45.93.20.154 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Scanifi LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	12/24/2019-05:30:20.456820 45.93.20.154 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 43	2019-12-24 19:23:01
attackbots	firewall-block, port(s): 47880/tcp	2019-12-17 04:38:07
attackbotsspam	39307/tcp 28279/tcp 47511/tcp... [2019-11-26/12-13]10pkt,10pt.(tcp)	2019-12-14 06:55:28

类型

评论内容

时间

attack

12/24/2019-05:30:20.456820 45.93.20.154 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 43

2019-12-24 19:23:01

attackbots

firewall-block, port(s): 47880/tcp

2019-12-17 04:38:07

attackbotsspam

39307/tcp 28279/tcp 47511/tcp...
[2019-11-26/12-13]10pkt,10pt.(tcp)

2019-12-14 06:55:28

相同子网IP讨论:

IP	类型	评论内容	时间
45.93.20.165	attackspam	" "	2019-12-28 00:33:47
45.93.20.156	attack	firewall-block, port(s): 27973/tcp	2019-12-27 15:09:30
45.93.20.171	attackspam	Dec 27 05:57:33 debian-2gb-nbg1-2 kernel: \[1075378.769969\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.93.20.171 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=241 ID=29493 PROTO=TCP SPT=61000 DPT=4031 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-27 13:10:40
45.93.20.186	attack	firewall-block, port(s): 8943/tcp	2019-12-26 14:49:12
45.93.20.156	attackbots	firewall-block, port(s): 45954/tcp	2019-12-26 08:11:09
45.93.20.161	attackbotsspam	56104/tcp 38252/tcp 33404/tcp... [2019-11-28/12-25]22pkt,22pt.(tcp)	2019-12-25 21:15:52
45.93.20.181	attack	Fail2Ban Ban Triggered	2019-12-25 15:36:33
45.93.20.180	attack	Unauthorized connection attempt detected from IP address 45.93.20.180 to port 11754	2019-12-25 13:24:34
45.93.20.143	attackbotsspam	" "	2019-12-24 08:44:52
45.93.20.138	attackbots	56208/tcp 24179/tcp 18281/tcp... [2019-11-27/12-23]19pkt,19pt.(tcp)	2019-12-24 06:23:02
45.93.20.184	attackbots	" "	2019-12-24 06:19:05
45.93.20.187	attackbotsspam	firewall-block, port(s): 31502/tcp	2019-12-23 19:15:30
45.93.20.133	attackbots	" "	2019-12-23 08:51:29
45.93.20.190	attack	Unauthorized connection attempt detected from IP address 45.93.20.190 to port 6724	2019-12-23 08:47:35
45.93.20.131	attackspambots	Fail2Ban Ban Triggered	2019-12-23 01:43:03

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.93.20.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32210
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.93.20.154.			IN	A

