81.68.125.140 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Invalid user ubuntu from 81.68.125.140 port 52980	2020-08-30 08:50:01

相同子网IP讨论:

IP	类型	评论内容	时间
81.68.125.236	attackbotsspam	2020-10-11T18:27:41+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-12 03:11:04
81.68.125.236	attackbotsspam	prod11 ...	2020-10-11 19:03:33
81.68.125.65	attack	Oct 9 20:37:04 s2 sshd[31074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.125.65 Oct 9 20:37:06 s2 sshd[31074]: Failed password for invalid user ubuntu from 81.68.125.65 port 45346 ssh2 Oct 9 20:42:43 s2 sshd[31418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.125.65	2020-10-10 05:36:06
81.68.125.65	attack	Oct 9 06:20:46 mockhub sshd[895662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.125.65 Oct 9 06:20:46 mockhub sshd[895662]: Invalid user cyrus from 81.68.125.65 port 48726 Oct 9 06:20:48 mockhub sshd[895662]: Failed password for invalid user cyrus from 81.68.125.65 port 48726 ssh2 ...	2020-10-09 21:40:56
81.68.125.65	attack	SSH login attempts.	2020-10-09 13:30:27
81.68.125.236	attack	" "	2020-09-20 22:01:17
81.68.125.236	attack	failed root login	2020-09-20 13:54:49
81.68.125.236	attack	Time: Sat Sep 19 21:50:49 2020 +0000 IP: 81.68.125.236 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 19 21:30:36 29-1 sshd[416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.125.236 user=root Sep 19 21:30:39 29-1 sshd[416]: Failed password for root from 81.68.125.236 port 52548 ssh2 Sep 19 21:45:38 29-1 sshd[2300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.125.236 user=root Sep 19 21:45:39 29-1 sshd[2300]: Failed password for root from 81.68.125.236 port 38876 ssh2 Sep 19 21:50:45 29-1 sshd[2946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.125.236 user=mail	2020-09-20 05:54:06
81.68.125.236	attack	Invalid user hyperic from 81.68.125.236 port 57246	2020-08-31 18:37:19

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.68.125.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8513
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.68.125.140.			IN	A

;; AUTHORITY SECTION:
.			579	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082901 1800 900 604800 86400

