81.68.137.119 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	21886/tcp [2020-08-30]1pkt	2020-08-31 06:59:02
attackbots	Aug 30 15:13:05 rancher-0 sshd[1357023]: Invalid user mc from 81.68.137.119 port 51320 ...	2020-08-31 03:37:06

相同子网IP讨论:

IP	类型	评论内容	时间
81.68.137.90	attack	81.68.137.90 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 5 06:06:57 jbs1 sshd[17433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.122.156.74 user=root Oct 5 06:06:28 jbs1 sshd[17265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 user=root Oct 5 06:06:29 jbs1 sshd[17265]: Failed password for root from 81.68.137.90 port 35198 ssh2 Oct 5 06:06:14 jbs1 sshd[17139]: Failed password for root from 58.87.120.53 port 60146 ssh2 Oct 5 06:07:00 jbs1 sshd[17433]: Failed password for root from 62.122.156.74 port 43024 ssh2 Oct 5 06:07:43 jbs1 sshd[17733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.186.74 user=root IP Addresses Blocked: 62.122.156.74 (UA/Ukraine/-)	2020-10-06 01:56:52
81.68.137.90	attackbots	(sshd) Failed SSH login from 81.68.137.90 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 5 01:43:31 optimus sshd[9995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 user=root Oct 5 01:43:34 optimus sshd[9995]: Failed password for root from 81.68.137.90 port 38036 ssh2 Oct 5 01:50:27 optimus sshd[12823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 user=root Oct 5 01:50:28 optimus sshd[12823]: Failed password for root from 81.68.137.90 port 57056 ssh2 Oct 5 01:57:22 optimus sshd[15754]: Did not receive identification string from 81.68.137.90	2020-10-05 17:45:16
81.68.137.90	attack	Oct 4 22:30:23 host2 sshd[1200795]: Failed password for root from 81.68.137.90 port 58562 ssh2 Oct 4 22:30:21 host2 sshd[1200795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 user=root Oct 4 22:30:23 host2 sshd[1200795]: Failed password for root from 81.68.137.90 port 58562 ssh2 Oct 4 22:36:02 host2 sshd[1201413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 user=root Oct 4 22:36:04 host2 sshd[1201413]: Failed password for root from 81.68.137.90 port 45398 ssh2 ...	2020-10-05 06:56:27
81.68.137.90	attackbots	Sep 1 05:56:46 lnxded64 sshd[3150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 Sep 1 05:56:46 lnxded64 sshd[3150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90	2020-09-01 12:02:17
81.68.137.74	attackbotsspam	2020-08-30T19:05:24.353386hostname sshd[365]: Invalid user gpn from 81.68.137.74 port 39756 2020-08-30T19:05:26.514572hostname sshd[365]: Failed password for invalid user gpn from 81.68.137.74 port 39756 ssh2 2020-08-30T19:11:24.476230hostname sshd[2534]: Invalid user php from 81.68.137.74 port 42512 ...	2020-08-31 03:24:40
81.68.137.74	attackbotsspam	Aug 25 13:07:17 r.ca sshd[2252]: Failed password for root from 81.68.137.74 port 36442 ssh2	2020-08-26 02:22:15
81.68.137.90	attackbotsspam	2020-08-25T13:53:48.861160lavrinenko.info sshd[25531]: Invalid user webadmin from 81.68.137.90 port 40710 2020-08-25T13:53:51.174806lavrinenko.info sshd[25531]: Failed password for invalid user webadmin from 81.68.137.90 port 40710 ssh2 2020-08-25T13:54:51.788050lavrinenko.info sshd[27940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 user=root 2020-08-25T13:54:53.739083lavrinenko.info sshd[27940]: Failed password for root from 81.68.137.90 port 49480 ssh2 2020-08-25T13:55:48.771033lavrinenko.info sshd[30222]: Invalid user oracle from 81.68.137.90 port 58246 ...	2020-08-25 19:53:56
81.68.137.90	attack	Aug 22 13:51:35 dignus sshd[19938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 Aug 22 13:51:38 dignus sshd[19938]: Failed password for invalid user tutor from 81.68.137.90 port 35350 ssh2 Aug 22 13:57:21 dignus sshd[20694]: Invalid user oracle from 81.68.137.90 port 43032 Aug 22 13:57:21 dignus sshd[20694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.137.90 Aug 22 13:57:23 dignus sshd[20694]: Failed password for invalid user oracle from 81.68.137.90 port 43032 ssh2 ...	2020-08-23 05:06:22
81.68.137.90	attackbots	DATE:2020-08-21 14:11:05,IP:81.68.137.90,MATCHES:10,PORT:ssh	2020-08-21 20:25:21
81.68.137.90	attackbotsspam	Failed password for invalid user ignacio from 81.68.137.90 port 43058 ssh2	2020-08-20 19:30:30

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.68.137.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14619
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.68.137.119.			IN	A

