220.132.4.198 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-23 08:19:46
attackspambots	Unauthorized connection attempt detected from IP address 220.132.4.198 to port 23 [J]	2020-02-02 09:22:06

相同子网IP讨论:

IP	类型	评论内容	时间
220.132.4.51	attack	23/tcp [2020-06-11]1pkt	2020-06-12 04:52:45
220.132.4.170	attackbotsspam	TCP (SYN) 220.132.4.170:20997 -> port 23, len 40	2020-06-01 19:54:14
220.132.48.174	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 21:51:50
220.132.4.13	attackbotsspam	Port probing on unauthorized port 9000	2020-05-12 17:01:04
220.132.4.53	attack	port 23	2020-05-10 19:44:43
220.132.45.86	attackspambots	unauthorized connection attempt	2020-02-26 15:02:07
220.132.45.205	attackbotsspam	Unauthorized connection attempt detected from IP address 220.132.45.205 to port 81 [J]	2020-01-27 16:52:22
220.132.4.200	attackspam	Unauthorized connection attempt detected from IP address 220.132.4.200 to port 4567 [J]	2020-01-26 02:29:23

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.132.4.198
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36700
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.132.4.198.			IN	A

;; AUTHORITY SECTION:
.			310	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020102 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 09:22:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

198.4.132.220.in-addr.arpa domain name pointer 220-132-4-198.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
198.4.132.220.in-addr.arpa	name = 220-132-4-198.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
91.82.45.15	attackbotsspam	Aug 16 05:46:02 mail.srvfarm.net postfix/smtps/smtpd[1890604]: warning: unknown[91.82.45.15]: SASL PLAIN authentication failed: Aug 16 05:46:02 mail.srvfarm.net postfix/smtps/smtpd[1890604]: lost connection after AUTH from unknown[91.82.45.15] Aug 16 05:46:26 mail.srvfarm.net postfix/smtps/smtpd[1888391]: warning: unknown[91.82.45.15]: SASL PLAIN authentication failed: Aug 16 05:46:26 mail.srvfarm.net postfix/smtps/smtpd[1888391]: lost connection after AUTH from unknown[91.82.45.15] Aug 16 05:51:38 mail.srvfarm.net postfix/smtps/smtpd[1909604]: warning: unknown[91.82.45.15]: SASL PLAIN authentication failed:	2020-08-16 12:27:37
103.25.134.222	attackspam	Aug 16 05:27:48 mail.srvfarm.net postfix/smtps/smtpd[1890600]: warning: unknown[103.25.134.222]: SASL PLAIN authentication failed: Aug 16 05:27:48 mail.srvfarm.net postfix/smtps/smtpd[1890600]: lost connection after AUTH from unknown[103.25.134.222] Aug 16 05:29:39 mail.srvfarm.net postfix/smtps/smtpd[1888744]: warning: unknown[103.25.134.222]: SASL PLAIN authentication failed: Aug 16 05:29:40 mail.srvfarm.net postfix/smtps/smtpd[1888744]: lost connection after AUTH from unknown[103.25.134.222] Aug 16 05:32:09 mail.srvfarm.net postfix/smtpd[1879275]: warning: unknown[103.25.134.222]: SASL PLAIN authentication failed:	2020-08-16 13:03:21
181.114.208.219	attackbotsspam	Aug 16 05:28:43 mail.srvfarm.net postfix/smtps/smtpd[1874176]: warning: unknown[181.114.208.219]: SASL PLAIN authentication failed: Aug 16 05:28:45 mail.srvfarm.net postfix/smtps/smtpd[1874176]: lost connection after AUTH from unknown[181.114.208.219] Aug 16 05:36:00 mail.srvfarm.net postfix/smtpd[1887487]: warning: unknown[181.114.208.219]: SASL PLAIN authentication failed: Aug 16 05:36:01 mail.srvfarm.net postfix/smtpd[1887487]: lost connection after AUTH from unknown[181.114.208.219] Aug 16 05:36:41 mail.srvfarm.net postfix/smtps/smtpd[1888755]: warning: unknown[181.114.208.219]: SASL PLAIN authentication failed:	2020-08-16 12:57:38
