138.68.223.209

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.223.69	attack	20/tcp 27017/tcp 35025/tcp... [2019-09-08/11]4pkt,3pt.(tcp),1pt.(udp)	2019-09-13 04:08:09
138.68.223.84	attackspambots	firewall-block, port(s): 6379/tcp	2019-09-12 00:20:11
138.68.223.70	attackbotsspam	Honeypot hit: misc	2019-09-10 12:10:30
138.68.223.45	attackspambots	Autoban 138.68.223.45 AUTH/CONNECT	2019-09-10 09:41:52
138.68.223.85	attackspambots	firewall-block, port(s): 64526/tcp	2019-09-09 00:37:40
138.68.223.69	attack	1434/udp [2019-09-08]1pkt	2019-09-09 00:23:25
138.68.223.79	attackspam	port scan and connect, tcp 5432 (postgresql)	2019-09-07 12:08:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.223.209
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58174
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.223.209.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 09 00:14:01 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

209.223.68.138.in-addr.arpa domain name pointer zg-0905b-16.stretchoid.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
209.223.68.138.in-addr.arpa	name = zg-0905b-16.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
164.68.101.157	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-19 23:45:48
81.95.135.10	attackspambots	[portscan] Port scan	2019-07-19 23:28:39
216.218.206.104	attack	9200/tcp 7547/tcp 8443/tcp... [2019-05-19/07-19]22pkt,16pt.(tcp)	2019-07-19 23:49:13
197.157.216.75	attackspambots	445/tcp 445/tcp 445/tcp... [2019-07-01/19]4pkt,1pt.(tcp)	2019-07-19 22:42:21
58.222.50.140	attackspambots	SSH-bruteforce attempts	2019-07-19 23:25:27
172.98.67.143	attackbotsspam	Jul 19 05:34:56 shadeyouvpn sshd[16434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.98.67.143 user=support Jul 19 05:34:58 shadeyouvpn sshd[16434]: Failed password for support from 172.98.67.143 port 39391 ssh2 Jul 19 05:35:00 shadeyouvpn sshd[16434]: Failed password for support from 172.98.67.143 port 39391 ssh2 Jul 19 05:35:02 shadeyouvpn sshd[16434]: Failed password for support from 172.98.67.143 port 39391 ssh2 Jul 19 05:35:05 shadeyouvpn sshd[16434]: Failed password for support from 172.98.67.143 port 39391 ssh2 Jul 19 05:35:07 shadeyouvpn sshd[16434]: Failed password for support from 172.98.67.143 port 39391 ssh2 Jul 19 05:35:07 shadeyouvpn sshd[16434]: Received disconnect from 172.98.67.143: 11: Bye Bye [preauth] Jul 19 05:35:07 shadeyouvpn sshd[16434]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.98.67.143 user=support ........ ----------------------------------------------- https://www.blocklist.de/en/view.html	2019-07-19 23:36:42
175.142.59.85	attackbots	Jul 19 16:39:24 v22018076622670303 sshd\[1467\]: Invalid user sg from 175.142.59.85 port 53757 Jul 19 16:39:24 v22018076622670303 sshd\[1467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.142.59.85 Jul 19 16:39:26 v22018076622670303 sshd\[1467\]: Failed password for invalid user sg from 175.142.59.85 port 53757 ssh2 ...	2019-07-19 23:52:49
54.38.82.14	attack	Jul 19 10:46:58 vps200512 sshd\[557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 user=root Jul 19 10:47:00 vps200512 sshd\[557\]: Failed password for root from 54.38.82.14 port 56052 ssh2 Jul 19 10:47:01 vps200512 sshd\[559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 user=root Jul 19 10:47:03 vps200512 sshd\[559\]: Failed password for root from 54.38.82.14 port 41295 ssh2 Jul 19 10:47:03 vps200512 sshd\[561\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 user=root	2019-07-19 23:12:33
