220.134.139.113

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	UTC: 2019-11-26 port: 23/tcp	2019-11-28 02:03:04

相同子网IP讨论:

IP	类型	评论内容	时间
220.134.139.115	attack	Honeypot attack, port: 4567, PTR: 220-134-139-115.HINET-IP.hinet.net.	2020-03-19 04:16:30
220.134.139.115	attack	Port Scan	2020-02-25 15:58:59
220.134.139.208	attack	Honeypot attack, port: 81, PTR: 220-134-139-208.HINET-IP.hinet.net.	2020-02-14 22:14:15
220.134.139.98	attack	Unauthorized connection attempt detected from IP address 220.134.139.98 to port 23 [J]	2020-01-07 19:41:11
220.134.139.208	attack	Honeypot attack, port: 23, PTR: 220-134-139-208.HINET-IP.hinet.net.	2019-07-19 19:29:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.134.139.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33524
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.134.139.113.		IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112700 1800 900 604800 86400

;; Query time: 209 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 28 02:03:00 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

113.139.134.220.in-addr.arpa domain name pointer 220-134-139-113.HINET-IP.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
113.139.134.220.in-addr.arpa	name = 220-134-139-113.HINET-IP.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
177.124.61.251	attackbotsspam	Jul 5 01:06:25 vps691689 sshd[22455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.124.61.251 Jul 5 01:06:27 vps691689 sshd[22455]: Failed password for invalid user stack from 177.124.61.251 port 54838 ssh2 ...	2019-07-05 14:42:08
186.52.158.47	attack	2019-07-05 00:26:45 unexpected disconnection while reading SMTP command from r186-52-158-47.dialup.adsl.anteldata.net.uy [186.52.158.47]:7694 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-05 00:26:55 unexpected disconnection while reading SMTP command from r186-52-158-47.dialup.adsl.anteldata.net.uy [186.52.158.47]:8590 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-05 00:27:04 unexpected disconnection while reading SMTP command from r186-52-158-47.dialup.adsl.anteldata.net.uy [186.52.158.47]:25131 I=[10.100.18.20]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=186.52.158.47	2019-07-05 14:32:27
49.36.28.127	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 15:20:41,508 INFO [shellcode_manager] (49.36.28.127) no match, writing hexdump (beb7d47c08047f9e0878f5bd64f4cdca :2246133) - MS17010 (EternalBlue)	2019-07-05 15:01:41
171.5.48.6	attackbots	Jul 5 01:42:34 srv-4 sshd\[19077\]: Invalid user admin from 171.5.48.6 Jul 5 01:42:34 srv-4 sshd\[19077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.5.48.6 Jul 5 01:42:36 srv-4 sshd\[19077\]: Failed password for invalid user admin from 171.5.48.6 port 36135 ssh2 ...	2019-07-05 14:45:38
181.63.245.127	attackbots	Invalid user aya from 181.63.245.127 port 42849	2019-07-05 14:43:33
183.87.35.162	attackspam	Jul 5 06:49:57 ns3367391 sshd\[25007\]: Invalid user slib from 183.87.35.162 port 41520 Jul 5 06:49:57 ns3367391 sshd\[25007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.87.35.162 ...	2019-07-05 14:28:47
112.241.140.114	attackspam	/var/log/messages:Jul 4 22:34:55 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1562279695.332:98323): pid=4696 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aexxxxxxx28-ctr ksize=128 mac=hmac-sha1 pfs=diffie-hellman-group14-sha1 spid=4697 suid=74 rport=55900 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=112.241.140.114 terminal=? res=success' /var/log/messages:Jul 4 22:34:55 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1562279695.335:98324): pid=4696 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aexxxxxxx28-ctr ksize=128 mac=hmac-sha1 pfs=diffie-hellman-group14-sha1 spid=4697 suid=74 rport=55900 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=112.241.140.114 terminal=? res=success' /var/log/messages:Jul 4 22:34:56 sanyalnet-cloud-vps fail2ban.fil........ -------------------------------	2019-07-05 14:57:33
