81.161.67.128 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Czechia

运营商(isp): GEMNET s.r.o.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 25 22:32:21 mail.srvfarm.net postfix/smtpd[2071444]: warning: unknown[81.161.67.128]: SASL PLAIN authentication failed: Jun 25 22:32:21 mail.srvfarm.net postfix/smtpd[2071444]: lost connection after AUTH from unknown[81.161.67.128] Jun 25 22:35:45 mail.srvfarm.net postfix/smtpd[2072454]: warning: unknown[81.161.67.128]: SASL PLAIN authentication failed: Jun 25 22:35:45 mail.srvfarm.net postfix/smtpd[2072454]: lost connection after AUTH from unknown[81.161.67.128] Jun 25 22:39:19 mail.srvfarm.net postfix/smtpd[2073225]: warning: unknown[81.161.67.128]: SASL PLAIN authentication failed:	2020-06-26 05:19:53

类型

评论内容

时间

attack

Jun 25 22:32:21 mail.srvfarm.net postfix/smtpd[2071444]: warning: unknown[81.161.67.128]: SASL PLAIN authentication failed: 
Jun 25 22:32:21 mail.srvfarm.net postfix/smtpd[2071444]: lost connection after AUTH from unknown[81.161.67.128]
Jun 25 22:35:45 mail.srvfarm.net postfix/smtpd[2072454]: warning: unknown[81.161.67.128]: SASL PLAIN authentication failed: 
Jun 25 22:35:45 mail.srvfarm.net postfix/smtpd[2072454]: lost connection after AUTH from unknown[81.161.67.128]
Jun 25 22:39:19 mail.srvfarm.net postfix/smtpd[2073225]: warning: unknown[81.161.67.128]: SASL PLAIN authentication failed:

2020-06-26 05:19:53

相同子网IP讨论:

