:49:13 OPSO sshd\[5257\]: Failed password for root from 121.101.133.37 port 33514 ssh2
Jun  8 07:52:13 OPSO sshd\[5909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.101.133.37  user=root
2020-06-08 16:35:23
31.134.209.80 attackspam
firewall-block, port(s): 4503/tcp
2020-06-08 16:24:44
46.214.138.225 attackspambots
Attempt to log in with non-existing username: asteriorg
2020-06-08 16:53:24
152.136.34.52 attackspambots
Jun  8 06:54:49 sip sshd[579938]: Failed password for root from 152.136.34.52 port 44630 ssh2
Jun  8 06:57:52 sip sshd[579973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.34.52  user=root
Jun  8 06:57:54 sip sshd[579973]: Failed password for root from 152.136.34.52 port 55822 ssh2
...
2020-06-08 16:29:18
95.167.39.12 attackspambots
2020-06-08T05:43:19.217194amanda2.illicoweb.com sshd\[3607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12  user=root
2020-06-08T05:43:21.191137amanda2.illicoweb.com sshd\[3607\]: Failed password for root from 95.167.39.12 port 53814 ssh2
2020-06-08T05:48:01.698694amanda2.illicoweb.com sshd\[3775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12  user=root
2020-06-08T05:48:03.722376amanda2.illicoweb.com sshd\[3775\]: Failed password for root from 95.167.39.12 port 51968 ssh2
2020-06-08T05:49:27.573225amanda2.illicoweb.com sshd\[3790\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.167.39.12  user=root
...
2020-06-08 16:47:12
180.153.65.18 attackbots
Jun  8 08:14:32 ourumov-web sshd\[24401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.153.65.18  user=root
Jun  8 08:14:34 ourumov-web sshd\[24401\]: Failed password for root from 180.153.65.18 port 53464 ssh2
Jun  8 08:27:08 ourumov-web sshd\[25219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.153.65.18  user=root
...
2020-06-08 16:21:22
148.70.31.188 attackbots
Jun  8 09:11:27 xeon sshd[40527]: Failed password for root from 148.70.31.188 port 52550 ssh2
2020-06-08 16:23:38
61.142.20.29 attackspam
(ftpd) Failed FTP login from 61.142.20.29 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun  8 08:47:08 ir1 pure-ftpd: (?@61.142.20.29) [WARNING] Authentication failed for user [anonymous]
2020-06-08 16:59:07
160.153.154.27 attackbotsspam
"new/wp-includes/wlwmanifest.xml"_
2020-06-08 16:31:17
157.230.109.166 attackbotsspam
Jun  8 08:17:50 tuxlinux sshd[54381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.109.166  user=root
Jun  8 08:17:51 tuxlinux sshd[54381]: Failed password for root from 157.230.109.166 port 47600 ssh2
Jun  8 08:17:50 tuxlinux sshd[54381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.109.166  user=root
Jun  8 08:17:51 tuxlinux sshd[54381]: Failed password for root from 157.230.109.166 port 47600 ssh2
Jun  8 08:29:59 tuxlinux sshd[60433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.109.166  user=root
...
2020-06-08 16:45:20
51.68.229.73 attackspambots
2020-06-08T10:03:00.551923sd-86998 sshd[42749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.ip-51-68-229.eu  user=root
2020-06-08T10:03:02.860702sd-86998 sshd[42749]: Failed password for root from 51.68.229.73 port 51252 ssh2
2020-06-08T10:06:10.119874sd-86998 sshd[43994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.ip-51-68-229.eu  user=root
2020-06-08T10:06:12.513785sd-86998 sshd[43994]: Failed password for root from 51.68.229.73 port 54608 ssh2
2020-06-08T10:09:27.012456sd-86998 sshd[44992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.ip-51-68-229.eu  user=root
2020-06-08T10:09:29.451084sd-86998 sshd[44992]: Failed password for root from 51.68.229.73 port 57968 ssh2
...
2020-06-08 16:46:51
46.101.248.180 attackbotsspam
Tried sshing with brute force.
2020-06-08 16:16:25
140.249.191.91 attackbotsspam
Jun  8 02:18:56 pl3server sshd[918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91  user=r.r
Jun  8 02:18:58 pl3server sshd[918]: Failed password for r.r from 140.249.191.91 port 49955 ssh2
Jun  8 02:18:58 pl3server sshd[918]: Received disconnect from 140.249.191.91 port 49955:11: Bye Bye [preauth]
Jun  8 02:18:58 pl3server sshd[918]: Disconnected from 140.249.191.91 port 49955 [preauth]
Jun  8 02:32:24 pl3server sshd[14853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91  user=r.r
Jun  8 02:32:26 pl3server sshd[14853]: Failed password for r.r from 140.249.191.91 port 59258 ssh2
Jun  8 02:32:26 pl3server sshd[14853]: Received disconnect from 140.249.191.91 port 59258:11: Bye Bye [preauth]
Jun  8 02:32:26 pl3server sshd[14853]: Disconnected from 140.249.191.91 port 59258 [preauth]
Jun  8 02:35:31 pl3server sshd[16036]: pam_unix(sshd:auth): authentication failu........
-------------------------------
2020-06-08 16:45:42

最近上报的IP列表

200.125.182.180 185.240.209.183 209.198.100.85 175.186.203.235
2001:470:dfa9:10ff:0:242:ac11:26 47.108.190.247 101.169.123.69 12.116.146.242
34.204.62.186 205.188.183.234 15.222.240.149 71.0.200.241
135.225.175.162 149.8.58.255 156.49.116.231 132.255.66.31
233.182.231.6 103.36.8.146 85.13.253.154 185.164.72.103