138.68.245.152

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Invalid user digiacomo from 138.68.245.152 port 46472	2020-08-22 14:07:40
attackspambots	Aug 21 01:49:25 george sshd[13051]: Failed password for root from 138.68.245.152 port 35384 ssh2 Aug 21 01:51:59 george sshd[13081]: Invalid user install from 138.68.245.152 port 50052 Aug 21 01:51:59 george sshd[13081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 Aug 21 01:52:01 george sshd[13081]: Failed password for invalid user install from 138.68.245.152 port 50052 ssh2 Aug 21 01:54:38 george sshd[13103]: Invalid user kasutaja from 138.68.245.152 port 36482 ...	2020-08-21 14:24:08
attackbots	Automatic report - Banned IP Access	2020-08-19 08:32:45
attackbotsspam	$f2bV_matches	2020-08-15 08:25:28
attack	Aug 9 12:27:06 game-panel sshd[22652]: Failed password for root from 138.68.245.152 port 39360 ssh2 Aug 9 12:31:01 game-panel sshd[22810]: Failed password for root from 138.68.245.152 port 49706 ssh2	2020-08-09 20:35:44
attackbotsspam	Aug 7 22:52:14 sshgateway sshd\[7796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 user=root Aug 7 22:52:16 sshgateway sshd\[7796\]: Failed password for root from 138.68.245.152 port 54592 ssh2 Aug 7 22:54:17 sshgateway sshd\[7807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 user=root	2020-08-08 06:12:28
attack	Aug 8 01:03:19 webhost01 sshd[1644]: Failed password for root from 138.68.245.152 port 34402 ssh2 ...	2020-08-08 02:23:17

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.245.137	attackbotsspam	138.68.245.137 - - \[25/Mar/2020:06:04:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 6699 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[25/Mar/2020:06:04:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 11606 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[25/Mar/2020:06:04:29 +0100\] "POST /wp-login.php HTTP/1.0" 200 6515 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-25 14:11:37
138.68.245.137	attackbots	C1,WP GET /nelson/wp-login.php	2020-02-25 03:01:15
138.68.245.137	attackspam	WordPress wp-login brute force :: 138.68.245.137 0.124 - [03/Feb/2020:08:12:07 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-02-03 17:06:47
138.68.245.137	attackbots	WordPress wp-login brute force :: 138.68.245.137 0.148 - [08/Jan/2020:13:05:25 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-08 22:21:01
138.68.245.137	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-12-21 17:26:25
138.68.245.137	attackbotsspam	138.68.245.137 - - \[09/Dec/2019:13:29:50 +0100\] "POST /wp-login.php HTTP/1.0" 200 7538 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[09/Dec/2019:13:29:52 +0100\] "POST /wp-login.php HTTP/1.0" 200 7363 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[09/Dec/2019:13:29:55 +0100\] "POST /wp-login.php HTTP/1.0" 200 7358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-09 21:59:57
138.68.245.137	attackspam	xmlrpc attack	2019-12-03 03:58:36
138.68.245.137	attackbotsspam	138.68.245.137 - - \[22/Nov/2019:13:15:04 +0100\] "POST /wp-login.php HTTP/1.0" 200 5269 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[22/Nov/2019:13:15:07 +0100\] "POST /wp-login.php HTTP/1.0" 200 5099 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[22/Nov/2019:13:15:10 +0100\] "POST /wp-login.php HTTP/1.0" 200 5093 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-22 21:49:36
138.68.245.137	attackbots	11/11/2019-19:29:10.464285 138.68.245.137 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-11-12 03:21:53
138.68.245.137	attack	WordPress login Brute force / Web App Attack on client site.	2019-11-11 18:31:26
138.68.245.137	attack	www.geburtshaus-fulda.de 138.68.245.137 \[03/Nov/2019:17:28:44 +0100\] "POST /wp-login.php HTTP/1.1" 200 5785 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 138.68.245.137 \[03/Nov/2019:17:28:50 +0100\] "POST /wp-login.php HTTP/1.1" 200 5789 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-04 01:23:31
138.68.245.137	attackspam	C1,WP GET /suche/wp-login.php	2019-11-03 02:14:00
138.68.245.137	attack	WordPress wp-login brute force :: 138.68.245.137 0.260 BYPASS [11/Oct/2019:07:11:30 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-11 04:33:20
138.68.245.137	attackbots	Automatic report - XMLRPC Attack	2019-10-07 19:53:27
138.68.245.137	attackbots	xmlrpc.php	2019-08-31 20:28:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.245.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33306
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.245.152.			IN	A