193.35.48.18	attack	Aug 16 06:04:15 web01.agentur-b-2.de postfix/smtpd[4177350]: warning: unknown[193.35.48.18]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 06:04:15 web01.agentur-b-2.de postfix/smtpd[4177350]: lost connection after AUTH from unknown[193.35.48.18] Aug 16 06:04:21 web01.agentur-b-2.de postfix/smtpd[4170720]: lost connection after AUTH from unknown[193.35.48.18] Aug 16 06:04:26 web01.agentur-b-2.de postfix/smtpd[4177350]: lost connection after AUTH from unknown[193.35.48.18] Aug 16 06:04:30 web01.agentur-b-2.de postfix/smtps/smtpd[4192422]: lost connection after AUTH from unknown[193.35.48.18]	2020-08-16 12:40:13
200.133.39.84	attack	Aug 16 05:51:49 ns382633 sshd\[22683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.133.39.84 user=root Aug 16 05:51:50 ns382633 sshd\[22683\]: Failed password for root from 200.133.39.84 port 38430 ssh2 Aug 16 05:55:26 ns382633 sshd\[23429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.133.39.84 user=root Aug 16 05:55:28 ns382633 sshd\[23429\]: Failed password for root from 200.133.39.84 port 43064 ssh2 Aug 16 05:56:44 ns382633 sshd\[23552\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.133.39.84 user=root	2020-08-16 12:44:38
142.93.34.169	attack	142.93.34.169 - - [16/Aug/2020:05:56:38 +0200] "POST /wp-login.php HTTP/1.0" 200 4749 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 12:49:08
103.25.134.143	attack	Aug 16 05:33:23 mail.srvfarm.net postfix/smtpd[1888511]: warning: unknown[103.25.134.143]: SASL PLAIN authentication failed: Aug 16 05:33:23 mail.srvfarm.net postfix/smtpd[1888511]: lost connection after AUTH from unknown[103.25.134.143] Aug 16 05:42:23 mail.srvfarm.net postfix/smtps/smtpd[1907644]: warning: unknown[103.25.134.143]: SASL PLAIN authentication failed: Aug 16 05:42:23 mail.srvfarm.net postfix/smtps/smtpd[1907644]: lost connection after AUTH from unknown[103.25.134.143] Aug 16 05:43:06 mail.srvfarm.net postfix/smtps/smtpd[1890437]: warning: unknown[103.25.134.143]: SASL PLAIN authentication failed:	2020-08-16 12:26:19
87.249.156.118	attack	Aug 16 05:20:51 mail.srvfarm.net postfix/smtpd[1888823]: warning: 17505.PH.core.ttnet.cz[87.249.156.118]: SASL PLAIN authentication failed: Aug 16 05:20:51 mail.srvfarm.net postfix/smtpd[1888823]: lost connection after AUTH from 17505.PH.core.ttnet.cz[87.249.156.118] Aug 16 05:21:04 mail.srvfarm.net postfix/smtps/smtpd[1888715]: warning: 17505.PH.core.ttnet.cz[87.249.156.118]: SASL PLAIN authentication failed: Aug 16 05:21:04 mail.srvfarm.net postfix/smtps/smtpd[1888715]: lost connection after AUTH from 17505.PH.core.ttnet.cz[87.249.156.118] Aug 16 05:28:35 mail.srvfarm.net postfix/smtps/smtpd[1887813]: warning: 17505.PH.core.ttnet.cz[87.249.156.118]: SASL PLAIN authentication failed:	2020-08-16 13:05:32
112.85.42.172	attackspambots	Aug 16 06:29:14 abendstille sshd\[23657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root Aug 16 06:29:15 abendstille sshd\[23655\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root Aug 16 06:29:17 abendstille sshd\[23657\]: Failed password for root from 112.85.42.172 port 50036 ssh2 Aug 16 06:29:18 abendstille sshd\[23655\]: Failed password for root from 112.85.42.172 port 17641 ssh2 Aug 16 06:29:20 abendstille sshd\[23657\]: Failed password for root from 112.85.42.172 port 50036 ssh2 ...	2020-08-16 12:49:32
