81.68.74.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Aug 20 19:30:45 eddieflores sshd\[23281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.5 user=root Aug 20 19:30:47 eddieflores sshd\[23281\]: Failed password for root from 81.68.74.5 port 55946 ssh2 Aug 20 19:34:43 eddieflores sshd\[23538\]: Invalid user amy from 81.68.74.5 Aug 20 19:34:43 eddieflores sshd\[23538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.5 Aug 20 19:34:45 eddieflores sshd\[23538\]: Failed password for invalid user amy from 81.68.74.5 port 41300 ssh2	2020-08-21 14:09:42
attack	Aug 20 15:47:29 [host] sshd[28281]: Invalid user p Aug 20 15:47:29 [host] sshd[28281]: pam_unix(sshd: Aug 20 15:47:32 [host] sshd[28281]: Failed passwor	2020-08-20 22:13:19

类型

评论内容

时间

attackspambots

Aug 20 19:30:45 eddieflores sshd\[23281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.5  user=root
Aug 20 19:30:47 eddieflores sshd\[23281\]: Failed password for root from 81.68.74.5 port 55946 ssh2
Aug 20 19:34:43 eddieflores sshd\[23538\]: Invalid user amy from 81.68.74.5
Aug 20 19:34:43 eddieflores sshd\[23538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.5
Aug 20 19:34:45 eddieflores sshd\[23538\]: Failed password for invalid user amy from 81.68.74.5 port 41300 ssh2

2020-08-21 14:09:42

attack

Aug 20 15:47:29 [host] sshd[28281]: Invalid user p
Aug 20 15:47:29 [host] sshd[28281]: pam_unix(sshd:
Aug 20 15:47:32 [host] sshd[28281]: Failed passwor

2020-08-20 22:13:19

相同子网IP讨论:

IP	类型	评论内容	时间
81.68.74.171	attackbots	Aug 20 14:18:41 vps-51d81928 sshd[772492]: Failed password for root from 81.68.74.171 port 52552 ssh2 Aug 20 14:21:55 vps-51d81928 sshd[772547]: Invalid user rl from 81.68.74.171 port 59034 Aug 20 14:21:55 vps-51d81928 sshd[772547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.171 Aug 20 14:21:55 vps-51d81928 sshd[772547]: Invalid user rl from 81.68.74.171 port 59034 Aug 20 14:21:56 vps-51d81928 sshd[772547]: Failed password for invalid user rl from 81.68.74.171 port 59034 ssh2 ...	2020-08-21 01:00:31
81.68.74.171	attackspambots	Aug 11 14:24:30 piServer sshd[18147]: Failed password for root from 81.68.74.171 port 52268 ssh2 Aug 11 14:29:28 piServer sshd[18581]: Failed password for root from 81.68.74.171 port 43428 ssh2 ...	2020-08-11 23:53:14
81.68.74.171	attack	2020-08-10T06:07:52.217672centos sshd[21896]: Failed password for root from 81.68.74.171 port 58066 ssh2 2020-08-10T06:10:42.640457centos sshd[22491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.171 user=root 2020-08-10T06:10:45.061234centos sshd[22491]: Failed password for root from 81.68.74.171 port 42730 ssh2 ...	2020-08-10 16:57:59
81.68.74.171	attackbots	fail2ban/Jul 31 08:10:43 h1962932 sshd[16829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.171 user=root Jul 31 08:10:46 h1962932 sshd[16829]: Failed password for root from 81.68.74.171 port 38324 ssh2 Jul 31 08:14:33 h1962932 sshd[16941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.171 user=root Jul 31 08:14:35 h1962932 sshd[16941]: Failed password for root from 81.68.74.171 port 54646 ssh2 Jul 31 08:18:20 h1962932 sshd[17065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.171 user=root Jul 31 08:18:22 h1962932 sshd[17065]: Failed password for root from 81.68.74.171 port 42734 ssh2	2020-07-31 16:23:56
81.68.74.171	attackbotsspam	SSH Invalid Login	2020-07-22 09:55:46
81.68.74.171	attackspam	Invalid user phi from 81.68.74.171 port 58702	2020-07-18 22:08:07
81.68.74.171	attackbotsspam	2020-07-11T22:05:31.683416vps773228.ovh.net sshd[16798]: Failed password for invalid user chris from 81.68.74.171 port 47514 ssh2 2020-07-11T22:08:08.720139vps773228.ovh.net sshd[16848]: Invalid user db2bet from 81.68.74.171 port 57620 2020-07-11T22:08:08.737896vps773228.ovh.net sshd[16848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.74.171 2020-07-11T22:08:08.720139vps773228.ovh.net sshd[16848]: Invalid user db2bet from 81.68.74.171 port 57620 2020-07-11T22:08:11.037806vps773228.ovh.net sshd[16848]: Failed password for invalid user db2bet from 81.68.74.171 port 57620 ssh2 ...	2020-07-12 04:43:26
81.68.74.171	attackbotsspam	2020-06-28T23:12:03.549727morrigan.ad5gb.com sshd[2071060]: Invalid user bugzilla from 81.68.74.171 port 42914 2020-06-28T23:12:06.056009morrigan.ad5gb.com sshd[2071060]: Failed password for invalid user bugzilla from 81.68.74.171 port 42914 ssh2	2020-06-29 12:25:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.68.74.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20789
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.68.74.5.			IN	A

