81.68.100.51 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 30 00:54:48 xxx sshd[6313]: Invalid user diradmin from 81.68.100.51 port 49402 Jun 30 00:54:48 xxx sshd[6313]: Failed password for invalid user diradmin from 81.68.100.51 port 49402 ssh2 Jun 30 00:54:48 xxx sshd[6313]: Received disconnect from 81.68.100.51 port 49402:11: Bye Bye [preauth] Jun 30 00:54:48 xxx sshd[6313]: Disconnected from 81.68.100.51 port 49402 [preauth] Jun 30 01:04:26 xxx sshd[11478]: Failed password for r.r from 81.68.100.51 port 52562 ssh2 Jun 30 01:04:26 xxx sshd[11478]: Received disconnect from 81.68.100.51 port 52562:11: Bye Bye [preauth] Jun 30 01:04:26 xxx sshd[11478]: Disconnected from 81.68.100.51 port 52562 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=81.68.100.51	2020-07-04 02:08:43

类型

评论内容

时间

attack

Jun 30 00:54:48 xxx sshd[6313]: Invalid user diradmin from 81.68.100.51 port 49402
Jun 30 00:54:48 xxx sshd[6313]: Failed password for invalid user diradmin from 81.68.100.51 port 49402 ssh2
Jun 30 00:54:48 xxx sshd[6313]: Received disconnect from 81.68.100.51 port 49402:11: Bye Bye [preauth]
Jun 30 00:54:48 xxx sshd[6313]: Disconnected from 81.68.100.51 port 49402 [preauth]
Jun 30 01:04:26 xxx sshd[11478]: Failed password for r.r from 81.68.100.51 port 52562 ssh2
Jun 30 01:04:26 xxx sshd[11478]: Received disconnect from 81.68.100.51 port 52562:11: Bye Bye [preauth]
Jun 30 01:04:26 xxx sshd[11478]: Disconnected from 81.68.100.51 port 52562 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=81.68.100.51

2020-07-04 02:08:43

相同子网IP讨论:

