222.252.16.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Hanoi Post and Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Brute force SMTP login attempted. ...	2020-03-31 03:49:47
attackbots	Mar 9 06:53:12 pornomens sshd\[3721\]: Invalid user d from 222.252.16.140 port 35106 Mar 9 06:53:12 pornomens sshd\[3721\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Mar 9 06:53:15 pornomens sshd\[3721\]: Failed password for invalid user d from 222.252.16.140 port 35106 ssh2 ...	2020-03-09 14:33:47
attackspam	Mar 8 03:40:27 plusreed sshd[22630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 user=root Mar 8 03:40:28 plusreed sshd[22630]: Failed password for root from 222.252.16.140 port 40344 ssh2 ...	2020-03-08 15:56:14
attack	Feb 27 06:41:25 MK-Soft-VM8 sshd[18169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Feb 27 06:41:28 MK-Soft-VM8 sshd[18169]: Failed password for invalid user Tlhua from 222.252.16.140 port 36932 ssh2 ...	2020-02-27 21:18:14
attack	Feb 2 20:26:45 firewall sshd[5197]: Invalid user gast2 from 222.252.16.140 Feb 2 20:26:46 firewall sshd[5197]: Failed password for invalid user gast2 from 222.252.16.140 port 57580 ssh2 Feb 2 20:30:04 firewall sshd[5347]: Invalid user SYSTEM from 222.252.16.140 ...	2020-02-03 08:23:29
attackspam	Unauthorized connection attempt detected from IP address 222.252.16.140 to port 2220 [J]	2020-01-22 03:54:07
attackbots	Jan 11 05:54:15 nextcloud sshd\[1827\]: Invalid user passfeel from 222.252.16.140 Jan 11 05:54:15 nextcloud sshd\[1827\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Jan 11 05:54:17 nextcloud sshd\[1827\]: Failed password for invalid user passfeel from 222.252.16.140 port 35032 ssh2 ...	2020-01-11 16:03:37
attackbots	Triggered by Fail2Ban at Vostok web server	2020-01-02 18:10:11
attackbots	Dec 13 23:35:45 srv206 sshd[1936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 user=root Dec 13 23:35:48 srv206 sshd[1936]: Failed password for root from 222.252.16.140 port 45984 ssh2 ...	2019-12-14 06:47:42
attack	Dec 5 07:21:12 hcbbdb sshd\[14458\]: Invalid user mattl from 222.252.16.140 Dec 5 07:21:12 hcbbdb sshd\[14458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Dec 5 07:21:14 hcbbdb sshd\[14458\]: Failed password for invalid user mattl from 222.252.16.140 port 54984 ssh2 Dec 5 07:27:38 hcbbdb sshd\[15199\]: Invalid user nothing from 222.252.16.140 Dec 5 07:27:38 hcbbdb sshd\[15199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140	2019-12-05 15:41:10
attackspam	Nov 29 09:46:26 web8 sshd\[31397\]: Invalid user jaap from 222.252.16.140 Nov 29 09:46:27 web8 sshd\[31397\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Nov 29 09:46:28 web8 sshd\[31397\]: Failed password for invalid user jaap from 222.252.16.140 port 53744 ssh2 Nov 29 09:53:51 web8 sshd\[2619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 user=backup Nov 29 09:53:53 web8 sshd\[2619\]: Failed password for backup from 222.252.16.140 port 34726 ssh2	2019-11-29 19:29:26
attack	$f2bV_matches	2019-11-26 01:20:00
attackbots	Nov 6 01:12:55 ny01 sshd[379]: Failed password for root from 222.252.16.140 port 54512 ssh2 Nov 6 01:17:25 ny01 sshd[834]: Failed password for root from 222.252.16.140 port 36560 ssh2	2019-11-06 21:10:56
attackspam	Nov 2 22:42:12 srv01 sshd[919]: Invalid user 123 from 222.252.16.140 Nov 2 22:42:12 srv01 sshd[919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Nov 2 22:42:12 srv01 sshd[919]: Invalid user 123 from 222.252.16.140 Nov 2 22:42:15 srv01 sshd[919]: Failed password for invalid user 123 from 222.252.16.140 port 60246 ssh2 Nov 2 22:46:14 srv01 sshd[1260]: Invalid user 123123 from 222.252.16.140 ...	2019-11-03 06:02:55
attackbots	Nov 1 05:24:27 TORMINT sshd\[25609\]: Invalid user P@ssw0rt!23 from 222.252.16.140 Nov 1 05:24:27 TORMINT sshd\[25609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Nov 1 05:24:28 TORMINT sshd\[25609\]: Failed password for invalid user P@ssw0rt!23 from 222.252.16.140 port 51434 ssh2 ...	2019-11-01 18:16:56
attack	Oct 14 01:58:57 web9 sshd\[3220\]: Invalid user P4ssw0rd@2019 from 222.252.16.140 Oct 14 01:58:57 web9 sshd\[3220\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Oct 14 01:58:59 web9 sshd\[3220\]: Failed password for invalid user P4ssw0rd@2019 from 222.252.16.140 port 58584 ssh2 Oct 14 02:03:29 web9 sshd\[3841\]: Invalid user p4ssw0rd1 from 222.252.16.140 Oct 14 02:03:29 web9 sshd\[3841\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140	2019-10-15 01:35:14