;; AUTHORITY SECTION:
.			496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082000 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 20 22:13:12 CST 2020
;; MSG SIZE  rcvd: 114

HOST信息:

Host 5.74.68.81.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.74.68.81.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
36.68.232.55	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/36.68.232.55/ ID - 1H : (27) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ID NAME ASN : ASN7713 IP : 36.68.232.55 CIDR : 36.68.232.0/23 PREFIX COUNT : 2255 UNIQUE IP COUNT : 2765312 ATTACKS DETECTED ASN7713 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 6 DateTime : 2019-11-15 15:36:26 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-16 05:36:12
196.52.43.53	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 06:01:53
92.118.161.5	attack	92.118.161.5 was recorded 5 times by 5 hosts attempting to connect to the following ports: 401,2323,4443,2484,993. Incident counter (4h, 24h, all-time): 5, 11, 63	2019-11-16 05:52:09
196.52.43.52	attackbots	Automatic report - Banned IP Access	2019-11-16 06:05:58
49.233.171.112	attackbots	2019-11-15T21:33:04.261254abusebot-6.cloudsearch.cf sshd\[6775\]: Invalid user office1 from 49.233.171.112 port 52900	2019-11-16 05:55:59
185.176.27.246	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 65471 proto: TCP cat: Misc Attack	2019-11-16 05:44:54
49.235.101.153	attack	Automatic report - Banned IP Access	2019-11-16 05:51:46
5.196.201.7	attack	Nov 15 22:14:09 mail postfix/smtpd[6148]: warning: unknown[5.196.201.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 22:15:03 mail postfix/smtpd[4735]: warning: unknown[5.196.201.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 22:15:08 mail postfix/smtpd[6167]: warning: unknown[5.196.201.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-16 05:46:32
187.65.252.198	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/187.65.252.198/ BR - 1H : (369) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN28573 IP : 187.65.252.198 CIDR : 187.65.192.0/18 PREFIX COUNT : 1254 UNIQUE IP COUNT : 9653760 ATTACKS DETECTED ASN28573 : 1H - 2 3H - 8 6H - 13 12H - 23 24H - 54 DateTime : 2019-11-15 15:35:51 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-16 06:02:08
178.128.108.19	attack	Invalid user knochel from 178.128.108.19 port 53106	2019-11-16 05:40:26
92.118.161.49	attackspambots	Unauthorized connection attempt from IP address 92.118.161.49 on Port 3389(RDP)	2019-11-16 05:55:27
217.76.40.82	attackbots	Nov 15 14:43:32 firewall sshd[27269]: Invalid user bikle from 217.76.40.82 Nov 15 14:43:34 firewall sshd[27269]: Failed password for invalid user bikle from 217.76.40.82 port 51542 ssh2 Nov 15 14:47:26 firewall sshd[27333]: Invalid user myunghee from 217.76.40.82 ...	2019-11-16 05:40:48
112.35.36.16	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-16 05:57:16
185.162.235.107	attackbots	Nov 15 22:10:18 mail postfix/smtpd[4732]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 22:11:15 mail postfix/smtpd[4735]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 15 22:11:20 mail postfix/smtpd[4736]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-16 05:45:08
196.52.43.63	attackspam	554/tcp 20/tcp 2483/tcp... [2019-09-18/11-15]64pkt,40pt.(tcp),6pt.(udp),1tp.(icmp)	2019-11-16 05:31:55

最近上报的IP列表

118.97.35.126	145.60.122.80	31.47.99.50	113.168.136.178
2.200.98.254	210.56.4.253	140.0.140.175	165.255.126.110
123.189.120.37	167.71.195.173	200.92.113.56	138.59.146.203
189.80.88.131	138.59.146.245	71.38.74.67	103.117.33.107
201.159.102.134	200.241.237.146	188.0.188.123	34.71.152.216