138.68.19.73 - IPInfo

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Port 22 Scan, PTR: None	2020-04-05 05:16:55

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.191.85	attackproxy	Malicious IP / Malware	2024-04-26 12:55:20
138.68.191.198	attackbots	138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:38 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-08 02:44:11
138.68.191.198	attack	xmlrpc attack	2019-06-23 20:38:01

类型

评论内容

时间

138.68.191.85

attackproxy

Malicious IP / Malware

2024-04-26 12:55:20

138.68.191.198

attackbots

138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:38 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-08-08 02:44:11

138.68.191.198

attack

xmlrpc attack

2019-06-23 20:38:01

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.19.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7510
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.19.73.			IN	A

;; AUTHORITY SECTION:
.			451	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040402 1800 900 604800 86400

;; Query time: 48 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 05:16:52 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 73.19.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 73.19.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.176.27.30	attackbots	Aug 11 03:15:59 TCP Attack: SRC=185.176.27.30 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=244 PROTO=TCP SPT=44110 DPT=3427 WINDOW=1024 RES=0x00 SYN URGP=0	2019-08-11 11:53:42
27.200.132.188	attack	Unauthorised access (Aug 11) SRC=27.200.132.188 LEN=40 TOS=0x08 PREC=0x20 TTL=49 ID=11608 TCP DPT=8080 WINDOW=63978 SYN Unauthorised access (Aug 10) SRC=27.200.132.188 LEN=40 TTL=49 ID=37465 TCP DPT=8080 WINDOW=45560 SYN	2019-08-11 11:45:08
68.183.203.97	attackbotsspam	Aug 10 22:29:50 bilbo sshd[27813]: Invalid user fake from 68.183.203.97 Aug 10 22:29:50 bilbo sshd[27815]: Invalid user ubnt from 68.183.203.97 Aug 10 22:29:50 bilbo sshd[27817]: Invalid user admin from 68.183.203.97 Aug 10 22:29:50 bilbo sshd[27821]: Invalid user user from 68.183.203.97 ...	2019-08-11 11:48:55
134.209.237.152	attackbotsspam	SSH invalid-user multiple login attempts	2019-08-11 11:16:27
221.149.76.68	attackbots	Feb 24 09:12:54 motanud sshd\[3657\]: Invalid user dspace from 221.149.76.68 port 40546 Feb 24 09:12:54 motanud sshd\[3657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.149.76.68 Feb 24 09:12:57 motanud sshd\[3657\]: Failed password for invalid user dspace from 221.149.76.68 port 40546 ssh2	2019-08-11 11:41:20
221.122.92.73	attack	Mar 3 09:12:37 motanud sshd\[7131\]: Invalid user fe from 221.122.92.73 port 40157 Mar 3 09:12:37 motanud sshd\[7131\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.122.92.73 Mar 3 09:12:39 motanud sshd\[7131\]: Failed password for invalid user fe from 221.122.92.73 port 40157 ssh2	2019-08-11 11:47:42
221.221.138.218	attackspam	Feb 25 21:10:39 motanud sshd\[11944\]: Invalid user ftpuser from 221.221.138.218 port 53996 Feb 25 21:10:39 motanud sshd\[11944\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.221.138.218 Feb 25 21:10:40 motanud sshd\[11944\]: Failed password for invalid user ftpuser from 221.221.138.218 port 53996 ssh2	2019-08-11 11:32:53
222.107.142.132	attack	Mar 2 10:35:43 motanud sshd\[13265\]: Invalid user duo from 222.107.142.132 port 47530 Mar 2 10:35:43 motanud sshd\[13265\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.107.142.132 Mar 2 10:35:45 motanud sshd\[13265\]: Failed password for invalid user duo from 222.107.142.132 port 47530 ssh2	2019-08-11 11:23:26
86.27.51.128	attack	Aug 11 00:25:48 rpi sshd[23418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.27.51.128 Aug 11 00:25:50 rpi sshd[23418]: Failed password for invalid user admin from 86.27.51.128 port 32912 ssh2	2019-08-11 11:58:08
195.8.208.168	attack	MYH,DEF GET /wp-login.php GET /wp-login.php	2019-08-11 11:37:16
222.122.202.176	attackspam	Feb 24 08:42:57 motanud sshd\[2039\]: Invalid user monitor from 222.122.202.176 port 41530 Feb 24 08:42:57 motanud sshd\[2039\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.202.176 Feb 24 08:42:58 motanud sshd\[2039\]: Failed password for invalid user monitor from 222.122.202.176 port 41530 ssh2	2019-08-11 11:15:58
189.164.57.237	attack	2019-08-11T00:18:26.259666abusebot-5.cloudsearch.cf sshd\[22360\]: Invalid user silva from 189.164.57.237 port 47013	2019-08-11 11:59:47
36.235.215.136	attack	Telnetd brute force attack detected by fail2ban	2019-08-11 11:17:36
165.227.207.134	attackbotsspam	Unauthorized connection attempt from IP address 165.227.207.134 on Port 3389(RDP)	2019-08-11 12:03:48
157.230.230.181	attack	Aug 11 03:56:26 areeb-Workstation sshd\[12055\]: Invalid user gary from 157.230.230.181 Aug 11 03:56:26 areeb-Workstation sshd\[12055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.230.181 Aug 11 03:56:28 areeb-Workstation sshd\[12055\]: Failed password for invalid user gary from 157.230.230.181 port 54486 ssh2 ...	2019-08-11 11:31:54

最近上报的IP列表

94.251.169.138	83.47.112.71	132.82.193.14	64.172.229.50
175.215.191.139	180.165.226.211	162.4.248.152	232.26.131.36
183.52.141.67	80.102.231.43	165.160.89.226	141.135.140.30
224.222.26.136	175.6.62.8	47.241.231.25	214.171.10.10
242.33.59.164	51.248.108.199	184.69.125.17	185.4.127.176