220.132.245.94

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 20:21:16,750 INFO [amun_request_handler] PortScan Detected on Port: 445 (220.132.245.94)	2019-07-06 09:23:45

相同子网IP讨论:

IP	类型	评论内容	时间
220.132.245.80	attack	Found on CINS badguys / proto=6 . srcport=14568 . dstport=23 . (1127)	2020-09-17 21:15:49
220.132.245.80	attack	Found on CINS badguys / proto=6 . srcport=14568 . dstport=23 . (1127)	2020-09-17 13:26:57
220.132.245.80	attackbots	Found on CINS badguys / proto=6 . srcport=14568 . dstport=23 . (1127)	2020-09-17 04:32:41
220.132.245.196	attackspam	SmallBizIT.US 1 packets to tcp(23)	2020-05-23 15:56:42
220.132.245.198	attackbotsspam	Honeypot attack, port: 81, PTR: 220-132-245-198.HINET-IP.hinet.net.	2020-05-21 06:18:49
220.132.245.14	attack	SMB Server BruteForce Attack	2019-11-06 18:11:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.132.245.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1393
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.132.245.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070501 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 06 09:23:39 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

94.245.132.220.in-addr.arpa domain name pointer 220-132-245-94.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
94.245.132.220.in-addr.arpa	name = 220-132-245-94.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
130.61.23.32	attackbots	Brute force SMTP login attempts.	2019-10-13 15:39:43
40.73.116.245	attackbots	Oct 13 08:57:43 icinga sshd[17043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.116.245 Oct 13 08:57:45 icinga sshd[17043]: Failed password for invalid user qwer!@#$ from 40.73.116.245 port 37478 ssh2 ...	2019-10-13 15:27:31
178.128.156.159	attackspam	Oct 13 06:12:31 localhost sshd\[15719\]: Invalid user R00T@1234 from 178.128.156.159 port 58934 Oct 13 06:12:31 localhost sshd\[15719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.156.159 Oct 13 06:12:33 localhost sshd\[15719\]: Failed password for invalid user R00T@1234 from 178.128.156.159 port 58934 ssh2	2019-10-13 15:42:01
79.137.73.253	attack	Oct 12 21:26:56 kapalua sshd\[12600\]: Invalid user Admin@101 from 79.137.73.253 Oct 12 21:26:56 kapalua sshd\[12600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=253.ip-79-137-73.eu Oct 12 21:26:59 kapalua sshd\[12600\]: Failed password for invalid user Admin@101 from 79.137.73.253 port 52278 ssh2 Oct 12 21:30:48 kapalua sshd\[12994\]: Invalid user 4rfv5tgb from 79.137.73.253 Oct 12 21:30:48 kapalua sshd\[12994\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=253.ip-79-137-73.eu	2019-10-13 15:42:44
49.235.88.104	attack	Oct 13 07:24:43 vtv3 sshd\[20030\]: Invalid user 123 from 49.235.88.104 port 40910 Oct 13 07:24:43 vtv3 sshd\[20030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.88.104 Oct 13 07:24:44 vtv3 sshd\[20030\]: Failed password for invalid user 123 from 49.235.88.104 port 40910 ssh2 Oct 13 07:31:18 vtv3 sshd\[23413\]: Invalid user Africa!23 from 49.235.88.104 port 56432 Oct 13 07:31:18 vtv3 sshd\[23413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.88.104 Oct 13 07:44:06 vtv3 sshd\[29518\]: Invalid user P4ssw0rd@2016 from 49.235.88.104 port 57532 Oct 13 07:44:06 vtv3 sshd\[29518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.88.104 Oct 13 07:44:08 vtv3 sshd\[29518\]: Failed password for invalid user P4ssw0rd@2016 from 49.235.88.104 port 57532 ssh2 Oct 13 07:50:37 vtv3 sshd\[636\]: Invalid user 123Bio from 49.235.88.104 port 44226 Oct 13 07:50:37 vtv3 sshd\	2019-10-13 15:35:14
198.20.127.142	attackbots	Automatic report - XMLRPC Attack	2019-10-13 15:26:55
150.95.110.90	attackbots	Oct 13 09:03:19 * sshd[3027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.110.90 Oct 13 09:03:22 * sshd[3027]: Failed password for invalid user Qw3rty@1234 from 150.95.110.90 port 49430 ssh2	2019-10-13 15:44:54