attack	2019-10-09T11:32:42.710748shield sshd\[8958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 user=root 2019-10-09T11:32:44.684714shield sshd\[8958\]: Failed password for root from 222.252.16.140 port 35834 ssh2 2019-10-09T11:37:27.028637shield sshd\[9799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 user=root 2019-10-09T11:37:29.463461shield sshd\[9799\]: Failed password for root from 222.252.16.140 port 48152 ssh2 2019-10-09T11:42:02.756376shield sshd\[10146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 user=root	2019-10-09 19:49:33
attackspambots	2019-09-28T13:25:17.2533071495-001 sshd\[50336\]: Failed password for invalid user qe from 222.252.16.140 port 50010 ssh2 2019-09-28T13:39:25.4103871495-001 sshd\[51635\]: Invalid user _apt from 222.252.16.140 port 60174 2019-09-28T13:39:25.4169031495-001 sshd\[51635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 2019-09-28T13:39:26.9833871495-001 sshd\[51635\]: Failed password for invalid user _apt from 222.252.16.140 port 60174 ssh2 2019-09-28T13:44:09.3495711495-001 sshd\[52005\]: Invalid user csgoserver78 from 222.252.16.140 port 44756 2019-09-28T13:44:09.3584111495-001 sshd\[52005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 ...	2019-09-29 03:53:15
attackspam	Sep 27 05:00:55 sachi sshd\[19737\]: Invalid user nb from 222.252.16.140 Sep 27 05:00:55 sachi sshd\[19737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Sep 27 05:00:57 sachi sshd\[19737\]: Failed password for invalid user nb from 222.252.16.140 port 56270 ssh2 Sep 27 05:05:56 sachi sshd\[20196\]: Invalid user jihye from 222.252.16.140 Sep 27 05:05:56 sachi sshd\[20196\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140	2019-09-28 03:20:53
attack	2019-08-20T15:01:01.120Z CLOSE host=222.252.16.140 port=34002 fd=4 time=0.601 bytes=51 ...	2019-09-20 01:06:55
attack	Sep 10 18:45:27 sachi sshd\[15734\]: Invalid user postgres from 222.252.16.140 Sep 10 18:45:27 sachi sshd\[15734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Sep 10 18:45:29 sachi sshd\[15734\]: Failed password for invalid user postgres from 222.252.16.140 port 41392 ssh2 Sep 10 18:52:35 sachi sshd\[16386\]: Invalid user esbuser from 222.252.16.140 Sep 10 18:52:35 sachi sshd\[16386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140	2019-09-11 13:27:53
attack	Sep 6 08:02:00 MK-Soft-Root2 sshd\[15093\]: Invalid user cssserver from 222.252.16.140 port 33336 Sep 6 08:02:00 MK-Soft-Root2 sshd\[15093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Sep 6 08:02:02 MK-Soft-Root2 sshd\[15093\]: Failed password for invalid user cssserver from 222.252.16.140 port 33336 ssh2 ...	2019-09-06 14:19:54
attack	Aug 27 05:05:39 ny01 sshd[23324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Aug 27 05:05:41 ny01 sshd[23324]: Failed password for invalid user bsnl from 222.252.16.140 port 55462 ssh2 Aug 27 05:10:35 ny01 sshd[24164]: Failed password for root from 222.252.16.140 port 44576 ssh2	2019-08-27 17:12:00
attack	Aug 24 23:26:59 hanapaa sshd\[14066\]: Invalid user alex from 222.252.16.140 Aug 24 23:26:59 hanapaa sshd\[14066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Aug 24 23:27:01 hanapaa sshd\[14066\]: Failed password for invalid user alex from 222.252.16.140 port 36966 ssh2 Aug 24 23:31:40 hanapaa sshd\[14434\]: Invalid user us from 222.252.16.140 Aug 24 23:31:40 hanapaa sshd\[14434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140	2019-08-25 19:46:43
attack	Aug 21 08:14:24 plex sshd[11147]: Invalid user quincy from 222.252.16.140 port 51170	2019-08-21 14:27:13
attackbotsspam	Aug 20 04:49:05 auw2 sshd\[3265\]: Invalid user charles from 222.252.16.140 Aug 20 04:49:05 auw2 sshd\[3265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Aug 20 04:49:07 auw2 sshd\[3265\]: Failed password for invalid user charles from 222.252.16.140 port 43736 ssh2 Aug 20 04:54:01 auw2 sshd\[3741\]: Invalid user testing from 222.252.16.140 Aug 20 04:54:01 auw2 sshd\[3741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140	2019-08-20 22:54:35
attack	Jul 12 21:45:45 meumeu sshd[5762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Jul 12 21:45:47 meumeu sshd[5762]: Failed password for invalid user oracle from 222.252.16.140 port 37800 ssh2 Jul 12 21:51:49 meumeu sshd[6797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 ...	2019-07-13 04:13:40
attackspambots	Jul 12 10:48:08 meumeu sshd[21128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 Jul 12 10:48:10 meumeu sshd[21128]: Failed password for invalid user alex from 222.252.16.140 port 42354 ssh2 Jul 12 10:54:16 meumeu sshd[22145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 ...	2019-07-12 17:08:34
attackspambots	Jul 9 08:08:29 localhost sshd\[50461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.140 user=root Jul 9 08:08:31 localhost sshd\[50461\]: Failed password for root from 222.252.16.140 port 58336 ssh2 ...	2019-07-09 20:48:47
attack	$f2bV_matches	2019-07-08 04:53:30