IP	类型	评论内容	时间
81.161.67.88	attack	Attempted Brute Force (dovecot)	2020-09-18 01:40:35
81.161.67.90	attackbotsspam	Sep 16 18:39:40 mail.srvfarm.net postfix/smtps/smtpd[3603056]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed: Sep 16 18:39:40 mail.srvfarm.net postfix/smtps/smtpd[3603056]: lost connection after AUTH from unknown[81.161.67.90] Sep 16 18:43:50 mail.srvfarm.net postfix/smtpd[3603171]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed: Sep 16 18:43:50 mail.srvfarm.net postfix/smtpd[3603171]: lost connection after AUTH from unknown[81.161.67.90] Sep 16 18:44:18 mail.srvfarm.net postfix/smtpd[3601766]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed:	2020-09-18 01:40:05
81.161.67.88	attackspam	Attempted Brute Force (dovecot)	2020-09-17 17:42:15
81.161.67.90	attack	Sep 16 18:39:40 mail.srvfarm.net postfix/smtps/smtpd[3603056]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed: Sep 16 18:39:40 mail.srvfarm.net postfix/smtps/smtpd[3603056]: lost connection after AUTH from unknown[81.161.67.90] Sep 16 18:43:50 mail.srvfarm.net postfix/smtpd[3603171]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed: Sep 16 18:43:50 mail.srvfarm.net postfix/smtpd[3603171]: lost connection after AUTH from unknown[81.161.67.90] Sep 16 18:44:18 mail.srvfarm.net postfix/smtpd[3601766]: warning: unknown[81.161.67.90]: SASL PLAIN authentication failed:	2020-09-17 17:41:44
81.161.67.194	attackspambots	SASL PLAIN auth failed: ruser=...	2020-09-15 23:24:20
81.161.67.194	attackspambots	SASL PLAIN auth failed: ruser=...	2020-09-15 15:17:24
81.161.67.194	attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-09-15 07:23:56
81.161.67.161	attackspam	(smtpauth) Failed SMTP AUTH login from 81.161.67.161 (CZ/Czechia/static67-161.gemnet.cz): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-31 08:22:51 plain authenticator failed for ([81.161.67.161]) [81.161.67.161]: 535 Incorrect authentication data (set_id=peter@fmc-co.com)	2020-08-31 16:28:08
81.161.67.134	attackbotsspam	Aug 27 04:26:04 mail.srvfarm.net postfix/smtpd[1314738]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed: Aug 27 04:26:04 mail.srvfarm.net postfix/smtpd[1314738]: lost connection after AUTH from unknown[81.161.67.134] Aug 27 04:34:11 mail.srvfarm.net postfix/smtps/smtpd[1314660]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed: Aug 27 04:34:11 mail.srvfarm.net postfix/smtps/smtpd[1314660]: lost connection after AUTH from unknown[81.161.67.134] Aug 27 04:35:33 mail.srvfarm.net postfix/smtps/smtpd[1333102]: warning: unknown[81.161.67.134]: SASL PLAIN authentication failed:	2020-08-28 09:35:39
81.161.67.187	attackbotsspam	Aug 27 04:40:07 mail.srvfarm.net postfix/smtps/smtpd[1331222]: warning: unknown[81.161.67.187]: SASL PLAIN authentication failed: Aug 27 04:40:07 mail.srvfarm.net postfix/smtps/smtpd[1331222]: lost connection after AUTH from unknown[81.161.67.187] Aug 27 04:46:13 mail.srvfarm.net postfix/smtps/smtpd[1335343]: warning: unknown[81.161.67.187]: SASL PLAIN authentication failed: Aug 27 04:46:13 mail.srvfarm.net postfix/smtps/smtpd[1335343]: lost connection after AUTH from unknown[81.161.67.187] Aug 27 04:48:12 mail.srvfarm.net postfix/smtps/smtpd[1337554]: warning: unknown[81.161.67.187]: SASL PLAIN authentication failed:	2020-08-28 09:20:23
81.161.67.234	attackspam	Aug 27 15:45:15 mail.srvfarm.net postfix/smtpd[1615176]: warning: unknown[81.161.67.234]: SASL PLAIN authentication failed: Aug 27 15:45:15 mail.srvfarm.net postfix/smtpd[1615176]: lost connection after AUTH from unknown[81.161.67.234] Aug 27 15:46:31 mail.srvfarm.net postfix/smtps/smtpd[1612977]: warning: unknown[81.161.67.234]: SASL PLAIN authentication failed: Aug 27 15:46:31 mail.srvfarm.net postfix/smtps/smtpd[1612977]: lost connection after AUTH from unknown[81.161.67.234] Aug 27 15:48:27 mail.srvfarm.net postfix/smtpd[1615959]: warning: unknown[81.161.67.234]: SASL PLAIN authentication failed:	2020-08-28 09:19:56
81.161.67.106	attackbotsspam	Unauthorized connection attempt IP: 81.161.67.106 Ports affected Message Submission (587) Abuse Confidence rating 54% ASN Details AS59479 GEMNET s.r.o. Czechia (CZ) CIDR 81.161.64.0/20 Log Date: 18/08/2020 11:52:01 AM UTC	2020-08-19 03:01:52
81.161.67.106	attack	Aug 17 05:16:18 mail.srvfarm.net postfix/smtps/smtpd[2599218]: warning: unknown[81.161.67.106]: SASL PLAIN authentication failed: Aug 17 05:16:18 mail.srvfarm.net postfix/smtps/smtpd[2599218]: lost connection after AUTH from unknown[81.161.67.106] Aug 17 05:20:12 mail.srvfarm.net postfix/smtpd[2597245]: warning: unknown[81.161.67.106]: SASL PLAIN authentication failed: Aug 17 05:20:12 mail.srvfarm.net postfix/smtpd[2597245]: lost connection after AUTH from unknown[81.161.67.106] Aug 17 05:20:56 mail.srvfarm.net postfix/smtpd[2597247]: warning: unknown[81.161.67.106]: SASL PLAIN authentication failed:	2020-08-17 12:23:19
81.161.67.205	attackbotsspam	Brute force attempt	2020-08-17 06:12:04
81.161.67.131	attack	Aug 16 05:48:16 mail.srvfarm.net postfix/smtpd[1910319]: warning: unknown[81.161.67.131]: SASL PLAIN authentication failed: Aug 16 05:48:16 mail.srvfarm.net postfix/smtpd[1910319]: lost connection after AUTH from unknown[81.161.67.131] Aug 16 05:50:01 mail.srvfarm.net postfix/smtpd[1907574]: warning: unknown[81.161.67.131]: SASL PLAIN authentication failed: Aug 16 05:50:01 mail.srvfarm.net postfix/smtpd[1907574]: lost connection after AUTH from unknown[81.161.67.131] Aug 16 05:50:11 mail.srvfarm.net postfix/smtpd[1907801]: warning: unknown[81.161.67.131]: SASL PLAIN authentication failed:	2020-08-16 12:29:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.161.67.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63436
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.161.67.128.			IN	A

