138.68.245.152

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Invalid user digiacomo from 138.68.245.152 port 46472	2020-08-22 14:07:40
attackspambots	Aug 21 01:49:25 george sshd[13051]: Failed password for root from 138.68.245.152 port 35384 ssh2 Aug 21 01:51:59 george sshd[13081]: Invalid user install from 138.68.245.152 port 50052 Aug 21 01:51:59 george sshd[13081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 Aug 21 01:52:01 george sshd[13081]: Failed password for invalid user install from 138.68.245.152 port 50052 ssh2 Aug 21 01:54:38 george sshd[13103]: Invalid user kasutaja from 138.68.245.152 port 36482 ...	2020-08-21 14:24:08
attackbots	Automatic report - Banned IP Access	2020-08-19 08:32:45
attackbotsspam	$f2bV_matches	2020-08-15 08:25:28
attack	Aug 9 12:27:06 game-panel sshd[22652]: Failed password for root from 138.68.245.152 port 39360 ssh2 Aug 9 12:31:01 game-panel sshd[22810]: Failed password for root from 138.68.245.152 port 49706 ssh2	2020-08-09 20:35:44
attackbotsspam	Aug 7 22:52:14 sshgateway sshd\[7796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 user=root Aug 7 22:52:16 sshgateway sshd\[7796\]: Failed password for root from 138.68.245.152 port 54592 ssh2 Aug 7 22:54:17 sshgateway sshd\[7807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 user=root	2020-08-08 06:12:28
attack	Aug 8 01:03:19 webhost01 sshd[1644]: Failed password for root from 138.68.245.152 port 34402 ssh2 ...	2020-08-08 02:23:17

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.245.137	attackbotsspam	138.68.245.137 - - \[25/Mar/2020:06:04:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 6699 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[25/Mar/2020:06:04:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 11606 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[25/Mar/2020:06:04:29 +0100\] "POST /wp-login.php HTTP/1.0" 200 6515 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-25 14:11:37
138.68.245.137	attackbots	C1,WP GET /nelson/wp-login.php	2020-02-25 03:01:15
138.68.245.137	attackspam	WordPress wp-login brute force :: 138.68.245.137 0.124 - [03/Feb/2020:08:12:07 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-02-03 17:06:47
138.68.245.137	attackbots	WordPress wp-login brute force :: 138.68.245.137 0.148 - [08/Jan/2020:13:05:25 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-08 22:21:01
138.68.245.137	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-12-21 17:26:25
138.68.245.137	attackbotsspam	138.68.245.137 - - \[09/Dec/2019:13:29:50 +0100\] "POST /wp-login.php HTTP/1.0" 200 7538 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[09/Dec/2019:13:29:52 +0100\] "POST /wp-login.php HTTP/1.0" 200 7363 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[09/Dec/2019:13:29:55 +0100\] "POST /wp-login.php HTTP/1.0" 200 7358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-09 21:59:57
138.68.245.137	attackspam	xmlrpc attack	2019-12-03 03:58:36
138.68.245.137	attackbotsspam	138.68.245.137 - - \[22/Nov/2019:13:15:04 +0100\] "POST /wp-login.php HTTP/1.0" 200 5269 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[22/Nov/2019:13:15:07 +0100\] "POST /wp-login.php HTTP/1.0" 200 5099 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[22/Nov/2019:13:15:10 +0100\] "POST /wp-login.php HTTP/1.0" 200 5093 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-22 21:49:36
138.68.245.137	attackbots	11/11/2019-19:29:10.464285 138.68.245.137 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-11-12 03:21:53
138.68.245.137	attack	WordPress login Brute force / Web App Attack on client site.	2019-11-11 18:31:26
138.68.245.137	attack	www.geburtshaus-fulda.de 138.68.245.137 \[03/Nov/2019:17:28:44 +0100\] "POST /wp-login.php HTTP/1.1" 200 5785 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 138.68.245.137 \[03/Nov/2019:17:28:50 +0100\] "POST /wp-login.php HTTP/1.1" 200 5789 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-04 01:23:31
138.68.245.137	attackspam	C1,WP GET /suche/wp-login.php	2019-11-03 02:14:00
138.68.245.137	attack	WordPress wp-login brute force :: 138.68.245.137 0.260 BYPASS [11/Oct/2019:07:11:30 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-11 04:33:20
138.68.245.137	attackbots	Automatic report - XMLRPC Attack	2019-10-07 19:53:27
138.68.245.137	attackbots	xmlrpc.php	2019-08-31 20:28:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.245.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33306
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.245.152.			IN	A

