21.89.199.11 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 21.89.199.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19108
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;21.89.199.11.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025013100 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 01 01:35:07 CST 2025
;; MSG SIZE  rcvd: 105

HOST信息:

Host 11.199.89.21.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 11.199.89.21.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
130.162.64.72	attack	$f2bV_matches	2019-11-27 16:08:14
162.243.158.185	attack	Nov 27 08:52:07 legacy sshd[10269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.158.185 Nov 27 08:52:09 legacy sshd[10269]: Failed password for invalid user red from 162.243.158.185 port 38054 ssh2 Nov 27 08:58:28 legacy sshd[10428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.158.185 ...	2019-11-27 16:06:11
112.85.42.179	attack	Nov 27 09:09:04 mail sshd[15655]: Failed password for root from 112.85.42.179 port 53190 ssh2 Nov 27 09:09:08 mail sshd[15655]: Failed password for root from 112.85.42.179 port 53190 ssh2 Nov 27 09:09:11 mail sshd[15655]: Failed password for root from 112.85.42.179 port 53190 ssh2 Nov 27 09:09:15 mail sshd[15655]: Failed password for root from 112.85.42.179 port 53190 ssh2	2019-11-27 16:37:09
104.248.16.13	attack	104.248.16.13 - - \[27/Nov/2019:07:29:18 +0100\] "POST /wp-login.php HTTP/1.0" 200 7656 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.248.16.13 - - \[27/Nov/2019:07:29:20 +0100\] "POST /wp-login.php HTTP/1.0" 200 7486 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.248.16.13 - - \[27/Nov/2019:07:29:20 +0100\] "POST /wp-login.php HTTP/1.0" 200 7480 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-27 16:43:16
222.186.190.2	attackspambots	" "	2019-11-27 16:41:11
182.71.209.203	attackbots	Automatic report - Banned IP Access	2019-11-27 16:26:49
129.211.76.101	attackbotsspam	$f2bV_matches_ltvn	2019-11-27 16:27:37
37.59.223.200	attackspam	SpamReport	2019-11-27 16:18:55
190.145.25.166	attackbots	2019-11-27T08:17:59.608690abusebot-8.cloudsearch.cf sshd\[5376\]: Invalid user maple from 190.145.25.166 port 20180	2019-11-27 16:30:10
61.231.23.11	attackbotsspam	Fail2Ban - FTP Abuse Attempt	2019-11-27 16:16:02
49.234.211.228	attackbotsspam	Port scan on 3 port(s): 2375 2376 2377	2019-11-27 16:42:56
103.92.28.197	attackspambots	SpamReport	2019-11-27 16:13:34
5.172.19.21	attackbots	Nov 25 16:47:57 Aberdeen-m4-Access auth.info sshd[24833]: Invalid user hobby from 5.172.19.21 port 51038 Nov 25 16:47:57 Aberdeen-m4-Access auth.info sshd[24833]: Failed password for invalid user hobby from 5.172.19.21 port 51038 ssh2 Nov 25 16:47:58 Aberdeen-m4-Access auth.info sshd[24833]: Received disconnect from 5.172.19.21 port 51038:11: Bye Bye [preauth] Nov 25 16:47:58 Aberdeen-m4-Access auth.info sshd[24833]: Disconnected from 5.172.19.21 port 51038 [preauth] Nov 25 16:47:58 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "5.172.19.21" on service 100 whostnameh danger 10. Nov 25 16:47:58 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "5.172.19.21" on service 100 whostnameh danger 10. Nov 25 16:47:58 Aberdeen-m4-Access auth.notice sshguard[12566]: Attack from "5.172.19.21" on service 100 whostnameh danger 10. Nov 25 16:47:58 Aberdeen-m4-Access auth.warn sshguard[12566]: Blocking "5.172.19.21/32" for 240 secs (3 attacks in 0 secs, after 2 a........ ------------------------------	2019-11-27 16:44:01
5.172.218.82	attackbotsspam	[WedNov2707:29:55.0876402019][:error][pid1029:tid47011388753664][client5.172.218.82:50038][client5.172.218.82]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"cser.ch"][uri"/3.sql"][unique_id"Xd4X4wTwcDLXoZj2WO0kSgAAAIw"][WedNov2707:29:55.8598932019][:error][pid773:tid47011388753664][client5.172.218.82:50127][client5.172.218.82]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"	2019-11-27 16:24:22
34.232.39.62	attackspam	Autoban 34.232.39.62 AUTH/CONNECT	2019-11-27 16:21:49

最近上报的IP列表

32.178.70.73	96.18.204.50	208.187.138.55	41.140.32.20
75.197.3.179	94.44.109.213	2.144.145.170	184.90.122.119
160.156.52.219	253.125.61.234	247.169.139.50	23.160.214.100
249.112.55.161	58.32.180.68	135.234.97.252	222.230.42.118
130.128.104.126	194.28.98.5	149.106.27.39	156.80.193.27