222.252.20.146

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Hanoi Post and Telecom Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Apr 17 21:14:14 meumeu sshd[3014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.20.146 Apr 17 21:14:16 meumeu sshd[3014]: Failed password for invalid user ow from 222.252.20.146 port 34870 ssh2 Apr 17 21:24:08 meumeu sshd[5002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.20.146 ...	2020-04-18 03:32:21
attack	$f2bV_matches	2020-04-11 20:37:32

类型

评论内容

时间

attackspambots

Apr 17 21:14:14 meumeu sshd[3014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.20.146 
Apr 17 21:14:16 meumeu sshd[3014]: Failed password for invalid user ow from 222.252.20.146 port 34870 ssh2
Apr 17 21:24:08 meumeu sshd[5002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.20.146 
...

2020-04-18 03:32:21

attack

$f2bV_matches

2020-04-11 20:37:32

相同子网IP讨论:

IP	类型	评论内容	时间
222.252.20.151	attack	1597290873 - 08/13/2020 05:54:33 Host: 222.252.20.151/222.252.20.151 Port: 445 TCP Blocked	2020-08-13 14:00:06
222.252.20.71	attackbotsspam	Invalid user mori from 222.252.20.71 port 46898	2020-07-24 02:12:00
222.252.205.100	attack	Invalid user noc from 222.252.205.100 port 51869	2020-04-23 03:52:53
222.252.20.68	attackbots	Invalid user pi from 222.252.20.68 port 54519	2020-03-31 03:48:03
222.252.20.5	attack	Unauthorized connection attempt from IP address 222.252.20.5 on Port 445(SMB)	2020-02-20 20:06:28
222.252.20.83	attackspambots	1581860778 - 02/16/2020 14:46:18 Host: 222.252.20.83/222.252.20.83 Port: 445 TCP Blocked	2020-02-17 02:38:17
222.252.20.68	attackbots	(sshd) Failed SSH login from 222.252.20.68 (VN/Vietnam/static.vnpt-hanoi.com.vn): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 13 05:53:16 ubnt-55d23 sshd[2206]: Invalid user test from 222.252.20.68 port 51241 Feb 13 05:53:19 ubnt-55d23 sshd[2206]: Failed password for invalid user test from 222.252.20.68 port 51241 ssh2	2020-02-13 14:54:08
222.252.20.68	attackspambots	Feb 10 07:08:50 mail sshd[10585]: Invalid user mother from 222.252.20.68 Feb 10 07:08:50 mail sshd[10585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.20.68 Feb 10 07:08:52 mail sshd[10585]: Failed password for invalid user mother from 222.252.20.68 port 62813 ssh2 Feb 10 07:08:52 mail sshd[10585]: Connection closed by 222.252.20.68 port 62813 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=222.252.20.68	2020-02-10 20:49:23
222.252.20.103	attackspambots	Invalid user admin from 222.252.20.103 port 47345	2020-01-15 04:19:55
222.252.20.4	attackspam	Unauthorised access (Oct 16) SRC=222.252.20.4 LEN=52 TTL=116 ID=21361 DF TCP DPT=1433 WINDOW=8192 SYN	2019-10-17 04:06:20
222.252.20.103	attackbotsspam	Jul 30 14:18:16 live sshd[21157]: reveeclipse mapping checking getaddrinfo for static.vnpt-hanoi.com.vn [222.252.20.103] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 30 14:18:16 live sshd[21157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.20.103 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=222.252.20.103	2019-07-30 21:08:28
222.252.20.231	attackbots	Jul 4 11:38:00 tanzim-HP-Z238-Microtower-Workstation sshd\[25875\]: Invalid user dircreate from 222.252.20.231 Jul 4 11:38:00 tanzim-HP-Z238-Microtower-Workstation sshd\[25875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.20.231 Jul 4 11:38:02 tanzim-HP-Z238-Microtower-Workstation sshd\[25875\]: Failed password for invalid user dircreate from 222.252.20.231 port 57047 ssh2 ...	2019-07-04 19:46:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.252.20.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32006
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.252.20.146.			IN	A

;; AUTHORITY SECTION:
.			397	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041100 1800 900 604800 86400

;; Query time: 905 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 11 20:37:23 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

