138.68.245.152

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Invalid user digiacomo from 138.68.245.152 port 46472	2020-08-22 14:07:40
attackspambots	Aug 21 01:49:25 george sshd[13051]: Failed password for root from 138.68.245.152 port 35384 ssh2 Aug 21 01:51:59 george sshd[13081]: Invalid user install from 138.68.245.152 port 50052 Aug 21 01:51:59 george sshd[13081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 Aug 21 01:52:01 george sshd[13081]: Failed password for invalid user install from 138.68.245.152 port 50052 ssh2 Aug 21 01:54:38 george sshd[13103]: Invalid user kasutaja from 138.68.245.152 port 36482 ...	2020-08-21 14:24:08
attackbots	Automatic report - Banned IP Access	2020-08-19 08:32:45
attackbotsspam	$f2bV_matches	2020-08-15 08:25:28
attack	Aug 9 12:27:06 game-panel sshd[22652]: Failed password for root from 138.68.245.152 port 39360 ssh2 Aug 9 12:31:01 game-panel sshd[22810]: Failed password for root from 138.68.245.152 port 49706 ssh2	2020-08-09 20:35:44
attackbotsspam	Aug 7 22:52:14 sshgateway sshd\[7796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 user=root Aug 7 22:52:16 sshgateway sshd\[7796\]: Failed password for root from 138.68.245.152 port 54592 ssh2 Aug 7 22:54:17 sshgateway sshd\[7807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 user=root	2020-08-08 06:12:28
attack	Aug 8 01:03:19 webhost01 sshd[1644]: Failed password for root from 138.68.245.152 port 34402 ssh2 ...	2020-08-08 02:23:17

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.245.137	attackbotsspam	138.68.245.137 - - \[25/Mar/2020:06:04:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 6699 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[25/Mar/2020:06:04:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 11606 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[25/Mar/2020:06:04:29 +0100\] "POST /wp-login.php HTTP/1.0" 200 6515 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-25 14:11:37
138.68.245.137	attackbots	C1,WP GET /nelson/wp-login.php	2020-02-25 03:01:15
138.68.245.137	attackspam	WordPress wp-login brute force :: 138.68.245.137 0.124 - [03/Feb/2020:08:12:07 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-02-03 17:06:47
138.68.245.137	attackbots	WordPress wp-login brute force :: 138.68.245.137 0.148 - [08/Jan/2020:13:05:25 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-08 22:21:01
138.68.245.137	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-12-21 17:26:25
138.68.245.137	attackbotsspam	138.68.245.137 - - \[09/Dec/2019:13:29:50 +0100\] "POST /wp-login.php HTTP/1.0" 200 7538 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[09/Dec/2019:13:29:52 +0100\] "POST /wp-login.php HTTP/1.0" 200 7363 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[09/Dec/2019:13:29:55 +0100\] "POST /wp-login.php HTTP/1.0" 200 7358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-09 21:59:57
138.68.245.137	attackspam	xmlrpc attack	2019-12-03 03:58:36
138.68.245.137	attackbotsspam	138.68.245.137 - - \[22/Nov/2019:13:15:04 +0100\] "POST /wp-login.php HTTP/1.0" 200 5269 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[22/Nov/2019:13:15:07 +0100\] "POST /wp-login.php HTTP/1.0" 200 5099 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[22/Nov/2019:13:15:10 +0100\] "POST /wp-login.php HTTP/1.0" 200 5093 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-22 21:49:36
138.68.245.137	attackbots	11/11/2019-19:29:10.464285 138.68.245.137 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-11-12 03:21:53
138.68.245.137	attack	WordPress login Brute force / Web App Attack on client site.	2019-11-11 18:31:26
138.68.245.137	attack	www.geburtshaus-fulda.de 138.68.245.137 \[03/Nov/2019:17:28:44 +0100\] "POST /wp-login.php HTTP/1.1" 200 5785 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 138.68.245.137 \[03/Nov/2019:17:28:50 +0100\] "POST /wp-login.php HTTP/1.1" 200 5789 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-04 01:23:31
138.68.245.137	attackspam	C1,WP GET /suche/wp-login.php	2019-11-03 02:14:00
138.68.245.137	attack	WordPress wp-login brute force :: 138.68.245.137 0.260 BYPASS [11/Oct/2019:07:11:30 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-11 04:33:20
138.68.245.137	attackbots	Automatic report - XMLRPC Attack	2019-10-07 19:53:27
138.68.245.137	attackbots	xmlrpc.php	2019-08-31 20:28:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.245.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33306
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.245.152.			IN	A

