220.132.0.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorised access (Feb 13) SRC=220.132.0.42 LEN=40 TTL=45 ID=21868 TCP DPT=23 WINDOW=52930 SYN	2020-02-13 18:53:06
attackspam	Unauthorized connection attempt detected from IP address 220.132.0.42 to port 4567 [J]	2020-01-19 15:24:26

相同子网IP讨论:

IP	类型	评论内容	时间
220.132.0.58	attackbotsspam	" "	2020-07-13 02:04:11
220.132.0.207	attackbots	23/tcp [2019-11-03]1pkt	2019-11-03 18:39:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.132.0.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58183
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.132.0.42.			IN	A

;; AUTHORITY SECTION:
.			203	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011900 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 19 15:24:22 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

42.0.132.220.in-addr.arpa domain name pointer 220-132-0-42.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.0.132.220.in-addr.arpa	name = 220-132-0-42.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
37.49.229.168	attackbotsspam	Port scan	2019-11-30 01:50:28
165.22.76.53	attackspam	Invalid user geam from 165.22.76.53 port 33400	2019-11-30 01:53:09
171.243.22.137	attackbots	Spam Timestamp : 29-Nov-19 14:14 BlockList Provider combined abuse (546)	2019-11-30 01:42:00
151.32.181.135	attack	Nov 29 15:56:47 server2 sshd[15212]: reveeclipse mapping checking getaddrinfo for ppp-135-181.32-151.wind.hostname [151.32.181.135] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 29 15:56:47 server2 sshd[15210]: reveeclipse mapping checking getaddrinfo for ppp-135-181.32-151.wind.hostname [151.32.181.135] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 29 15:56:47 server2 sshd[15212]: Invalid user pi from 151.32.181.135 Nov 29 15:56:47 server2 sshd[15210]: Invalid user pi from 151.32.181.135 Nov 29 15:56:47 server2 sshd[15212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.32.181.135 Nov 29 15:56:47 server2 sshd[15210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.32.181.135 Nov 29 15:56:49 server2 sshd[15212]: Failed password for invalid user pi from 151.32.181.135 port 50738 ssh2 Nov 29 15:56:49 server2 sshd[15210]: Failed password for invalid user pi from 151.32.181.135 port 50736 ssh2 No........ -------------------------------	2019-11-30 01:56:30
46.38.144.32	attackbots	Nov 29 18:37:25 webserver postfix/smtpd\[9550\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 29 18:38:31 webserver postfix/smtpd\[9550\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 29 18:39:43 webserver postfix/smtpd\[9852\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 29 18:41:03 webserver postfix/smtpd\[9550\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 29 18:42:19 webserver postfix/smtpd\[9550\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-30 01:49:38
207.154.211.36	attack	SSH Brute Force	2019-11-30 02:20:00
134.175.100.149	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.100.149 Failed password for invalid user wilmschen from 134.175.100.149 port 33926 ssh2 Invalid user server from 134.175.100.149 port 41284 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.100.149 Failed password for invalid user server from 134.175.100.149 port 41284 ssh2	2019-11-30 01:54:34
95.86.34.46	attack	Automatic report - Port Scan Attack	2019-11-30 01:57:22