165.22.112.87	attackbotsspam	Jul 19 14:33:53 mail sshd\[24236\]: Invalid user christian from 165.22.112.87 port 33784 Jul 19 14:33:53 mail sshd\[24236\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.87 Jul 19 14:33:55 mail sshd\[24236\]: Failed password for invalid user christian from 165.22.112.87 port 33784 ssh2 Jul 19 14:40:29 mail sshd\[25541\]: Invalid user billing from 165.22.112.87 port 60544 Jul 19 14:40:29 mail sshd\[25541\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.87	2019-07-19 22:43:40
191.53.181.125	attack	Lines containing failures of 191.53.181.125 Jul 19 07:36:56 omfg postfix/smtpd[25761]: connect from unknown[191.53.181.125] Jul x@x Jul 19 07:37:08 omfg postfix/smtpd[25761]: lost connection after DATA from unknown[191.53.181.125] Jul 19 07:37:08 omfg postfix/smtpd[25761]: disconnect from unknown[191.53.181.125] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=191.53.181.125	2019-07-19 23:44:42
98.28.197.212	attack	Jul 19 04:13:29 shadeyouvpn sshd[22461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-98-28-197-212.cinci.res.rr.com user=jira Jul 19 04:13:32 shadeyouvpn sshd[22461]: Failed password for jira from 98.28.197.212 port 53378 ssh2 Jul 19 04:13:34 shadeyouvpn sshd[22461]: Failed password for jira from 98.28.197.212 port 53378 ssh2 Jul 19 04:13:36 shadeyouvpn sshd[22461]: Failed password for jira from 98.28.197.212 port 53378 ssh2 Jul 19 04:13:39 shadeyouvpn sshd[22461]: Failed password for jira from 98.28.197.212 port 53378 ssh2 Jul 19 04:13:41 shadeyouvpn sshd[22461]: Failed password for jira from 98.28.197.212 port 53378 ssh2 Jul 19 04:13:41 shadeyouvpn sshd[22461]: Received disconnect from 98.28.197.212: 11: Bye Bye [preauth] Jul 19 04:13:41 shadeyouvpn sshd[22461]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-98-28-197-212.cinci.res.rr.com user=jira ........ ----------------------------------------------- https://www.bloc	2019-07-19 23:36:15
37.48.111.189	attackbotsspam	Jul 17 02:11:50 shadeyouvpn sshd[15847]: Failed password for dev from 37.48.111.189 port 41426 ssh2 Jul 17 02:11:52 shadeyouvpn sshd[15847]: Failed password for dev from 37.48.111.189 port 41426 ssh2 Jul 17 02:11:54 shadeyouvpn sshd[15847]: Failed password for dev from 37.48.111.189 port 41426 ssh2 Jul 17 02:11:56 shadeyouvpn sshd[15847]: Failed password for dev from 37.48.111.189 port 41426 ssh2 Jul 17 02:11:57 shadeyouvpn sshd[15847]: Failed password for dev from 37.48.111.189 port 41426 ssh2 Jul 17 02:11:57 shadeyouvpn sshd[15847]: Received disconnect from 37.48.111.189: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.48.111.189	2019-07-19 23:55:57
114.237.194.2	attackspam	Brute force SMTP login attempts.	2019-07-19 23:09:19
12.2.202.77	attackspambots	445/tcp 445/tcp 445/tcp... [2019-05-27/07-19]11pkt,1pt.(tcp)	2019-07-19 22:42:56
112.133.222.158	attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(07191040)	2019-07-19 23:22:21

最近上报的IP列表

87.93.105.95	87.73.31.20	79.254.102.159	104.40.26.165
19.210.76.134	46.178.227.61	58.144.86.170	158.94.5.113
210.197.0.176	140.148.229.141	87.7.193.187	179.6.198.119
92.75.91.201	123.19.213.185	129.114.206.50	27.64.176.154
90.70.225.84	145.232.22.246	137.110.194.206	147.162.222.95