城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 38.0.0.0 - 38.255.255.255
CIDR: 38.0.0.0/8
NetName: COGENT-A
NetHandle: NET-38-0-0-0-1
Parent: ()
NetType: Direct Allocation
OriginAS:
Organization: Cogent Communications, LLC (COGC)
RegDate: 1991-04-16
Updated: 2025-09-23
Ref: https://rdap.arin.net/registry/ip/38.0.0.0
OrgName: Cogent Communications, LLC
OrgId: COGC
Address: 2450 N Street NW
City: Washington
StateProv: DC
PostalCode: 20037
Country: US
RegDate: 2000-05-30
Updated: 2025-09-23
Comment: Geofeed https://geofeed.cogentco.com/geofeed.csv
Ref: https://rdap.arin.net/registry/entity/COGC
ReferralServer: rwhois://rwhois.cogentco.com:4321
OrgTechHandle: IPALL-ARIN
OrgTechName: IP Allocation
OrgTechPhone: +1-877-875-4311
OrgTechEmail: ipalloc@cogentco.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
OrgAbuseHandle: COGEN-ARIN
OrgAbuseName: Cogent Abuse
OrgAbusePhone: +1-877-875-4311
OrgAbuseEmail: abuse@cogentco.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/COGEN-ARIN
OrgNOCHandle: ZC108-ARIN
OrgNOCName: Cogent Communications
OrgNOCPhone: +1-877-875-4311
OrgNOCEmail: noc@cogentco.com
OrgNOCRef: https://rdap.arin.net/registry/entity/ZC108-ARIN
# end
# start
NetRange: 38.247.3.0 - 38.247.3.255
CIDR: 38.247.3.0/24
NetName: RAVNIX-CGNT-NET-1
NetHandle: NET-38-247-3-0-1
Parent: COGENT-A (NET-38-0-0-0-1)
NetType: Reassigned
OriginAS:
Organization: RAVNIX LLC (RL-912)
RegDate: 2025-08-19
Updated: 2025-08-19
Comment: Geofeed https://geofeed.ravnix.gg/geofeed.csv
Ref: https://rdap.arin.net/registry/ip/38.247.3.0
OrgName: RAVNIX LLC
OrgId: RL-912
Address: 1500 N. GRANT ST, STE R
City: Denver
StateProv: CO
PostalCode: 80203
Country: US
RegDate: 2024-08-23
Updated: 2025-08-19
Comment: Geofeed https://geofeed.ravnix.gg/geofeed.csv
Ref: https://rdap.arin.net/registry/entity/RL-912
OrgTechHandle: RLN2-ARIN
OrgTechName: RAVNIX LLC - NIC
OrgTechPhone: +1-912-901-6053
OrgTechEmail: nic@ravnix.gg
OrgTechRef: https://rdap.arin.net/registry/entity/RLN2-ARIN
OrgAbuseHandle: RLN2-ARIN
OrgAbuseName: RAVNIX LLC - NIC
OrgAbusePhone: +1-912-901-6053
OrgAbuseEmail: nic@ravnix.gg
OrgAbuseRef: https://rdap.arin.net/registry/entity/RLN2-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to rwhois.cogentco.com:4321.
%rwhois V-1.5:0010b0:00 rwhois.cogentco.com (CGNT rwhoisd 1.2.1)
network:ID:NET4-26F7030018
network:Network-Name:NET4-26F7030018
network:IP-Network:38.247.3.0/24
network:Org-Name:RAVNIX LLC
network:Street-Address:831 N HAMPTON AVE
network:City:FAIRFAX
network:State:SC
network:Country:US
network:Postal-Code:29827
network:Tech-Contact:ZC108-ARIN
network:Updated:2025-08-19 21:46:08
%ok; <<>> DiG 9.10.3-P4-Ubuntu <<>> 38.247.3.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29443
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;38.247.3.216. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025110400 1800 900 604800 86400
;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 04 19:30:38 CST 2025
;; MSG SIZE rcvd: 105Host 216.3.247.38.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 216.3.247.38.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 60.217.52.93 | attackspam | Sep 22 08:16:48 eola postfix/smtpd[17404]: connect from unknown[60.217.52.93] Sep 22 08:16:49 eola postfix/smtpd[17404]: lost connection after AUTH from unknown[60.217.52.93] Sep 22 08:16:49 eola postfix/smtpd[17404]: disconnect from unknown[60.217.52.93] ehlo=1 auth=0/1 commands=1/2 Sep 22 08:16:49 eola postfix/smtpd[17404]: connect from unknown[60.217.52.93] Sep 22 08:16:50 eola postfix/smtpd[17404]: lost connection after AUTH from unknown[60.217.52.93] Sep 22 08:16:50 eola postfix/smtpd[17404]: disconnect from unknown[60.217.52.93] ehlo=1 auth=0/1 commands=1/2 Sep 22 08:16:50 eola postfix/smtpd[17404]: connect from unknown[60.217.52.93] Sep 22 08:16:51 eola postfix/smtpd[17404]: lost connection after AUTH from unknown[60.217.52.93] Sep 22 08:16:51 eola postfix/smtpd[17404]: disconnect from unknown[60.217.52.93] ehlo=1 auth=0/1 commands=1/2 Sep 22 08:16:51 eola postfix/smtpd[17404]: connect from unknown[60.217.52.93] Sep 22 08:16:52 eola postfix/smtpd[17404]: lost con........ ------------------------------- |