;; AUTHORITY SECTION:
.			225	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083001 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 31 03:37:02 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 119.137.68.81.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 119.137.68.81.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
68.183.48.172	attack	Nov 19 13:37:54 php1 sshd\[25464\]: Invalid user aud from 68.183.48.172 Nov 19 13:37:54 php1 sshd\[25464\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 Nov 19 13:37:56 php1 sshd\[25464\]: Failed password for invalid user aud from 68.183.48.172 port 39163 ssh2 Nov 19 13:41:48 php1 sshd\[25891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 user=root Nov 19 13:41:50 php1 sshd\[25891\]: Failed password for root from 68.183.48.172 port 57272 ssh2	2019-11-20 07:52:07
104.37.169.192	attackbotsspam	SSH bruteforce (Triggered fail2ban)	2019-11-20 07:56:20
218.26.172.61	attack	218.26.172.61 was recorded 5 times by 5 hosts attempting to connect to the following ports: 7776. Incident counter (4h, 24h, all-time): 5, 15, 315	2019-11-20 08:05:44
192.99.166.243	attack	Nov 18 15:20:07 rb06 sshd[29585]: Failed password for lp from 192.99.166.243 port 58630 ssh2 Nov 18 15:20:07 rb06 sshd[29585]: Received disconnect from 192.99.166.243: 11: Bye Bye [preauth] Nov 18 15:44:05 rb06 sshd[11867]: Failed password for r.r from 192.99.166.243 port 57242 ssh2 Nov 18 15:44:05 rb06 sshd[11867]: Received disconnect from 192.99.166.243: 11: Bye Bye [preauth] Nov 18 15:47:50 rb06 sshd[12652]: Failed password for r.r from 192.99.166.243 port 38496 ssh2 Nov 18 15:47:50 rb06 sshd[12652]: Received disconnect from 192.99.166.243: 11: Bye Bye [preauth] Nov 18 15:51:23 rb06 sshd[13488]: Failed password for invalid user hkami from 192.99.166.243 port 47982 ssh2 Nov 18 15:51:23 rb06 sshd[13488]: Received disconnect from 192.99.166.243: 11: Bye Bye [preauth] Nov 18 15:55:11 rb06 sshd[29206]: Failed password for invalid user appolhostnameo from 192.99.166.243 port 57434 ssh2 Nov 18 15:55:11 rb06 sshd[29206]: Received disconnect from 192.99.166.243: 11: Bye Bye [........ -------------------------------	2019-11-20 08:19:05
77.8.25.14	attackbots	Nov 19 22:02:16 mxgate1 postfix/postscreen[29918]: CONNECT from [77.8.25.14]:28570 to [176.31.12.44]:25 Nov 19 22:02:16 mxgate1 postfix/dnsblog[29994]: addr 77.8.25.14 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 19 22:02:16 mxgate1 postfix/dnsblog[29994]: addr 77.8.25.14 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 19 22:02:16 mxgate1 postfix/dnsblog[29995]: addr 77.8.25.14 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 19 22:02:16 mxgate1 postfix/dnsblog[29996]: addr 77.8.25.14 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 19 22:02:22 mxgate1 postfix/postscreen[29918]: DNSBL rank 4 for [77.8.25.14]:28570 Nov x@x Nov 19 22:02:24 mxgate1 postfix/postscreen[29918]: HANGUP after 2.2 from [77.8.25.14]:28570 in tests after SMTP handshake Nov 19 22:02:24 mxgate1 postfix/postscreen[29918]: DISCONNECT [77.8.25.14]:28570 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=77.8.25.14	2019-11-20 07:49:32
116.203.209.23	attack	Nov 19 21:29:13 localhost sshd\[90985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.203.209.23 user=root Nov 19 21:29:15 localhost sshd\[90985\]: Failed password for root from 116.203.209.23 port 37452 ssh2 Nov 19 21:32:42 localhost sshd\[91098\]: Invalid user downloads from 116.203.209.23 port 46044 Nov 19 21:32:42 localhost sshd\[91098\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.203.209.23 Nov 19 21:32:45 localhost sshd\[91098\]: Failed password for invalid user downloads from 116.203.209.23 port 46044 ssh2 ...	2019-11-20 07:54:55
194.153.5.29	attackbotsspam	Spam Timestamp : 19-Nov-19 20:37 BlockList Provider combined abuse (631)	2019-11-20 07:56:39
177.52.183.139	attackspam	Nov 20 05:43:56 areeb-Workstation sshd[31908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.52.183.139 Nov 20 05:43:58 areeb-Workstation sshd[31908]: Failed password for invalid user zurinabi from 177.52.183.139 port 34834 ssh2 ...	2019-11-20 08:14:30
113.19.73.22	attackspambots	1433/tcp 445/tcp... [2019-09-23/11-19]5pkt,2pt.(tcp)	2019-11-20 08:20:35
14.172.173.220	attackbots	Automatic report - Port Scan Attack	2019-11-20 08:13:45
123.205.104.16	attack	9527/tcp 9001/tcp... [2019-10-18/11-19]10pkt,2pt.(tcp)	2019-11-20 07:53:51
216.10.249.73	attack	Invalid user selenite from 216.10.249.73 port 38280	2019-11-20 07:48:45
123.6.5.121	attackbots	Lines containing failures of 123.6.5.121 Nov 18 21:18:44 mx-in-01 sshd[18437]: Invalid user hecht from 123.6.5.121 port 36968 Nov 18 21:18:44 mx-in-01 sshd[18437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.6.5.121 Nov 18 21:18:46 mx-in-01 sshd[18437]: Failed password for invalid user hecht from 123.6.5.121 port 36968 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=123.6.5.121	2019-11-20 07:59:25
42.61.78.62	attack	1433/tcp 445/tcp... [2019-09-20/11-19]11pkt,2pt.(tcp)	2019-11-20 07:53:32
185.176.27.2	attackbotsspam	Port scan: Attack repeated for 24 hours	2019-11-20 08:01:27

最近上报的IP列表

180.253.55.43	11.62.3.69	217.12.209.191	91.218.65.168
171.225.251.79	209.109.207.249	106.12.133.38	194.7.24.27
161.50.195.97	237.121.182.150	124.209.59.106	220.95.129.105
144.102.73.153	143.0.47.137	61.26.95.150	186.88.225.115
139.198.17.135	45.64.9.202	161.35.35.44	54.252.163.214