68.4.194.221 - IPInfo

基本信息:

城市(city): Mission Viejo

省份(region): California

国家(country): United States

运营商(isp): Cox Communications

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	May 2 00:20:10 debian64 sshd[8100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.4.194.221 May 2 00:20:12 debian64 sshd[8100]: Failed password for invalid user odroid from 68.4.194.221 port 39282 ssh2 ...	2020-05-02 07:14:55

类型

评论内容

时间

attackbots

May  2 00:20:10 debian64 sshd[8100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.4.194.221 
May  2 00:20:12 debian64 sshd[8100]: Failed password for invalid user odroid from 68.4.194.221 port 39282 ssh2
...

2020-05-02 07:14:55

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 68.4.194.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15478
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;68.4.194.221.			IN	A

;; AUTHORITY SECTION:
.			386	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050103 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 02 07:14:52 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

221.194.4.68.in-addr.arpa domain name pointer ip68-4-194-221.oc.oc.cox.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
221.194.4.68.in-addr.arpa	name = ip68-4-194-221.oc.oc.cox.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
132.232.31.157	attackbotsspam	ssh intrusion attempt	2020-05-28 02:44:53
203.155.13.152	attackspam	May 27 20:32:21 srv-ubuntu-dev3 sshd[84536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.155.13.152 user=root May 27 20:32:22 srv-ubuntu-dev3 sshd[84536]: Failed password for root from 203.155.13.152 port 46634 ssh2 May 27 20:34:47 srv-ubuntu-dev3 sshd[84891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.155.13.152 user=root May 27 20:34:49 srv-ubuntu-dev3 sshd[84891]: Failed password for root from 203.155.13.152 port 50484 ssh2 May 27 20:37:23 srv-ubuntu-dev3 sshd[85388]: Invalid user eriksmoen from 203.155.13.152 May 27 20:37:23 srv-ubuntu-dev3 sshd[85388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.155.13.152 May 27 20:37:23 srv-ubuntu-dev3 sshd[85388]: Invalid user eriksmoen from 203.155.13.152 May 27 20:37:25 srv-ubuntu-dev3 sshd[85388]: Failed password for invalid user eriksmoen from 203.155.13.152 port 54346 ssh2 May 27 20:39:54 srv-ub ...	2020-05-28 02:43:07
180.76.148.87	attackspambots	May 27 20:17:21 h2646465 sshd[16534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root May 27 20:17:23 h2646465 sshd[16534]: Failed password for root from 180.76.148.87 port 50038 ssh2 May 27 20:23:09 h2646465 sshd[16919]: Invalid user berkly from 180.76.148.87 May 27 20:23:09 h2646465 sshd[16919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 May 27 20:23:09 h2646465 sshd[16919]: Invalid user berkly from 180.76.148.87 May 27 20:23:11 h2646465 sshd[16919]: Failed password for invalid user berkly from 180.76.148.87 port 47382 ssh2 May 27 20:25:17 h2646465 sshd[17113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root May 27 20:25:19 h2646465 sshd[17113]: Failed password for root from 180.76.148.87 port 60584 ssh2 May 27 20:27:17 h2646465 sshd[17205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=	2020-05-28 02:50:48
187.72.167.124	attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-28 02:50:23
182.61.105.104	attack	May 27 20:18:34 server sshd[28514]: Failed password for root from 182.61.105.104 port 45782 ssh2 May 27 20:22:40 server sshd[28837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.105.104 May 27 20:22:42 server sshd[28837]: Failed password for invalid user nfs from 182.61.105.104 port 50210 ssh2 ...	2020-05-28 02:23:49
114.39.163.93	attack	Port Scan detected! ...	2020-05-28 02:18:58
141.98.81.88	attack	RDP brute force attack detected by fail2ban	2020-05-28 02:45:25
