200.81.54.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Paz & Ramos Internet E Telecomunicacoes Ltda

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 11 06:24:19 piServer sshd[754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.81.54.6 Jul 11 06:24:22 piServer sshd[754]: Failed password for invalid user janice from 200.81.54.6 port 42128 ssh2 Jul 11 06:28:18 piServer sshd[1327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.81.54.6 ...	2020-07-11 12:41:12
attackspambots	Jun 10 20:01:10 b-admin sshd[12389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.81.54.6 user=r.r Jun 10 20:01:12 b-admin sshd[12389]: Failed password for r.r from 200.81.54.6 port 52348 ssh2 Jun 10 20:01:12 b-admin sshd[12389]: Received disconnect from 200.81.54.6 port 52348:11: Bye Bye [preauth] Jun 10 20:01:12 b-admin sshd[12389]: Disconnected from 200.81.54.6 port 52348 [preauth] Jun 10 20:05:44 b-admin sshd[13401]: Invalid user admin from 200.81.54.6 port 54966 Jun 10 20:05:44 b-admin sshd[13401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.81.54.6 Jun 10 20:05:45 b-admin sshd[13401]: Failed password for invalid user admin from 200.81.54.6 port 54966 ssh2 Jun 10 20:05:45 b-admin sshd[13401]: Received disconnect from 200.81.54.6 port 54966:11: Bye Bye [preauth] Jun 10 20:05:45 b-admin sshd[13401]: Disconnected from 200.81.54.6 port 54966 [preauth] ........ ----------------------------------------------- http	2020-06-11 08:07:03

类型

评论内容

时间

attack

Jul 11 06:24:19 piServer sshd[754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.81.54.6 
Jul 11 06:24:22 piServer sshd[754]: Failed password for invalid user janice from 200.81.54.6 port 42128 ssh2
Jul 11 06:28:18 piServer sshd[1327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.81.54.6 
...

2020-07-11 12:41:12

attackspambots

Jun 10 20:01:10 b-admin sshd[12389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.81.54.6  user=r.r
Jun 10 20:01:12 b-admin sshd[12389]: Failed password for r.r from 200.81.54.6 port 52348 ssh2
Jun 10 20:01:12 b-admin sshd[12389]: Received disconnect from 200.81.54.6 port 52348:11: Bye Bye [preauth]
Jun 10 20:01:12 b-admin sshd[12389]: Disconnected from 200.81.54.6 port 52348 [preauth]
Jun 10 20:05:44 b-admin sshd[13401]: Invalid user admin from 200.81.54.6 port 54966
Jun 10 20:05:44 b-admin sshd[13401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.81.54.6
Jun 10 20:05:45 b-admin sshd[13401]: Failed password for invalid user admin from 200.81.54.6 port 54966 ssh2
Jun 10 20:05:45 b-admin sshd[13401]: Received disconnect from 200.81.54.6 port 54966:11: Bye Bye [preauth]
Jun 10 20:05:45 b-admin sshd[13401]: Disconnected from 200.81.54.6 port 54966 [preauth]


........
-----------------------------------------------
http

2020-06-11 08:07:03

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.81.54.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46833
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.81.54.6.			IN	A

