138.68.212.73 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:47:06

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.212.139	attackbots	" "	2019-11-29 08:49:47
138.68.212.45	attackspam	Mozilla/5.0 zgrab/0.x	2019-11-22 22:48:08
138.68.212.139	attackbots	port scan and connect, tcp 443 (https)	2019-11-10 21:03:29
138.68.212.113	attackspambots	Honeypot hit.	2019-11-10 01:07:35
138.68.212.139	attackspam	138.68.212.139 was recorded 5 times by 5 hosts attempting to connect to the following ports: 1028. Incident counter (4h, 24h, all-time): 5, 16, 23	2019-11-09 22:03:05
138.68.212.45	attackspam	Connection by 138.68.212.45 on port: 10009 got caught by honeypot at 11/8/2019 10:05:03 AM	2019-11-08 21:20:49
138.68.212.113	attackbotsspam	179/tcp 1433/tcp 5060/udp... [2019-09-02/10-31]51pkt,43pt.(tcp),4pt.(udp)	2019-11-02 19:20:16
138.68.212.45	attackbotsspam	53169/tcp 49738/tcp 8118/tcp... [2019-08-31/10-30]49pkt,37pt.(tcp),3pt.(udp)	2019-10-31 01:38:00
138.68.212.139	attack	firewall-block, port(s): 990/tcp	2019-10-14 16:56:22
138.68.212.113	attack	firewall-block, port(s): 465/tcp	2019-10-03 02:45:27
138.68.212.45	attackspam	port scan and connect, tcp 22 (ssh)	2019-09-27 14:35:48
138.68.212.45	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-13 12:22:35
138.68.212.185	attackbotsspam	" "	2019-09-06 04:29:10
138.68.212.207	attackbotsspam	2525/tcp 8443/tcp 5902/tcp... [2019-08-29/09-05]7pkt,7pt.(tcp)	2019-09-05 22:31:56
138.68.212.210	attackbotsspam	Honeypot hit, critical abuseConfidenceScore, incoming Traffic from this IP	2019-09-04 02:34:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.212.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4541
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.212.73.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 01 16:46:59 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

73.212.68.138.in-addr.arpa domain name pointer zg-0829b-156.stretchoid.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
73.212.68.138.in-addr.arpa	name = zg-0829b-156.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
118.98.121.195	attackspam	Sep 11 08:47:51 localhost sshd\[105317\]: Invalid user oracle from 118.98.121.195 port 60108 Sep 11 08:47:51 localhost sshd\[105317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.98.121.195 Sep 11 08:47:53 localhost sshd\[105317\]: Failed password for invalid user oracle from 118.98.121.195 port 60108 ssh2 Sep 11 08:55:18 localhost sshd\[105594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.98.121.195 user=mysql Sep 11 08:55:20 localhost sshd\[105594\]: Failed password for mysql from 118.98.121.195 port 36710 ssh2 ...	2019-09-11 19:18:38
52.28.27.251	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-09-11 19:27:31
192.117.186.215	attackspambots	Sep 11 18:35:29 webhost01 sshd[15115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.117.186.215 Sep 11 18:35:30 webhost01 sshd[15115]: Failed password for invalid user P@ssword from 192.117.186.215 port 60124 ssh2 ...	2019-09-11 19:50:10
79.110.19.144	attackbots	B: Magento admin pass test (wrong country)	2019-09-11 19:48:12
106.12.11.160	attack	Sep 11 01:10:30 hiderm sshd\[17484\]: Invalid user ubuntu from 106.12.11.160 Sep 11 01:10:30 hiderm sshd\[17484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.160 Sep 11 01:10:32 hiderm sshd\[17484\]: Failed password for invalid user ubuntu from 106.12.11.160 port 59514 ssh2 Sep 11 01:18:02 hiderm sshd\[18180\]: Invalid user hadoop from 106.12.11.160 Sep 11 01:18:02 hiderm sshd\[18180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.11.160	2019-09-11 19:29:19
45.136.109.50	attackspambots	Sep 11 11:19:34 mc1 kernel: \[744140.926030\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=21626 PROTO=TCP SPT=42250 DPT=9453 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 11:25:07 mc1 kernel: \[744473.369660\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3614 PROTO=TCP SPT=42250 DPT=9644 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 11:27:00 mc1 kernel: \[744586.411692\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=587 PROTO=TCP SPT=42250 DPT=9440 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-11 19:35:15
80.82.65.74	attackspambots	09/11/2019-06:33:57.726963 80.82.65.74 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 84	2019-09-11 19:04:08
115.231.231.3	attack	Sep 11 13:37:34 eventyay sshd[32142]: Failed password for root from 115.231.231.3 port 47922 ssh2 Sep 11 13:44:03 eventyay sshd[32284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.231.3 Sep 11 13:44:05 eventyay sshd[32284]: Failed password for invalid user test from 115.231.231.3 port 42832 ssh2 ...	2019-09-11 19:45:51
87.101.240.10	attack	F2B jail: sshd. Time: 2019-09-11 10:50:19, Reported by: VKReport	2019-09-11 19:47:09
51.79.18.47	attack	none	2019-09-11 19:21:43
123.142.29.76	attack	Sep 11 07:02:55 TORMINT sshd\[17660\]: Invalid user wwwadmin from 123.142.29.76 Sep 11 07:02:55 TORMINT sshd\[17660\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.142.29.76 Sep 11 07:02:57 TORMINT sshd\[17660\]: Failed password for invalid user wwwadmin from 123.142.29.76 port 49964 ssh2 ...	2019-09-11 19:17:33
15.188.70.213	attackbots	Sep 11 11:22:21 www sshd\[240932\]: Invalid user minecraft from 15.188.70.213 Sep 11 11:22:21 www sshd\[240932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=15.188.70.213 Sep 11 11:22:23 www sshd\[240932\]: Failed password for invalid user minecraft from 15.188.70.213 port 45272 ssh2 ...	2019-09-11 19:04:44
68.183.29.124	attack	Invalid user username from 68.183.29.124 port 41922	2019-09-11 19:30:11
188.131.153.253	attack	Invalid user minecraft from 188.131.153.253 port 49351	2019-09-11 19:45:18
141.98.9.67	attackspambots	Sep 11 13:10:13 relay postfix/smtpd\[24064\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 11 13:10:44 relay postfix/smtpd\[24815\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 11 13:10:56 relay postfix/smtpd\[17886\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 11 13:11:26 relay postfix/smtpd\[16351\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 11 13:11:38 relay postfix/smtpd\[24064\]: warning: unknown\[141.98.9.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-11 19:17:06

最近上报的IP列表

124.172.184.149	124.156.50.111	124.83.111.252	36.201.138.114
124.74.150.114	124.40.94.242	123.231.251.202	190.200.192.250
150.195.170.130	39.13.32.51	123.231.241.14	92.247.64.77
96.24.81.190	213.48.15.133	68.107.161.18	54.191.2.119
123.121.229.7	75.70.129.184	114.148.34.171	157.86.47.145