222.190.145.130

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 4 12:45:57 inter-technics sshd[3446]: Invalid user fedena from 222.190.145.130 port 59935 Oct 4 12:45:57 inter-technics sshd[3446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 Oct 4 12:45:57 inter-technics sshd[3446]: Invalid user fedena from 222.190.145.130 port 59935 Oct 4 12:45:58 inter-technics sshd[3446]: Failed password for invalid user fedena from 222.190.145.130 port 59935 ssh2 Oct 4 12:54:58 inter-technics sshd[3951]: Invalid user test1 from 222.190.145.130 port 59817 ...	2020-10-04 19:01:33
attackspambots	Sep 29 13:45:16 mout sshd[26395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 user=root Sep 29 13:45:18 mout sshd[26395]: Failed password for root from 222.190.145.130 port 56831 ssh2	2020-09-30 04:06:29
attackspambots	Sep 29 13:45:16 mout sshd[26395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 user=root Sep 29 13:45:18 mout sshd[26395]: Failed password for root from 222.190.145.130 port 56831 ssh2	2020-09-29 20:13:24
attack	2020-09-29T03:56:06.266074mail.standpoint.com.ua sshd[14218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 2020-09-29T03:56:06.263424mail.standpoint.com.ua sshd[14218]: Invalid user guest4 from 222.190.145.130 port 46053 2020-09-29T03:56:08.868301mail.standpoint.com.ua sshd[14218]: Failed password for invalid user guest4 from 222.190.145.130 port 46053 ssh2 2020-09-29T04:00:00.916813mail.standpoint.com.ua sshd[14801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 user=root 2020-09-29T04:00:02.643879mail.standpoint.com.ua sshd[14801]: Failed password for root from 222.190.145.130 port 47100 ssh2 ...	2020-09-29 12:21:07
attackbots	Sep 28 19:36:40 srv-ubuntu-dev3 sshd[123737]: Invalid user deploy from 222.190.145.130 Sep 28 19:36:40 srv-ubuntu-dev3 sshd[123737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 Sep 28 19:36:40 srv-ubuntu-dev3 sshd[123737]: Invalid user deploy from 222.190.145.130 Sep 28 19:36:43 srv-ubuntu-dev3 sshd[123737]: Failed password for invalid user deploy from 222.190.145.130 port 34699 ssh2 Sep 28 19:39:14 srv-ubuntu-dev3 sshd[124042]: Invalid user gpadmin from 222.190.145.130 Sep 28 19:39:14 srv-ubuntu-dev3 sshd[124042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 Sep 28 19:39:14 srv-ubuntu-dev3 sshd[124042]: Invalid user gpadmin from 222.190.145.130 Sep 28 19:39:15 srv-ubuntu-dev3 sshd[124042]: Failed password for invalid user gpadmin from 222.190.145.130 port 52855 ssh2 Sep 28 19:41:44 srv-ubuntu-dev3 sshd[124276]: Invalid user dell from 222.190.145.130 ...	2020-09-29 01:52:31
attack	Sep 28 09:50:41 rocket sshd[23965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 Sep 28 09:50:43 rocket sshd[23965]: Failed password for invalid user desliga from 222.190.145.130 port 51853 ssh2 Sep 28 09:59:13 rocket sshd[24806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 ...	2020-09-28 17:58:01
attack	2020-07-30T14:28[Censored Hostname] sshd[29587]: Invalid user huanminxian from 222.190.145.130 port 33552 2020-07-30T14:28[Censored Hostname] sshd[29587]: Failed password for invalid user huanminxian from 222.190.145.130 port 33552 ssh2 2020-07-30T14:34[Censored Hostname] sshd[323]: Invalid user zyy from 222.190.145.130 port 37682[...]	2020-07-30 21:08:36
attackspambots	Jul 5 00:16:14 vps687878 sshd\[8061\]: Failed password for invalid user gerrit from 222.190.145.130 port 46541 ssh2 Jul 5 00:19:36 vps687878 sshd\[8458\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 user=root Jul 5 00:19:37 vps687878 sshd\[8458\]: Failed password for root from 222.190.145.130 port 43384 ssh2 Jul 5 00:23:01 vps687878 sshd\[8829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 user=root Jul 5 00:23:03 vps687878 sshd\[8829\]: Failed password for root from 222.190.145.130 port 40232 ssh2 ...	2020-07-05 07:04:48
attack	SSH Brute-Force reported by Fail2Ban	2020-07-01 05:53:44
attackbotsspam	Jun 26 12:04:20 onepixel sshd[3612656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 Jun 26 12:04:20 onepixel sshd[3612656]: Invalid user andy from 222.190.145.130 port 52911 Jun 26 12:04:22 onepixel sshd[3612656]: Failed password for invalid user andy from 222.190.145.130 port 52911 ssh2 Jun 26 12:06:49 onepixel sshd[3614894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 user=root Jun 26 12:06:51 onepixel sshd[3614894]: Failed password for root from 222.190.145.130 port 39398 ssh2	2020-06-26 20:08:10
attack	Jun 2 05:52:30 vps647732 sshd[16667]: Failed password for root from 222.190.145.130 port 47424 ssh2 ...	2020-06-02 12:08:23
attack	May 31 08:38:45 journals sshd\[94112\]: Invalid user nastasia from 222.190.145.130 May 31 08:38:45 journals sshd\[94112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 May 31 08:38:47 journals sshd\[94112\]: Failed password for invalid user nastasia from 222.190.145.130 port 58491 ssh2 May 31 08:43:27 journals sshd\[94663\]: Invalid user moby from 222.190.145.130 May 31 08:43:27 journals sshd\[94663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.145.130 ...	2020-05-31 14:01:07

