195.158.22.22 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Uzbekistan

运营商(isp): Uzbektelekom Joint Stock Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	IP: 195.158.22.22 ASN: AS8193 Uzbektelekom Joint Stock Company Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 2/08/2019 8:48:45 AM UTC	2019-08-02 19:50:53

相同子网IP讨论:

IP	类型	评论内容	时间
195.158.22.5	attack	Honeypot hit: misc	2020-08-28 18:02:36
195.158.227.51	attackbotsspam	Jun 6 09:27:09 mail.srvfarm.net postfix/smtpd[3608955]: warning: unknown[195.158.227.51]: SASL PLAIN authentication failed: Jun 6 09:27:09 mail.srvfarm.net postfix/smtpd[3608955]: lost connection after AUTH from unknown[195.158.227.51] Jun 6 09:33:25 mail.srvfarm.net postfix/smtps/smtpd[3611041]: warning: unknown[195.158.227.51]: SASL PLAIN authentication failed: Jun 6 09:33:25 mail.srvfarm.net postfix/smtps/smtpd[3611041]: lost connection after AUTH from unknown[195.158.227.51] Jun 6 09:36:54 mail.srvfarm.net postfix/smtps/smtpd[3611034]: warning: unknown[195.158.227.51]: SASL PLAIN authentication failed:	2020-06-08 00:08:13
195.158.220.39	attackbots	Unauthorized connection attempt from IP address 195.158.220.39 on Port 445(SMB)	2020-05-03 21:08:50
195.158.22.4	attack	Nov 4 00:21:12 mailman postfix/smtpd[25920]: NOQUEUE: reject: RCPT from unknown[195.158.22.4]: 554 5.7.1 Service unavailable; Client host [195.158.22.4] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/195.158.22.4; from= to= proto=ESMTP helo=<[195.158.22.4]> Nov 4 00:24:18 mailman postfix/smtpd[26005]: NOQUEUE: reject: RCPT from unknown[195.158.22.4]: 554 5.7.1 Service unavailable; Client host [195.158.22.4] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/195.158.22.4; from= to= proto=ESMTP helo=<[195.158.22.4]>	2019-11-04 19:24:00
195.158.229.20	attackbots	[portscan] Port scan	2019-09-24 08:03:06
195.158.229.20	attackbotsspam	[portscan] Port scan	2019-07-10 04:57:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 195.158.22.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41004
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;195.158.22.22.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 19:50:47 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 22.22.158.195.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 22.22.158.195.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
139.59.69.76	attackbotsspam	Invalid user test from 139.59.69.76 port 54588	2020-09-26 14:57:49
167.248.133.33	attackbotsspam	Unauthorized connection attempt from IP address 167.248.133.33 on port 587	2020-09-26 14:35:47
52.246.164.181	attack	2020-09-26T08:01:57.761821ks3355764 sshd[1824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.246.164.181 user=root 2020-09-26T08:01:59.659288ks3355764 sshd[1824]: Failed password for root from 52.246.164.181 port 30036 ssh2 ...	2020-09-26 14:16:53
106.54.206.184	attackspambots	" "	2020-09-26 14:58:20
51.222.25.197	attackbots	Invalid user testftp from 51.222.25.197 port 57406	2020-09-26 14:54:57
137.117.36.154	attackbots	invalid user	2020-09-26 14:40:42
218.92.0.195	attackspambots	Sep 26 07:52:40 dcd-gentoo sshd[5577]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Sep 26 07:52:43 dcd-gentoo sshd[5577]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Sep 26 07:52:43 dcd-gentoo sshd[5577]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.195 port 61918 ssh2 ...	2020-09-26 14:37:04
46.249.140.152	attackbots	Blocked by Sophos UTM Network Protection . / / proto=17 . srcport=58856 . dstport=49976 . (3552)	2020-09-26 14:24:38
192.35.169.31	attack	TCP (SYN) 192.35.169.31:11818 -> port 25, len 44	2020-09-26 14:28:32
222.186.169.192	attackspambots	2020-09-26T08:41:20.883491vps773228.ovh.net sshd[24844]: Failed password for root from 222.186.169.192 port 24542 ssh2 2020-09-26T08:41:23.670621vps773228.ovh.net sshd[24844]: Failed password for root from 222.186.169.192 port 24542 ssh2 2020-09-26T08:41:27.062314vps773228.ovh.net sshd[24844]: Failed password for root from 222.186.169.192 port 24542 ssh2 2020-09-26T08:41:29.671341vps773228.ovh.net sshd[24844]: Failed password for root from 222.186.169.192 port 24542 ssh2 2020-09-26T08:41:32.887582vps773228.ovh.net sshd[24844]: Failed password for root from 222.186.169.192 port 24542 ssh2 ...	2020-09-26 14:45:47
213.217.0.184	attack	Automatic report - Banned IP Access	2020-09-26 14:12:06
221.156.126.1	attackspambots	$f2bV_matches	2020-09-26 14:11:35
186.101.113.194	attackspam	SSHD brute force attack detected from [186.101.113.194]	2020-09-26 14:46:09
159.65.146.72	attackbots	159.65.146.72 - - [26/Sep/2020:02:52:20 +0100] "POST /wp-login.php HTTP/1.1" 200 2386 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.146.72 - - [26/Sep/2020:02:52:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2336 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.146.72 - - [26/Sep/2020:02:52:21 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-26 14:17:35
104.211.212.220	attack	SSH Brute Force	2020-09-26 14:32:13

最近上报的IP列表

90.84.242.145	119.165.255.8	111.172.149.112	47.245.15.163
103.74.111.50	221.140.151.235	40.115.6.72	123.143.203.67
201.27.55.3	39.65.20.100	188.65.91.66	105.15.157.244
104.248.227.130	95.179.167.247	62.234.101.62	46.43.129.65
99.25.80.191	79.132.109.38	45.231.12.96	185.56.149.223