;; AUTHORITY SECTION:
.			568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061001 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 08:06:59 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 6.54.81.200.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.54.81.200.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
39.57.200.32	attackspam	39.57.200.32 - - [15/Jul/2019:18:57:28 +0200] "GET /wp-login.php HTTP/1.1" 302 576 ...	2019-07-16 02:28:02
51.254.53.32	attackbotsspam	Jul 15 13:15:51 aat-srv002 sshd[18512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.53.32 Jul 15 13:15:53 aat-srv002 sshd[18512]: Failed password for invalid user wang from 51.254.53.32 port 35362 ssh2 Jul 15 13:20:20 aat-srv002 sshd[18656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.53.32 Jul 15 13:20:22 aat-srv002 sshd[18656]: Failed password for invalid user webmaster from 51.254.53.32 port 60654 ssh2 ...	2019-07-16 02:32:59
5.62.58.115	attack	3CX Blacklist	2019-07-16 02:58:56
104.248.116.140	attack	Jul 15 20:22:43 dedicated sshd[4458]: Invalid user fctrserver from 104.248.116.140 port 59756	2019-07-16 02:26:33
115.237.93.29	attackbotsspam	Automatic report - Port Scan Attack	2019-07-16 02:47:51
103.231.139.130	attackspam	Jul 15 20:40:21 relay postfix/smtpd\[16236\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 15 20:40:36 relay postfix/smtpd\[22598\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 15 20:40:55 relay postfix/smtpd\[13279\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 15 20:41:10 relay postfix/smtpd\[22598\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 15 20:41:29 relay postfix/smtpd\[13279\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-07-16 02:41:56
190.109.168.18	attackbotsspam	Feb 16 10:06:47 vtv3 sshd\[32740\]: Invalid user jesse from 190.109.168.18 port 50527 Feb 16 10:06:47 vtv3 sshd\[32740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.109.168.18 Feb 16 10:06:49 vtv3 sshd\[32740\]: Failed password for invalid user jesse from 190.109.168.18 port 50527 ssh2 Feb 16 10:12:14 vtv3 sshd\[1948\]: Invalid user antonio from 190.109.168.18 port 45521 Feb 16 10:12:14 vtv3 sshd\[1948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.109.168.18 Feb 21 06:40:27 vtv3 sshd\[7539\]: Invalid user ubuntu from 190.109.168.18 port 45381 Feb 21 06:40:27 vtv3 sshd\[7539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.109.168.18 Feb 21 06:40:28 vtv3 sshd\[7539\]: Failed password for invalid user ubuntu from 190.109.168.18 port 45381 ssh2 Feb 21 06:46:35 vtv3 sshd\[9232\]: Invalid user user from 190.109.168.18 port 40388 Feb 21 06:46:35 vtv3 sshd\[9232\]:	2019-07-16 02:56:59
78.128.113.67	attackbots	Jul 15 20:33:10 mail postfix/smtpd\[2722\]: warning: unknown\[78.128.113.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 15 20:33:37 mail postfix/smtpd\[2722\]: warning: unknown\[78.128.113.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 15 20:33:47 mail postfix/smtpd\[32080\]: warning: unknown\[78.128.113.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-16 02:42:36
66.70.188.25	attackbotsspam	Jul 15 18:41:54 MK-Soft-VM3 sshd\[27880\]: Invalid user test1 from 66.70.188.25 port 35336 Jul 15 18:41:54 MK-Soft-VM3 sshd\[27880\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.188.25 Jul 15 18:41:56 MK-Soft-VM3 sshd\[27880\]: Failed password for invalid user test1 from 66.70.188.25 port 35336 ssh2 ...	2019-07-16 03:02:43
179.184.217.83	attack	Jul 16 00:07:26 vibhu-HP-Z238-Microtower-Workstation sshd\[19979\]: Invalid user unreal from 179.184.217.83 Jul 16 00:07:26 vibhu-HP-Z238-Microtower-Workstation sshd\[19979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.217.83 Jul 16 00:07:28 vibhu-HP-Z238-Microtower-Workstation sshd\[19979\]: Failed password for invalid user unreal from 179.184.217.83 port 49612 ssh2 Jul 16 00:13:21 vibhu-HP-Z238-Microtower-Workstation sshd\[21211\]: Invalid user admin from 179.184.217.83 Jul 16 00:13:21 vibhu-HP-Z238-Microtower-Workstation sshd\[21211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.217.83 ...	2019-07-16 02:46:38
164.132.230.244	attack	/wp-login.php	2019-07-16 03:03:41
149.56.15.98	attackbotsspam	Jul 15 14:42:01 TORMINT sshd\[26562\]: Invalid user jboss from 149.56.15.98 Jul 15 14:42:01 TORMINT sshd\[26562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.15.98 Jul 15 14:42:02 TORMINT sshd\[26562\]: Failed password for invalid user jboss from 149.56.15.98 port 47102 ssh2 ...	2019-07-16 02:54:09
193.112.56.237	attackspambots	Jul 15 23:22:28 vibhu-HP-Z238-Microtower-Workstation sshd\[10995\]: Invalid user admin from 193.112.56.237 Jul 15 23:22:28 vibhu-HP-Z238-Microtower-Workstation sshd\[10995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.56.237 Jul 15 23:22:30 vibhu-HP-Z238-Microtower-Workstation sshd\[10995\]: Failed password for invalid user admin from 193.112.56.237 port 38362 ssh2 Jul 15 23:25:58 vibhu-HP-Z238-Microtower-Workstation sshd\[11697\]: Invalid user temp from 193.112.56.237 Jul 15 23:25:58 vibhu-HP-Z238-Microtower-Workstation sshd\[11697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.56.237 ...	2019-07-16 02:20:05
46.122.0.164	attackbots	Jul 15 18:28:52 mail sshd\[16662\]: Invalid user go from 46.122.0.164 port 42340 Jul 15 18:28:52 mail sshd\[16662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.122.0.164 Jul 15 18:28:55 mail sshd\[16662\]: Failed password for invalid user go from 46.122.0.164 port 42340 ssh2 Jul 15 18:34:21 mail sshd\[16704\]: Invalid user testwww from 46.122.0.164 port 38286 Jul 15 18:34:21 mail sshd\[16704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.122.0.164 ...	2019-07-16 02:49:28
200.69.204.143	attack	2019-07-15T18:07:16.612180abusebot-6.cloudsearch.cf sshd\[30976\]: Invalid user io from 200.69.204.143 port 35009	2019-07-16 02:38:56

最近上报的IP列表

125.160.115.123	115.36.130.126	218.14.53.136	195.59.206.60
61.69.96.100	69.152.162.170	82.63.161.184	69.126.145.227
167.62.158.38	126.76.236.169	67.151.181.234	76.85.16.199
154.125.156.155	200.239.10.102	32.129.135.18	171.239.82.144
184.168.27.111	101.109.26.143	50.125.65.32	89.11.3.27