;; AUTHORITY SECTION:
.			221	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080701 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 02:23:14 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 152.245.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 152.245.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.227.253.140	attackspam	Oct 29 07:24:24 relay postfix/smtpd\[25794\]: warning: unknown\[45.227.253.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 29 07:24:31 relay postfix/smtpd\[20868\]: warning: unknown\[45.227.253.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 29 07:28:07 relay postfix/smtpd\[26812\]: warning: unknown\[45.227.253.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 29 07:28:14 relay postfix/smtpd\[26305\]: warning: unknown\[45.227.253.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 29 07:31:17 relay postfix/smtpd\[26305\]: warning: unknown\[45.227.253.140\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-29 14:42:02
94.42.178.137	attackbots	Oct 29 05:46:33 vps01 sshd[32139]: Failed password for root from 94.42.178.137 port 43757 ssh2	2019-10-29 14:45:37
191.5.130.69	attackbotsspam	2019-10-29T06:10:27.396513abusebot-8.cloudsearch.cf sshd\[17702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.5.130.69 user=root	2019-10-29 14:47:51
148.72.65.10	attackspam	Oct 29 08:19:51 hosting sshd[19810]: Invalid user ATI from 148.72.65.10 port 43748 ...	2019-10-29 14:57:22
201.139.88.23	attackspam	Oct 29 09:06:25 taivassalofi sshd[168305]: Failed password for root from 201.139.88.23 port 60360 ssh2 ...	2019-10-29 15:16:20
178.128.236.202	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-10-29 14:50:17
37.195.50.41	attack	Oct 29 06:41:59 localhost sshd\[89764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.195.50.41 user=root Oct 29 06:42:01 localhost sshd\[89764\]: Failed password for root from 37.195.50.41 port 48958 ssh2 Oct 29 06:46:08 localhost sshd\[89874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.195.50.41 user=root Oct 29 06:46:09 localhost sshd\[89874\]: Failed password for root from 37.195.50.41 port 59434 ssh2 Oct 29 06:50:19 localhost sshd\[89965\]: Invalid user ubnt from 37.195.50.41 port 41690 ...	2019-10-29 14:53:47
104.244.79.124	attackspam	Oct 29 04:54:22 serwer sshd\[11905\]: Invalid user aerodynamik from 104.244.79.124 port 51976 Oct 29 04:54:22 serwer sshd\[11905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.79.124 Oct 29 04:54:24 serwer sshd\[11905\]: Failed password for invalid user aerodynamik from 104.244.79.124 port 51976 ssh2 ...	2019-10-29 14:46:40
80.82.77.139	attack	UTC: 2019-10-28 pkts: 3 ports(tcp): 17, 82, 102	2019-10-29 14:43:21
54.37.225.179	attackspam	Oct 29 02:51:11 plusreed sshd[14405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.225.179 user=root Oct 29 02:51:13 plusreed sshd[14405]: Failed password for root from 54.37.225.179 port 42680 ssh2 ...	2019-10-29 14:56:22
217.68.210.96	attackbotsspam	slow and persistent scanner	2019-10-29 14:51:46
106.12.84.112	attackspambots	2019-10-29T06:34:30.915090abusebot-5.cloudsearch.cf sshd\[29407\]: Invalid user ubnt from 106.12.84.112 port 46736	2019-10-29 14:42:59
34.212.63.114	attackspambots	10/29/2019-07:34:02.445766 34.212.63.114 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-29 14:51:29
2.103.236.82	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/2.103.236.82/ GB - 1H : (103) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN13285 IP : 2.103.236.82 CIDR : 2.100.0.0/14 PREFIX COUNT : 35 UNIQUE IP COUNT : 3565824 ATTACKS DETECTED ASN13285 : 1H - 2 3H - 3 6H - 7 12H - 11 24H - 14 DateTime : 2019-10-29 04:53:18 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-29 15:15:50
107.173.3.124	attackspambots	(From youngkim977@gmail.com ) Hi there! I'm a freelance web developer who specializes in the WordPress website platform, and I'm also well-versed with many other platforms and shopping carts as well. I'd like to know if you'd be interested in redesigning or rebuilding your website. I'd really like to help to make your website more beautiful and business efficient. I can make improvements your existing website or build you a new one from scratch that has all of the modern features and functionality. I assure you that all my work is accomplished by myself and is never outsourced. Do you have some free time in the next few days for a free consultation? I'll give you some ideas, get your feedback, and give you a proposal. Please let me know if this is something you're interested in. Talk soon! Kim Young	2019-10-29 14:40:44

最近上报的IP列表

197.3.6.82	112.30.136.31	62.210.14.241	190.98.254.154
121.10.41.109	186.219.243.53	111.241.134.207	49.206.51.33
122.184.85.89	192.241.239.140	111.44.130.203	223.214.114.45
54.97.8.218	164.90.150.157	29.242.125.101	155.175.163.248
20.229.255.183	115.90.32.29	103.44.235.6	96.242.117.74