2019-09-23 01:38:30 |
| 129.211.117.47 | attackspam | Sep 22 19:21:17 DAAP sshd[25730]: Invalid user anicia from 129.211.117.47 port 53260 Sep 22 19:21:17 DAAP sshd[25730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.117.47 Sep 22 19:21:17 DAAP sshd[25730]: Invalid user anicia from 129.211.117.47 port 53260 Sep 22 19:21:19 DAAP sshd[25730]: Failed password for invalid user anicia from 129.211.117.47 port 53260 ssh2 ... |
2019-09-23 01:35:52 |
| 51.38.128.30 | attack | Triggered by Fail2Ban at Ares web server |
2019-09-23 02:14:25 |
| 106.12.11.166 | attackbotsspam | Sep 22 19:57:30 eventyay sshd[29587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166 Sep 22 19:57:32 eventyay sshd[29587]: Failed password for invalid user tester from 106.12.11.166 port 40224 ssh2 Sep 22 20:02:28 eventyay sshd[29679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.166 ... |
2019-09-23 02:08:01 |
| 218.4.239.146 | attackspam | Rude login attack (2 tries in 1d) |
2019-09-23 01:48:33 |
| 149.56.251.168 | attackspambots | 2019-09-22T17:07:09.020946hub.schaetter.us sshd\[11635\]: Invalid user jeff from 149.56.251.168 2019-09-22T17:07:09.062842hub.schaetter.us sshd\[11635\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip168.ip-149-56-251.net 2019-09-22T17:07:11.257781hub.schaetter.us sshd\[11635\]: Failed password for invalid user jeff from 149.56.251.168 port 18362 ssh2 2019-09-22T17:11:18.421502hub.schaetter.us sshd\[11663\]: Invalid user Juho from 149.56.251.168 2019-09-22T17:11:18.454603hub.schaetter.us sshd\[11663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip168.ip-149-56-251.net ... |
2019-09-23 01:54:08 |
| 139.59.142.82 | attackbotsspam | 10 attempts against mh-misc-ban on heat.magehost.pro |
2019-09-23 02:21:16 |
| 165.22.16.90 | attackspambots | 2019-08-12 04:23:19,730 fail2ban.actions [791]: NOTICE [sshd] Ban 165.22.16.90 2019-08-12 07:31:28,488 fail2ban.actions [791]: NOTICE [sshd] Ban 165.22.16.90 2019-08-12 10:35:54,517 fail2ban.actions [791]: NOTICE [sshd] Ban 165.22.16.90 ... |
2019-09-23 02:13:17 |
| 217.25.25.246 | attackbots | 22.09.2019 18:39:29 - Wordpress fail Detected by ELinOX-ALM |
2019-09-23 02:17:00 |
| 178.48.16.181 | attackspambots | Sep 22 14:53:47 eventyay sshd[22793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.48.16.181 Sep 22 14:53:50 eventyay sshd[22793]: Failed password for invalid user 1q2w3e4r from 178.48.16.181 port 17121 ssh2 Sep 22 14:57:59 eventyay sshd[22913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.48.16.181 ... |
2019-09-23 02:05:20 |
| 5.167.88.233 | attackspam | Connection by 5.167.88.233 on port: 5000 got caught by honeypot at 9/22/2019 5:41:54 AM |
2019-09-23 01:50:47 |
| 192.200.210.164 | attackspambots | Sep 22 14:27:26 mxgate1 postfix/postscreen[30518]: CONNECT from [192.200.210.164]:47230 to [176.31.12.44]:25 Sep 22 14:27:26 mxgate1 postfix/dnsblog[30901]: addr 192.200.210.164 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 22 14:27:27 mxgate1 postfix/dnsblog[30897]: addr 192.200.210.164 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 22 14:27:32 mxgate1 postfix/postscreen[30518]: DNSBL rank 3 for [192.200.210.164]:47230 Sep x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.200.210.164 |
2019-09-23 01:50:25 |
| 51.77.140.111 | attack | Sep 22 19:32:19 dedicated sshd[25351]: Invalid user test from 51.77.140.111 port 43144 |
2019-09-23 01:53:16 |
| 111.85.191.131 | attack | Sep 22 14:45:40 mail1 sshd\[22252\]: Invalid user tester from 111.85.191.131 port 52402 Sep 22 14:45:40 mail1 sshd\[22252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.85.191.131 Sep 22 14:45:43 mail1 sshd\[22252\]: Failed password for invalid user tester from 111.85.191.131 port 52402 ssh2 Sep 22 14:53:00 mail1 sshd\[25552\]: Invalid user comercial from 111.85.191.131 port 49336 Sep 22 14:53:00 mail1 sshd\[25552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.85.191.131 ... |
2019-09-23 02:02:41 |
| 218.173.36.148 | attackbotsspam | SMB Server BruteForce Attack |
2019-09-23 02:20:46 |