220.132.252.102

基本信息:

城市(city): Tainan City

省份(region): Tainan

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port probing on unauthorized port 23	2020-07-27 07:06:14

相同子网IP讨论:

IP	类型	评论内容	时间
220.132.252.227	attackbotsspam	firewall-block, port(s): 23/tcp	2020-06-08 15:59:14
220.132.252.172	attack	Port probing on unauthorized port 9000	2020-05-16 06:58:00
220.132.252.249	attack	firewall-block, port(s): 23/tcp	2020-04-18 07:51:38
220.132.252.208	attackbotsspam	Unauthorized connection attempt detected from IP address 220.132.252.208 to port 4567 [J]	2020-01-27 01:22:23

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.132.252.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30589
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.132.252.102.		IN	A

;; AUTHORITY SECTION:
.			290	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072601 1800 900 604800 86400

;; Query time: 172 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 27 07:06:37 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

102.252.132.220.in-addr.arpa domain name pointer 220-132-252-102.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
102.252.132.220.in-addr.arpa	name = 220-132-252-102.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
77.240.252.70	attack	Last visit 2019-11-02 05:32:12	2019-11-03 15:40:06
178.150.132.45	attackbots	Nov 3 06:54:09 localhost sshd\[25677\]: Invalid user hs from 178.150.132.45 port 43160 Nov 3 06:54:09 localhost sshd\[25677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.150.132.45 Nov 3 06:54:12 localhost sshd\[25677\]: Failed password for invalid user hs from 178.150.132.45 port 43160 ssh2	2019-11-03 15:19:16
60.173.35.240	attack	Nov 3 01:40:00 eola postfix/smtpd[27967]: connect from unknown[60.173.35.240] Nov 3 01:40:00 eola postfix/smtpd[27967]: NOQUEUE: reject: RCPT from unknown[60.173.35.240]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo= Nov 3 01:40:01 eola postfix/smtpd[27967]: disconnect from unknown[60.173.35.240] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Nov 3 01:40:01 eola postfix/smtpd[27967]: connect from unknown[60.173.35.240] Nov 3 01:40:03 eola postfix/smtpd[27967]: lost connection after AUTH from unknown[60.173.35.240] Nov 3 01:40:03 eola postfix/smtpd[27967]: disconnect from unknown[60.173.35.240] ehlo=1 auth=0/1 commands=1/2 Nov 3 01:40:03 eola postfix/smtpd[27967]: connect from unknown[60.173.35.240] Nov 3 01:40:04 eola postfix/smtpd[27967]: lost connection after AUTH from unknown[60.173.35.240] Nov 3 01:40:04 eola postfix/smtpd[27967]: disconnect from unknown[60.173.35.240] ehlo=1 auth=0/1 commands=1/2 Nov 3 01........ -------------------------------	2019-11-03 15:21:41
159.203.201.80	attackspam	159.203.201.80 - - \[03/Nov/2019:06:54:20 +0100\] "GET /manager/html HTTP/1.1" 400 264 "-" "Mozilla/5.0 zgrab/0.x" ...	2019-11-03 15:14:26
132.232.118.214	attackbotsspam	5x Failed Password	2019-11-03 15:26:26
24.36.137.229	attack	Nov 3 06:38:18 db01 sshd[6057]: Failed password for r.r from 24.36.137.229 port 36950 ssh2 Nov 3 06:38:21 db01 sshd[6057]: Failed password for r.r from 24.36.137.229 port 36950 ssh2 Nov 3 06:38:23 db01 sshd[6057]: Failed password for r.r from 24.36.137.229 port 36950 ssh2 Nov 3 06:38:25 db01 sshd[6057]: Failed password for r.r from 24.36.137.229 port 36950 ssh2 Nov 3 06:38:26 db01 sshd[6057]: Failed password for r.r from 24.36.137.229 port 36950 ssh2 Nov 3 06:38:29 db01 sshd[6057]: Failed password for r.r from 24.36.137.229 port 36950 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=24.36.137.229	2019-11-03 15:30:30
60.181.66.54	attack	2× attempts to log on to WP. However, we do not use WP. Last visit 2019-11-02 01:24:24	2019-11-03 15:43:49
185.176.27.254	attack	11/03/2019-02:18:55.828300 185.176.27.254 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-03 15:19:48
92.249.232.222	attack	2× attempts to log on to WP. However, we do not use WP. Last visit 2019-11-02 17:40:11	2019-11-03 15:41:20
222.186.190.2	attack	Nov 3 04:31:17 firewall sshd[26030]: Failed password for root from 222.186.190.2 port 44720 ssh2 Nov 3 04:31:34 firewall sshd[26030]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 44720 ssh2 [preauth] Nov 3 04:31:34 firewall sshd[26030]: Disconnecting: Too many authentication failures [preauth] ...	2019-11-03 15:33:30
208.100.26.241	attackspam	firewall-block, port(s): 1433/tcp	2019-11-03 15:27:45
171.78.242.89	attackspam	2× attempts to log on to WP. However, we do not use WP. Last visit 2019-11-02 11:03:49	2019-11-03 15:42:48
92.118.161.13	attack	16010/tcp 3000/tcp 5061/tcp... [2019-10-30/11-02]4pkt,4pt.(tcp)	2019-11-03 15:49:25
106.13.142.115	attack	Automatic report - Banned IP Access	2019-11-03 15:38:45
138.68.99.46	attackbotsspam	Invalid user admin from 138.68.99.46 port 52694	2019-11-03 15:32:29

最近上报的IP列表

164.92.2.2	49.216.47.177	91.254.175.19	42.3.19.177
14.154.192.140	47.11.55.233	193.83.76.110	205.246.142.23
68.126.103.186	40.128.184.76	184.82.226.9	125.181.161.193
181.99.20.212	103.77.154.249	180.231.165.97	151.50.127.119
133.100.193.6	170.254.79.156	70.239.214.142	139.130.72.214