2002:c1a9:fd80::c1a9:fd80	attackspam	Aug 16 05:32:45 web01.agentur-b-2.de postfix/smtpd[4171816]: warning: unknown[2002:c1a9:fd80::c1a9:fd80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 05:32:45 web01.agentur-b-2.de postfix/smtpd[4171816]: lost connection after AUTH from unknown[2002:c1a9:fd80::c1a9:fd80] Aug 16 05:36:01 web01.agentur-b-2.de postfix/smtpd[4170720]: warning: unknown[2002:c1a9:fd80::c1a9:fd80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 05:36:01 web01.agentur-b-2.de postfix/smtpd[4170720]: lost connection after AUTH from unknown[2002:c1a9:fd80::c1a9:fd80] Aug 16 05:36:56 web01.agentur-b-2.de postfix/smtpd[4170720]: warning: unknown[2002:c1a9:fd80::c1a9:fd80]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 05:36:56 web01.agentur-b-2.de postfix/smtpd[4170720]: lost connection after AUTH from unknown[2002:c1a9:fd80::c1a9:fd80]	2020-08-16 12:35:36
45.176.214.175	attackbots	Aug 16 05:13:31 mail.srvfarm.net postfix/smtps/smtpd[1890605]: warning: unknown[45.176.214.175]: SASL PLAIN authentication failed: Aug 16 05:13:32 mail.srvfarm.net postfix/smtps/smtpd[1890605]: lost connection after AUTH from unknown[45.176.214.175] Aug 16 05:19:56 mail.srvfarm.net postfix/smtpd[1875075]: warning: unknown[45.176.214.175]: SASL PLAIN authentication failed: Aug 16 05:19:56 mail.srvfarm.net postfix/smtpd[1875075]: lost connection after AUTH from unknown[45.176.214.175] Aug 16 05:22:00 mail.srvfarm.net postfix/smtps/smtpd[1888391]: warning: unknown[45.176.214.175]: SASL PLAIN authentication failed:	2020-08-16 13:07:39
74.75.25.33	attackspam	Port scan on 1 port(s): 22	2020-08-16 12:50:58
72.11.135.222	attack	Brute Force attack - banned by Fail2Ban	2020-08-16 13:07:19
91.245.30.125	attack	Aug 16 05:14:59 mail.srvfarm.net postfix/smtps/smtpd[1888763]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed: Aug 16 05:14:59 mail.srvfarm.net postfix/smtps/smtpd[1888763]: lost connection after AUTH from unknown[91.245.30.125] Aug 16 05:22:34 mail.srvfarm.net postfix/smtpd[1888825]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed: Aug 16 05:22:34 mail.srvfarm.net postfix/smtpd[1888825]: lost connection after AUTH from unknown[91.245.30.125] Aug 16 05:24:01 mail.srvfarm.net postfix/smtpd[1888504]: warning: unknown[91.245.30.125]: SASL PLAIN authentication failed:	2020-08-16 13:05:13
103.237.56.88	attack	Aug 16 05:15:10 mail.srvfarm.net postfix/smtps/smtpd[1874176]: warning: unknown[103.237.56.88]: SASL PLAIN authentication failed: Aug 16 05:15:11 mail.srvfarm.net postfix/smtps/smtpd[1874176]: lost connection after AUTH from unknown[103.237.56.88] Aug 16 05:19:23 mail.srvfarm.net postfix/smtpd[1875198]: warning: unknown[103.237.56.88]: SASL PLAIN authentication failed: Aug 16 05:19:23 mail.srvfarm.net postfix/smtpd[1875198]: lost connection after AUTH from unknown[103.237.56.88] Aug 16 05:22:26 mail.srvfarm.net postfix/smtpd[1874513]: warning: unknown[103.237.56.88]: SASL PLAIN authentication failed:	2020-08-16 13:03:04

最近上报的IP列表

27.205.51.134	51.242.169.79	158.40.245.1	185.153.199.252
212.21.253.32	185.11.239.16	214.37.197.183	82.237.52.108
167.51.211.156	109.202.214.58	155.4.223.156	113.221.40.198
1.54.54.117	29.230.84.5	2.98.223.53	102.98.71.182
45.82.204.40	109.56.73.222	147.160.160.11	104.125.113.196