175.207.29.235	attack	May 27 21:17:53 hosting sshd[15574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.29.235 user=root May 27 21:17:55 hosting sshd[15574]: Failed password for root from 175.207.29.235 port 55100 ssh2 May 27 21:19:57 hosting sshd[15707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.29.235 user=root May 27 21:19:58 hosting sshd[15707]: Failed password for root from 175.207.29.235 port 58266 ssh2 May 27 21:22:00 hosting sshd[16026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.29.235 user=root May 27 21:22:02 hosting sshd[16026]: Failed password for root from 175.207.29.235 port 60134 ssh2 ...	2020-05-28 02:57:18
14.29.219.2	attackspam	May 27 14:21:29 Tower sshd[34408]: Connection from 14.29.219.2 port 32861 on 192.168.10.220 port 22 rdomain "" May 27 14:21:33 Tower sshd[34408]: Failed password for root from 14.29.219.2 port 32861 ssh2 May 27 14:21:34 Tower sshd[34408]: Received disconnect from 14.29.219.2 port 32861:11: Bye Bye [preauth] May 27 14:21:34 Tower sshd[34408]: Disconnected from authenticating user root 14.29.219.2 port 32861 [preauth]	2020-05-28 02:55:21
179.43.167.227	attack	Tor exit node	2020-05-28 02:37:15
149.62.199.225	attackbots	May 27 20:22:06 debian-2gb-nbg1-2 kernel: \[12862519.521117\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=149.62.199.225 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=238 ID=59079 DF PROTO=TCP SPT=7911 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0	2020-05-28 02:42:38
178.128.108.100	attackspam	May 27 20:13:35 h2779839 sshd[21394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.108.100 user=root May 27 20:13:36 h2779839 sshd[21394]: Failed password for root from 178.128.108.100 port 45144 ssh2 May 27 20:16:36 h2779839 sshd[21440]: Invalid user host from 178.128.108.100 port 36686 May 27 20:16:36 h2779839 sshd[21440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.108.100 May 27 20:16:36 h2779839 sshd[21440]: Invalid user host from 178.128.108.100 port 36686 May 27 20:16:38 h2779839 sshd[21440]: Failed password for invalid user host from 178.128.108.100 port 36686 ssh2 May 27 20:19:33 h2779839 sshd[21481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.108.100 user=root May 27 20:19:34 h2779839 sshd[21481]: Failed password for root from 178.128.108.100 port 56466 ssh2 May 27 20:22:32 h2779839 sshd[21544]: Invalid user revenueaccou ...	2020-05-28 02:30:38
190.196.147.180	attack	Unauthorised access (May 27) SRC=190.196.147.180 LEN=52 TTL=116 ID=3553 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-28 02:29:17
139.226.172.87	attack	Lines containing failures of 139.226.172.87 May 27 18:29:52 keyhelp sshd[27527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.226.172.87 user=r.r May 27 18:29:53 keyhelp sshd[27527]: Failed password for r.r from 139.226.172.87 port 36496 ssh2 May 27 18:29:54 keyhelp sshd[27527]: Received disconnect from 139.226.172.87 port 36496:11: Bye Bye [preauth] May 27 18:29:54 keyhelp sshd[27527]: Disconnected from authenticating user r.r 139.226.172.87 port 36496 [preauth] May 27 18:49:32 keyhelp sshd[31141]: Invalid user turbeville from 139.226.172.87 port 55368 May 27 18:49:32 keyhelp sshd[31141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.226.172.87 May 27 18:49:34 keyhelp sshd[31141]: Failed password for invalid user turbeville from 139.226.172.87 port 55368 ssh2 May 27 18:49:34 keyhelp sshd[31141]: Received disconnect from 139.226.172.87 port 55368:11: Bye Bye [preauth] May 27 18:........ ------------------------------	2020-05-28 02:40:35
144.217.12.194	attack	May 27 20:15:23 vps647732 sshd[1791]: Failed password for root from 144.217.12.194 port 36048 ssh2 ...	2020-05-28 02:34:29

最近上报的IP列表

152.79.238.32	161.139.121.49	95.188.35.136	123.182.18.104
208.219.110.22	154.127.174.211	191.161.26.236	166.195.47.19
130.81.200.157	87.79.232.166	105.174.107.131	178.172.32.119
44.234.113.111	213.205.197.158	65.47.192.8	142.87.115.248
72.156.53.28	77.60.227.1	3.125.123.216	68.205.165.72