81.70.55.21 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 2 15:07:34 mx sshd[6783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.55.21 Oct 2 15:07:36 mx sshd[6783]: Failed password for invalid user king from 81.70.55.21 port 44912 ssh2	2020-10-03 05:20:45
attack	(sshd) Failed SSH login from 81.70.55.21 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 2 03:49:29 server2 sshd[17508]: Invalid user www from 81.70.55.21 Oct 2 03:49:29 server2 sshd[17508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.55.21 Oct 2 03:49:30 server2 sshd[17508]: Failed password for invalid user www from 81.70.55.21 port 35490 ssh2 Oct 2 03:52:07 server2 sshd[24450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.55.21 user=root Oct 2 03:52:09 server2 sshd[24450]: Failed password for root from 81.70.55.21 port 58378 ssh2	2020-10-03 00:44:40
attackbotsspam	(sshd) Failed SSH login from 81.70.55.21 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 2 03:49:29 server2 sshd[17508]: Invalid user www from 81.70.55.21 Oct 2 03:49:29 server2 sshd[17508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.55.21 Oct 2 03:49:30 server2 sshd[17508]: Failed password for invalid user www from 81.70.55.21 port 35490 ssh2 Oct 2 03:52:07 server2 sshd[24450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.55.21 user=root Oct 2 03:52:09 server2 sshd[24450]: Failed password for root from 81.70.55.21 port 58378 ssh2	2020-10-02 21:14:30
attack	(sshd) Failed SSH login from 81.70.55.21 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 2 03:49:29 server2 sshd[17508]: Invalid user www from 81.70.55.21 Oct 2 03:49:29 server2 sshd[17508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.55.21 Oct 2 03:49:30 server2 sshd[17508]: Failed password for invalid user www from 81.70.55.21 port 35490 ssh2 Oct 2 03:52:07 server2 sshd[24450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.70.55.21 user=root Oct 2 03:52:09 server2 sshd[24450]: Failed password for root from 81.70.55.21 port 58378 ssh2	2020-10-02 17:47:02
attack	SSH/22 MH Probe, BF, Hack -	2020-10-02 14:13:41

