68.8.80.12 - IPInfo

基本信息:

城市(city): San Diego

省份(region): California

国家(country): United States

运营商(isp): Cox Communications

主机名(hostname): unknown

机构(organization): Cox Communications Inc.

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jun 27 08:40:29 ovpn sshd\[23376\]: Invalid user moodle from 68.8.80.12 Jun 27 08:40:29 ovpn sshd\[23376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.8.80.12 Jun 27 08:40:31 ovpn sshd\[23376\]: Failed password for invalid user moodle from 68.8.80.12 port 44326 ssh2 Jun 27 08:47:23 ovpn sshd\[23405\]: Invalid user steam from 68.8.80.12 Jun 27 08:47:23 ovpn sshd\[23405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.8.80.12	2019-06-27 20:28:51

类型

评论内容

时间

attackbotsspam

Jun 27 08:40:29 ovpn sshd\[23376\]: Invalid user moodle from 68.8.80.12
Jun 27 08:40:29 ovpn sshd\[23376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.8.80.12
Jun 27 08:40:31 ovpn sshd\[23376\]: Failed password for invalid user moodle from 68.8.80.12 port 44326 ssh2
Jun 27 08:47:23 ovpn sshd\[23405\]: Invalid user steam from 68.8.80.12
Jun 27 08:47:23 ovpn sshd\[23405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.8.80.12

2019-06-27 20:28:51

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 68.8.80.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8287
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;68.8.80.12.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061702 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 18 18:06:28 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

12.80.8.68.in-addr.arpa domain name pointer ip68-8-80-12.sd.sd.cox.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
12.80.8.68.in-addr.arpa	name = ip68-8-80-12.sd.sd.cox.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
59.10.5.156	attackspam	Sep 3 07:34:15 Tower sshd[18062]: Connection from 59.10.5.156 port 39446 on 192.168.10.220 port 22 Sep 3 07:34:17 Tower sshd[18062]: Invalid user stewart from 59.10.5.156 port 39446 Sep 3 07:34:17 Tower sshd[18062]: error: Could not get shadow information for NOUSER Sep 3 07:34:17 Tower sshd[18062]: Failed password for invalid user stewart from 59.10.5.156 port 39446 ssh2 Sep 3 07:34:17 Tower sshd[18062]: Received disconnect from 59.10.5.156 port 39446:11: Bye Bye [preauth] Sep 3 07:34:17 Tower sshd[18062]: Disconnected from invalid user stewart 59.10.5.156 port 39446 [preauth]	2019-09-03 20:06:35
14.100.35.18	attackbots	Triggered by Fail2Ban at Vostok web server	2019-09-03 20:21:06
201.46.28.100	attackbotsspam	Unauthorized connection attempt from IP address 201.46.28.100 on Port 25(SMTP)	2019-09-03 19:56:27
77.157.10.72	attackspambots	Caught in portsentry honeypot	2019-09-03 19:52:13
201.20.73.195	attackbotsspam	Sep 3 01:35:45 php1 sshd\[11457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.20.73.195 user=root Sep 3 01:35:47 php1 sshd\[11457\]: Failed password for root from 201.20.73.195 port 40970 ssh2 Sep 3 01:40:36 php1 sshd\[12177\]: Invalid user synadmin from 201.20.73.195 Sep 3 01:40:36 php1 sshd\[12177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.20.73.195 Sep 3 01:40:38 php1 sshd\[12177\]: Failed password for invalid user synadmin from 201.20.73.195 port 56854 ssh2	2019-09-03 20:08:12
189.91.3.121	attackbotsspam	IP: 189.91.3.121 ASN: AS28202 Rede Brasileira de Comunicacao Ltda Port: Message Submission 587 Found in one or more Blacklists Date: 3/09/2019 8:07:28 AM UTC	2019-09-03 19:59:59
165.227.143.37	attackspambots	Sep 3 13:46:06 h2177944 sshd\[29522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.143.37 user=root Sep 3 13:46:09 h2177944 sshd\[29522\]: Failed password for root from 165.227.143.37 port 51554 ssh2 Sep 3 13:49:45 h2177944 sshd\[29714\]: Invalid user jboss from 165.227.143.37 port 37826 Sep 3 13:49:45 h2177944 sshd\[29714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.143.37 ...	2019-09-03 20:33:53
222.246.51.119	attackbotsspam	IP: 222.246.51.119 ASN: AS4134 No.31 Jin-rong Street Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 3/09/2019 8:07:34 AM UTC	2019-09-03 19:53:41
221.226.68.147	attackbots	Sep 3 12:06:54 heissa sshd\[22781\]: Invalid user steam from 221.226.68.147 port 44085 Sep 3 12:06:54 heissa sshd\[22781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.68.147 Sep 3 12:06:56 heissa sshd\[22781\]: Failed password for invalid user steam from 221.226.68.147 port 44085 ssh2 Sep 3 12:12:43 heissa sshd\[23468\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.226.68.147 user=root Sep 3 12:12:45 heissa sshd\[23468\]: Failed password for root from 221.226.68.147 port 33307 ssh2	2019-09-03 20:26:07
120.29.155.165	attackspambots	Sep 3 08:07:09 system,error,critical: login failure for user admin from 120.29.155.165 via telnet Sep 3 08:07:10 system,error,critical: login failure for user root from 120.29.155.165 via telnet Sep 3 08:07:11 system,error,critical: login failure for user root from 120.29.155.165 via telnet Sep 3 08:07:13 system,error,critical: login failure for user root from 120.29.155.165 via telnet Sep 3 08:07:14 system,error,critical: login failure for user admin from 120.29.155.165 via telnet Sep 3 08:07:15 system,error,critical: login failure for user root from 120.29.155.165 via telnet Sep 3 08:07:17 system,error,critical: login failure for user root from 120.29.155.165 via telnet Sep 3 08:07:18 system,error,critical: login failure for user root from 120.29.155.165 via telnet Sep 3 08:07:19 system,error,critical: login failure for user root from 120.29.155.165 via telnet Sep 3 08:07:20 system,error,critical: login failure for user root from 120.29.155.165 via telnet	2019-09-03 20:10:03
23.228.67.90	attack	IP: 23.228.67.90 ASN: AS46573 Global Frag Networks Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 3/09/2019 8:07:35 AM UTC	2019-09-03 19:53:15
106.12.27.11	attack	$f2bV_matches	2019-09-03 19:58:32
189.198.239.61	attackbotsspam	proto=tcp . spt=55901 . dpt=25 . (listed on Github Combined on 3 lists ) (1477)	2019-09-03 20:01:04
148.153.12.202	attackbotsspam	Honeypot attack, port: 445, PTR: mail202.hoogege.net.	2019-09-03 20:34:29
168.90.208.146	attackbotsspam	Automatic report - Port Scan Attack	2019-09-03 20:11:38

最近上报的IP列表

64.228.243.193	106.120.173.106	105.186.134.183	77.247.221.192
68.33.16.19	87.95.132.42	99.156.201.221	153.223.68.46
77.35.118.151	197.232.121.235	115.111.220.165	173.108.75.98
95.242.211.253	111.6.134.35	99.11.115.76	31.127.250.252
213.47.24.64	163.42.209.85	181.189.221.245	138.197.172.73