150.145.87.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Italy

运营商(isp): Consiglio Nazionale delle Ricerche

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Dec 14 01:00:20 cumulus sshd[30257]: Invalid user test from 150.145.87.20 port 41330 Dec 14 01:00:20 cumulus sshd[30257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.145.87.20 Dec 14 01:00:22 cumulus sshd[30257]: Failed password for invalid user test from 150.145.87.20 port 41330 ssh2 Dec 14 01:00:22 cumulus sshd[30257]: Received disconnect from 150.145.87.20 port 41330:11: Bye Bye [preauth] Dec 14 01:00:22 cumulus sshd[30257]: Disconnected from 150.145.87.20 port 41330 [preauth] Dec 14 01:16:50 cumulus sshd[31270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.145.87.20 user=r.r Dec 14 01:16:51 cumulus sshd[31270]: Failed password for r.r from 150.145.87.20 port 54260 ssh2 Dec 14 01:16:52 cumulus sshd[31270]: Received disconnect from 150.145.87.20 port 54260:11: Bye Bye [preauth] Dec 14 01:16:52 cumulus sshd[31270]: Disconnected from 150.145.87.20 port 54260 [preauth] Dec 14 ........ -------------------------------	2019-12-14 15:26:34

类型

评论内容

时间

attackspambots

Dec 14 01:00:20 cumulus sshd[30257]: Invalid user test from 150.145.87.20 port 41330
Dec 14 01:00:20 cumulus sshd[30257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.145.87.20
Dec 14 01:00:22 cumulus sshd[30257]: Failed password for invalid user test from 150.145.87.20 port 41330 ssh2
Dec 14 01:00:22 cumulus sshd[30257]: Received disconnect from 150.145.87.20 port 41330:11: Bye Bye [preauth]
Dec 14 01:00:22 cumulus sshd[30257]: Disconnected from 150.145.87.20 port 41330 [preauth]
Dec 14 01:16:50 cumulus sshd[31270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.145.87.20  user=r.r
Dec 14 01:16:51 cumulus sshd[31270]: Failed password for r.r from 150.145.87.20 port 54260 ssh2
Dec 14 01:16:52 cumulus sshd[31270]: Received disconnect from 150.145.87.20 port 54260:11: Bye Bye [preauth]
Dec 14 01:16:52 cumulus sshd[31270]: Disconnected from 150.145.87.20 port 54260 [preauth]
Dec 14 ........
-------------------------------

2019-12-14 15:26:34

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 150.145.87.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17328
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;150.145.87.20.			IN	A

;; AUTHORITY SECTION:
.			366	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121400 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 15:26:31 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

20.87.145.150.in-addr.arpa domain name pointer quad2.ic.cnr.it.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.87.145.150.in-addr.arpa	name = quad2.ic.cnr.it.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
113.161.37.172	attack	SASL PLAIN auth failed: ruser=...	2020-01-03 08:27:49
14.186.62.203	attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-01-03 08:29:39
139.155.21.46	attackspam	(sshd) Failed SSH login from 139.155.21.46 (CN/China/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 2 23:00:00 andromeda sshd[11221]: Invalid user kda from 139.155.21.46 port 38714 Jan 2 23:00:02 andromeda sshd[11221]: Failed password for invalid user kda from 139.155.21.46 port 38714 ssh2 Jan 2 23:06:00 andromeda sshd[11917]: Invalid user tfserver from 139.155.21.46 port 36352	2020-01-03 08:18:46
129.213.63.120	attackbotsspam	Jan 3 00:10:20 nextcloud sshd\[11895\]: Invalid user praful from 129.213.63.120 Jan 3 00:10:20 nextcloud sshd\[11895\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.63.120 Jan 3 00:10:22 nextcloud sshd\[11895\]: Failed password for invalid user praful from 129.213.63.120 port 58666 ssh2 ...	2020-01-03 08:33:19
14.161.6.201	attackbots	SSH-bruteforce attempts	2020-01-03 08:34:01
90.84.45.38	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-01-03 08:35:36
107.170.244.110	attackbotsspam	SSH bruteforce (Triggered fail2ban)	2020-01-03 08:49:17
114.46.56.93	attack	Fail2Ban Ban Triggered	2020-01-03 08:50:46
170.81.148.7	attackbots	Jan 3 01:01:18 localhost sshd\[10768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.81.148.7 user=root Jan 3 01:01:20 localhost sshd\[10768\]: Failed password for root from 170.81.148.7 port 43398 ssh2 Jan 3 01:06:51 localhost sshd\[11240\]: Invalid user andreas from 170.81.148.7 port 56336 Jan 3 01:06:51 localhost sshd\[11240\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.81.148.7	2020-01-03 08:16:43
212.66.48.37	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-01-2020 23:05:35.	2020-01-03 08:48:12
14.169.167.10	attackspam	SASL PLAIN auth failed: ruser=...	2020-01-03 08:30:34
92.63.194.70	attack	3389BruteforceFW22	2020-01-03 08:15:06
217.115.57.194	attackbots	Jan 3 00:05:26 localhost postfix/smtpd\[22194\]: warning: 217-115-57-194.cust.bredband2.com\[217.115.57.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 00:05:32 localhost postfix/smtpd\[22194\]: warning: 217-115-57-194.cust.bredband2.com\[217.115.57.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 00:05:42 localhost postfix/smtpd\[22194\]: warning: 217-115-57-194.cust.bredband2.com\[217.115.57.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 00:06:05 localhost postfix/smtpd\[22194\]: warning: 217-115-57-194.cust.bredband2.com\[217.115.57.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 3 00:06:11 localhost postfix/smtpd\[22194\]: warning: 217-115-57-194.cust.bredband2.com\[217.115.57.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-01-03 08:14:31
92.119.160.31	attack	Jan 3 00:53:57 h2177944 kernel: \[1207849.951234\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.31 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=53092 PROTO=TCP SPT=54881 DPT=4444 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 3 00:53:57 h2177944 kernel: \[1207849.951248\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.31 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=53092 PROTO=TCP SPT=54881 DPT=4444 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 3 00:58:30 h2177944 kernel: \[1208123.495582\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.31 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=34695 PROTO=TCP SPT=54881 DPT=33891 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 3 00:58:30 h2177944 kernel: \[1208123.495595\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.31 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=34695 PROTO=TCP SPT=54881 DPT=33891 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 3 01:07:54 h2177944 kernel: \[1208687.158796\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.31 DST=85.214.117	2020-01-03 08:18:16
37.139.3.113	attack	Runs a cryptocurrency malware that brute-forces servers over ssh	2020-01-03 08:36:24

最近上报的IP列表

103.39.209.3	122.51.221.184	106.51.137.113	113.23.24.12
110.4.189.228	195.19.36.80	185.215.113.210	39.51.83.7
75.155.129.110	92.46.247.103	86.232.119.7	5.52.126.26
219.141.190.195	136.232.112.125	120.6.138.186	111.72.197.190
50.16.64.127	60.191.214.158	183.136.123.57	185.43.189.133