68.183.91.106 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Invalid user ts3server from 68.183.91.106 port 54538	2020-10-01 09:03:34
attackspam	68.183.91.106 (IN/India/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 30 13:53:05 server2 sshd[689]: Failed password for root from 193.228.91.123 port 52140 ssh2 Sep 30 14:02:40 server2 sshd[2331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.44.6.160 user=root Sep 30 14:01:24 server2 sshd[2169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.92.123 user=root Sep 30 13:54:49 server2 sshd[1052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.106 user=root Sep 30 13:54:51 server2 sshd[1052]: Failed password for root from 68.183.91.106 port 36806 ssh2 IP Addresses Blocked: 193.228.91.123 (GB/United Kingdom/-) 181.44.6.160 (AR/Argentina/-) 129.211.92.123 (CN/China/-)	2020-10-01 01:39:50

类型

评论内容

时间

attack

Invalid user ts3server from 68.183.91.106 port 54538

2020-10-01 09:03:34

attackspam

68.183.91.106 (IN/India/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 30 13:53:05 server2 sshd[689]: Failed password for root from 193.228.91.123 port 52140 ssh2
Sep 30 14:02:40 server2 sshd[2331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.44.6.160  user=root
Sep 30 14:01:24 server2 sshd[2169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.92.123  user=root
Sep 30 13:54:49 server2 sshd[1052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.106  user=root
Sep 30 13:54:51 server2 sshd[1052]: Failed password for root from 68.183.91.106 port 36806 ssh2

IP Addresses Blocked:

193.228.91.123 (GB/United Kingdom/-)
181.44.6.160 (AR/Argentina/-)
129.211.92.123 (CN/China/-)

2020-10-01 01:39:50

相同子网IP讨论:

IP	类型	评论内容	时间
68.183.91.73	attack	21 attempts against mh-ssh on mist	2020-06-25 12:22:36
68.183.91.56	attackbots	Automatic report - WordPress Brute Force	2020-05-13 08:41:46
68.183.91.25	attack	Failed password for invalid user bertha from 68.183.91.25 port 34258 ssh2 Invalid user arcserve from 68.183.91.25 port 46367 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 Failed password for invalid user arcserve from 68.183.91.25 port 46367 ssh2 Invalid user kadmin from 68.183.91.25 port 58508	2020-02-14 18:07:37
68.183.91.25	attackspambots	Unauthorized connection attempt detected from IP address 68.183.91.25 to port 2220 [J]	2020-01-23 09:40:47
68.183.91.25	attack	Invalid user guest7 from 68.183.91.25 port 60914	2020-01-10 22:43:09
68.183.91.25	attackbotsspam	Jan 7 20:27:39 eddieflores sshd\[4076\]: Invalid user fpzsgroup from 68.183.91.25 Jan 7 20:27:39 eddieflores sshd\[4076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 Jan 7 20:27:41 eddieflores sshd\[4076\]: Failed password for invalid user fpzsgroup from 68.183.91.25 port 38250 ssh2 Jan 7 20:31:03 eddieflores sshd\[4394\]: Invalid user jeff from 68.183.91.25 Jan 7 20:31:03 eddieflores sshd\[4394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25	2020-01-08 15:23:24
68.183.91.30	attackbotsspam	Unauthorized connection attempt detected from IP address 68.183.91.30 to port 443 [J]	2020-01-06 17:42:26
68.183.91.25	attack	IP blocked	2019-12-30 02:25:09
68.183.91.25	attackspambots	Dec 22 19:04:23 MK-Soft-Root2 sshd[1855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 Dec 22 19:04:25 MK-Soft-Root2 sshd[1855]: Failed password for invalid user mayeda from 68.183.91.25 port 36552 ssh2 ...	2019-12-23 03:04:20
68.183.91.25	attackbotsspam	Dec 21 11:10:28 plusreed sshd[11577]: Invalid user ehrsam from 68.183.91.25 ...	2019-12-22 04:58:40
68.183.91.25	attackbots	Dec 10 08:37:15 hosting sshd[3767]: Invalid user krishnaprasadh from 68.183.91.25 port 56062 Dec 10 08:37:15 hosting sshd[3767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 Dec 10 08:37:15 hosting sshd[3767]: Invalid user krishnaprasadh from 68.183.91.25 port 56062 Dec 10 08:37:17 hosting sshd[3767]: Failed password for invalid user krishnaprasadh from 68.183.91.25 port 56062 ssh2 Dec 10 08:49:02 hosting sshd[4606]: Invalid user jemaker from 68.183.91.25 port 36104 ...	2019-12-10 14:05:23
68.183.91.147	attackbotsspam	Automatic report - XMLRPC Attack	2019-12-02 06:05:07
68.183.91.25	attackspambots	Nov 24 19:07:17 SilenceServices sshd[23289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 Nov 24 19:07:19 SilenceServices sshd[23289]: Failed password for invalid user steam from 68.183.91.25 port 41035 ssh2 Nov 24 19:14:37 SilenceServices sshd[25607]: Failed password for bind from 68.183.91.25 port 59105 ssh2	2019-11-25 02:18:27
68.183.91.147	attackbotsspam	68.183.91.147 - - [23/Nov/2019:15:17:11 +0100] "POST /wp-login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 68.183.91.147 - - [23/Nov/2019:15:17:22 +0100] "POST /wp-login.php HTTP/1.1" 200 3102 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-24 06:12:14
68.183.91.25	attackbots	Nov 15 10:27:36 sd-53420 sshd\[20634\]: Invalid user Abc8 from 68.183.91.25 Nov 15 10:27:36 sd-53420 sshd\[20634\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 Nov 15 10:27:38 sd-53420 sshd\[20634\]: Failed password for invalid user Abc8 from 68.183.91.25 port 50083 ssh2 Nov 15 10:31:58 sd-53420 sshd\[21900\]: Invalid user rezaye from 68.183.91.25 Nov 15 10:31:58 sd-53420 sshd\[21900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.91.25 ...	2019-11-15 17:33:28