117.27.151.104	attackspam	port scan and connect, tcp 22 (ssh)	2019-07-05 14:21:36
122.190.107.209	attack	Jul 4 17:43:14 mailman postfix/smtpd[11681]: NOQUEUE: reject: RCPT from unknown[122.190.107.209]: 554 5.7.1 Service unavailable; Client host [122.190.107.209] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/122.190.107.209 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to=<[munged][at][munged]> proto=ESMTP helo= Jul 4 17:43:15 mailman postfix/smtpd[11683]: NOQUEUE: reject: RCPT from unknown[122.190.107.209]: 554 5.7.1 Service unavailable; Client host [122.190.107.209] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/query/ip/122.190.107.209 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to=<[munged][at][munged]> proto=ESMTP helo=	2019-07-05 14:33:58
104.217.191.123	attack	Jul 4 15:28:15 woof sshd[25603]: Invalid user marta from 104.217.191.123 Jul 4 15:28:15 woof sshd[25603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.217.191.123 Jul 4 15:28:16 woof sshd[25603]: Failed password for invalid user marta from 104.217.191.123 port 39990 ssh2 Jul 4 15:28:16 woof sshd[25603]: Received disconnect from 104.217.191.123: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.217.191.123	2019-07-05 14:37:42
210.18.171.206	attack	Jul 4 18:41:49 plusreed sshd[24051]: Invalid user mother from 210.18.171.206 Jul 4 18:41:49 plusreed sshd[24051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.18.171.206 Jul 4 18:41:49 plusreed sshd[24051]: Invalid user mother from 210.18.171.206 Jul 4 18:41:51 plusreed sshd[24051]: Failed password for invalid user mother from 210.18.171.206 port 40382 ssh2 Jul 4 18:41:49 plusreed sshd[24051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.18.171.206 Jul 4 18:41:49 plusreed sshd[24051]: Invalid user mother from 210.18.171.206 Jul 4 18:41:51 plusreed sshd[24051]: Failed password for invalid user mother from 210.18.171.206 port 40382 ssh2 Jul 4 18:41:54 plusreed sshd[24051]: Failed password for invalid user mother from 210.18.171.206 port 40382 ssh2 ...	2019-07-05 15:02:41
190.245.1.59	attack	2019-07-04 22:34:55 H=59-1-245-190.fibertel.com.ar [190.245.1.59]:10495 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=190.245.1.59) 2019-07-04 22:34:55 unexpected disconnection while reading SMTP command from 59-1-245-190.fibertel.com.ar [190.245.1.59]:10495 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-05 00:29:31 H=59-1-245-190.fibertel.com.ar [190.245.1.59]:13603 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=190.245.1.59) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.245.1.59	2019-07-05 14:44:46
124.31.204.116	attack	SMB Server BruteForce Attack	2019-07-05 14:40:18
157.230.237.76	attackspambots	2019-07-05T08:02:45.2382851240 sshd\[9510\]: Invalid user jboss from 157.230.237.76 port 51372 2019-07-05T08:02:45.2451341240 sshd\[9510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.237.76 2019-07-05T08:02:46.7732611240 sshd\[9510\]: Failed password for invalid user jboss from 157.230.237.76 port 51372 ssh2 ...	2019-07-05 14:33:19
196.112.83.63	attack	2019-07-05 00:28:25 unexpected disconnection while reading SMTP command from ([196.112.83.63]) [196.112.83.63]:47351 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-05 00:28:34 unexpected disconnection while reading SMTP command from ([196.112.83.63]) [196.112.83.63]:53360 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-07-05 00:28:39 unexpected disconnection while reading SMTP command from ([196.112.83.63]) [196.112.83.63]:17238 I=[10.100.18.25]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=196.112.83.63	2019-07-05 14:39:14

最近上报的IP列表

87.72.41.197	81.219.210.251	214.212.184.209	202.91.84.101
77.82.81.46	222.254.175.214	176.111.244.20	140.143.245.229
196.219.129.198	101.51.210.77	196.207.87.95	52.197.97.224
196.207.87.242	114.220.29.186	179.127.52.0	42.236.10.113
190.102.140.2	113.53.71.75	195.33.236.190	181.41.216.142