IP	类型	评论内容	时间
81.68.100.138	attack	$f2bV_matches	2020-10-02 05:55:06
81.68.100.138	attack	(sshd) Failed SSH login from 81.68.100.138 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 10:00:30 optimus sshd[22492]: Invalid user jack from 81.68.100.138 Oct 1 10:00:30 optimus sshd[22492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 Oct 1 10:00:32 optimus sshd[22492]: Failed password for invalid user jack from 81.68.100.138 port 59402 ssh2 Oct 1 10:06:31 optimus sshd[24719]: Invalid user packer from 81.68.100.138 Oct 1 10:06:31 optimus sshd[24719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138	2020-10-01 22:17:37
81.68.100.138	attackbotsspam	(sshd) Failed SSH login from 81.68.100.138 (CN/China/-): 5 in the last 3600 secs	2020-09-16 02:33:10
81.68.100.138	attackspam	2020-09-15T04:50:39.6876011495-001 sshd[46550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 user=root 2020-09-15T04:50:41.4589691495-001 sshd[46550]: Failed password for root from 81.68.100.138 port 56638 ssh2 2020-09-15T04:53:49.2373511495-001 sshd[46730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 user=root 2020-09-15T04:53:51.4254211495-001 sshd[46730]: Failed password for root from 81.68.100.138 port 33312 ssh2 2020-09-15T04:56:58.0475941495-001 sshd[46849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 user=root 2020-09-15T04:56:59.8489941495-001 sshd[46849]: Failed password for root from 81.68.100.138 port 38216 ssh2 ...	2020-09-15 18:29:48
81.68.100.138	attackspam	Failed password for root from 81.68.100.138 port 34832 ssh2	2020-09-13 23:55:54
81.68.100.138	attackspambots	81.68.100.138 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 13 02:35:01 jbs1 sshd[23744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 user=root Sep 13 02:35:03 jbs1 sshd[23744]: Failed password for root from 81.68.100.138 port 58412 ssh2 Sep 13 02:35:40 jbs1 sshd[24007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.158.15 user=root Sep 13 02:35:50 jbs1 sshd[24070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.4.127.228 user=root Sep 13 02:35:42 jbs1 sshd[24007]: Failed password for root from 122.51.158.15 port 45070 ssh2 Sep 13 02:32:20 jbs1 sshd[22729]: Failed password for root from 190.0.159.86 port 59641 ssh2 IP Addresses Blocked:	2020-09-13 15:46:34
81.68.100.138	attackspam	Sep 12 19:27:54 mout sshd[21825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 user=root Sep 12 19:27:56 mout sshd[21825]: Failed password for root from 81.68.100.138 port 52514 ssh2	2020-09-13 07:31:32
81.68.100.138	attackspambots	Sep 1 09:18:41 ny01 sshd[26628]: Failed password for root from 81.68.100.138 port 51112 ssh2 Sep 1 09:22:19 ny01 sshd[27097]: Failed password for root from 81.68.100.138 port 58406 ssh2 Sep 1 09:25:46 ny01 sshd[27897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138	2020-09-02 03:32:54
81.68.100.138	attackbotsspam	Aug 30 16:00:39 sigma sshd\[12269\]: Failed password for root from 81.68.100.138 port 36626 ssh2Aug 30 16:14:45 sigma sshd\[12713\]: Invalid user pablo from 81.68.100.138 ...	2020-08-30 23:38:38
81.68.100.138	attack	Invalid user ftpuser from 81.68.100.138 port 58250	2020-07-19 14:19:25
81.68.100.138	attackbotsspam	Invalid user ftpuser from 81.68.100.138 port 58250	2020-07-18 15:17:16
81.68.100.138	attackspambots	Jul 15 12:59:16 vps687878 sshd\[19489\]: Invalid user admin from 81.68.100.138 port 59902 Jul 15 12:59:16 vps687878 sshd\[19489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 Jul 15 12:59:18 vps687878 sshd\[19489\]: Failed password for invalid user admin from 81.68.100.138 port 59902 ssh2 Jul 15 13:04:13 vps687878 sshd\[19985\]: Invalid user scan from 81.68.100.138 port 58474 Jul 15 13:04:13 vps687878 sshd\[19985\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 ...	2020-07-15 19:53:09
81.68.100.138	attackspam	Jul 12 13:50:53 v22019038103785759 sshd\[15254\]: Invalid user winona from 81.68.100.138 port 60538 Jul 12 13:50:53 v22019038103785759 sshd\[15254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 Jul 12 13:50:55 v22019038103785759 sshd\[15254\]: Failed password for invalid user winona from 81.68.100.138 port 60538 ssh2 Jul 12 13:56:11 v22019038103785759 sshd\[15406\]: Invalid user Christ from 81.68.100.138 port 57268 Jul 12 13:56:11 v22019038103785759 sshd\[15406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.100.138 ...	2020-07-13 00:38:46
81.68.100.138	attackspambots	$f2bV_matches	2020-07-09 18:48:57
81.68.100.138	attackbots	$f2bV_matches	2020-07-05 15:25:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.68.100.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40337
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.68.100.51.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070301 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 04 02:08:40 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 51.100.68.81.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 51.100.68.81.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.81.89.35	attackspam	Unauthorized connection attempt detected from IP address 36.81.89.35 to port 445	2020-02-13 03:55:08
106.13.204.195	attackbotsspam	2020-02-12T18:01:16.010065vps751288.ovh.net sshd\[11159\]: Invalid user roota from 106.13.204.195 port 45710 2020-02-12T18:01:16.017887vps751288.ovh.net sshd\[11159\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.204.195 2020-02-12T18:01:17.824955vps751288.ovh.net sshd\[11159\]: Failed password for invalid user roota from 106.13.204.195 port 45710 ssh2 2020-02-12T18:05:02.584175vps751288.ovh.net sshd\[11173\]: Invalid user test from 106.13.204.195 port 58530 2020-02-12T18:05:02.598557vps751288.ovh.net sshd\[11173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.204.195	2020-02-13 03:51:38
186.89.201.155	attack	Unauthorized connection attempt from IP address 186.89.201.155 on Port 445(SMB)	2020-02-13 04:08:45
124.239.216.233	attackspam	$f2bV_matches	2020-02-13 04:06:02
103.56.30.33	attack	Wordpress login attempts	2020-02-13 04:23:08
64.113.32.29	attackspam	02/12/2020-18:31:20.560812 64.113.32.29 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 76	2020-02-13 04:15:06
185.86.164.98	attackbotsspam	185.86.164.98 - - [12/Feb/2020:13:36:28 +0000] "GET /wp-login.php HTTP/1.0" 200 5600 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"	2020-02-13 03:58:55
173.245.203.224	attack	[2020-02-12 14:55:18] NOTICE[1148] chan_sip.c: Registration from '' failed for '173.245.203.224:50059' - Wrong password [2020-02-12 14:55:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-12T14:55:18.197-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1000",SessionID="0x7fd82c5547b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/173.245.203.224/50059",Challenge="7212a920",ReceivedChallenge="7212a920",ReceivedHash="ee1c3557f818495bdc2e82834b05a602" [2020-02-12 14:56:05] NOTICE[1148] chan_sip.c: Registration from '' failed for '173.245.203.224:53722' - Wrong password [2020-02-12 14:56:05] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-12T14:56:05.430-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="7001",SessionID="0x7fd82c5547b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/173.245 ...	2020-02-13 04:16:50
187.180.213.137	attack	1581514872 - 02/12/2020 14:41:12 Host: 187.180.213.137/187.180.213.137 Port: 445 TCP Blocked	2020-02-13 03:57:33
203.191.150.162	attackbots	1433/tcp 1433/tcp 1433/tcp... [2020-01-07/02-12]5pkt,1pt.(tcp)	2020-02-13 04:18:28
188.158.37.198	attack	Automatic report - Port Scan Attack	2020-02-13 03:40:23
106.12.26.160	attackbots	Automatic report - Banned IP Access	2020-02-13 03:43:42
200.219.243.150	attackspambots	Unauthorized connection attempt from IP address 200.219.243.150 on Port 445(SMB)	2020-02-13 04:00:37
36.110.105.52	attackbotsspam	SIP/5060 Probe, BF, Hack -	2020-02-13 04:03:13
167.71.135.250	attackbots	As always with digital ocean	2020-02-13 04:09:26

最近上报的IP列表

60.6.57.239	70.186.57.181	61.166.19.224	113.167.236.223
13.75.198.102	197.234.48.236	200.13.45.22	87.117.59.165
190.102.143.82	97.164.20.9	14.187.117.215	182.64.48.254
167.71.4.187	0.164.3.47	190.248.150.138	187.189.24.234
159.69.88.101	113.172.127.154	1.222.56.219	95.217.228.34