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 68.183.91.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22351
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;68.183.91.106.			IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020093000 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 100.100.2.138#53(100.100.2.138)
;; WHEN: Wed Sep 30 18:09:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 106.91.183.68.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.91.183.68.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
2.50.160.20	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 05:55:56
212.83.183.57	attack	Mar 18 21:18:09 SilenceServices sshd[4224]: Failed password for root from 212.83.183.57 port 51609 ssh2 Mar 18 21:21:40 SilenceServices sshd[29883]: Failed password for root from 212.83.183.57 port 62993 ssh2	2020-03-19 05:36:05
220.132.132.101	attackspam	Honeypot attack, port: 4567, PTR: 220-132-132-101.HINET-IP.hinet.net.	2020-03-19 05:35:22
189.203.4.30	attack	Honeypot attack, port: 445, PTR: fixed-189-203-4-30.totalplay.net.	2020-03-19 05:45:45
106.12.150.188	attackbotsspam	2020-03-18T20:49:14.737393abusebot-8.cloudsearch.cf sshd[11317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.150.188 user=root 2020-03-18T20:49:16.162067abusebot-8.cloudsearch.cf sshd[11317]: Failed password for root from 106.12.150.188 port 45654 ssh2 2020-03-18T20:51:50.878928abusebot-8.cloudsearch.cf sshd[11505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.150.188 user=root 2020-03-18T20:51:52.720120abusebot-8.cloudsearch.cf sshd[11505]: Failed password for root from 106.12.150.188 port 57020 ssh2 2020-03-18T20:54:16.751449abusebot-8.cloudsearch.cf sshd[11724]: Invalid user musikbot from 106.12.150.188 port 40152 2020-03-18T20:54:16.760853abusebot-8.cloudsearch.cf sshd[11724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.150.188 2020-03-18T20:54:16.751449abusebot-8.cloudsearch.cf sshd[11724]: Invalid user musikbot from 106.12.150.1 ...	2020-03-19 05:40:49
36.255.91.58	attackbotsspam	1584536662 - 03/18/2020 14:04:22 Host: 36.255.91.58/36.255.91.58 Port: 445 TCP Blocked	2020-03-19 05:59:47
51.91.79.232	attackspam	Tried sshing with brute force.	2020-03-19 05:57:14
124.123.34.1	attackspam	20/3/18@13:58:33: FAIL: Alarm-Network address from=124.123.34.1 ...	2020-03-19 05:52:32
79.61.51.195	attackspam	Mar 18 08:00:38 server1 sshd\[4428\]: Failed password for root from 79.61.51.195 port 51436 ssh2 Mar 18 08:04:53 server1 sshd\[5641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.61.51.195 user=root Mar 18 08:04:55 server1 sshd\[5641\]: Failed password for root from 79.61.51.195 port 62614 ssh2 Mar 18 08:09:27 server1 sshd\[7039\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.61.51.195 user=root Mar 18 08:09:29 server1 sshd\[7039\]: Failed password for root from 79.61.51.195 port 49462 ssh2 ...	2020-03-19 05:56:56