;; AUTHORITY SECTION:
.			221	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080701 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 02:23:14 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 152.245.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 152.245.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
114.67.76.63	attackspam	Dec 2 15:36:00 fr01 sshd[18841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.76.63 user=root Dec 2 15:36:02 fr01 sshd[18841]: Failed password for root from 114.67.76.63 port 35618 ssh2 Dec 2 15:43:50 fr01 sshd[20294]: Invalid user test from 114.67.76.63 ...	2019-12-03 04:29:21
168.232.129.158	attackbotsspam	SpamReport	2019-12-03 04:15:34
190.105.40.135	attackbotsspam	SpamReport	2019-12-03 04:08:47
138.68.245.137	attackspam	xmlrpc attack	2019-12-03 03:58:36
171.224.178.134	attackspam	Unauthorized connection attempt from IP address 171.224.178.134 on Port 445(SMB)	2019-12-03 04:06:24
190.124.31.218	attackbotsspam	SpamReport	2019-12-03 04:08:31
186.251.22.243	attack	SpamReport	2019-12-03 04:10:59
14.186.252.18	attackbotsspam	SpamReport	2019-12-03 04:20:56
106.12.189.89	attackspam	Dec 2 09:40:20 linuxvps sshd\[59259\]: Invalid user test1234 from 106.12.189.89 Dec 2 09:40:20 linuxvps sshd\[59259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.189.89 Dec 2 09:40:22 linuxvps sshd\[59259\]: Failed password for invalid user test1234 from 106.12.189.89 port 36104 ssh2 Dec 2 09:49:31 linuxvps sshd\[64982\]: Invalid user berni from 106.12.189.89 Dec 2 09:49:31 linuxvps sshd\[64982\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.189.89	2019-12-03 04:19:48
35.241.139.204	attackspam	Dec 2 20:32:23 legacy sshd[6329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.241.139.204 Dec 2 20:32:26 legacy sshd[6329]: Failed password for invalid user sysadmin from 35.241.139.204 port 37982 ssh2 Dec 2 20:38:48 legacy sshd[6603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.241.139.204 ...	2019-12-03 03:54:13
138.36.200.4	attackspam	SpamReport	2019-12-03 04:24:06
193.112.219.176	attackspam	Dec 2 20:08:39 sbg01 sshd[10967]: Failed password for root from 193.112.219.176 port 40922 ssh2 Dec 2 20:15:09 sbg01 sshd[10992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.219.176 Dec 2 20:15:11 sbg01 sshd[10992]: Failed password for invalid user badelt from 193.112.219.176 port 48824 ssh2	2019-12-03 04:13:02
182.253.105.93	attackspambots	Dec 2 21:14:21 cvbnet sshd[28259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.105.93 Dec 2 21:14:23 cvbnet sshd[28259]: Failed password for invalid user mccoy from 182.253.105.93 port 52604 ssh2 ...	2019-12-03 04:14:28
14.242.143.254	attackspambots	SpamReport	2019-12-03 04:20:41
170.233.69.72	attackbots	Dec 2 14:30:23 ovpn sshd\[2850\]: Invalid user admin from 170.233.69.72 Dec 2 14:30:23 ovpn sshd\[2850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.233.69.72 Dec 2 14:30:25 ovpn sshd\[2850\]: Failed password for invalid user admin from 170.233.69.72 port 49722 ssh2 Dec 2 14:30:46 ovpn sshd\[2944\]: Invalid user nagios from 170.233.69.72 Dec 2 14:30:46 ovpn sshd\[2944\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.233.69.72	2019-12-03 04:19:27

最近上报的IP列表

197.3.6.82	112.30.136.31	62.210.14.241	190.98.254.154
121.10.41.109	186.219.243.53	111.241.134.207	49.206.51.33
122.184.85.89	192.241.239.140	111.44.130.203	223.214.114.45
54.97.8.218	164.90.150.157	29.242.125.101	155.175.163.248
20.229.255.183	115.90.32.29	103.44.235.6	96.242.117.74