190.9.130.159	attackspambots	Oct 13 08:55:29 OPSO sshd\[28726\]: Invalid user Comptable from 190.9.130.159 port 51207 Oct 13 08:55:29 OPSO sshd\[28726\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.130.159 Oct 13 08:55:31 OPSO sshd\[28726\]: Failed password for invalid user Comptable from 190.9.130.159 port 51207 ssh2 Oct 13 09:00:40 OPSO sshd\[29405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.130.159 user=root Oct 13 09:00:42 OPSO sshd\[29405\]: Failed password for root from 190.9.130.159 port 42919 ssh2	2019-10-13 15:46:35
222.186.173.238	attackspam	Oct 13 03:40:26 ny01 sshd[15958]: Failed password for root from 222.186.173.238 port 58618 ssh2 Oct 13 03:40:43 ny01 sshd[15958]: error: maximum authentication attempts exceeded for root from 222.186.173.238 port 58618 ssh2 [preauth] Oct 13 03:40:55 ny01 sshd[16001]: Failed password for root from 222.186.173.238 port 15660 ssh2	2019-10-13 15:54:30
213.6.8.38	attackspam	Fail2Ban - SSH Bruteforce Attempt	2019-10-13 15:26:37
183.82.118.131	attackbots	2019-10-13T09:13:22.306228 sshd[9582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.118.131 user=root 2019-10-13T09:13:24.355671 sshd[9582]: Failed password for root from 183.82.118.131 port 37115 ssh2 2019-10-13T09:18:02.914059 sshd[9668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.118.131 user=root 2019-10-13T09:18:04.737412 sshd[9668]: Failed password for root from 183.82.118.131 port 56893 ssh2 2019-10-13T09:22:45.058219 sshd[9716]: Invalid user 123 from 183.82.118.131 port 48437 ...	2019-10-13 15:56:05
115.79.60.104	attackspambots	Oct 13 05:52:24 ArkNodeAT sshd\[21003\]: Invalid user cde3XSW@zaq1 from 115.79.60.104 Oct 13 05:52:24 ArkNodeAT sshd\[21003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.79.60.104 Oct 13 05:52:26 ArkNodeAT sshd\[21003\]: Failed password for invalid user cde3XSW@zaq1 from 115.79.60.104 port 42000 ssh2	2019-10-13 15:31:56
106.12.36.173	attackspam	Oct 11 08:50:05 xxx sshd[12553]: Failed password for r.r from 106.12.36.173 port 55342 ssh2 Oct 11 08:50:05 xxx sshd[12553]: Received disconnect from 106.12.36.173 port 55342:11: Bye Bye [preauth] Oct 11 08:50:05 xxx sshd[12553]: Disconnected from 106.12.36.173 port 55342 [preauth] Oct 11 09:14:26 xxx sshd[17498]: Failed password for r.r from 106.12.36.173 port 35592 ssh2 Oct 11 09:14:26 xxx sshd[17498]: Received disconnect from 106.12.36.173 port 35592:11: Bye Bye [preauth] Oct 11 09:14:26 xxx sshd[17498]: Disconnected from 106.12.36.173 port 35592 [preauth] Oct 11 09:19:11 xxx sshd[18502]: Failed password for r.r from 106.12.36.173 port 44664 ssh2 Oct 11 09:19:11 xxx sshd[18502]: Received disconnect from 106.12.36.173 port 44664:11: Bye Bye [preauth] Oct 11 09:19:11 xxx sshd[18502]: Disconnected from 106.12.36.173 port 44664 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.12.36.173	2019-10-13 15:23:10
222.186.42.4	attackbots	Oct 13 09:38:04 MainVPS sshd[29678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Oct 13 09:38:06 MainVPS sshd[29678]: Failed password for root from 222.186.42.4 port 41342 ssh2 Oct 13 09:38:23 MainVPS sshd[29678]: error: maximum authentication attempts exceeded for root from 222.186.42.4 port 41342 ssh2 [preauth] Oct 13 09:38:04 MainVPS sshd[29678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Oct 13 09:38:06 MainVPS sshd[29678]: Failed password for root from 222.186.42.4 port 41342 ssh2 Oct 13 09:38:23 MainVPS sshd[29678]: error: maximum authentication attempts exceeded for root from 222.186.42.4 port 41342 ssh2 [preauth] Oct 13 09:38:31 MainVPS sshd[29709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Oct 13 09:38:32 MainVPS sshd[29709]: Failed password for root from 222.186.42.4 port 53646 ssh2 ...	2019-10-13 15:48:33
80.211.115.16	attack	Oct 13 07:07:19 www sshd\[122864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.115.16 user=root Oct 13 07:07:21 www sshd\[122864\]: Failed password for root from 80.211.115.16 port 34710 ssh2 Oct 13 07:11:24 www sshd\[123001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.115.16 user=root ...	2019-10-13 15:53:34

最近上报的IP列表

206.196.116.245	245.82.38.3	36.105.44.129	78.155.206.150
201.92.197.54	23.238.115.210	121.142.165.111	248.38.145.136
167.105.42.134	223.97.201.132	201.123.116.113	227.118.184.109
182.76.53.114	88.230.231.27	110.247.169.104	37.79.128.238
108.250.121.190	193.56.29.114	82.157.52.156	144.1.204.255