81.222.73.86	attackbotsspam	Automatic report - Port Scan Attack	2020-03-19 05:44:21
192.241.202.169	attackbots	2020-03-18T21:48:11.994508shield sshd\[24010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.202.169 user=root 2020-03-18T21:48:13.654635shield sshd\[24010\]: Failed password for root from 192.241.202.169 port 53984 ssh2 2020-03-18T21:52:31.086334shield sshd\[25040\]: Invalid user bruno from 192.241.202.169 port 47008 2020-03-18T21:52:31.093962shield sshd\[25040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.202.169 2020-03-18T21:52:33.446692shield sshd\[25040\]: Failed password for invalid user bruno from 192.241.202.169 port 47008 ssh2	2020-03-19 06:00:01
165.227.212.156	attack	Mar 18 22:22:21 ns381471 sshd[18534]: Failed password for man from 165.227.212.156 port 51586 ssh2	2020-03-19 05:49:13
148.235.57.184	attack	Invalid user yamaguchi from 148.235.57.184 port 52956	2020-03-19 05:36:50
194.67.93.208	attackbotsspam	Mar 18 08:49:13 UTC__SANYALnet-Labs__cac13 sshd[672]: Connection from 194.67.93.208 port 45458 on 45.62.248.66 port 22 Mar 18 08:49:14 UTC__SANYALnet-Labs__cac13 sshd[672]: Invalid user monhostnameoring from 194.67.93.208 Mar 18 08:49:14 UTC__SANYALnet-Labs__cac13 sshd[672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194-67-93-208.cloudvps.regruhosting.ru Mar 18 08:49:17 UTC__SANYALnet-Labs__cac13 sshd[672]: Failed password for invalid user monhostnameoring from 194.67.93.208 port 45458 ssh2 Mar 18 08:49:17 UTC__SANYALnet-Labs__cac13 sshd[672]: Received disconnect from 194.67.93.208: 11: Bye Bye [preauth] Mar 18 08:55:05 UTC__SANYALnet-Labs__cac13 sshd[781]: Connection from 194.67.93.208 port 48870 on 45.62.248.66 port 22 Mar 18 08:55:09 UTC__SANYALnet-Labs__cac13 sshd[781]: User r.r from 194-67-93-208.cloudvps.regruhosting.ru not allowed because not listed in AllowUsers Mar 18 08:55:09 UTC__SANYALnet-Labs__cac13 sshd[781]: ........ -------------------------------	2020-03-19 05:56:29
178.223.177.70	attack	Automatic report - Port Scan Attack	2020-03-19 05:46:08

最近上报的IP列表

174.27.162.219	49.232.163.163	174.139.91.218	2a0c:3b80:5b00:160::109a
243.8.227.128	235.108.115.4	132.94.151.61	46.179.120.140
86.241.108.84	178.17.157.137	99.149.40.46	41.52.167.8
35.195.86.207	165.227.1.187	142.44.138.213	192.168.42.220
186.72.178.199	182.114.207.114	216.158.229.67	202.100.185.138