20.50.20.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	invalid user	2020-07-18 16:55:11
attackspam	2020-07-16 05:00:54.001567-0500 localhost sshd[73289]: Failed password for root from 20.50.20.52 port 14669 ssh2	2020-07-16 18:08:35
attackspam	Jul 15 21:04:15 vm1 sshd[13430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.50.20.52 Jul 15 21:04:17 vm1 sshd[13430]: Failed password for invalid user ec2-user from 20.50.20.52 port 54777 ssh2 ...	2020-07-16 03:11:27
attack	Jul 13 18:15:26 XXX sshd[937]: Invalid user testuser from 20.50.20.52 Jul 13 18:15:26 XXX sshd[940]: Invalid user testuser from 20.50.20.52 Jul 13 18:15:26 XXX sshd[935]: Invalid user testuser from 20.50.20.52 Jul 13 18:15:26 XXX sshd[936]: Invalid user testuser from 20.50.20.52 Jul 13 18:15:26 XXX sshd[939]: Invalid user testuser from 20.50.20.52 Jul 13 18:15:26 XXX sshd[941]: Invalid user testuser from 20.50.20.52 Jul 13 18:15:26 XXX sshd[938]: Invalid user testuser from 20.50.20.52 Jul 13 18:15:26 XXX sshd[937]: Received disconnect from 20.50.20.52: 11: Client disconnecting normally [preauth] Jul 13 18:15:26 XXX sshd[936]: Received disconnect from 20.50.20.52: 11: Client disconnecting normally [preauth] Jul 13 18:15:26 XXX sshd[935]: Received disconnect from 20.50.20.52: 11: Client disconnecting normally [preauth] Jul 13 18:15:26 XXX sshd[940]: Received disconnect from 20.50.20.52: 11: Client disconnecting normally [preauth] Jul 13 18:15:26 XXX sshd[939]: Received di........ -------------------------------	2020-07-15 03:32:55
attackbots	Jul 14 19:28:20 nextcloud sshd\[5152\]: Invalid user administrator from 20.50.20.52 Jul 14 19:28:20 nextcloud sshd\[5152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.50.20.52 Jul 14 19:28:21 nextcloud sshd\[5152\]: Failed password for invalid user administrator from 20.50.20.52 port 21890 ssh2	2020-07-15 01:53:38

相同子网IP讨论:

