必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Sichuan Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:
类型 评论内容 时间
attackspam
2020-10-09T14:52:48.863478snf-827550 sshd[9720]: Failed password for invalid user home from 220.166.42.139 port 51810 ssh2
2020-10-09T14:55:12.573643snf-827550 sshd[9999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139  user=root
2020-10-09T14:55:14.308749snf-827550 sshd[9999]: Failed password for root from 220.166.42.139 port 42214 ssh2
...
2020-10-10 06:48:48
attackbots
2020-10-09T14:52:48.863478snf-827550 sshd[9720]: Failed password for invalid user home from 220.166.42.139 port 51810 ssh2
2020-10-09T14:55:12.573643snf-827550 sshd[9999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139  user=root
2020-10-09T14:55:14.308749snf-827550 sshd[9999]: Failed password for root from 220.166.42.139 port 42214 ssh2
...
2020-10-09 23:02:54
attackspam
Oct  8 17:48:12 host sshd\[21280\]: Invalid user lisa from 220.166.42.139
Oct  8 17:48:12 host sshd\[21280\]: Failed password for invalid user lisa from 220.166.42.139 port 60202 ssh2
Oct  8 18:08:10 host sshd\[26200\]: Failed password for root from 220.166.42.139 port 45604 ssh2
...
2020-10-09 14:52:04
attackspambots
2020-09-24T22:47:52.423902shield sshd\[25661\]: Invalid user ts3bot from 220.166.42.139 port 49618
2020-09-24T22:47:52.437793shield sshd\[25661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139
2020-09-24T22:47:54.594774shield sshd\[25661\]: Failed password for invalid user ts3bot from 220.166.42.139 port 49618 ssh2
2020-09-24T22:52:31.047570shield sshd\[27110\]: Invalid user guest from 220.166.42.139 port 57100
2020-09-24T22:52:31.056533shield sshd\[27110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139
2020-09-25 09:24:32
attack
Aug 29 20:50:10 propaganda sshd[21584]: Connection from 220.166.42.139 port 45914 on 10.0.0.161 port 22 rdomain ""
Aug 29 20:50:11 propaganda sshd[21584]: Connection closed by 220.166.42.139 port 45914 [preauth]
2020-08-30 14:40:19
attackspam
Aug 27 12:39:47 lunarastro sshd[6232]: Failed password for root from 220.166.42.139 port 43398 ssh2
2020-08-27 21:19:10
attackspam
2020-08-09T05:54:12.091979+02:00  sshd[30398]: Failed password for root from 220.166.42.139 port 48886 ssh2
2020-08-09 13:06:59
attackbotsspam
2020-08-07T13:59:13.653204amanda2.illicoweb.com sshd\[42708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139  user=root
2020-08-07T13:59:15.580061amanda2.illicoweb.com sshd\[42708\]: Failed password for root from 220.166.42.139 port 36898 ssh2
2020-08-07T14:05:21.106818amanda2.illicoweb.com sshd\[43849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139  user=root
2020-08-07T14:05:23.219504amanda2.illicoweb.com sshd\[43849\]: Failed password for root from 220.166.42.139 port 58374 ssh2
2020-08-07T14:07:20.210595amanda2.illicoweb.com sshd\[44137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139  user=root
...
2020-08-07 21:50:22
attackbots
2020-08-04T23:51:27.468779n23.at sshd[2549393]: Failed password for root from 220.166.42.139 port 38974 ssh2
2020-08-04T23:52:14.512766n23.at sshd[2549980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139  user=root
2020-08-04T23:52:16.111450n23.at sshd[2549980]: Failed password for root from 220.166.42.139 port 45282 ssh2
...
2020-08-05 07:26:07
attack
Jul 20 02:50:34 ny01 sshd[24989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139
Jul 20 02:50:36 ny01 sshd[24989]: Failed password for invalid user pmm from 220.166.42.139 port 37886 ssh2
Jul 20 02:55:19 ny01 sshd[25905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139
2020-07-20 15:01:31
attack
Failed password for invalid user oracle from 220.166.42.139 port 54648 ssh2
2020-07-07 16:00:44
attackspambots
2020-06-29T05:31:40.374950shield sshd\[15623\]: Invalid user cdiaz from 220.166.42.139 port 45006
2020-06-29T05:31:40.379522shield sshd\[15623\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139
2020-06-29T05:31:42.345860shield sshd\[15623\]: Failed password for invalid user cdiaz from 220.166.42.139 port 45006 ssh2
2020-06-29T05:33:58.827281shield sshd\[16162\]: Invalid user oracle from 220.166.42.139 port 33014
2020-06-29T05:33:58.831425shield sshd\[16162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.166.42.139
2020-06-29 17:54:01
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.166.42.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62487
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.166.42.139.			IN	A

