必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
$f2bV_matches
2020-10-02 05:55:06
attack
(sshd) Failed SSH login from 81.68.100.138 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct  1 10:00:30 optimus sshd[22492]: Invalid user jack from 81.68.100.138
Oct  1 10:00:30 optimus sshd[22492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 
Oct  1 10:00:32 optimus sshd[22492]: Failed password for invalid user jack from 81.68.100.138 port 59402 ssh2
Oct  1 10:06:31 optimus sshd[24719]: Invalid user packer from 81.68.100.138
Oct  1 10:06:31 optimus sshd[24719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138
2020-10-01 22:17:37
attackbotsspam
(sshd) Failed SSH login from 81.68.100.138 (CN/China/-): 5 in the last 3600 secs
2020-09-16 02:33:10
attackspam
2020-09-15T04:50:39.6876011495-001 sshd[46550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138  user=root
2020-09-15T04:50:41.4589691495-001 sshd[46550]: Failed password for root from 81.68.100.138 port 56638 ssh2
2020-09-15T04:53:49.2373511495-001 sshd[46730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138  user=root
2020-09-15T04:53:51.4254211495-001 sshd[46730]: Failed password for root from 81.68.100.138 port 33312 ssh2
2020-09-15T04:56:58.0475941495-001 sshd[46849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138  user=root
2020-09-15T04:56:59.8489941495-001 sshd[46849]: Failed password for root from 81.68.100.138 port 38216 ssh2
...
2020-09-15 18:29:48
attackspam
Failed password for root from 81.68.100.138 port 34832 ssh2
2020-09-13 23:55:54
attackspambots
81.68.100.138 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 13 02:35:01 jbs1 sshd[23744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138  user=root
Sep 13 02:35:03 jbs1 sshd[23744]: Failed password for root from 81.68.100.138 port 58412 ssh2
Sep 13 02:35:40 jbs1 sshd[24007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.158.15  user=root
Sep 13 02:35:50 jbs1 sshd[24070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.4.127.228  user=root
Sep 13 02:35:42 jbs1 sshd[24007]: Failed password for root from 122.51.158.15 port 45070 ssh2
Sep 13 02:32:20 jbs1 sshd[22729]: Failed password for root from 190.0.159.86 port 59641 ssh2

IP Addresses Blocked:
2020-09-13 15:46:34
attackspam
Sep 12 19:27:54 mout sshd[21825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138  user=root
Sep 12 19:27:56 mout sshd[21825]: Failed password for root from 81.68.100.138 port 52514 ssh2
2020-09-13 07:31:32
attackspambots
Sep  1 09:18:41 ny01 sshd[26628]: Failed password for root from 81.68.100.138 port 51112 ssh2
Sep  1 09:22:19 ny01 sshd[27097]: Failed password for root from 81.68.100.138 port 58406 ssh2
Sep  1 09:25:46 ny01 sshd[27897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138
2020-09-02 03:32:54
attackbotsspam
Aug 30 16:00:39 sigma sshd\[12269\]: Failed password for root from 81.68.100.138 port 36626 ssh2Aug 30 16:14:45 sigma sshd\[12713\]: Invalid user pablo from 81.68.100.138
...
2020-08-30 23:38:38
attack
Invalid user ftpuser from 81.68.100.138 port 58250
2020-07-19 14:19:25
attackbotsspam
Invalid user ftpuser from 81.68.100.138 port 58250
2020-07-18 15:17:16
attackspambots
Jul 15 12:59:16 vps687878 sshd\[19489\]: Invalid user admin from 81.68.100.138 port 59902
Jul 15 12:59:16 vps687878 sshd\[19489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138
Jul 15 12:59:18 vps687878 sshd\[19489\]: Failed password for invalid user admin from 81.68.100.138 port 59902 ssh2
Jul 15 13:04:13 vps687878 sshd\[19985\]: Invalid user scan from 81.68.100.138 port 58474
Jul 15 13:04:13 vps687878 sshd\[19985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138
...
2020-07-15 19:53:09
attackspam
Jul 12 13:50:53 v22019038103785759 sshd\[15254\]: Invalid user winona from 81.68.100.138 port 60538
Jul 12 13:50:53 v22019038103785759 sshd\[15254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138
Jul 12 13:50:55 v22019038103785759 sshd\[15254\]: Failed password for invalid user winona from 81.68.100.138 port 60538 ssh2
Jul 12 13:56:11 v22019038103785759 sshd\[15406\]: Invalid user Christ from 81.68.100.138 port 57268
Jul 12 13:56:11 v22019038103785759 sshd\[15406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138
...