;; AUTHORITY SECTION:
.			188	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062502 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 26 05:19:49 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

128.67.161.81.in-addr.arpa domain name pointer static67-128.gemnet.cz.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
128.67.161.81.in-addr.arpa	name = static67-128.gemnet.cz.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.229.199.254	attackspambots	Mar 15 19:02:09 php1 sshd\[5754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.229.199.254 user=root Mar 15 19:02:11 php1 sshd\[5754\]: Failed password for root from 103.229.199.254 port 41208 ssh2 Mar 15 19:10:46 php1 sshd\[6564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.229.199.254 user=root Mar 15 19:10:48 php1 sshd\[6564\]: Failed password for root from 103.229.199.254 port 48354 ssh2 Mar 15 19:12:03 php1 sshd\[6692\]: Invalid user rstudio from 103.229.199.254 Mar 15 19:12:03 php1 sshd\[6692\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.229.199.254	2020-03-16 18:49:02
180.109.23.232	attack	TCP Port Scanning	2020-03-16 18:36:04
165.154.34.65	attackbots	Unauthorized connection attempt detected from IP address 165.154.34.65 to port 23	2020-03-16 18:59:33
27.2.71.148	attackbotsspam	Unauthorized connection attempt detected from IP address 27.2.71.148 to port 5555 [T]	2020-03-16 19:09:50
113.193.237.87	attackspambots	Automatic report - Port Scan Attack	2020-03-16 18:44:29
219.78.11.175	attackspambots	Honeypot attack, port: 5555, PTR: n219078011175.netvigator.com.	2020-03-16 19:11:23
185.132.53.222	attackspam	frenzy	2020-03-16 18:50:44
201.90.101.165	attackspambots	Mar 16 10:53:45 work-partkepr sshd\[26733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.90.101.165 user=root Mar 16 10:53:46 work-partkepr sshd\[26733\]: Failed password for root from 201.90.101.165 port 55074 ssh2 ...	2020-03-16 19:01:44
195.224.138.61	attackspambots	$f2bV_matches	2020-03-16 19:05:10
157.230.31.237	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-16 18:54:13
89.248.160.150	attack	89.248.160.150 was recorded 17 times by 11 hosts attempting to connect to the following ports: 4444,4800,4098. Incident counter (4h, 24h, all-time): 17, 100, 7877	2020-03-16 18:40:10
81.133.110.67	attackspambots	Telnetd brute force attack detected by fail2ban	2020-03-16 18:29:13
62.234.190.206	attackbots	Mar 16 07:36:28 Ubuntu-1404-trusty-64-minimal sshd\[26269\]: Invalid user gek from 62.234.190.206 Mar 16 07:36:28 Ubuntu-1404-trusty-64-minimal sshd\[26269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.190.206 Mar 16 07:36:30 Ubuntu-1404-trusty-64-minimal sshd\[26269\]: Failed password for invalid user gek from 62.234.190.206 port 36932 ssh2 Mar 16 07:58:07 Ubuntu-1404-trusty-64-minimal sshd\[5735\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.190.206 user=root Mar 16 07:58:10 Ubuntu-1404-trusty-64-minimal sshd\[5735\]: Failed password for root from 62.234.190.206 port 40578 ssh2	2020-03-16 18:57:56
159.65.239.48	attack	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-03-16 18:51:23
46.28.77.192	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-16 18:58:26

最近上报的IP列表

187.63.37.107	131.155.184.81	186.216.67.57	186.216.64.245
177.190.88.11	58.202.141.136	177.154.236.62	177.154.235.221
170.246.205.241	170.81.19.60	168.205.108.169	167.250.96.162
131.161.185.49	109.196.243.85	103.237.57.165	103.198.80.44
94.74.134.239	82.202.68.37	77.45.84.244	51.116.186.154