220.136.14.234

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Taiwan, China

运营商(isp): Chunghwa Telecom Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 05-03-2020 21:55:16.	2020-03-06 09:58:59

相同子网IP讨论:

IP	类型	评论内容	时间
220.136.147.189	attack	Aug 20 11:23:31 ns382633 sshd\[3379\]: Invalid user testftp from 220.136.147.189 port 52420 Aug 20 11:23:31 ns382633 sshd\[3379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.136.147.189 Aug 20 11:23:33 ns382633 sshd\[3379\]: Failed password for invalid user testftp from 220.136.147.189 port 52420 ssh2 Aug 20 11:29:17 ns382633 sshd\[4445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.136.147.189 user=root Aug 20 11:29:19 ns382633 sshd\[4445\]: Failed password for root from 220.136.147.189 port 47046 ssh2	2020-08-20 17:38:30
220.136.148.32	attackspambots	Aug 6 20:52:32 mockhub sshd[28272]: Failed password for root from 220.136.148.32 port 58982 ssh2 ...	2020-08-07 13:47:38
220.136.14.222	attackspam	Port Scan: TCP/2323	2019-09-20 19:59:04

类型

评论内容

时间

220.136.147.189

attack

Aug 20 11:23:31 ns382633 sshd\[3379\]: Invalid user testftp from 220.136.147.189 port 52420
Aug 20 11:23:31 ns382633 sshd\[3379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.136.147.189
Aug 20 11:23:33 ns382633 sshd\[3379\]: Failed password for invalid user testftp from 220.136.147.189 port 52420 ssh2
Aug 20 11:29:17 ns382633 sshd\[4445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.136.147.189  user=root
Aug 20 11:29:19 ns382633 sshd\[4445\]: Failed password for root from 220.136.147.189 port 47046 ssh2

2020-08-20 17:38:30

220.136.148.32

attackspambots

Aug  6 20:52:32 mockhub sshd[28272]: Failed password for root from 220.136.148.32 port 58982 ssh2
...

2020-08-07 13:47:38

220.136.14.222

attackspam

Port Scan: TCP/2323

2019-09-20 19:59:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.136.14.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7879
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.136.14.234.			IN	A

;; AUTHORITY SECTION:
.			190	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030502 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 06 09:58:56 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

