85.93.20.122 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): L&L Investment Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Repeated RDP login failures. Last user: administrator	2020-10-03 03:39:11
attack	Repeated RDP login failures. Last user: administrator	2020-10-03 02:27:39
attackbots	Repeated RDP login failures. Last user: administrator	2020-10-02 22:56:47
attackspambots	Repeated RDP login failures. Last user: administrator	2020-10-02 19:28:26
attack	Repeated RDP login failures. Last user: administrator	2020-10-02 16:04:25
attackbots	Repeated RDP login failures. Last user: administrator	2020-10-02 12:18:39

相同子网IP讨论:

IP	类型	评论内容	时间
85.93.20.134	attack	port	2020-10-14 05:40:04
85.93.20.134	attackspambots	RDP Bruteforce	2020-10-13 01:15:46
85.93.20.134	attackspambots	[portscan] tcp/3389 [MS RDP] *(RWIN=1024)(10120855)	2020-10-12 16:38:46
85.93.20.134	attackspambots	2020-10-10 13:54:09.587374-0500 localhost screensharingd[38744]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 85.93.20.134 :: Type: VNC DES	2020-10-11 03:36:45
85.93.20.134	attackspambots	2020-10-10 05:50:23.141580-0500 localhost screensharingd[450]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 85.93.20.134 :: Type: VNC DES	2020-10-10 19:29:30
85.93.20.6	attackspambots	RDPBrutePap	2020-10-04 02:38:43
85.93.20.170	attackspam	Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080	2020-09-23 22:42:35
85.93.20.170	attack	Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080	2020-09-23 15:00:05
85.93.20.170	attackbotsspam	1600813421 - 09/23/2020 05:23:41 Host: 85.93.20.170/85.93.20.170 Port: 3000 TCP Blocked ...	2020-09-23 06:51:18
85.93.20.6	attackspambots	RDP brute forcing (r)	2020-09-04 21:07:52
85.93.20.6	attackspam	RDP brute forcing (r)	2020-09-04 12:47:35
85.93.20.6	attackbots	SSH Bruteforce Attempt on Honeypot	2020-09-04 05:18:00
85.93.20.85	attack	200826 9:13:45 [Warning] Access denied for user 'admin'@'85.93.20.85' (using password: YES) 200826 9:15:14 [Warning] Access denied for user 'admin'@'85.93.20.85' (using password: YES) 200826 9:16:42 [Warning] Access denied for user 'admin'@'85.93.20.85' (using password: YES) ...	2020-08-26 23:36:25
85.93.20.89	attack	port scan and connect, tcp 3306 (mysql)	2020-08-24 02:16:12
85.93.20.149	attackspam	200820 15:51:19 [Warning] Access denied for user 'root'@'85.93.20.149' (using password: YES) 200820 17:15:39 [Warning] Access denied for user 'root'@'85.93.20.149' (using password: YES) 200820 23:35:38 [Warning] Access denied for user 'root'@'85.93.20.149' (using password: YES) ...	2020-08-21 14:35:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 85.93.20.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14406
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.93.20.122.			IN	A

;; AUTHORITY SECTION:
.			341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100102 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 02 12:18:34 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 122.20.93.85.in-addr.arpa not found: 5(REFUSED)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 122.20.93.85.in-addr.arpa: REFUSED

最新评论:

IP	类型	评论内容	时间
170.81.140.12	attackbots	Sep 30 08:49:28 our-server-hostname postfix/smtpd[19537]: connect from unknown[170.81.140.12] Sep x@x Sep x@x Sep x@x Sep 30 08:49:31 our-server-hostname postfix/smtpd[19537]: lost connection after RCPT from unknown[170.81.140.12] Sep 30 08:49:31 our-server-hostname postfix/smtpd[19537]: disconnect from unknown[170.81.140.12] Sep 30 09:14:38 our-server-hostname postfix/smtpd[19445]: connect from unknown[170.81.140.12] Sep x@x Sep 30 09:14:41 our-server-hostname postfix/smtpd[19445]: lost connection after RCPT from unknown[170.81.140.12] Sep 30 09:14:41 our-server-hostname postfix/smtpd[19445]: disconnect from unknown[170.81.140.12] Sep 30 12:55:01 our-server-hostname postfix/smtpd[12836]: connect from unknown[170.81.140.12] Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep 30 12:55:07 our-server-hostname postfix/smtpd[12836]: lost connection after RCPT from unknown[170.81.140.12] Sep 30 12:55:07 our-server-hostname postfix/smtpd[12836]:........ -------------------------------	2019-10-04 16:57:29
45.23.108.9	attack	Oct 4 07:04:28 www5 sshd\[37265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.23.108.9 user=root Oct 4 07:04:31 www5 sshd\[37265\]: Failed password for root from 45.23.108.9 port 58935 ssh2 Oct 4 07:08:37 www5 sshd\[38141\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.23.108.9 user=root ...	2019-10-04 17:43:34
94.177.224.127	attack	Oct 4 06:27:32 ms-srv sshd[36536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.224.127 user=root Oct 4 06:27:34 ms-srv sshd[36536]: Failed password for invalid user root from 94.177.224.127 port 44144 ssh2	2019-10-04 17:13:05
190.14.37.46	attackbots	Oct 3 19:55:42 localhost kernel: [3884761.853546] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=190.14.37.46 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=60 ID=19870 DF PROTO=TCP SPT=50723 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 19:55:42 localhost kernel: [3884761.853586] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=190.14.37.46 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=60 ID=19870 DF PROTO=TCP SPT=50723 DPT=22 SEQ=473479659 ACK=0 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 23:53:02 localhost kernel: [3899001.310452] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=190.14.37.46 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=79 ID=22525 DF PROTO=TCP SPT=58788 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 23:53:02 localhost kernel: [3899001.310481] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=190.14.37.46 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0	2019-10-04 16:54:44
92.119.160.106	attackbots	Port scan on 3 port(s): 62389 62713 62895	2019-10-04 17:45:09
123.207.7.130	attackspam	Oct 4 10:42:44 OPSO sshd\[5612\]: Invalid user 123qwertyuiop from 123.207.7.130 port 52476 Oct 4 10:42:44 OPSO sshd\[5612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.7.130 Oct 4 10:42:46 OPSO sshd\[5612\]: Failed password for invalid user 123qwertyuiop from 123.207.7.130 port 52476 ssh2 Oct 4 10:47:38 OPSO sshd\[6399\]: Invalid user CENTOS@1234 from 123.207.7.130 port 33050 Oct 4 10:47:38 OPSO sshd\[6399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.7.130	2019-10-04 16:54:13
190.145.55.89	attackspam	$f2bV_matches	2019-10-04 17:30:37
54.37.204.154	attackbots	Oct 3 23:00:51 php1 sshd\[24984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.204.154 user=root Oct 3 23:00:52 php1 sshd\[24984\]: Failed password for root from 54.37.204.154 port 45866 ssh2 Oct 3 23:04:11 php1 sshd\[25276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.204.154 user=root Oct 3 23:04:13 php1 sshd\[25276\]: Failed password for root from 54.37.204.154 port 54482 ssh2 Oct 3 23:07:33 php1 sshd\[25537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.204.154 user=root	2019-10-04 17:07:56
49.88.112.78	attackbots	Oct 4 11:28:26 vpn01 sshd[31053]: Failed password for root from 49.88.112.78 port 20539 ssh2 Oct 4 11:28:29 vpn01 sshd[31053]: Failed password for root from 49.88.112.78 port 20539 ssh2 ...	2019-10-04 17:31:19
49.88.112.70	attackbotsspam	Oct 4 05:52:23 MK-Soft-VM4 sshd[10151]: Failed password for root from 49.88.112.70 port 63883 ssh2 Oct 4 05:52:27 MK-Soft-VM4 sshd[10151]: Failed password for root from 49.88.112.70 port 63883 ssh2 ...	2019-10-04 17:22:24
206.189.165.94	attackbots	Oct 4 09:15:33 vps01 sshd[32562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.165.94 Oct 4 09:15:35 vps01 sshd[32562]: Failed password for invalid user Avatar123 from 206.189.165.94 port 39340 ssh2	2019-10-04 17:14:40
5.63.187.116	attackbots	Sep 30 07:56:38 our-server-hostname postfix/smtpd[28215]: connect from unknown[5.63.187.116] Sep x@x Sep x@x Sep x@x Sep 30 07:56:42 our-server-hostname postfix/smtpd[28215]: lost connection after RCPT from unknown[5.63.187.116] Sep 30 07:56:42 our-server-hostname postfix/smtpd[28215]: disconnect from unknown[5.63.187.116] Sep 30 13:57:18 our-server-hostname postfix/smtpd[5205]: connect from unknown[5.63.187.116] Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=5.63.187.116	2019-10-04 17:03:10
47.74.190.56	attackspam	Oct 4 06:52:07 www sshd\[227000\]: Invalid user Centrum from 47.74.190.56 Oct 4 06:52:07 www sshd\[227000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.74.190.56 Oct 4 06:52:09 www sshd\[227000\]: Failed password for invalid user Centrum from 47.74.190.56 port 57620 ssh2 ...	2019-10-04 17:35:32
189.175.243.190	attackbots	fail2ban honeypot	2019-10-04 17:10:42
176.115.100.201	attackspambots	Oct 4 10:55:08 dedicated sshd[15110]: Invalid user Qaz@2018 from 176.115.100.201 port 50068	2019-10-04 17:17:15

最近上报的IP列表

217.71.225.150	201.149.49.146	220.186.178.122	154.209.228.223
188.166.219.183	222.222.58.103	119.29.144.236	200.160.116.25
52.117.100.243	211.24.112.233	146.118.26.95	37.71.182.172
142.128.85.70	150.152.138.51	38.215.38.115	76.29.139.168
213.71.79.240	221.100.130.179	4.64.231.94	179.52.187.206