81.68.239.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
81.68.239.140	attackbotsspam	fail2ban detected bruce force on ssh iptables	2020-10-12 07:55:12
81.68.239.140	attackspambots	SSH login attempts.	2020-10-12 00:12:02
81.68.239.140	attackspambots	Lines containing failures of 81.68.239.140 Oct 6 17:24:45 mellenthin sshd[30324]: User r.r from 81.68.239.140 not allowed because not listed in AllowUsers Oct 6 17:24:45 mellenthin sshd[30324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.239.140 user=r.r Oct 6 17:24:47 mellenthin sshd[30324]: Failed password for invalid user r.r from 81.68.239.140 port 40446 ssh2 Oct 6 17:24:47 mellenthin sshd[30324]: Received disconnect from 81.68.239.140 port 40446:11: Bye Bye [preauth] Oct 6 17:24:47 mellenthin sshd[30324]: Disconnected from invalid user r.r 81.68.239.140 port 40446 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=81.68.239.140	2020-10-11 16:10:42
81.68.239.140	attackspam	Oct 10 21:51:07 ip-172-31-61-156 sshd[31911]: Invalid user apache2 from 81.68.239.140 Oct 10 21:51:09 ip-172-31-61-156 sshd[31911]: Failed password for invalid user apache2 from 81.68.239.140 port 60266 ssh2 Oct 10 21:51:07 ip-172-31-61-156 sshd[31911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.239.140 Oct 10 21:51:07 ip-172-31-61-156 sshd[31911]: Invalid user apache2 from 81.68.239.140 Oct 10 21:51:09 ip-172-31-61-156 sshd[31911]: Failed password for invalid user apache2 from 81.68.239.140 port 60266 ssh2 ...	2020-10-11 09:29:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 81.68.239.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6944
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;81.68.239.55.			IN	A

;; AUTHORITY SECTION:
.			182	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 11:49:44 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 55.239.68.81.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.239.68.81.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
35.187.12.32	attackbots	5632/tcp 8888/tcp 27017/tcp... [2019-09-09/10]4pkt,4pt.(tcp)	2019-09-11 23:55:29
45.82.153.36	attackspam	Port scan: Attack repeated for 24 hours	2019-09-12 00:45:51
91.211.248.114	attackspam	" "	2019-09-12 00:27:16
165.22.209.164	spam	Looks like spam	2019-09-12 00:18:32
213.232.192.86	attackspam	TCP 3389 (RDP)	2019-09-12 00:01:02
159.203.199.156	attack	Automated reporting of bulk port scanning	2019-09-12 00:17:37
42.159.92.147	attack	2019-09-11T13:38:18.180074abusebot-4.cloudsearch.cf sshd\[21784\]: Invalid user hadoop from 42.159.92.147 port 39960	2019-09-11 23:32:22
46.105.99.163	attack	xmlrpc attack	2019-09-11 23:45:07
207.226.155.196	attackspambots	Unauthorised access (Sep 11) SRC=207.226.155.196 LEN=40 TTL=243 ID=55254 TCP DPT=445 WINDOW=1024 SYN	2019-09-12 00:54:29
82.102.173.72	attackbots	firewall-block, port(s): 8011/tcp	2019-09-12 00:29:55
89.248.168.176	attackspambots	Port scan: Attack repeated for 24 hours	2019-09-12 01:29:42
185.254.122.202	attackspambots	Sep 10 17:14:35 lenivpn01 kernel: \[361279.734488\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.254.122.202 DST=195.201.121.15 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=46167 PROTO=TCP SPT=52679 DPT=33898 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 10 17:57:35 lenivpn01 kernel: \[363860.308825\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.254.122.202 DST=195.201.121.15 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=25203 PROTO=TCP SPT=52679 DPT=33890 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 10 22:34:14 lenivpn01 kernel: \[380458.067753\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.254.122.202 DST=195.201.121.15 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=24249 PROTO=TCP SPT=42734 DPT=11111 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 10 23:45:55 lenivpn01 kernel: \[384759.715562\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=185.254.122.202 DST=195.201.121.15 LEN=40 TOS=0x00 PREC=0x20 ...	2019-09-12 00:05:17
185.244.25.180	attackspambots	11.09.2019 11:15:30 Connection to port 10001 blocked by firewall	2019-09-12 00:59:05
185.244.25.133	attackbotsspam	Port scan attempt detected by AWS-CCS, CTS, India	2019-09-12 00:07:27
92.119.160.143	attack	proto=tcp . spt=57610 . dpt=3389 . src=92.119.160.143 . dst=xx.xx.4.1 . (listed on rbldns-ru) (650)	2019-09-12 01:20:32

Recently Reported IPs

81.68.68.30	81.69.220.102	81.70.101.27	81.70.243.74
81.70.97.48	81.71.96.250	81.88.144.194	81.82.38.60
81.90.244.146	81.71.83.120	81.71.41.235	81.91.189.244
81.91.132.6	81.91.140.3	81.83.10.240	81.95.183.26
81.99.102.74	82.11.185.35	82.112.187.60	82.117.152.130