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.190.145.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58497
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.190.145.130.		IN	A

;; AUTHORITY SECTION:
.			394	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052900 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 29 14:45:41 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 130.145.190.222.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.145.190.222.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
54.38.92.35	attack	firewall-block, port(s): 7002/tcp	2020-06-12 02:41:27
37.49.230.128	attack	Jun 11 14:10:10 bilbo sshd[13438]: User root from 37.49.230.128 not allowed because not listed in AllowUsers Jun 11 14:10:11 bilbo sshd[13660]: Invalid user admin from 37.49.230.128 Jun 11 14:10:12 bilbo sshd[13754]: User root from 37.49.230.128 not allowed because not listed in AllowUsers Jun 11 14:10:13 bilbo sshd[13993]: Invalid user admin from 37.49.230.128 ...	2020-06-12 02:56:59
132.148.244.122	attackbots	132.148.244.122 - - [11/Jun/2020:15:57:03 +0200] "GET /wp-login.php HTTP/1.1" 200 6183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.244.122 - - [11/Jun/2020:15:57:05 +0200] "POST /wp-login.php HTTP/1.1" 200 6434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.244.122 - - [11/Jun/2020:15:57:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-12 03:04:25
222.72.137.109	attackspam	20 attempts against mh-ssh on echoip	2020-06-12 02:38:05
188.165.235.61	attackspam	Automatic report - XMLRPC Attack	2020-06-12 02:59:48
139.198.5.79	attack	$f2bV_matches	2020-06-12 02:49:25
61.246.7.145	attackbotsspam	$f2bV_matches	2020-06-12 02:47:34
51.75.19.45	attackbotsspam	SSH Bruteforce Attempt (failed auth)	2020-06-12 02:37:26
124.254.15.68	attack	Fail2Ban Ban Triggered (2)	2020-06-12 02:56:13
51.91.253.78	attack	TCP (SYN) 51.91.253.78:7232 -> port 8080, len 40	2020-06-12 02:59:00
45.77.39.4	attack	HTTP_USER_AGENT Mozilla/5.0 zgrab/0.x	2020-06-12 02:51:34
121.199.53.239	attackbots	[Thu Jun 11 13:47:30 2020] - Syn Flood From IP: 121.199.53.239 Port: 6000	2020-06-12 02:53:25
188.166.1.140	attackbots	Jun 11 20:25:01 mout sshd[8792]: Invalid user ark from 188.166.1.140 port 39590 Jun 11 20:25:03 mout sshd[8792]: Failed password for invalid user ark from 188.166.1.140 port 39590 ssh2 Jun 11 20:25:04 mout sshd[8792]: Disconnected from invalid user ark 188.166.1.140 port 39590 [preauth]	2020-06-12 02:59:20
61.133.232.248	attackbots	Jun 11 19:52:21 prod4 sshd\[16675\]: Failed password for root from 61.133.232.248 port 5225 ssh2 Jun 11 20:00:41 prod4 sshd\[20188\]: Invalid user nico from 61.133.232.248 Jun 11 20:00:43 prod4 sshd\[20188\]: Failed password for invalid user nico from 61.133.232.248 port 13113 ssh2 ...	2020-06-12 03:01:23
37.252.190.224	attackbotsspam	Failed password for root from 37.252.190.224 port 37798 ssh2	2020-06-12 02:43:26

最近上报的IP列表

95.142.118.18	171.238.230.45	220.132.221.28	162.247.145.143
115.134.225.21	115.84.106.156	220.132.215.33	161.35.98.96
118.172.48.42	156.222.14.66	31.134.126.58	90.189.153.128
49.66.132.206	156.202.220.186	220.132.23.80	237.60.195.141
220.129.49.245	15.206.67.61	171.238.141.76	219.84.11.26