相同子网IP讨论:

IP	类型	评论内容	时间
222.252.16.141	attackbots	Dovecot Invalid User Login Attempt.	2020-08-13 05:18:08
222.252.16.132	attack	(imapd) Failed IMAP login from 222.252.16.132 (VN/Vietnam/static.vnpt-hanoi.com.vn): 1 in the last 3600 secs	2020-08-01 03:05:16
222.252.16.236	attackspambots	Brute forcing RDP port 3389	2020-07-18 18:12:47
222.252.16.132	attack	(imapd) Failed IMAP login from 222.252.16.132 (VN/Vietnam/static.vnpt-hanoi.com.vn): 1 in the last 3600 secs	2020-07-05 00:31:30
222.252.16.153	attack	abuseConfidenceScore blocked for 12h	2020-07-04 15:30:31
222.252.16.71	attack	Scanning for exploits - /phpMyAdmin/scripts/setup.php	2020-05-21 18:30:43
222.252.16.71	attack	SSH Invalid Login	2020-05-09 08:13:43
222.252.16.71	attack	SSH brute-force attempt	2020-05-09 03:16:52
222.252.16.71	attack	May 7 20:55:06 santamaria sshd\[17053\]: Invalid user spark from 222.252.16.71 May 7 20:55:06 santamaria sshd\[17053\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.71 May 7 20:55:08 santamaria sshd\[17053\]: Failed password for invalid user spark from 222.252.16.71 port 39688 ssh2 ...	2020-05-08 04:37:49
222.252.16.71	attack	May 7 03:57:45 IngegnereFirenze sshd[18316]: Failed password for invalid user spark from 222.252.16.71 port 18441 ssh2 ...	2020-05-07 12:06:52
222.252.16.153	attackbots	(imapd) Failed IMAP login from 222.252.16.153 (VN/Vietnam/static.vnpt-hanoi.com.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 27 01:09:13 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=222.252.16.153, lip=5.63.12.44, session=<4SoKlzek/dne/BCZ>	2020-04-27 06:08:15
222.252.16.26	attackspam	B: Abusive content scan (200)	2020-03-27 23:02:00
222.252.16.134	attackbotsspam	1581575131 - 02/13/2020 07:25:31 Host: 222.252.16.134/222.252.16.134 Port: 445 TCP Blocked	2020-02-13 20:09:52
222.252.16.154	attackbotsspam	Jan 17 14:04:42 amit sshd\[32120\]: Invalid user sftpuser from 222.252.16.154 Jan 17 14:04:42 amit sshd\[32120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.154 Jan 17 14:04:44 amit sshd\[32120\]: Failed password for invalid user sftpuser from 222.252.16.154 port 10416 ssh2 ...	2020-01-17 21:30:13
222.252.16.68	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-13 10:48:56,694 INFO [amun_request_handler] PortScan Detected on Port: 445 (222.252.16.68)	2019-09-14 05:23:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.252.16.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25658
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.252.16.140.			IN	A