;; AUTHORITY SECTION:
.			179	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121301 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 06:55:25 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 154.20.93.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.20.93.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
63.143.35.146	attackbotsspam	\[2019-07-23 20:20:56\] NOTICE\[20804\] chan_sip.c: Registration from '\' failed for '63.143.35.146:54433' - Wrong password \[2019-07-23 20:20:56\] SECURITY\[20812\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-23T20:20:56.222-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="733",SessionID="0x7f06f823f758",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/63.143.35.146/54433",Challenge="39f37af0",ReceivedChallenge="39f37af0",ReceivedHash="fa053438170bfc0832433319a120dbd3" \[2019-07-23 20:22:03\] NOTICE\[20804\] chan_sip.c: Registration from '\' failed for '63.143.35.146:53322' - Wrong password \[2019-07-23 20:22:03\] SECURITY\[20812\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-23T20:22:03.403-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="841",SessionID="0x7f06f804c2c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/63.143.35	2019-07-24 08:39:01
42.177.24.185	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-24 08:45:10
109.0.197.237	attackbotsspam	Jul 24 02:57:12 OPSO sshd\[4957\]: Invalid user slr from 109.0.197.237 port 37722 Jul 24 02:57:12 OPSO sshd\[4957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.0.197.237 Jul 24 02:57:14 OPSO sshd\[4957\]: Failed password for invalid user slr from 109.0.197.237 port 37722 ssh2 Jul 24 03:01:44 OPSO sshd\[6109\]: Invalid user matias from 109.0.197.237 port 33814 Jul 24 03:01:44 OPSO sshd\[6109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.0.197.237	2019-07-24 09:03:25
157.230.171.90	attackbotsspam	WordPress brute force	2019-07-24 08:46:51
142.93.222.224	attack	WordPress brute force	2019-07-24 08:47:13
80.245.119.109	attackspam	[portscan] Port scan	2019-07-24 08:48:05
141.98.80.71	attack	Jul 24 00:39:00 localhost sshd\[3004\]: Invalid user admin from 141.98.80.71 port 47332 Jul 24 00:39:00 localhost sshd\[3004\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.80.71 Jul 24 00:39:02 localhost sshd\[3004\]: Failed password for invalid user admin from 141.98.80.71 port 47332 ssh2	2019-07-24 08:51:32
178.218.104.8	attackbots	proto=tcp . spt=35475 . dpt=25 . (listed on Blocklist de Jul 23) (1032)	2019-07-24 09:12:58
159.253.37.114	attackbots	WordPress wp-login brute force :: 159.253.37.114 0.064 BYPASS [24/Jul/2019:09:32:40 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 4214 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-24 08:45:41
51.83.78.109	attack	Jul 23 18:30:50 fwweb01 sshd[30258]: Invalid user webmaster from 51.83.78.109 Jul 23 18:30:53 fwweb01 sshd[30258]: Failed password for invalid user webmaster from 51.83.78.109 port 46656 ssh2 Jul 23 18:30:53 fwweb01 sshd[30258]: Received disconnect from 51.83.78.109: 11: Bye Bye [preauth] Jul 23 18:37:26 fwweb01 sshd[30543]: Invalid user sahil from 51.83.78.109 Jul 23 18:37:27 fwweb01 sshd[30543]: Failed password for invalid user sahil from 51.83.78.109 port 40564 ssh2 Jul 23 18:37:27 fwweb01 sshd[30543]: Received disconnect from 51.83.78.109: 11: Bye Bye [preauth] Jul 23 18:41:39 fwweb01 sshd[30782]: Invalid user liam from 51.83.78.109 Jul 23 18:41:40 fwweb01 sshd[30782]: Failed password for invalid user liam from 51.83.78.109 port 36544 ssh2 Jul 23 18:41:40 fwweb01 sshd[30782]: Received disconnect from 51.83.78.109: 11: Bye Bye [preauth] Jul 23 18:45:50 fwweb01 sshd[30978]: Invalid user user1 from 51.83.78.109 Jul 23 18:45:52 fwweb01 sshd[30978]: Failed password for i........ -------------------------------	2019-07-24 08:42:20
36.89.163.178	attack	Jul 23 22:15:17 host sshd\[65417\]: Invalid user admin from 36.89.163.178 port 44956 Jul 23 22:15:17 host sshd\[65417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.163.178 ...	2019-07-24 08:48:30
97.112.72.109	attackbots	Malicious/Probing: /wp-login.php	2019-07-24 08:56:44
104.214.234.214	attackbots	Jul 23 19:44:43 riskplan-s sshd[20550]: Did not receive identification string from 104.214.234.214 Jul 23 19:46:42 riskplan-s sshd[20605]: Invalid user oracle from 104.214.234.214 Jul 23 19:46:42 riskplan-s sshd[20605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.214.234.214 Jul 23 19:46:45 riskplan-s sshd[20605]: Failed password for invalid user oracle from 104.214.234.214 port 38954 ssh2 Jul 23 19:46:45 riskplan-s sshd[20605]: Received disconnect from 104.214.234.214: 11: Normal Shutdown, Thank you for playing [preauth] Jul 23 19:47:31 riskplan-s sshd[20624]: Invalid user oracle from 104.214.234.214 Jul 23 19:47:31 riskplan-s sshd[20624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.214.234.214 Jul 23 19:47:32 riskplan-s sshd[20624]: Failed password for invalid user oracle from 104.214.234.214 port 47956 ssh2 Jul 23 19:47:32 riskplan-s sshd[20624]: Received disconnect from........ -------------------------------	2019-07-24 08:58:37
85.53.204.115	attackspambots	utm - spam	2019-07-24 09:21:54
217.228.221.253	attackbotsspam	Chat Spam	2019-07-24 08:57:17

最近上报的IP列表

177.126.93.170	45.58.186.238	124.158.179.13	110.77.201.231
220.140.12.174	213.243.213.201	14.175.215.82	185.156.177.233
201.243.40.216	182.99.245.184	165.32.205.88	105.66.134.154
15.206.114.64	187.157.189.84	162.62.17.159	125.26.168.192
72.17.4.18	49.233.140.10	54.247.50.0	106.12.179.101