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.70.55.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28048
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;81.70.55.21.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100200 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 02 14:13:38 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 21.55.70.81.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.55.70.81.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
211.144.69.249	attackspam	srv02 SSH BruteForce Attacks 22 ..	2020-05-12 02:09:04
45.35.221.55	attackbotsspam	TCP scanned port list, 1444, 3433, 11433, 5433	2020-05-12 01:59:40
3.113.7.106	attackspambots	until 2020-05-11T07:00:13+01:00, observations: 4, bad account names: 1	2020-05-12 01:57:29
122.51.147.235	attackspambots	May 11 14:54:41 ift sshd\[6213\]: Invalid user test from 122.51.147.235May 11 14:54:43 ift sshd\[6213\]: Failed password for invalid user test from 122.51.147.235 port 43016 ssh2May 11 14:59:08 ift sshd\[6944\]: Invalid user tecmin from 122.51.147.235May 11 14:59:10 ift sshd\[6944\]: Failed password for invalid user tecmin from 122.51.147.235 port 36270 ssh2May 11 15:03:45 ift sshd\[8065\]: Invalid user kyle from 122.51.147.235 ...	2020-05-12 02:08:10
40.112.62.127	attack	Time: Mon May 11 12:26:53 2020 -0300 IP: 40.112.62.127 (US/United States/-) Failures: 20 (WordPressBruteForcePOST) Interval: 3600 seconds Blocked: Permanent Block	2020-05-12 02:19:14
61.0.251.12	attackbots	May 11 17:42:12 ip-172-31-61-156 sshd[16320]: Invalid user linuxacademy from 61.0.251.12 May 11 17:42:12 ip-172-31-61-156 sshd[16320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.0.251.12 May 11 17:42:12 ip-172-31-61-156 sshd[16320]: Invalid user linuxacademy from 61.0.251.12 May 11 17:42:13 ip-172-31-61-156 sshd[16320]: Failed password for invalid user linuxacademy from 61.0.251.12 port 53078 ssh2 May 11 17:43:18 ip-172-31-61-156 sshd[16345]: Invalid user elasticsearch from 61.0.251.12 ...	2020-05-12 02:02:38
159.89.142.25	attackbots	Lines containing failures of 159.89.142.25 May 11 13:26:38 shared01 sshd[4080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 user=admin May 11 13:26:39 shared01 sshd[4080]: Failed password for admin from 159.89.142.25 port 48062 ssh2 May 11 13:26:40 shared01 sshd[4080]: Received disconnect from 159.89.142.25 port 48062:11: Bye Bye [preauth] May 11 13:26:40 shared01 sshd[4080]: Disconnected from authenticating user admin 159.89.142.25 port 48062 [preauth] May 11 14:00:32 shared01 sshd[17275]: Invalid user applprod from 159.89.142.25 port 60250 May 11 14:00:32 shared01 sshd[17275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 11 14:00:33 shared01 sshd[17275]: Failed password for invalid user applprod from 159.89.142.25 port 60250 ssh2 May 11 14:00:34 shared01 sshd[17275]: Received disconnect from 159.89.142.25 port 60250:11: Bye Bye [preauth] May 11 14:00:........ ------------------------------	2020-05-12 02:17:48
49.235.100.58	attackspambots	DATE:2020-05-11 14:03:50, IP:49.235.100.58, PORT:ssh SSH brute force auth (docker-dc)	2020-05-12 02:04:22
222.186.180.142	attackspambots	May 11 21:19:49 server2 sshd\[15614\]: User root from 222.186.180.142 not allowed because not listed in AllowUsers May 11 21:26:08 server2 sshd\[16249\]: User root from 222.186.180.142 not allowed because not listed in AllowUsers May 11 21:26:09 server2 sshd\[16251\]: User root from 222.186.180.142 not allowed because not listed in AllowUsers May 11 21:26:09 server2 sshd\[16253\]: User root from 222.186.180.142 not allowed because not listed in AllowUsers May 11 21:26:09 server2 sshd\[16255\]: User root from 222.186.180.142 not allowed because not listed in AllowUsers May 11 21:26:16 server2 sshd\[16259\]: User root from 222.186.180.142 not allowed because not listed in AllowUsers	2020-05-12 02:28:12
47.74.230.86	attack	Port Scan detected from 47.74.230.86 (SG/Singapore/-/Singapore (Downtown Core)/-). 4 hits in the last 10 seconds	2020-05-12 02:30:35
83.167.87.198	attack	frenzy	2020-05-12 01:51:11
80.85.158.170	attack	\[2020-05-11 10:07:30\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-11T10:07:30.156+0200",Severity="Error",Service="SIP",EventVersion="2",AccountID="16473674568",SessionID="0x7f23bfcce308",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/80.85.158.170/62749",Challenge="7fce91ca",ReceivedChallenge="7fce91ca",ReceivedHash="bbe8ea4d20be52ca2ad8c2c215c6efa9" \[2020-05-11 11:29:18\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-11T11:29:18.805+0200",Severity="Error",Service="SIP",EventVersion="2",AccountID="+16473674568",SessionID="0x7f23bf90d028",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/80.85.158.170/54118",Challenge="748d792c",ReceivedChallenge="748d792c",ReceivedHash="b4e52285a59b730fb0acd1adabbd2983" \[2020-05-11 12:46:08\] SECURITY\[2093\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-11T12:46:08.843+0200",Severity="Error",Service="SIP",Even ...	2020-05-12 02:32:31
27.155.99.122	attackbotsspam	2020-05-11T12:03:28.934345randservbullet-proofcloud-66.localdomain sshd[28934]: Invalid user ci from 27.155.99.122 port 60158 2020-05-11T12:03:28.938302randservbullet-proofcloud-66.localdomain sshd[28934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.155.99.122 2020-05-11T12:03:28.934345randservbullet-proofcloud-66.localdomain sshd[28934]: Invalid user ci from 27.155.99.122 port 60158 2020-05-11T12:03:31.271728randservbullet-proofcloud-66.localdomain sshd[28934]: Failed password for invalid user ci from 27.155.99.122 port 60158 ssh2 ...	2020-05-12 02:26:35
222.186.173.238	attackbotsspam	May 11 20:14:58 vmd48417 sshd[12320]: Failed password for root from 222.186.173.238 port 22722 ssh2	2020-05-12 02:17:18
177.23.184.99	attack	2020-05-11T18:26:57.446696struts4.enskede.local sshd\[11474\]: Invalid user history from 177.23.184.99 port 43918 2020-05-11T18:26:57.453580struts4.enskede.local sshd\[11474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-23-184-99.infobarranet.com.br 2020-05-11T18:27:00.681724struts4.enskede.local sshd\[11474\]: Failed password for invalid user history from 177.23.184.99 port 43918 ssh2 2020-05-11T18:36:08.252325struts4.enskede.local sshd\[11513\]: Invalid user jian from 177.23.184.99 port 44400 2020-05-11T18:36:08.259875struts4.enskede.local sshd\[11513\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-23-184-99.infobarranet.com.br ...	2020-05-12 01:51:29

最近上报的IP列表

220.204.170.56	196.201.235.170	151.226.44.60	205.168.199.207
184.90.242.80	152.80.129.134	221.245.136.226	91.40.229.40
187.62.177.81	72.80.13.82	59.15.188.184	3.137.151.217
90.211.205.151	14.35.1.162	109.12.89.157	62.180.108.184
197.56.218.248	181.195.182.9	254.151.198.251	189.111.1.227