220.136.14.222

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, Province of China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Port Scan: TCP/2323	2019-09-20 19:59:04

相同子网IP讨论:

IP	类型	评论内容	时间
220.136.147.189	attack	Aug 20 11:23:31 ns382633 sshd\[3379\]: Invalid user testftp from 220.136.147.189 port 52420 Aug 20 11:23:31 ns382633 sshd\[3379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.136.147.189 Aug 20 11:23:33 ns382633 sshd\[3379\]: Failed password for invalid user testftp from 220.136.147.189 port 52420 ssh2 Aug 20 11:29:17 ns382633 sshd\[4445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.136.147.189 user=root Aug 20 11:29:19 ns382633 sshd\[4445\]: Failed password for root from 220.136.147.189 port 47046 ssh2	2020-08-20 17:38:30
220.136.148.32	attackspambots	Aug 6 20:52:32 mockhub sshd[28272]: Failed password for root from 220.136.148.32 port 58982 ssh2 ...	2020-08-07 13:47:38
220.136.14.234	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 05-03-2020 21:55:16.	2020-03-06 09:58:59

类型

评论内容

时间

220.136.147.189

attack

Aug 20 11:23:31 ns382633 sshd\[3379\]: Invalid user testftp from 220.136.147.189 port 52420
Aug 20 11:23:31 ns382633 sshd\[3379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.136.147.189
Aug 20 11:23:33 ns382633 sshd\[3379\]: Failed password for invalid user testftp from 220.136.147.189 port 52420 ssh2
Aug 20 11:29:17 ns382633 sshd\[4445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.136.147.189  user=root
Aug 20 11:29:19 ns382633 sshd\[4445\]: Failed password for root from 220.136.147.189 port 47046 ssh2

2020-08-20 17:38:30

220.136.148.32

attackspambots

Aug  6 20:52:32 mockhub sshd[28272]: Failed password for root from 220.136.148.32 port 58982 ssh2
...

2020-08-07 13:47:38

220.136.14.234

attackspambots

Attempt to attack host OS, exploiting network vulnerabilities, on 05-03-2020 21:55:16.

2020-03-06 09:58:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.136.14.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38502
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.136.14.222.			IN	A

;; AUTHORITY SECTION:
.			524	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092000 1800 900 604800 86400

;; Query time: 351 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 19:59:00 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

222.14.136.220.in-addr.arpa domain name pointer 220-136-14-222.dynamic-ip.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
222.14.136.220.in-addr.arpa	name = 220-136-14-222.dynamic-ip.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
122.51.229.98	attackbotsspam	Jan 9 23:37:08 onepro3 sshd[12070]: Failed password for invalid user admin from 122.51.229.98 port 56100 ssh2 Jan 9 23:49:14 onepro3 sshd[12228]: Failed password for root from 122.51.229.98 port 56212 ssh2 Jan 9 23:53:09 onepro3 sshd[12281]: Failed password for invalid user ajketner from 122.51.229.98 port 55522 ssh2	2020-01-10 16:27:52
106.9.171.246	attack	2020-01-09 22:52:53 dovecot_login authenticator failed for (ylyna) [106.9.171.246]:61265 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lilei@lerctr.org) 2020-01-09 22:53:01 dovecot_login authenticator failed for (lkwkj) [106.9.171.246]:61265 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lilei@lerctr.org) 2020-01-09 22:53:12 dovecot_login authenticator failed for (ugimv) [106.9.171.246]:61265 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lilei@lerctr.org) ...	2020-01-10 16:27:07
137.226.113.25	attackbots	Automatic report - Port Scan	2020-01-10 16:54:27
95.172.44.186	attack	postfix (unknown user, SPF fail or relay access denied)	2020-01-10 16:52:29
169.255.77.212	attackspambots	1578631971 - 01/10/2020 05:52:51 Host: 169.255.77.212/169.255.77.212 Port: 445 TCP Blocked	2020-01-10 16:41:18
140.143.199.169	attackbots	Jan 10 05:38:14 ws25vmsma01 sshd[76849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.169 Jan 10 05:38:16 ws25vmsma01 sshd[76849]: Failed password for invalid user user from 140.143.199.169 port 57672 ssh2 ...	2020-01-10 16:38:09
222.186.175.154	attack	Jan 10 03:50:46 mail sshd\[28889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root ...	2020-01-10 16:53:13
107.161.22.229	attackbots	Jan 10 06:09:30 h2040555 sshd[32232]: Address 107.161.22.229 maps to mercury2.rudrawebsolution.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jan 10 06:09:30 h2040555 sshd[32232]: Invalid user Server from 107.161.22.229 Jan 10 06:09:30 h2040555 sshd[32232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.161.22.229 Jan 10 06:09:32 h2040555 sshd[32232]: Failed password for invalid user Server from 107.161.22.229 port 55456 ssh2 Jan 10 06:09:32 h2040555 sshd[32232]: Received disconnect from 107.161.22.229: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=107.161.22.229	2020-01-10 16:16:42
142.93.241.93	attack	Jan 10 06:23:57 [host] sshd[16566]: Invalid user dbtest from 142.93.241.93 Jan 10 06:23:57 [host] sshd[16566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.241.93 Jan 10 06:23:59 [host] sshd[16566]: Failed password for invalid user dbtest from 142.93.241.93 port 53300 ssh2	2020-01-10 16:23:44
188.166.246.46	attack	Jan 10 06:17:38 plex sshd[773]: Invalid user viper from 188.166.246.46 port 59862	2020-01-10 16:40:17
103.143.127.3	attack	Jan 10 05:52:36 exim[24168]: [1\41] 1ipmHg-0006Ho-UE H=([103.143.127.0]) [103.143.127.3] F= rejected after DATA: This message scored 14.2 spam points.	2020-01-10 16:32:19
92.118.37.70	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 95 - port: 3390 proto: TCP cat: Misc Attack	2020-01-10 16:35:38
166.62.36.222	attackbotsspam	166.62.36.222 - - [10/Jan/2020:09:05:58 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.36.222 - - [10/Jan/2020:09:05:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2297 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.36.222 - - [10/Jan/2020:09:05:59 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.36.222 - - [10/Jan/2020:09:06:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.36.222 - - [10/Jan/2020:09:06:06 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.36.222 - - [10/Jan/2020:09:06:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-10 16:53:58
69.162.98.124	attackspam	Unauthorized connection attempt detected from IP address 69.162.98.124 to port 445	2020-01-10 16:52:09
14.102.2.21	attackbots	Jan 10 05:53:04 debian-2gb-nbg1-2 kernel: \[891295.383074\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=14.102.2.21 DST=195.201.40.59 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=30579 DF PROTO=TCP SPT=58017 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0	2020-01-10 16:32:41

最近上报的IP列表

191.32.203.3	190.210.83.209	190.98.13.4	190.88.34.94
189.122.243.153	128.134.2.17	198.143.148.169	185.81.157.128
14.98.230.8	96.119.93.28	181.196.1.76	191.11.220.86
36.241.109.253	113.158.51.162	53.8.181.133	12.125.56.127
197.221.116.76	158.145.137.185	179.186.7.217	96.40.52.186