138.68.137.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 138.68.137.20 to port 6765 [T]	2020-04-12 16:10:23
attackbots	Brute force attempt	2020-04-09 18:16:43
attack	Apr 4 06:51:24 site3 sshd\[187581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.20 user=root Apr 4 06:51:26 site3 sshd\[187581\]: Failed password for root from 138.68.137.20 port 55852 ssh2 Apr 4 06:52:29 site3 sshd\[187593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.20 user=root Apr 4 06:52:32 site3 sshd\[187593\]: Failed password for root from 138.68.137.20 port 42846 ssh2 Apr 4 06:53:44 site3 sshd\[187603\]: Invalid user admin from 138.68.137.20 ...	2020-04-04 17:59:15

类型

评论内容

时间

attack

Unauthorized connection attempt detected from IP address 138.68.137.20 to port 6765 [T]

2020-04-12 16:10:23

attackbots

Brute force attempt

2020-04-09 18:16:43

attack

Apr  4 06:51:24 site3 sshd\[187581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.20  user=root
Apr  4 06:51:26 site3 sshd\[187581\]: Failed password for root from 138.68.137.20 port 55852 ssh2
Apr  4 06:52:29 site3 sshd\[187593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.20  user=root
Apr  4 06:52:32 site3 sshd\[187593\]: Failed password for root from 138.68.137.20 port 42846 ssh2
Apr  4 06:53:44 site3 sshd\[187603\]: Invalid user admin from 138.68.137.20
...

2020-04-04 17:59:15

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.137.169	attack	Sep 7 07:38:29 wbs sshd\[22759\]: Invalid user 12345 from 138.68.137.169 Sep 7 07:38:29 wbs sshd\[22759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.169 Sep 7 07:38:31 wbs sshd\[22759\]: Failed password for invalid user 12345 from 138.68.137.169 port 37900 ssh2 Sep 7 07:42:55 wbs sshd\[23245\]: Invalid user apitest from 138.68.137.169 Sep 7 07:42:55 wbs sshd\[23245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.169	2019-09-08 01:53:56
138.68.137.169	attackspambots	Aug 30 03:31:02 eddieflores sshd\[21908\]: Invalid user irma from 138.68.137.169 Aug 30 03:31:02 eddieflores sshd\[21908\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.169 Aug 30 03:31:03 eddieflores sshd\[21908\]: Failed password for invalid user irma from 138.68.137.169 port 45362 ssh2 Aug 30 03:35:14 eddieflores sshd\[22259\]: Invalid user kjell from 138.68.137.169 Aug 30 03:35:14 eddieflores sshd\[22259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.169	2019-08-30 22:03:12
138.68.137.169	attackspam	Automatic report - Banned IP Access	2019-08-16 00:10:19
138.68.137.169	attackbotsspam	Aug 8 00:29:48 www sshd\[392\]: Invalid user fabrice from 138.68.137.169Aug 8 00:29:51 www sshd\[392\]: Failed password for invalid user fabrice from 138.68.137.169 port 51290 ssh2Aug 8 00:33:52 www sshd\[520\]: Invalid user slash from 138.68.137.169 ...	2019-08-08 05:48:47
138.68.137.169	attackspambots	Aug 2 21:31:39 lnxmail61 sshd[8813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.137.169	2019-08-03 04:36:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.137.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23119
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.137.20.			IN	A

;; AUTHORITY SECTION:
.			413	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040400 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 04 17:59:08 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 20.137.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.137.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
198.144.120.222	attack	Invalid user admin from 198.144.120.222 port 42365	2020-07-31 19:53:51
192.99.2.41	attack	Jul 31 14:19:42 fhem-rasp sshd[32324]: Failed password for root from 192.99.2.41 port 53976 ssh2 Jul 31 14:19:44 fhem-rasp sshd[32324]: Disconnected from authenticating user root 192.99.2.41 port 53976 [preauth] ...	2020-07-31 20:24:34
222.186.30.57	attackspambots	Jul 31 14:11:23 piServer sshd[11907]: Failed password for root from 222.186.30.57 port 36723 ssh2 Jul 31 14:11:26 piServer sshd[11907]: Failed password for root from 222.186.30.57 port 36723 ssh2 Jul 31 14:11:28 piServer sshd[11907]: Failed password for root from 222.186.30.57 port 36723 ssh2 ...	2020-07-31 20:18:36
103.207.6.207	attackbots	(smtpauth) Failed SMTP AUTH login from 103.207.6.207 (IN/India/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-31 08:16:41 plain authenticator failed for ([103.207.6.207]) [103.207.6.207]: 535 Incorrect authentication data (set_id=info@webiranco.com)	2020-07-31 19:41:02
103.87.214.100	attack	Invalid user tomato from 103.87.214.100 port 34006	2020-07-31 20:10:09
113.214.25.170	attackspambots	Invalid user rruebner from 113.214.25.170 port 57794	2020-07-31 20:04:22
223.68.210.195	attack	Dovecot Invalid User Login Attempt.	2020-07-31 19:46:15
49.234.28.148	attackspam	Invalid user xingfeng from 49.234.28.148 port 48252	2020-07-31 20:01:32
42.118.242.189	attackspam	2020-07-31T06:11:31.991834linuxbox-skyline sshd[119933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.242.189 user=root 2020-07-31T06:11:34.395057linuxbox-skyline sshd[119933]: Failed password for root from 42.118.242.189 port 42478 ssh2 ...	2020-07-31 20:18:54
185.97.116.109	attack	Jul 31 14:02:51 abendstille sshd\[31786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.97.116.109 user=root Jul 31 14:02:53 abendstille sshd\[31786\]: Failed password for root from 185.97.116.109 port 59822 ssh2 Jul 31 14:07:19 abendstille sshd\[3842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.97.116.109 user=root Jul 31 14:07:21 abendstille sshd\[3842\]: Failed password for root from 185.97.116.109 port 36888 ssh2 Jul 31 14:11:37 abendstille sshd\[7783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.97.116.109 user=root ...	2020-07-31 20:16:28
122.51.27.69	attack	Jul 31 05:34:57 vps sshd[3383]: Failed password for root from 122.51.27.69 port 40584 ssh2 Jul 31 05:41:40 vps sshd[3797]: Failed password for root from 122.51.27.69 port 50748 ssh2 ...	2020-07-31 20:12:50
106.12.113.111	attackbotsspam	Port scan denied	2020-07-31 20:04:50
51.178.50.20	attackbotsspam	Invalid user mel from 51.178.50.20 port 37336	2020-07-31 19:48:38
200.170.213.74	attackspambots	Jul 31 09:47:04 rocket sshd[7758]: Failed password for root from 200.170.213.74 port 56348 ssh2 Jul 31 09:51:02 rocket sshd[8332]: Failed password for root from 200.170.213.74 port 53724 ssh2 ...	2020-07-31 19:43:59
142.93.168.126	attack	Port scan: Attack repeated for 24 hours	2020-07-31 20:21:04

最近上报的IP列表

170.244.188.36	169.38.69.117	198.143.180.182	200.206.145.124
203.69.17.147	206.252.19.75	182.232.37.35	114.227.123.149
8.62.97.71	218.26.179.149	122.59.181.52	27.34.47.87
179.106.107.207	116.7.11.81	91.177.25.162	106.13.52.107
64.52.172.92	80.95.211.130	122.51.7.115	211.144.69.249