234.14.136.220.in-addr.arpa domain name pointer 220-136-14-234.dynamic-ip.hinet.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
234.14.136.220.in-addr.arpa	name = 220-136-14-234.dynamic-ip.hinet.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
189.89.23.42	attack	Automatic report - Port Scan Attack	2020-06-26 18:38:46
138.204.24.11	attackbots	Jun 26 12:13:31 h2779839 sshd[18878]: Invalid user j from 138.204.24.11 port 58089 Jun 26 12:13:31 h2779839 sshd[18878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.24.11 Jun 26 12:13:31 h2779839 sshd[18878]: Invalid user j from 138.204.24.11 port 58089 Jun 26 12:13:33 h2779839 sshd[18878]: Failed password for invalid user j from 138.204.24.11 port 58089 ssh2 Jun 26 12:17:15 h2779839 sshd[18928]: Invalid user jenkins from 138.204.24.11 port 51917 Jun 26 12:17:15 h2779839 sshd[18928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.24.11 Jun 26 12:17:15 h2779839 sshd[18928]: Invalid user jenkins from 138.204.24.11 port 51917 Jun 26 12:17:17 h2779839 sshd[18928]: Failed password for invalid user jenkins from 138.204.24.11 port 51917 ssh2 Jun 26 12:21:01 h2779839 sshd[18960]: Invalid user apache2 from 138.204.24.11 port 28887 ...	2020-06-26 18:35:08
150.109.151.136	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-06-26 18:20:17
121.32.151.178	attackspam	TCP (SYN) 121.32.151.178:2300 -> port 23, len 44	2020-06-26 18:47:21
71.6.232.8	attack	TCP (SYN) 71.6.232.8:46727 -> port 27017, len 44	2020-06-26 18:18:41
128.201.77.94	attackspam	Jun 26 10:09:55 roki sshd[6257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.201.77.94 user=root Jun 26 10:09:56 roki sshd[6257]: Failed password for root from 128.201.77.94 port 47346 ssh2 Jun 26 10:14:31 roki sshd[6579]: Invalid user lab from 128.201.77.94 Jun 26 10:14:31 roki sshd[6579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.201.77.94 Jun 26 10:14:33 roki sshd[6579]: Failed password for invalid user lab from 128.201.77.94 port 55220 ssh2 ...	2020-06-26 18:23:01
187.178.229.38	attackspambots	Automatic report - Port Scan Attack	2020-06-26 18:18:07
64.202.184.249	attack	64.202.184.249 - - [26/Jun/2020:11:34:52 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.202.184.249 - - [26/Jun/2020:11:34:54 +0100] "POST /wp-login.php HTTP/1.1" 200 1972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.202.184.249 - - [26/Jun/2020:11:34:54 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-26 18:40:33
101.36.148.90	attackbotsspam	Invalid user mcserver from 101.36.148.90 port 42654	2020-06-26 18:23:50
211.22.154.223	attackbots	2020-06-26T08:43:04.816737abusebot-7.cloudsearch.cf sshd[18495]: Invalid user fast from 211.22.154.223 port 49902 2020-06-26T08:43:04.821498abusebot-7.cloudsearch.cf sshd[18495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211-22-154-223.hinet-ip.hinet.net 2020-06-26T08:43:04.816737abusebot-7.cloudsearch.cf sshd[18495]: Invalid user fast from 211.22.154.223 port 49902 2020-06-26T08:43:07.551991abusebot-7.cloudsearch.cf sshd[18495]: Failed password for invalid user fast from 211.22.154.223 port 49902 ssh2 2020-06-26T08:45:24.343889abusebot-7.cloudsearch.cf sshd[18508]: Invalid user nicolas from 211.22.154.223 port 59250 2020-06-26T08:45:24.348009abusebot-7.cloudsearch.cf sshd[18508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211-22-154-223.hinet-ip.hinet.net 2020-06-26T08:45:24.343889abusebot-7.cloudsearch.cf sshd[18508]: Invalid user nicolas from 211.22.154.223 port 59250 2020-06-26T08:45:26.11100 ...	2020-06-26 18:48:26
13.72.249.53	attackspam	Jun 25 21:38:54 roki-contabo sshd\[22364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.72.249.53 user=root Jun 25 21:38:56 roki-contabo sshd\[22364\]: Failed password for root from 13.72.249.53 port 5115 ssh2 Jun 26 03:52:12 roki-contabo sshd\[28168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.72.249.53 user=root Jun 26 03:52:15 roki-contabo sshd\[28168\]: Failed password for root from 13.72.249.53 port 64887 ssh2 Jun 26 12:27:00 roki-contabo sshd\[2167\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.72.249.53 user=root ...	2020-06-26 18:33:02
139.226.36.194	attackbotsspam	unauthorized connection attempt	2020-06-26 18:30:36
185.176.27.34	attackspambots	06/26/2020-06:28:39.715854 185.176.27.34 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-26 18:51:03
42.200.206.225	attackbotsspam	IP blocked	2020-06-26 18:40:59
49.232.51.237	attackspambots	Bruteforce detected by fail2ban	2020-06-26 18:36:37

最近上报的IP列表

100.50.231.65	163.139.213.35	238.71.206.94	78.158.1.45
205.178.56.199	157.50.19.217	115.4.235.189	196.191.53.34
196.191.53.225	157.230.188.53	159.182.12.89	113.88.13.147
95.128.137.176	13.181.129.4	192.241.206.58	145.216.246.70
178.121.210.5	27.73.139.99	217.174.228.34	76.132.201.24