146.20.252.222.in-addr.arpa domain name pointer static.vnpt-hanoi.com.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
146.20.252.222.in-addr.arpa	name = static.vnpt-hanoi.com.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
192.35.168.195	attackspambots	Icarus honeypot on github	2020-07-10 17:16:16
37.17.227.182	attackspam	37.17.227.182 - - [10/Jul/2020:06:24:44 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.17.227.182 - - [10/Jul/2020:06:44:13 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-10 17:46:19
139.59.67.82	attackbotsspam	Jul 10 12:02:18 lukav-desktop sshd\[7746\]: Invalid user sean from 139.59.67.82 Jul 10 12:02:18 lukav-desktop sshd\[7746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.67.82 Jul 10 12:02:20 lukav-desktop sshd\[7746\]: Failed password for invalid user sean from 139.59.67.82 port 41318 ssh2 Jul 10 12:05:16 lukav-desktop sshd\[16737\]: Invalid user henry from 139.59.67.82 Jul 10 12:05:16 lukav-desktop sshd\[16737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.67.82	2020-07-10 17:24:36
36.156.154.218	attack	Jul 9 19:09:27 hpm sshd\[28520\]: Invalid user lib1 from 36.156.154.218 Jul 9 19:09:27 hpm sshd\[28520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.156.154.218 Jul 9 19:09:30 hpm sshd\[28520\]: Failed password for invalid user lib1 from 36.156.154.218 port 35766 ssh2 Jul 9 19:15:49 hpm sshd\[29071\]: Invalid user yujin411 from 36.156.154.218 Jul 9 19:15:49 hpm sshd\[29071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.156.154.218	2020-07-10 17:10:05
46.38.150.37	attackspam	2020-07-10 09:47:17 auth_plain authenticator failed for (User) [46.38.150.37]: 535 Incorrect authentication data (set_id=hideip-usa@mail.csmailer.org) 2020-07-10 09:47:45 auth_plain authenticator failed for (User) [46.38.150.37]: 535 Incorrect authentication data (set_id=takvim@mail.csmailer.org) 2020-07-10 09:48:20 auth_plain authenticator failed for (User) [46.38.150.37]: 535 Incorrect authentication data (set_id=sandbox1@mail.csmailer.org) 2020-07-10 09:48:51 auth_plain authenticator failed for (User) [46.38.150.37]: 535 Incorrect authentication data (set_id=blockchain@mail.csmailer.org) 2020-07-10 09:49:23 auth_plain authenticator failed for (User) [46.38.150.37]: 535 Incorrect authentication data (set_id=listen@mail.csmailer.org) ...	2020-07-10 17:49:50
51.77.163.177	attackbotsspam	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-07-10 17:27:36
23.24.132.13	attackspam	TCP (SYN) 23.24.132.13:32691 -> port 23, len 40	2020-07-10 17:44:19
122.51.70.17	attackbots	Jul 10 09:32:55 db sshd[7386]: Invalid user nonoyama from 122.51.70.17 port 56798 ...	2020-07-10 17:17:25
87.251.74.30	attackspam	Triggered by Fail2Ban at Ares web server	2020-07-10 17:15:14
3.85.163.126	attackbotsspam	xmlrpc attack	2020-07-10 17:08:52
59.102.251.73	attackspambots	IP reached maximum auth failures	2020-07-10 17:01:42
68.69.167.149	attack	Jul 10 08:32:29 ift sshd\[46528\]: Invalid user zhangyl from 68.69.167.149Jul 10 08:32:31 ift sshd\[46528\]: Failed password for invalid user zhangyl from 68.69.167.149 port 50330 ssh2Jul 10 08:35:54 ift sshd\[47308\]: Invalid user fran from 68.69.167.149Jul 10 08:35:56 ift sshd\[47308\]: Failed password for invalid user fran from 68.69.167.149 port 49382 ssh2Jul 10 08:39:17 ift sshd\[47984\]: Invalid user hirashi from 68.69.167.149 ...	2020-07-10 17:30:50
66.249.66.208	attackbotsspam	Automatic report - Banned IP Access	2020-07-10 17:05:48
157.245.186.41	attackbots	2020-07-10T10:40:46.705994galaxy.wi.uni-potsdam.de sshd[22921]: Invalid user physics from 157.245.186.41 port 51670 2020-07-10T10:40:46.708321galaxy.wi.uni-potsdam.de sshd[22921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.186.41 2020-07-10T10:40:46.705994galaxy.wi.uni-potsdam.de sshd[22921]: Invalid user physics from 157.245.186.41 port 51670 2020-07-10T10:40:49.319474galaxy.wi.uni-potsdam.de sshd[22921]: Failed password for invalid user physics from 157.245.186.41 port 51670 ssh2 2020-07-10T10:44:03.322683galaxy.wi.uni-potsdam.de sshd[23307]: Invalid user oracle from 157.245.186.41 port 49238 2020-07-10T10:44:03.327724galaxy.wi.uni-potsdam.de sshd[23307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.186.41 2020-07-10T10:44:03.322683galaxy.wi.uni-potsdam.de sshd[23307]: Invalid user oracle from 157.245.186.41 port 49238 2020-07-10T10:44:05.316762galaxy.wi.uni-potsdam.de sshd[23307]: ...	2020-07-10 17:00:46
209.126.8.99	attackbots	$f2bV_matches	2020-07-10 17:21:31

最近上报的IP列表

107.179.3.67	122.157.250.255	117.95.22.75	219.233.49.226
106.12.78.40	105.112.31.160	95.223.58.130	40.119.161.11
183.161.149.149	2400:8901::f03c:92ff:fe60:3384	15.222.48.193	120.253.11.135
117.70.40.224	201.62.65.57	36.59.246.67	92.36.142.37
66.249.73.216	143.34.215.25	148.72.171.87	49.81.171.68