;; Query time: 82 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 30 08:49:56 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 140.125.68.81.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.125.68.81.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
2402:1980:824b:87ee:d4f8:ad79:60dc:5d6c	attackspambots	MYH,DEF GET /wp-login.php	2019-07-08 02:10:59
187.189.109.138	attackbots	2019-07-07T20:37:36.221860enmeeting.mahidol.ac.th sshd\[19444\]: Invalid user wp from 187.189.109.138 port 36430 2019-07-07T20:37:36.236361enmeeting.mahidol.ac.th sshd\[19444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-189-109-138.totalplay.net 2019-07-07T20:37:38.045735enmeeting.mahidol.ac.th sshd\[19444\]: Failed password for invalid user wp from 187.189.109.138 port 36430 ssh2 ...	2019-07-08 02:09:37
5.181.233.85	attackspam	Postfix DNSBL listed. Trying to send SPAM.	2019-07-08 02:13:02
46.105.30.20	attackspambots	Jul 7 20:24:58 cvbmail sshd\[3097\]: Invalid user jhall from 46.105.30.20 Jul 7 20:24:58 cvbmail sshd\[3097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.30.20 Jul 7 20:25:01 cvbmail sshd\[3097\]: Failed password for invalid user jhall from 46.105.30.20 port 40102 ssh2	2019-07-08 02:33:47
36.66.149.211	attack	Jul 7 20:27:20 pornomens sshd\[32271\]: Invalid user nginx from 36.66.149.211 port 45636 Jul 7 20:27:20 pornomens sshd\[32271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.66.149.211 Jul 7 20:27:22 pornomens sshd\[32271\]: Failed password for invalid user nginx from 36.66.149.211 port 45636 ssh2 ...	2019-07-08 02:27:49
200.207.220.128	attackspam	leo_www	2019-07-08 02:42:44
50.75.240.235	attackspambots	TCP port 445 (SMB) attempt blocked by firewall. [2019-07-07 15:35:59]	2019-07-08 02:16:56
37.139.21.75	attack	ssh failed login	2019-07-08 02:06:35
191.240.68.20	attackspam	smtp auth brute force	2019-07-08 02:23:27
86.61.66.59	attackspambots	Jul 7 19:33:47 Proxmox sshd\[4353\]: Invalid user fire from 86.61.66.59 port 51685 Jul 7 19:33:47 Proxmox sshd\[4353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.61.66.59 Jul 7 19:33:49 Proxmox sshd\[4353\]: Failed password for invalid user fire from 86.61.66.59 port 51685 ssh2 Jul 7 19:36:18 Proxmox sshd\[6642\]: Invalid user postgres from 86.61.66.59 port 36740 Jul 7 19:36:18 Proxmox sshd\[6642\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.61.66.59 Jul 7 19:36:20 Proxmox sshd\[6642\]: Failed password for invalid user postgres from 86.61.66.59 port 36740 ssh2	2019-07-08 02:51:59
162.243.4.134	attackspambots	Jul 7 13:37:28 MK-Soft-VM3 sshd\[21140\]: Invalid user keng from 162.243.4.134 port 52922 Jul 7 13:37:28 MK-Soft-VM3 sshd\[21140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Jul 7 13:37:29 MK-Soft-VM3 sshd\[21140\]: Failed password for invalid user keng from 162.243.4.134 port 52922 ssh2 ...	2019-07-08 02:11:18
168.196.81.123	attackspambots	SMTP-sasl brute force ...	2019-07-08 02:35:10
142.93.49.103	attackbots	Jul 7 16:45:35 legacy sshd[30956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.103 Jul 7 16:45:38 legacy sshd[30956]: Failed password for invalid user christian from 142.93.49.103 port 48448 ssh2 Jul 7 16:49:26 legacy sshd[31022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.49.103 ...	2019-07-08 02:47:31
222.211.83.166	attack	Tried sshing with brute force.	2019-07-08 02:44:31
94.176.77.55	attackbots	(Jul 7) LEN=40 TTL=244 ID=36776 DF TCP DPT=23 WINDOW=14600 SYN (Jul 7) LEN=40 TTL=244 ID=46746 DF TCP DPT=23 WINDOW=14600 SYN (Jul 7) LEN=40 TTL=244 ID=57774 DF TCP DPT=23 WINDOW=14600 SYN (Jul 7) LEN=40 TTL=244 ID=9016 DF TCP DPT=23 WINDOW=14600 SYN (Jul 7) LEN=40 TTL=244 ID=35749 DF TCP DPT=23 WINDOW=14600 SYN (Jul 7) LEN=40 TTL=244 ID=18274 DF TCP DPT=23 WINDOW=14600 SYN (Jul 7) LEN=40 TTL=244 ID=55199 DF TCP DPT=23 WINDOW=14600 SYN (Jul 6) LEN=40 TTL=244 ID=5022 DF TCP DPT=23 WINDOW=14600 SYN (Jul 6) LEN=40 TTL=244 ID=14368 DF TCP DPT=23 WINDOW=14600 SYN (Jul 6) LEN=40 TTL=244 ID=31767 DF TCP DPT=23 WINDOW=14600 SYN (Jul 6) LEN=40 TTL=244 ID=54799 DF TCP DPT=23 WINDOW=14600 SYN (Jul 6) LEN=40 TTL=244 ID=24088 DF TCP DPT=23 WINDOW=14600 SYN (Jul 6) LEN=40 TTL=244 ID=14592 DF TCP DPT=23 WINDOW=14600 SYN (Jul 6) LEN=40 TTL=244 ID=41416 DF TCP DPT=23 WINDOW=14600 SYN (Jul 5) LEN=40 TTL=244 ID=65309 DF TCP DPT=23 WINDOW=14600 SY...	2019-07-08 02:15:21

最近上报的IP列表

145.97.164.111	93.226.130.237	82.114.204.87	181.196.185.141
183.216.88.9	186.209.80.97	90.9.210.110	151.51.188.141
5.140.170.28	122.220.117.7	96.40.119.47	46.208.81.246
58.78.61.40	125.23.97.253	195.128.139.208	182.70.219.132
123.117.133.159	210.6.13.177	42.153.202.40	94.224.161.182