58.21.34.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Jilin Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Brute force blocker - service: proftpd1 - aantal: 45 - Sat Apr 14 12:50:16 2018	2020-03-09 04:05:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.21.34.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23534
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.21.34.104.			IN	A

;; AUTHORITY SECTION:
.			408	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030801 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 04:05:14 CST 2020
;; MSG SIZE  rcvd: 116

Host info

104.34.21.58.in-addr.arpa domain name pointer 104.34.21.58.adsl-pool.jlccptt.net.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.34.21.58.in-addr.arpa	name = 104.34.21.58.adsl-pool.jlccptt.net.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.217	attackbotsspam	Oct 1 16:31:57 xtremcommunity sshd\[81240\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Oct 1 16:31:59 xtremcommunity sshd\[81240\]: Failed password for root from 222.186.175.217 port 43136 ssh2 Oct 1 16:32:03 xtremcommunity sshd\[81240\]: Failed password for root from 222.186.175.217 port 43136 ssh2 Oct 1 16:32:08 xtremcommunity sshd\[81240\]: Failed password for root from 222.186.175.217 port 43136 ssh2 Oct 1 16:32:12 xtremcommunity sshd\[81240\]: Failed password for root from 222.186.175.217 port 43136 ssh2 ...	2019-10-02 04:34:44
81.22.45.53	attackspam	2019-10-01T21:04:33.592449+02:00 lumpi kernel: [269816.161965] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.53 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=15807 PROTO=TCP SPT=50944 DPT=24342 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-02 04:17:24
212.47.238.207	attackspam	Oct 1 16:47:52 dedicated sshd[20988]: Invalid user gp from 212.47.238.207 port 35232	2019-10-02 04:27:51
123.118.96.149	attack	Automated reporting of FTP Brute Force	2019-10-02 04:20:20
185.104.253.28	attack	TCP src-port=29738 dst-port=25 Listed on dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (691)	2019-10-02 04:18:50
60.184.138.9	attack	22/tcp 22/tcp [2019-09-29/10-01]2pkt	2019-10-02 04:28:22
80.93.182.145	attackspambots	Oct 1 06:31:47 server6 sshd[27456]: Address 80.93.182.145 maps to mail.dogpetfish.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 1 06:31:49 server6 sshd[27456]: Failed password for invalid user kennedy from 80.93.182.145 port 54198 ssh2 Oct 1 06:31:49 server6 sshd[27456]: Received disconnect from 80.93.182.145: 11: Bye Bye [preauth] Oct 1 06:49:09 server6 sshd[13960]: Address 80.93.182.145 maps to mail.dogpetfish.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 1 06:49:10 server6 sshd[13960]: Failed password for invalid user alessandro from 80.93.182.145 port 58708 ssh2 Oct 1 06:49:10 server6 sshd[13960]: Received disconnect from 80.93.182.145: 11: Bye Bye [preauth] Oct 1 06:52:48 server6 sshd[17461]: Address 80.93.182.145 maps to mail.dogpetfish.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 1 06:52:49 server6 sshd[17461]: Failed password for invalid user super from........ -------------------------------	2019-10-02 04:45:58
134.73.76.230	attack	Sent mail to target address hacked/leaked from abandonia in 2016	2019-10-02 04:45:29
123.207.14.76	attack	k+ssh-bruteforce	2019-10-02 04:09:09
213.204.81.123	attackbots	2019-10-0114:10:481iFGzP-0006Gi-EZ\<=info@imsuisse-sa.chH=\(imsuisse-sa.ch\)[37.111.198.153]:11948P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_plain:info@imsuisse-sa.chS=2088id=63EC7713-1631-48D8-B8C3-6FC5382D140D@imsuisse-sa.chT=""forFred.Johannaber@arrisi.comfredemilbatino@yahoo.co.ukfred_emil@yahoo.comfrogger30606@yahoo.comgafourleafclover@yahoo.com2019-10-0114:10:491iFGzP-00067Y-Nf\<=info@imsuisse-sa.chH=\(imsuisse-sa.ch\)[213.230.81.106]:1525P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_plain:info@imsuisse-sa.chS=2298id=D741A798-95DF-46C1-BD26-285039EBBABA@imsuisse-sa.chT=""forspanishcalendar@yahoo.comssi.christine@yahoo.comTaylor.Keen@lls.orgzettyccci@yahoo.com2019-10-0114:10:511iFGzT-0006JJ-3W\<=info@imsuisse-sa.chH=\(imsuisse-sa.ch\)[103.138.30.104]:44162P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_plain:info@imsuisse-sa.chS=2121id=D7C4A1DA-EFDF-4FD6-B514-7567499A2EE3@imsuisse-sa.chT=""forwilliamD@qualcomm.comwilliamgilpin@hsbc.comWindso	2019-10-02 04:36:54
23.129.64.188	attackbots	Oct 1 19:21:56 rotator sshd\[4142\]: Failed password for root from 23.129.64.188 port 10732 ssh2Oct 1 19:21:59 rotator sshd\[4142\]: Failed password for root from 23.129.64.188 port 10732 ssh2Oct 1 19:22:02 rotator sshd\[4142\]: Failed password for root from 23.129.64.188 port 10732 ssh2Oct 1 19:22:04 rotator sshd\[4142\]: Failed password for root from 23.129.64.188 port 10732 ssh2Oct 1 19:22:08 rotator sshd\[4142\]: Failed password for root from 23.129.64.188 port 10732 ssh2Oct 1 19:22:12 rotator sshd\[4142\]: Failed password for root from 23.129.64.188 port 10732 ssh2 ...	2019-10-02 04:39:13
60.255.230.202	attackspam	2019-10-01T16:28:02.402024tmaserv sshd\[28726\]: Invalid user kayla from 60.255.230.202 port 49406 2019-10-01T16:28:02.408390tmaserv sshd\[28726\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.255.230.202 2019-10-01T16:28:04.988104tmaserv sshd\[28726\]: Failed password for invalid user kayla from 60.255.230.202 port 49406 ssh2 2019-10-01T16:40:36.982861tmaserv sshd\[29615\]: Invalid user nv from 60.255.230.202 port 60042 2019-10-01T16:40:36.987400tmaserv sshd\[29615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.255.230.202 2019-10-01T16:40:39.411466tmaserv sshd\[29615\]: Failed password for invalid user nv from 60.255.230.202 port 60042 ssh2 ...	2019-10-02 04:49:04
125.64.94.211	attackbots	Multiport scan : 7 ports scanned 5984(x2) 6379 6881 9200 11211(x2) 27017(x6) 28017(x2)	2019-10-02 04:21:55
103.236.253.28	attack	Oct 1 21:52:19 SilenceServices sshd[11170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.236.253.28 Oct 1 21:52:22 SilenceServices sshd[11170]: Failed password for invalid user test9 from 103.236.253.28 port 50367 ssh2 Oct 1 21:56:00 SilenceServices sshd[12199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.236.253.28	2019-10-02 04:13:09
182.139.134.107	attack	frenzy	2019-10-02 04:07:06

Recently Reported IPs

1.85.219.141	183.63.155.146	109.252.81.61	60.178.183.97
42.101.241.74	2.60.110.164	223.199.175.81	182.64.104.227
125.111.81.63	118.112.91.163	84.83.172.201	112.115.135.17
93.176.143.1	42.115.207.100	221.232.177.84	176.111.214.124
139.189.183.184	115.207.140.235	51.254.36.55	217.170.248.193