138.68.19.73 - IPInfo

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Port 22 Scan, PTR: None	2020-04-05 05:16:55

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.191.85	attackproxy	Malicious IP / Malware	2024-04-26 12:55:20
138.68.191.198	attackbots	138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:38 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-08 02:44:11
138.68.191.198	attack	xmlrpc attack	2019-06-23 20:38:01

类型

评论内容

时间

138.68.191.85

attackproxy

Malicious IP / Malware

2024-04-26 12:55:20

138.68.191.198

attackbots

138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:38 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-08-08 02:44:11

138.68.191.198

attack

xmlrpc attack

2019-06-23 20:38:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.19.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7510
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.19.73.			IN	A

;; AUTHORITY SECTION:
.			451	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040402 1800 900 604800 86400

;; Query time: 48 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 05:16:52 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 73.19.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 73.19.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
195.54.160.38	attackspambots	Aug 8 11:09:33 debian-2gb-nbg1-2 kernel: \[19136220.548179\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.38 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=51701 PROTO=TCP SPT=49673 DPT=21625 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-08 17:18:12
90.217.180.224	attack	Automatic report - Port Scan Attack	2020-08-08 17:22:54
52.152.233.48	attackbotsspam	Unauthorized IMAP connection attempt	2020-08-08 17:00:09
72.11.157.43	attack	Unauthorized IMAP connection attempt	2020-08-08 16:54:49
54.36.241.186	attackspam	Aug 8 06:47:18 piServer sshd[13912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.241.186 Aug 8 06:47:19 piServer sshd[13912]: Failed password for invalid user QWEasd@WSX from 54.36.241.186 port 39052 ssh2 Aug 8 06:52:10 piServer sshd[14390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.241.186 ...	2020-08-08 16:50:52
51.75.207.61	attack	Aug 8 05:53:29 fhem-rasp sshd[4333]: Failed password for root from 51.75.207.61 port 51486 ssh2 Aug 8 05:53:30 fhem-rasp sshd[4333]: Disconnected from authenticating user root 51.75.207.61 port 51486 [preauth] ...	2020-08-08 17:15:38
73.92.90.46	attack	Unauthorized IMAP connection attempt	2020-08-08 16:35:21
154.28.188.169	attack	Dump Qnap Attacker	2020-08-08 16:55:57
112.70.191.130	attackspam	IP attempted unauthorised action	2020-08-08 17:17:24
202.137.229.164	attack	Unauthorized connection attempt from IP address 202.137.229.164 on Port 445(SMB)	2020-08-08 16:46:18
129.204.8.130	attack	Send Bad Scripts	2020-08-08 16:46:45
103.89.89.60	attackbotsspam	Port scanning [2 denied]	2020-08-08 17:02:28
222.186.171.247	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-08T03:45:44Z and 2020-08-08T03:53:51Z	2020-08-08 16:55:33
51.91.56.33	attack	detected by Fail2Ban	2020-08-08 16:34:33
194.26.29.10	attackspambots	Aug 8 11:05:11 venus kernel: [65015.964790] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:66:8f:ed:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.10 DST=78.47.70.226 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=13993 PROTO=TCP SPT=57095 DPT=5560 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-08 16:38:20

最近上报的IP列表

94.251.169.138	83.47.112.71	132.82.193.14	64.172.229.50
175.215.191.139	180.165.226.211	162.4.248.152	232.26.131.36
183.52.141.67	80.102.231.43	165.160.89.226	141.135.140.30
224.222.26.136	175.6.62.8	47.241.231.25	214.171.10.10
242.33.59.164	51.248.108.199	184.69.125.17	185.4.127.176