81.68.82.75 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	$f2bV_matches	2020-07-30 18:44:47
attackbotsspam	Jul 27 09:01:42 pkdns2 sshd\[16499\]: Invalid user zein from 81.68.82.75Jul 27 09:01:44 pkdns2 sshd\[16499\]: Failed password for invalid user zein from 81.68.82.75 port 34066 ssh2Jul 27 09:04:47 pkdns2 sshd\[16629\]: Invalid user shane from 81.68.82.75Jul 27 09:04:49 pkdns2 sshd\[16629\]: Failed password for invalid user shane from 81.68.82.75 port 37890 ssh2Jul 27 09:07:53 pkdns2 sshd\[16767\]: Invalid user mel from 81.68.82.75Jul 27 09:07:55 pkdns2 sshd\[16767\]: Failed password for invalid user mel from 81.68.82.75 port 41672 ssh2 ...	2020-07-27 19:14:54

类型

评论内容

时间

attackbots

$f2bV_matches

2020-07-30 18:44:47

attackbotsspam

Jul 27 09:01:42 pkdns2 sshd\[16499\]: Invalid user zein from 81.68.82.75Jul 27 09:01:44 pkdns2 sshd\[16499\]: Failed password for invalid user zein from 81.68.82.75 port 34066 ssh2Jul 27 09:04:47 pkdns2 sshd\[16629\]: Invalid user shane from 81.68.82.75Jul 27 09:04:49 pkdns2 sshd\[16629\]: Failed password for invalid user shane from 81.68.82.75 port 37890 ssh2Jul 27 09:07:53 pkdns2 sshd\[16767\]: Invalid user mel from 81.68.82.75Jul 27 09:07:55 pkdns2 sshd\[16767\]: Failed password for invalid user mel from 81.68.82.75 port 41672 ssh2
...

2020-07-27 19:14:54

相同子网IP讨论:

IP	类型	评论内容	时间
81.68.82.251	attackbotsspam	Sep 30 19:24:13 XXXXXX sshd[20271]: Invalid user test from 81.68.82.251 port 33968	2020-10-01 04:07:13
81.68.82.251	attack	sshd: Failed password for invalid user .... from 81.68.82.251 port 39716 ssh2 (7 attempts)	2020-09-30 20:17:01
81.68.82.251	attackspam	Automatic Fail2ban report - Trying login SSH	2020-09-30 12:44:28
81.68.82.201	attack	Sep 19 20:21:36 * sshd[13953]: Failed password for root from 81.68.82.201 port 37154 ssh2 Sep 19 20:23:09 * sshd[14111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.82.201	2020-09-20 03:40:10
81.68.82.201	attackspam	Sep 19 11:25:20 email sshd\[13182\]: Invalid user tomcat from 81.68.82.201 Sep 19 11:25:20 email sshd\[13182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.82.201 Sep 19 11:25:23 email sshd\[13182\]: Failed password for invalid user tomcat from 81.68.82.201 port 35124 ssh2 Sep 19 11:29:56 email sshd\[14057\]: Invalid user ubuntu from 81.68.82.201 Sep 19 11:29:56 email sshd\[14057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.82.201 ...	2020-09-19 19:43:00
81.68.82.201	attackspam	Port probing on unauthorized port 26261	2020-08-31 06:46:28
81.68.82.201	attack	Aug 30 12:17:47 124388 sshd[25091]: Invalid user ken from 81.68.82.201 port 47620 Aug 30 12:17:47 124388 sshd[25091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.82.201 Aug 30 12:17:47 124388 sshd[25091]: Invalid user ken from 81.68.82.201 port 47620 Aug 30 12:17:49 124388 sshd[25091]: Failed password for invalid user ken from 81.68.82.201 port 47620 ssh2 Aug 30 12:21:42 124388 sshd[25408]: Invalid user fivem from 81.68.82.201 port 36172	2020-08-31 02:10:36
81.68.82.201	attackspambots	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-08-29 05:49:15
81.68.82.251	attack	Fail2Ban	2020-08-25 12:45:50

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.68.82.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19129
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.68.82.75.			IN	A