IP	类型	评论内容	时间
20.50.20.31	attack	Unauthorized connection attempt detected from IP address 20.50.20.31 to port 1433	2020-07-21 14:14:25
20.50.20.31	attack	sshd: Failed password for .... from 20.50.20.31 port 40073 ssh2	2020-07-18 18:22:19
20.50.20.99	attack	Invalid user admin from 20.50.20.99 port 17278	2020-07-18 07:04:58
20.50.20.31	attack	Jul 16 15:33:55 mout sshd[16566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.50.20.31 user=root Jul 16 15:33:57 mout sshd[16566]: Failed password for root from 20.50.20.31 port 48031 ssh2	2020-07-16 22:27:19
20.50.20.99	attackspam	2020-07-16 01:52:09.390813-0500 localhost sshd[60092]: Failed password for root from 20.50.20.99 port 38183 ssh2	2020-07-16 17:00:16
20.50.20.31	attack	Jul 15 21:08:27 fhem-rasp sshd[16144]: Invalid user ec2-user from 20.50.20.31 port 62743 ...	2020-07-16 03:13:37
20.50.20.99	attackspam	"Unauthorized connection attempt on SSHD detected"	2020-07-16 03:09:41
20.50.20.31	attackspambots	Jul 14 22:26:08 logopedia-1vcpu-1gb-nyc1-01 sshd[86127]: Invalid user admin from 20.50.20.31 port 1466 ...	2020-07-15 10:31:12
20.50.20.31	attack	"Unauthorized connection attempt on SSHD detected"	2020-07-15 04:12:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.50.20.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31374
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;20.50.20.52.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 01:53:35 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 52.20.50.20.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.20.50.20.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
124.207.221.66	attackbotsspam	Bruteforce detected by fail2ban	2020-05-24 17:36:49
87.251.75.247	attack	RDP brute force attack detected by fail2ban	2020-05-24 17:54:42
122.51.114.213	attackspambots	Failed password for invalid user bzh from 122.51.114.213 port 51466 ssh2	2020-05-24 17:38:01
137.59.57.69	attackbotsspam	Autoban 137.59.57.69 AUTH/CONNECT	2020-05-24 17:53:27
103.102.250.254	attackbots	May 24 08:06:03 powerpi2 sshd[3343]: Invalid user hhp from 103.102.250.254 port 47834 May 24 08:06:05 powerpi2 sshd[3343]: Failed password for invalid user hhp from 103.102.250.254 port 47834 ssh2 May 24 08:13:16 powerpi2 sshd[3762]: Invalid user yni from 103.102.250.254 port 54554 ...	2020-05-24 17:51:47
210.99.216.205	attackbotsspam	May 24 10:40:18 cdc sshd[2014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.99.216.205 May 24 10:40:20 cdc sshd[2014]: Failed password for invalid user fuc from 210.99.216.205 port 41650 ssh2	2020-05-24 17:41:07
61.82.130.233	attackbots	May 24 09:48:20 vps sshd[353749]: Failed password for invalid user fwg from 61.82.130.233 port 33785 ssh2 May 24 09:52:29 vps sshd[372894]: Invalid user zdn from 61.82.130.233 port 64973 May 24 09:52:29 vps sshd[372894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.82.130.233 May 24 09:52:31 vps sshd[372894]: Failed password for invalid user zdn from 61.82.130.233 port 64973 ssh2 May 24 09:56:52 vps sshd[392340]: Invalid user oui from 61.82.130.233 port 39662 ...	2020-05-24 17:48:13
222.186.175.148	attackspambots	May 24 11:24:53 ns381471 sshd[26736]: Failed password for root from 222.186.175.148 port 50324 ssh2 May 24 11:25:05 ns381471 sshd[26736]: Failed password for root from 222.186.175.148 port 50324 ssh2	2020-05-24 17:25:44
200.76.148.99	attackspambots	1590292039 - 05/24/2020 05:47:19 Host: 200.76.148.99/200.76.148.99 Port: 445 TCP Blocked	2020-05-24 18:06:21
119.27.189.46	attackspambots	Invalid user bjr from 119.27.189.46 port 34458	2020-05-24 17:43:26
145.255.180.140	attackbots	2020-05-23 22:35:54.015681-0500 localhost smtpd[89054]: NOQUEUE: reject: RCPT from unknown[145.255.180.140]: 554 5.7.1 Service unavailable; Client host [145.255.180.140] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/145.255.180.140; from= to= proto=ESMTP helo=<[145.255.180.140]>	2020-05-24 17:35:11
36.189.253.226	attackspam	May 24 11:04:17 vps687878 sshd\[20135\]: Invalid user akf from 36.189.253.226 port 51379 May 24 11:04:17 vps687878 sshd\[20135\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.189.253.226 May 24 11:04:19 vps687878 sshd\[20135\]: Failed password for invalid user akf from 36.189.253.226 port 51379 ssh2 May 24 11:08:04 vps687878 sshd\[20610\]: Invalid user sunjj from 36.189.253.226 port 42867 May 24 11:08:04 vps687878 sshd\[20610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.189.253.226 ...	2020-05-24 18:03:22
94.231.136.194	attackbots	2020-05-23 22:40:34.198163-0500 localhost smtpd[89309]: NOQUEUE: reject: RCPT from unknown[94.231.136.194]: 554 5.7.1 Service unavailable; Client host [94.231.136.194] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/94.231.136.194 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[94.231.136.194]>	2020-05-24 17:29:53
94.231.130.172	attack	Port Scan detected! ...	2020-05-24 17:54:14
106.12.27.65	attackspam	Unauthorized SSH login attempts	2020-05-24 18:04:34

最近上报的IP列表

36.247.152.249	72.168.132.146	20.185.70.142	13.90.60.78
191.232.55.103	177.67.78.223	120.7.180.9	52.163.120.20
185.143.73.142	104.43.217.180	49.213.180.211	52.188.114.163
31.148.162.70	183.178.128.231	106.83.87.169	93.142.246.116
220.135.243.47	37.120.203.75	210.209.170.48	187.62.203.245