城市(city): Shanghai
省份(region): Shanghai
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 81.68.78.48 | attack | $f2bV_matches |
2020-08-29 18:51:55 |
| 81.68.78.48 | attack | Aug 24 12:03:39 pornomens sshd\[1572\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.78.48 user=root Aug 24 12:03:41 pornomens sshd\[1572\]: Failed password for root from 81.68.78.48 port 34054 ssh2 Aug 24 12:12:13 pornomens sshd\[1716\]: Invalid user sce from 81.68.78.48 port 35118 Aug 24 12:12:13 pornomens sshd\[1716\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.78.48 ... |
2020-08-24 18:47:06 |
| 81.68.78.48 | attackspambots | Aug 5 18:01:02 marvibiene sshd[30005]: Failed password for root from 81.68.78.48 port 53150 ssh2 |
2020-08-06 01:15:38 |
| 81.68.78.48 | attack | SSH brutforce |
2020-07-21 14:47:04 |
| 81.68.78.48 | attackbots | $f2bV_matches |
2020-07-15 05:26:55 |
| 81.68.78.48 | attack | Bruteforce detected by fail2ban |
2020-07-08 05:21:08 |
| 81.68.78.224 | attack | 2020-06-30T00:02:12.653401vps751288.ovh.net sshd\[29586\]: Invalid user nagios from 81.68.78.224 port 37786 2020-06-30T00:02:12.661968vps751288.ovh.net sshd\[29586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.78.224 2020-06-30T00:02:14.942513vps751288.ovh.net sshd\[29586\]: Failed password for invalid user nagios from 81.68.78.224 port 37786 ssh2 2020-06-30T00:06:59.277967vps751288.ovh.net sshd\[29756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.78.224 user=root 2020-06-30T00:07:00.625114vps751288.ovh.net sshd\[29756\]: Failed password for root from 81.68.78.224 port 36722 ssh2 |
2020-06-30 07:09:06 |
| 81.68.78.48 | attack | invalid login attempt (webapp) |
2020-06-29 12:45:03 |
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://docs.db.ripe.net/terms-conditions.html
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '81.68.0.0 - 81.71.255.255'
% No abuse contact registered for 81.68.0.0 - 81.71.255.255
inetnum: 81.68.0.0 - 81.71.255.255
netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
descr: IPv4 address block not managed by the RIPE NCC
remarks: ------------------------------------------------------
remarks:
remarks: For registration information,
remarks: you can consult the following sources:
remarks:
remarks: IANA
remarks: http://www.iana.org/assignments/ipv4-address-space
remarks: http://www.iana.org/assignments/iana-ipv4-special-registry
remarks: http://www.iana.org/assignments/ipv4-recovered-address-space
remarks:
remarks: AFRINIC (Africa)
remarks: http://www.afrinic.net/ whois.afrinic.net
remarks:
remarks: APNIC (Asia Pacific)
remarks: http://www.apnic.net/ whois.apnic.net
remarks:
remarks: ARIN (Northern America)
remarks: http://www.arin.net/ whois.arin.net
remarks:
remarks: LACNIC (Latin America and the Carribean)
remarks: http://www.lacnic.net/ whois.lacnic.net
remarks:
remarks: ------------------------------------------------------
country: EU # Country is really world wide
admin-c: IANA1-RIPE
tech-c: IANA1-RIPE
status: ALLOCATED UNSPECIFIED
mnt-by: RIPE-NCC-HM-MNT
created: 2019-01-07T10:47:18Z
last-modified: 2019-01-07T10:47:18Z
source: RIPE
role: Internet Assigned Numbers Authority
address: see http://www.iana.org.
admin-c: IANA1-RIPE
tech-c: IANA1-RIPE
nic-hdl: IANA1-RIPE
remarks: For more information on IANA services
remarks: go to IANA web site at http://www.iana.org.
mnt-by: RIPE-NCC-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2001-09-22T09:31:27Z
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.122.1 (ABERDEEN); <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.68.78.229
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20567
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;81.68.78.229. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026060800 1800 900 604800 86400
;; Query time: 7 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 09 00:30:03 CST 2026
;; MSG SIZE rcvd: 105Host 229.78.68.81.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 229.78.68.81.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 47.104.191.157 | attack | firewall-block, port(s): 1433/tcp |
2020-02-29 01:54:13 |
| 14.252.44.203 | attackspambots | Unauthorized connection attempt from IP address 14.252.44.203 on Port 445(SMB) |
2020-02-29 01:37:36 |
| 201.26.30.38 | attackspambots | Port probing on unauthorized port 23 |
2020-02-29 01:34:03 |
| 185.176.27.6 | attackspam | 3958/tcp 8165/tcp [2020-02-28]2pkt |
2020-02-29 01:40:58 |
| 221.7.12.153 | attackbotsspam | Unauthorized connection attempt from IP address 221.7.12.153 on Port 445(SMB) |
2020-02-29 01:47:13 |
| 80.68.0.142 | attackbots | Unauthorized connection attempt from IP address 80.68.0.142 on Port 445(SMB) |
2020-02-29 01:22:42 |
| 113.21.117.250 | attackspam | Distributed brute force attack |
2020-02-29 01:27:14 |
| 80.38.139.178 | attackspam | firewall-block, port(s): 445/tcp |
2020-02-29 01:44:49 |
| 92.118.37.99 | attackspam | Feb 28 18:18:38 debian-2gb-nbg1-2 kernel: \[5169508.620235\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=33285 PROTO=TCP SPT=45017 DPT=57373 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-02-29 01:24:55 |
| 49.7.20.96 | attackspambots | IP: 49.7.20.96
Ports affected
World Wide Web HTTP (80)
Found in DNSBL('s)
ASN Details
AS23724 IDC China Telecommunications Corporation
China (CN)
CIDR 49.7.0.0/16
Log Date: 28/02/2020 4:42:31 PM UTC |
2020-02-29 01:36:31 |
| 213.159.203.157 | attackspam | [portscan] Port scan |
2020-02-29 01:15:16 |
| 171.249.71.214 | attackspam | Automatic report - Port Scan Attack |
2020-02-29 01:30:24 |
| 124.119.208.60 | attackbots | Netgear DGN Device Remote Command Execution Vulnerability |
2020-02-29 01:19:15 |
| 104.248.65.180 | attack | Feb 28 19:32:01 gw1 sshd[20624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.65.180 Feb 28 19:32:04 gw1 sshd[20624]: Failed password for invalid user ts3 from 104.248.65.180 port 50766 ssh2 ... |
2020-02-29 01:43:06 |
| 202.141.226.124 | attackbotsspam | suspicious action Fri, 28 Feb 2020 10:30:16 -0300 |
2020-02-29 01:28:22 |