;; AUTHORITY SECTION:
.			266	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072700 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 27 19:14:49 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 75.82.68.81.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 75.82.68.81.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.125.66.91	attack	Rude login attack (6 tries in 1d)	2019-09-27 08:20:56
93.214.147.252	attackbots	Sep 27 00:15:42 web sshd[10171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.214.147.252 Sep 27 00:15:43 web sshd[10171]: Failed password for invalid user admin from 93.214.147.252 port 3337 ssh2 ...	2019-09-27 08:11:06
125.212.192.201	attack	Sep 27 01:09:12 nextcloud sshd\[9697\]: Invalid user admin from 125.212.192.201 Sep 27 01:09:12 nextcloud sshd\[9697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.212.192.201 Sep 27 01:09:14 nextcloud sshd\[9697\]: Failed password for invalid user admin from 125.212.192.201 port 47880 ssh2 ...	2019-09-27 08:47:15
101.228.82.239	attackbotsspam	SSH Brute Force, server-1 sshd[12767]: Failed password for invalid user odroid from 101.228.82.239 port 43622 ssh2	2019-09-27 08:43:49
193.56.28.119	attack	Connection by 193.56.28.119 on port: 25 got caught by honeypot at 9/26/2019 3:24:37 PM	2019-09-27 08:16:05
89.24.119.126	attackspam	Sep 26 15:19:24 mail postfix/postscreen[67282]: PREGREET 38 after 1.5 from [89.24.119.126]:59658: EHLO 89-24-119-126.customers.tmcz.cz ...	2019-09-27 08:35:08
103.253.42.48	attackspambots	Rude login attack (15 tries in 1d)	2019-09-27 08:10:33
13.94.57.155	attackbotsspam	Sep 26 14:41:52 aiointranet sshd\[19391\]: Invalid user demo from 13.94.57.155 Sep 26 14:41:52 aiointranet sshd\[19391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.57.155 Sep 26 14:41:54 aiointranet sshd\[19391\]: Failed password for invalid user demo from 13.94.57.155 port 33292 ssh2 Sep 26 14:47:11 aiointranet sshd\[19861\]: Invalid user vagrant3 from 13.94.57.155 Sep 26 14:47:11 aiointranet sshd\[19861\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.57.155	2019-09-27 08:47:41
161.142.219.117	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/161.142.219.117/ MY - 1H : (49) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MY NAME ASN : ASN9930 IP : 161.142.219.117 CIDR : 161.142.192.0/19 PREFIX COUNT : 256 UNIQUE IP COUNT : 807680 WYKRYTE ATAKI Z ASN9930 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 6 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-27 08:19:30
62.234.109.155	attack	Sep 27 00:41:45 cp sshd[1049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.109.155	2019-09-27 08:35:22
52.13.97.94	attackspam	Sep 25 15:53:06 xb3 sshd[19710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-52-13-97-94.us-west-2.compute.amazonaws.com Sep 25 15:53:08 xb3 sshd[19710]: Failed password for invalid user info from 52.13.97.94 port 45174 ssh2 Sep 25 15:53:08 xb3 sshd[19710]: Received disconnect from 52.13.97.94: 11: Bye Bye [preauth] Sep 25 15:57:00 xb3 sshd[18308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-52-13-97-94.us-west-2.compute.amazonaws.com Sep 25 15:57:02 xb3 sshd[18308]: Failed password for invalid user temp from 52.13.97.94 port 60022 ssh2 Sep 25 15:57:02 xb3 sshd[18308]: Received disconnect from 52.13.97.94: 11: Bye Bye [preauth] Sep 25 16:00:52 xb3 sshd[17151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-52-13-97-94.us-west-2.compute.amazonaws.com Sep 25 16:00:55 xb3 sshd[17151]: Failed password for invalid user student from 52.1........ -------------------------------	2019-09-27 08:52:13
167.71.55.1	attackspambots	Sep 27 00:15:02 game-panel sshd[11852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.55.1 Sep 27 00:15:03 game-panel sshd[11852]: Failed password for invalid user qqq from 167.71.55.1 port 33188 ssh2 Sep 27 00:19:37 game-panel sshd[12015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.55.1	2019-09-27 08:26:13
174.86.181.53	attackbots	Hits on port : 1588	2019-09-27 08:50:13
51.68.231.1	attackspambots	Wordpress Admin Login attack	2019-09-27 08:49:40
190.221.50.90	attack	Sep 26 14:31:27 tdfoods sshd\[31947\]: Invalid user fen from 190.221.50.90 Sep 26 14:31:27 tdfoods sshd\[31947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.221.50.90 Sep 26 14:31:28 tdfoods sshd\[31947\]: Failed password for invalid user fen from 190.221.50.90 port 30376 ssh2 Sep 26 14:36:50 tdfoods sshd\[32454\]: Invalid user ts from 190.221.50.90 Sep 26 14:36:50 tdfoods sshd\[32454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.221.50.90	2019-09-27 08:46:51

最近上报的IP列表

35.204.246.114	194.44.20.77	86.91.222.45	104.129.194.247
170.253.49.67	217.112.128.250	239.6.39.20	47.27.168.243
45.141.103.166	141.237.31.168	201.210.13.150	217.115.118.36
36.63.2.142	41.58.159.165	209.242.127.198	246.203.166.56
222.178.107.215	223.240.27.218	155.137.225.107	255.7.84.83