2020-07-13 00:38:46
attackspambots
$f2bV_matches
2020-07-09 18:48:57
attackbots
$f2bV_matches
2020-07-05 15:25:38
相同子网IP讨论:
IP 类型 评论内容 时间
81.68.100.51 attack
Jun 30 00:54:48 xxx sshd[6313]: Invalid user diradmin from 81.68.100.51 port 49402
Jun 30 00:54:48 xxx sshd[6313]: Failed password for invalid user diradmin from 81.68.100.51 port 49402 ssh2
Jun 30 00:54:48 xxx sshd[6313]: Received disconnect from 81.68.100.51 port 49402:11: Bye Bye [preauth]
Jun 30 00:54:48 xxx sshd[6313]: Disconnected from 81.68.100.51 port 49402 [preauth]
Jun 30 01:04:26 xxx sshd[11478]: Failed password for r.r from 81.68.100.51 port 52562 ssh2
Jun 30 01:04:26 xxx sshd[11478]: Received disconnect from 81.68.100.51 port 52562:11: Bye Bye [preauth]
Jun 30 01:04:26 xxx sshd[11478]: Disconnected from 81.68.100.51 port 52562 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=81.68.100.51
2020-07-04 02:08:43
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.68.100.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59969
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.68.100.138.			IN	A

;; AUTHORITY SECTION:
.			475	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070500 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 05 15:25:33 CST 2020
;; MSG SIZE  rcvd: 117
HOST信息:
Host 138.100.68.81.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.100.68.81.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
192.81.221.203 attackspam
" "
2020-06-22 13:41:08
140.249.191.91 attackbots
Jun 21 23:11:51 server1 sshd\[5296\]: Invalid user superadmin from 140.249.191.91
Jun 21 23:11:51 server1 sshd\[5296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 
Jun 21 23:11:53 server1 sshd\[5296\]: Failed password for invalid user superadmin from 140.249.191.91 port 33098 ssh2
Jun 21 23:15:28 server1 sshd\[7876\]: Invalid user test from 140.249.191.91
Jun 21 23:15:28 server1 sshd\[7876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.191.91 
...
2020-06-22 14:02:52
134.175.129.204 attackbotsspam
$f2bV_matches
2020-06-22 13:37:17
14.63.167.192 attackbots
2020-06-22T07:52:15.183451galaxy.wi.uni-potsdam.de sshd[12835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.167.192
2020-06-22T07:52:15.181568galaxy.wi.uni-potsdam.de sshd[12835]: Invalid user admin from 14.63.167.192 port 42100
2020-06-22T07:52:17.188753galaxy.wi.uni-potsdam.de sshd[12835]: Failed password for invalid user admin from 14.63.167.192 port 42100 ssh2
2020-06-22T07:53:34.616911galaxy.wi.uni-potsdam.de sshd[12953]: Invalid user zihang from 14.63.167.192 port 33916
2020-06-22T07:53:34.618819galaxy.wi.uni-potsdam.de sshd[12953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.167.192
2020-06-22T07:53:34.616911galaxy.wi.uni-potsdam.de sshd[12953]: Invalid user zihang from 14.63.167.192 port 33916
2020-06-22T07:53:36.804518galaxy.wi.uni-potsdam.de sshd[12953]: Failed password for invalid user zihang from 14.63.167.192 port 33916 ssh2
2020-06-22T07:54:58.234224galaxy.wi.uni-potsdam.de
...
2020-06-22 14:02:05
178.210.39.78 attackspambots
2020-06-22T03:50:46.571748abusebot-7.cloudsearch.cf sshd[21348]: Invalid user ldz from 178.210.39.78 port 49554
2020-06-22T03:50:46.575727abusebot-7.cloudsearch.cf sshd[21348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.210.39.78
2020-06-22T03:50:46.571748abusebot-7.cloudsearch.cf sshd[21348]: Invalid user ldz from 178.210.39.78 port 49554
2020-06-22T03:50:48.596785abusebot-7.cloudsearch.cf sshd[21348]: Failed password for invalid user ldz from 178.210.39.78 port 49554 ssh2
2020-06-22T03:53:52.979392abusebot-7.cloudsearch.cf sshd[21578]: Invalid user fnc from 178.210.39.78 port 48776
2020-06-22T03:53:52.986512abusebot-7.cloudsearch.cf sshd[21578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.210.39.78
2020-06-22T03:53:52.979392abusebot-7.cloudsearch.cf sshd[21578]: Invalid user fnc from 178.210.39.78 port 48776
2020-06-22T03:53:54.872548abusebot-7.cloudsearch.cf sshd[21578]: Failed password 
...
