220.132.84.234

基本信息:

城市(city): Fongshan District

省份(region): Kaohsiung

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 220.132.84.234 to port 2323 [T]	2020-10-12 01:04:00
attack	Unauthorized connection attempt detected from IP address 220.132.84.234 to port 2323 [T]	2020-10-11 16:56:32
attack	Port Scan ...	2020-10-11 10:16:46

相同子网IP讨论:

IP	类型	评论内容	时间
220.132.84.246	attackbots	20/7/31@23:49:31: FAIL: IoT-Telnet address from=220.132.84.246 ...	2020-08-01 17:59:45
220.132.84.159	attackbots	Honeypot attack, port: 81, PTR: 220-132-84-159.HINET-IP.hinet.net.	2020-03-19 14:42:03
220.132.84.159	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-21 02:04:47
220.132.84.83	attack	Unauthorized connection attempt detected from IP address 220.132.84.83 to port 4567 [J]	2020-01-21 16:03:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.132.84.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38259
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.132.84.234.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101002 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 11 10:16:42 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

234.84.132.220.in-addr.arpa domain name pointer 220-132-84-234.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
234.84.132.220.in-addr.arpa	name = 220-132-84-234.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
106.211.221.148	attackspambots	106.211.221.148 - - [04/Sep/2020:12:44:51 -0400] "POST /xmlrpc.php HTTP/1.1" 404 208 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36" 106.211.221.148 - - [04/Sep/2020:12:44:55 -0400] "POST /wordpress/xmlrpc.php HTTP/1.1" 404 218 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36" 106.211.221.148 - - [04/Sep/2020:12:44:55 -0400] "POST /blog/xmlrpc.php HTTP/1.1" 404 213 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36" ...	2020-09-05 19:59:52
117.5.140.181	attackspambots	Unauthorized connection attempt from IP address 117.5.140.181 on Port 445(SMB)	2020-09-05 19:24:00
151.48.172.209	attackspambots	Automatic report - Port Scan Attack	2020-09-05 19:45:44
175.138.96.59	attackspambots	Automatic report - Port Scan Attack	2020-09-05 19:25:49
94.102.51.78	attack	Sep 5 12:08:50 lnxmail61 sshd[9779]: Failed password for root from 94.102.51.78 port 32987 ssh2 Sep 5 12:08:53 lnxmail61 sshd[9779]: Failed password for root from 94.102.51.78 port 32987 ssh2 Sep 5 12:08:55 lnxmail61 sshd[9779]: Failed password for root from 94.102.51.78 port 32987 ssh2 Sep 5 12:08:57 lnxmail61 sshd[9779]: Failed password for root from 94.102.51.78 port 32987 ssh2	2020-09-05 19:25:10
23.129.64.192	attackspambots	(sshd) Failed SSH login from 23.129.64.192 (US/United States/-): 5 in the last 3600 secs	2020-09-05 19:36:25
203.55.21.198	attackspambots	TCP Port: 25 invalid blocked Listed on dnsbl-sorbs also spam-sorbs and NoSolicitado (163)	2020-09-05 19:31:06
106.12.142.137	attackspam	Invalid user zxx from 106.12.142.137 port 48588	2020-09-05 19:23:14
93.103.90.248	attack	Sep 4 19:35:00 vps34202 sshd[21467]: Invalid user Adminixxxr from 93.103.90.248 Sep 4 19:35:00 vps34202 sshd[21467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-103-90-248.dynamic.t-2.net Sep 4 19:35:02 vps34202 sshd[21480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93-103-90-248.dynamic.t-2.net user=r.r Sep 4 19:35:02 vps34202 sshd[21467]: Failed password for invalid user Adminixxxr from 93.103.90.248 port 33150 ssh2 Sep 4 19:35:02 vps34202 sshd[21467]: Connection closed by 93.103.90.248 [preauth] Sep 4 19:35:03 vps34202 sshd[21480]: Failed password for r.r from 93.103.90.248 port 33192 ssh2 Sep 4 19:35:03 vps34202 sshd[21480]: Connection closed by 93.103.90.248 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.103.90.248	2020-09-05 20:00:55
85.242.94.53	attack	Sep 4 18:45:26 mellenthin postfix/smtpd[32153]: NOQUEUE: reject: RCPT from bl9-94-53.dsl.telepac.pt[85.242.94.53]: 554 5.7.1 Service unavailable; Client host [85.242.94.53] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/85.242.94.53; from= to= proto=ESMTP helo=	2020-09-05 19:31:35
119.147.71.174	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-05 19:52:09
203.81.78.180	attackspambots	Sep 5 13:52:47 inter-technics sshd[25567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.81.78.180 user=root Sep 5 13:52:48 inter-technics sshd[25567]: Failed password for root from 203.81.78.180 port 36172 ssh2 Sep 5 13:55:40 inter-technics sshd[25728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.81.78.180 user=root Sep 5 13:55:42 inter-technics sshd[25728]: Failed password for root from 203.81.78.180 port 57438 ssh2 Sep 5 13:58:32 inter-technics sshd[25907]: Invalid user naman from 203.81.78.180 port 50460 ...	2020-09-05 20:00:21
202.53.87.214	attack	Unauthorized connection attempt from IP address 202.53.87.214 on Port 445(SMB)	2020-09-05 19:33:52
117.102.76.182	attackspam	Sep 5 10:23:45 scw-6657dc sshd[20260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.76.182 user=root Sep 5 10:23:45 scw-6657dc sshd[20260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.76.182 user=root Sep 5 10:23:47 scw-6657dc sshd[20260]: Failed password for root from 117.102.76.182 port 38968 ssh2 ...	2020-09-05 19:17:08
185.217.1.245	attack	Tried our host z.	2020-09-05 19:51:06

最近上报的IP列表

51.210.242.109	200.158.188.144	42.117.57.45	140.206.55.6
112.85.42.233	118.126.109.155	221.182.164.10	179.219.96.69
113.23.144.50	179.219.97.149	95.15.117.115	94.138.129.212
89.178.18.43	82.65.166.65	189.41.6.81	59.177.38.94
3.227.233.48	136.232.186.138	180.191.243.160	107.77.249.53