;; AUTHORITY SECTION:
.			221	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080701 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 02:23:14 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 152.245.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 152.245.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
77.247.110.88	attackbotsspam	77.247.110.88 was recorded 5 times by 1 hosts attempting to connect to the following ports: 5069,5071,5072,5075,5070. Incident counter (4h, 24h, all-time): 5, 12, 80	2020-02-05 13:28:01
14.225.11.25	attack	Unauthorized connection attempt detected from IP address 14.225.11.25 to port 2220 [J]	2020-02-05 13:50:07
93.104.171.181	attackspambots	Automatic report - Port Scan Attack	2020-02-05 13:49:41
101.91.119.132	attack	Feb 5 04:54:47 *** sshd[29453]: Invalid user auction from 101.91.119.132	2020-02-05 13:37:06
175.4.164.138	attack	Automatic report - Port Scan Attack	2020-02-05 13:40:51
198.199.120.42	attackspam	MLV GET /wp-login.php GET /wp-login.php	2020-02-05 13:46:49
220.191.208.204	attack	Unauthorized connection attempt detected from IP address 220.191.208.204 to port 2220 [J]	2020-02-05 13:34:37
92.118.37.70	attackbots	proto=tcp . spt=54817 . dpt=3389 . src=92.118.37.70 . dst=xx.xx.4.1 . Found on CINS badguys (134)	2020-02-05 13:31:40
121.46.29.116	attackbotsspam	Feb 5 05:43:04 web8 sshd\[22356\]: Invalid user olsen from 121.46.29.116 Feb 5 05:43:04 web8 sshd\[22356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.29.116 Feb 5 05:43:07 web8 sshd\[22356\]: Failed password for invalid user olsen from 121.46.29.116 port 40755 ssh2 Feb 5 05:44:57 web8 sshd\[23408\]: Invalid user stan from 121.46.29.116 Feb 5 05:44:57 web8 sshd\[23408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.29.116	2020-02-05 13:49:08
202.9.124.68	attackbotsspam	1580878488 - 02/05/2020 05:54:48 Host: 202.9.124.68/202.9.124.68 Port: 445 TCP Blocked	2020-02-05 13:36:50
134.209.125.36	attackbots	xmlrpc attack	2020-02-05 13:23:02
123.207.78.83	attack	Feb 4 19:48:09 hpm sshd\[23539\]: Invalid user martin1234 from 123.207.78.83 Feb 4 19:48:09 hpm sshd\[23539\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.78.83 Feb 4 19:48:11 hpm sshd\[23539\]: Failed password for invalid user martin1234 from 123.207.78.83 port 60618 ssh2 Feb 4 19:52:45 hpm sshd\[24088\]: Invalid user alliance from 123.207.78.83 Feb 4 19:52:45 hpm sshd\[24088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.78.83	2020-02-05 14:02:15
103.219.112.47	attackbots	$lgm	2020-02-05 13:30:38
46.32.123.31	attack	(ftpd) Failed FTP login from 46.32.123.31 (JO/Hashemite Kingdom of Jordan/ip46-32-123-31.zaindata.jo): 10 in the last 3600 secs	2020-02-05 14:02:45
91.211.247.59	attack	Autoban 91.211.247.59 AUTH/CONNECT	2020-02-05 13:53:40

最近上报的IP列表

197.3.6.82	112.30.136.31	62.210.14.241	190.98.254.154
121.10.41.109	186.219.243.53	111.241.134.207	49.206.51.33
122.184.85.89	192.241.239.140	111.44.130.203	223.214.114.45
54.97.8.218	164.90.150.157	29.242.125.101	155.175.163.248
20.229.255.183	115.90.32.29	103.44.235.6	96.242.117.74