2020-06-22 13:56:56
138.197.189.136 attackbotsspam
Jun 22 07:11:26 vps sshd[441869]: Invalid user upload from 138.197.189.136 port 50534
Jun 22 07:11:26 vps sshd[441869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136
Jun 22 07:11:27 vps sshd[441869]: Failed password for invalid user upload from 138.197.189.136 port 50534 ssh2
Jun 22 07:14:33 vps sshd[455032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136  user=root
Jun 22 07:14:34 vps sshd[455032]: Failed password for root from 138.197.189.136 port 49980 ssh2
...
2020-06-22 13:25:58
128.199.162.2 attackspambots
B: f2b ssh aggressive 3x
2020-06-22 13:22:20
180.215.226.143 attackbotsspam
SSH Brute-Force attacks
2020-06-22 13:25:37
37.139.16.229 attack
25324/tcp
[2020-06-22]1pkt
2020-06-22 13:44:45
35.188.65.74 attackspambots
Jun 22 11:25:34 dhoomketu sshd[950974]: Invalid user sherlock from 35.188.65.74 port 47590
Jun 22 11:25:34 dhoomketu sshd[950974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.188.65.74 
Jun 22 11:25:34 dhoomketu sshd[950974]: Invalid user sherlock from 35.188.65.74 port 47590
Jun 22 11:25:36 dhoomketu sshd[950974]: Failed password for invalid user sherlock from 35.188.65.74 port 47590 ssh2
Jun 22 11:28:50 dhoomketu sshd[951113]: Invalid user qyb from 35.188.65.74 port 49382
...
2020-06-22 14:01:37
75.132.243.76 attack
Port Scan detected!
...
2020-06-22 13:31:10
218.92.0.165 attack
Jun 22 07:59:22 home sshd[19073]: Failed password for root from 218.92.0.165 port 55497 ssh2
Jun 22 07:59:36 home sshd[19073]: Failed password for root from 218.92.0.165 port 55497 ssh2
Jun 22 07:59:36 home sshd[19073]: error: maximum authentication attempts exceeded for root from 218.92.0.165 port 55497 ssh2 [preauth]
...
2020-06-22 14:04:02
167.114.12.244 attack
Jun 22 06:34:02 rocket sshd[21819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.12.244
Jun 22 06:34:04 rocket sshd[21819]: Failed password for invalid user log from 167.114.12.244 port 57294 ssh2
Jun 22 06:36:55 rocket sshd[22116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.12.244
...
2020-06-22 13:47:29
79.142.187.227 attack
Automatic report - XMLRPC Attack
2020-06-22 13:43:32
61.177.172.177 attackspambots
2020-06-22T07:16:31.958136vps751288.ovh.net sshd\[15326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.177  user=root
2020-06-22T07:16:33.627790vps751288.ovh.net sshd\[15326\]: Failed password for root from 61.177.172.177 port 25690 ssh2
2020-06-22T07:16:36.628108vps751288.ovh.net sshd\[15326\]: Failed password for root from 61.177.172.177 port 25690 ssh2
2020-06-22T07:16:39.789223vps751288.ovh.net sshd\[15326\]: Failed password for root from 61.177.172.177 port 25690 ssh2
2020-06-22T07:16:43.987400vps751288.ovh.net sshd\[15326\]: Failed password for root from 61.177.172.177 port 25690 ssh2
2020-06-22 13:29:03

最近上报的IP列表

182.101.76.146 37.57.3.244 225.44.31.80 201.46.18.163
212.98.222.241 46.105.127.156 134.0.10.177 114.242.185.173
192.241.196.93 50.29.178.98 87.251.74.186 218.240.48.243
139.251.206.163 87.129.9.72 174.141.174.101 149.173.252.130
0.43.104.17 243.64.138.84 136.88.235.46 63.45.21.86