;; AUTHORITY SECTION:
.			339	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062900 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 29 17:53:58 CST 2020
;; MSG SIZE  rcvd: 118
HOST信息:
139.42.166.220.in-addr.arpa domain name pointer 139.42.166.220.broad.dy.sc.dynamic.163data.com.cn.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.42.166.220.in-addr.arpa	name = 139.42.166.220.broad.dy.sc.dynamic.163data.com.cn.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
89.248.167.133 attack
DATE:2020-01-13 14:03:47, IP:89.248.167.133, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)
2020-01-14 03:26:52
176.121.255.95 attackbotsspam
Unauthorized connection attempt detected from IP address 176.121.255.95 to port 5555 [J]
2020-01-14 03:43:47
37.49.230.101 attack
SIPVicious Scanner Detection
2020-01-14 03:21:38
167.160.88.8 attackspam
Jan 13 13:41:51 mxgate1 postfix/postscreen[17852]: CONNECT from [167.160.88.8]:55136 to [176.31.12.44]:25
Jan 13 13:41:51 mxgate1 postfix/dnsblog[17855]: addr 167.160.88.8 listed by domain zen.spamhaus.org as 127.0.0.3
Jan 13 13:41:51 mxgate1 postfix/dnsblog[17854]: addr 167.160.88.8 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Jan 13 13:41:51 mxgate1 postfix/dnsblog[17856]: addr 167.160.88.8 listed by domain b.barracudacentral.org as 127.0.0.2
Jan 13 13:41:57 mxgate1 postfix/postscreen[17852]: DNSBL rank 4 for [167.160.88.8]:55136
Jan x@x
Jan 13 13:41:58 mxgate1 postfix/postscreen[17852]: DISCONNECT [167.160.88.8]:55136


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=167.160.88.8
2020-01-14 03:21:10
113.173.180.151 attackbotsspam
Jan 13 13:44:13 h2022099 sshd[825]: Address 113.173.180.151 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jan 13 13:44:13 h2022099 sshd[825]: Invalid user admin from 113.173.180.151
Jan 13 13:44:13 h2022099 sshd[825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.173.180.151 
Jan 13 13:44:15 h2022099 sshd[825]: Failed password for invalid user admin from 113.173.180.151 port 55963 ssh2
Jan 13 13:44:16 h2022099 sshd[825]: Connection closed by 113.173.180.151 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=113.173.180.151
2020-01-14 03:33:08
210.18.171.190 attackspam
Honeypot attack, port: 445, PTR: PTR record not found
2020-01-14 03:38:39
208.167.245.209 attackbots
Unauthorized connection attempt detected from IP address 208.167.245.209 to port 2220 [J]
2020-01-14 03:29:15
80.88.10.2 attackspam
Unauthorized connection attempt detected from IP address 80.88.10.2 to port 445
2020-01-14 03:36:38
67.205.175.123 attack
Unauthorized connection attempt detected from IP address 67.205.175.123 to port 2220 [J]
2020-01-14 03:13:53
128.14.209.179 attackbotsspam
firewall-block, port(s): 80/tcp
2020-01-14 03:27:23
103.70.68.118 attack
Honeypot attack, port: 445, PTR: host-118.winetmedia.net.
2020-01-14 03:15:01
157.245.76.114 attackspambots
Lines containing failures of 157.245.76.114
Jan 13 13:44:11 omfg postfix/smtpd[5127]: connect from unknown[157.245.76.114]
Jan x@x
Jan 13 13:44:22 omfg postfix/smtpd[5127]: disconnect from unknown[157.245.76.114] ehlo=1 mail=1 rcpt=0/1 data=0/1 eclipset=1 quhostname=1 commands=4/6


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=157.245.76.114
2020-01-14 03:35:59
103.142.10.245 attack
Honeypot attack, port: 445, PTR: 245-10-142-103.KISPL.com.
2020-01-14 03:34:06
51.254.137.179 attackspambots
Unauthorized connection attempt detected from IP address 51.254.137.179 to port 2220 [J]
2020-01-14 03:46:47
177.58.225.16 attackspambots
Unauthorized connection attempt from IP address 177.58.225.16 on Port 445(SMB)
2020-01-14 03:39:13

最近上报的IP列表

0.93.73.73 81.188.181.47 224.191.119.193 74.188.104.77
141.61.64.104 163.172.216.182 248.176.109.55 55.228.234.189
124.225.145.200 179.238.189.186 78.30.219.192 5.7.15.97
123.206.228.251 2.156.142.249 40.195.88.157 2001:41d0:203:6706::
195.236.5.203 69.240.103.139 32.237.249.152 174.89.112.78