183.146.157.173	attackspambots	Nov 29 15:58:11 garuda postfix/smtpd[58277]: connect from unknown[183.146.157.173] Nov 29 15:58:11 garuda postfix/smtpd[58277]: connect from unknown[183.146.157.173] Nov 29 15:58:30 garuda postfix/smtpd[58277]: lost connection after CONNECT from unknown[183.146.157.173] Nov 29 15:58:30 garuda postfix/smtpd[58277]: disconnect from unknown[183.146.157.173] commands=0/0 Nov 29 15:58:30 garuda postfix/smtpd[58277]: lost connection after CONNECT from unknown[183.146.157.173] Nov 29 15:58:30 garuda postfix/smtpd[58277]: disconnect from unknown[183.146.157.173] commands=0/0 Nov 29 15:58:30 garuda postfix/smtpd[58277]: connect from unknown[183.146.157.173] Nov 29 15:58:30 garuda postfix/smtpd[58277]: connect from unknown[183.146.157.173] Nov 29 15:58:35 garuda postfix/smtpd[58277]: warning: unknown[183.146.157.173]: SASL LOGIN authentication failed: generic failure Nov 29 15:58:35 garuda postfix/smtpd[58277]: warning: unknown[183.146.157.173]: SASL LOGIN authentication failed: ........ -------------------------------	2019-11-30 02:02:52
186.38.19.1	attackspambots	Spam Timestamp : 29-Nov-19 14:30 BlockList Provider combined abuse (550)	2019-11-30 01:39:34
192.144.184.199	attackbotsspam	Nov 29 07:48:57 home sshd[28253]: Invalid user canute from 192.144.184.199 port 9205 Nov 29 07:48:57 home sshd[28253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.184.199 Nov 29 07:48:57 home sshd[28253]: Invalid user canute from 192.144.184.199 port 9205 Nov 29 07:48:58 home sshd[28253]: Failed password for invalid user canute from 192.144.184.199 port 9205 ssh2 Nov 29 07:54:16 home sshd[28269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.184.199 user=root Nov 29 07:54:18 home sshd[28269]: Failed password for root from 192.144.184.199 port 40797 ssh2 Nov 29 07:58:34 home sshd[28345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.184.199 user=root Nov 29 07:58:36 home sshd[28345]: Failed password for root from 192.144.184.199 port 14138 ssh2 Nov 29 08:02:43 home sshd[28367]: Invalid user dat from 192.144.184.199 port 43974 Nov 29 08:02:43 home sshd[28367]:	2019-11-30 02:05:27
51.75.18.215	attackspam	Nov 29 15:27:03 localhost sshd\[62964\]: Invalid user ch4rity from 51.75.18.215 port 54944 Nov 29 15:27:03 localhost sshd\[62964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.18.215 Nov 29 15:27:05 localhost sshd\[62964\]: Failed password for invalid user ch4rity from 51.75.18.215 port 54944 ssh2 Nov 29 15:30:08 localhost sshd\[63054\]: Invalid user T3ST2020 from 51.75.18.215 port 34214 Nov 29 15:30:08 localhost sshd\[63054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.18.215 ...	2019-11-30 02:18:53
159.65.30.66	attackbots	Automatic report - Banned IP Access	2019-11-30 01:39:17
159.138.153.141	attackbotsspam	Automatic report - Banned IP Access	2019-11-30 02:06:25
86.122.189.11	attack	Nov 29 15:56:28 reporting6 sshd[19757]: reveeclipse mapping checking getaddrinfo for static-86-122-189-11.rdsnet.ro [86.122.189.11] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 29 15:56:28 reporting6 sshd[19757]: Invalid user admin from 86.122.189.11 Nov 29 15:56:28 reporting6 sshd[19757]: Failed none for invalid user admin from 86.122.189.11 port 62383 ssh2 Nov 29 15:56:28 reporting6 sshd[19757]: Failed password for invalid user admin from 86.122.189.11 port 62383 ssh2 Nov 29 15:57:29 reporting6 sshd[20344]: reveeclipse mapping checking getaddrinfo for static-86-122-189-11.rdsnet.ro [86.122.189.11] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 29 15:57:29 reporting6 sshd[20344]: Invalid user admin from 86.122.189.11 Nov 29 15:57:29 reporting6 sshd[20344]: Failed none for invalid user admin from 86.122.189.11 port 65049 ssh2 Nov 29 15:57:29 reporting6 sshd[20344]: Failed password for invalid user admin from 86.122.189.11 port 65049 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/	2019-11-30 02:09:42

最近上报的IP列表

123.179.7.49	123.20.101.203	119.39.46.121	117.92.152.111
117.15.90.140	116.49.250.167	114.32.38.38	112.197.97.25
111.224.248.39	46.143.63.72	25.9.45.82	78.226.172.192
111.6.51.180	55.9.14.24	235.188.65.77	110.177.74.21
232.164.205.190	110.172.158.220	185.201.106.205	109.130.174.163