;; AUTHORITY SECTION:
.			2209	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 04:53:24 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

140.16.252.222.in-addr.arpa domain name pointer static.vnpt-hanoi.com.vn.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
140.16.252.222.in-addr.arpa	name = static.vnpt-hanoi.com.vn.

Authoritative answers can be found from:

IP	类型	评论内容	时间
140.206.157.242	attackbots	May 12 13:40:08 XXX sshd[19742]: Invalid user admin from 140.206.157.242 port 49882	2020-05-13 08:41:31
59.127.139.71	attackspambots	Port probing on unauthorized port 9000	2020-05-13 08:44:26
81.91.176.120	attackspam	May 13 02:12:36 debian-2gb-nbg1-2 kernel: \[11587616.763547\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=81.91.176.120 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=18499 PROTO=TCP SPT=54108 DPT=277 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-13 08:45:23
222.186.15.158	attackbotsspam	2020-05-13T02:53:31.9893271240 sshd\[28736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root 2020-05-13T02:53:34.0691621240 sshd\[28736\]: Failed password for root from 222.186.15.158 port 30895 ssh2 2020-05-13T02:53:36.1389191240 sshd\[28736\]: Failed password for root from 222.186.15.158 port 30895 ssh2 ...	2020-05-13 08:53:48
47.100.112.214	attackbots	Wordpress Admin Login attack	2020-05-13 08:49:14
179.107.7.220	attackbots	(sshd) Failed SSH login from 179.107.7.220 (BR/Brazil/179.107.7.220.cabonnet.com.br): 12 in the last 3600 secs	2020-05-13 08:56:48
185.32.124.152	attackbots	trying to access non-authorized port	2020-05-13 08:42:19
138.68.2.4	attackbots	CMS (WordPress or Joomla) login attempt.	2020-05-13 09:07:03
51.68.50.112	attack	From return-compras=marcoslimaimoveis.com.br@cotecomadm.we.bs Tue May 12 18:10:51 2020 Received: from cotadm-mx-3.cotecomadm.we.bs ([51.68.50.112]:59561)	2020-05-13 08:47:16
119.29.195.187	attack	May 13 00:55:38 host sshd[63196]: Invalid user gast from 119.29.195.187 port 58304 ...	2020-05-13 08:43:06
103.221.253.242	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-05-13 09:02:56
183.89.215.114	attackspambots	(imapd) Failed IMAP login from 183.89.215.114 (TH/Thailand/mx-ll-183.89.215-114.dynamic.3bb.co.th): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 13 01:40:24 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=183.89.215.114, lip=5.63.12.44, TLS, session=<4UP/43mlBYu3Wddy>	2020-05-13 09:10:51
112.218.248.58	attack	Email rejected due to spam filtering	2020-05-13 08:45:01
192.248.41.52	attackbots	5x Failed Password	2020-05-13 08:36:07
129.204.188.93	attackbots	$f2bV_matches	2020-05-13 08:33:28

最近上报的IP列表

42.201.204.188	41.249.207.214	77.42.73.62	162.181.164.20
39.110.233.229	37.156.78.27	37.144.136.99	12.33.223.151
42.243.204.237	27.207.178.195	207.180.232.110	182.191.122.33
177.44.171.245	177.128.193.114	91.67.250.250	198.108.66.249
108.61.220.58	142.11.218.163	191.53.194.244	118.9.186.13