138.68.254.12 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Aug 21 06:47:46 mail sshd\[27754\]: Failed password for invalid user vinnie from 138.68.254.12 port 51682 ssh2 Aug 21 07:05:51 mail sshd\[28154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.254.12 user=root ...	2019-08-21 14:22:37
attackspam	Aug 20 07:26:24 lnxweb61 sshd[4269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.254.12	2019-08-20 18:53:54
attack	Aug 1 06:36:07 marvibiene sshd[40576]: Invalid user oracle from 138.68.254.12 port 41248 Aug 1 06:36:07 marvibiene sshd[40576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.254.12 Aug 1 06:36:07 marvibiene sshd[40576]: Invalid user oracle from 138.68.254.12 port 41248 Aug 1 06:36:09 marvibiene sshd[40576]: Failed password for invalid user oracle from 138.68.254.12 port 41248 ssh2 ...	2019-08-01 17:43:00
attack	Jun 22 14:12:52 jupiter sshd\[3082\]: Invalid user node from 138.68.254.12 Jun 22 14:12:52 jupiter sshd\[3082\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.254.12 Jun 22 14:12:54 jupiter sshd\[3082\]: Failed password for invalid user node from 138.68.254.12 port 44192 ssh2 ...	2019-06-22 22:37:37

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.254.64	attackbotsspam	Oct 12 17:27:32 *** sshd[28279]: Invalid user user from 138.68.254.64	2020-10-13 03:13:05
138.68.254.64	attackbots	SSH login attempts.	2020-10-12 18:40:22
138.68.254.244	attack	Oct 8 20:33:00 ns381471 sshd[5693]: Failed password for root from 138.68.254.244 port 60588 ssh2	2020-10-09 02:47:23
138.68.254.244	attack	Oct 8 10:29:52 vps639187 sshd\[8125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.254.244 user=root Oct 8 10:29:54 vps639187 sshd\[8125\]: Failed password for root from 138.68.254.244 port 43284 ssh2 Oct 8 10:33:40 vps639187 sshd\[8215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.254.244 user=root ...	2020-10-08 18:48:25
138.68.254.244	attackbots	Invalid user marcus from 138.68.254.244 port 54064	2020-09-23 02:35:14
138.68.254.244	attackspam	Sep 22 12:34:06 vpn01 sshd[11743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.254.244 Sep 22 12:34:08 vpn01 sshd[11743]: Failed password for invalid user ftpuser from 138.68.254.244 port 47284 ssh2 ...	2020-09-22 18:40:35
138.68.254.112	attackspam	Hits on port : 6040	2020-06-06 13:27:32
138.68.254.131	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-11-02 21:30:17
138.68.254.131	attackspam	138.68.254.131 - - [30/Oct/2019:17:32:09 +0100] "GET /wp-login.php HTTP/1.1" 404 462 ...	2019-10-31 02:02:39

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.254.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63031
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.254.12.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061302 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 14 11:20:37 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 12.254.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 12.254.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
164.132.239.159	attackbotsspam	Unauthorised access (Aug 19) SRC=164.132.239.159 LEN=40 TTL=243 ID=64786 TCP DPT=445 WINDOW=1024 SYN	2019-08-19 16:08:37
117.201.254.99	attackspambots	Aug 19 09:41:58 vps647732 sshd[24633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.201.254.99 Aug 19 09:42:00 vps647732 sshd[24633]: Failed password for invalid user burrelli from 117.201.254.99 port 54294 ssh2 ...	2019-08-19 15:44:03
157.230.14.226	attackbots	Aug 19 09:49:20 meumeu sshd[22754]: Failed password for invalid user monkey from 157.230.14.226 port 39752 ssh2 Aug 19 09:53:17 meumeu sshd[23182]: Failed password for invalid user lis from 157.230.14.226 port 59026 ssh2 ...	2019-08-19 16:09:44
92.63.194.26	attackspambots	Invalid user admin from 92.63.194.26 port 38558	2019-08-19 15:35:05
188.166.165.100	attackspam	Aug 18 21:54:02 wbs sshd\[19947\]: Invalid user orders from 188.166.165.100 Aug 18 21:54:02 wbs sshd\[19947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.165.100 Aug 18 21:54:03 wbs sshd\[19947\]: Failed password for invalid user orders from 188.166.165.100 port 57344 ssh2 Aug 18 21:58:14 wbs sshd\[20350\]: Invalid user ronjones from 188.166.165.100 Aug 18 21:58:14 wbs sshd\[20350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.165.100	2019-08-19 16:14:17
181.55.252.214	attackspam	Aug 19 09:56:03 eventyay sshd[12615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.55.252.214 Aug 19 09:56:05 eventyay sshd[12615]: Failed password for invalid user elyzabeth from 181.55.252.214 port 40240 ssh2 Aug 19 10:03:12 eventyay sshd[12845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.55.252.214 ...	2019-08-19 16:08:06
58.210.169.162	attack	Aug 19 08:17:01 lnxded64 sshd[17828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.210.169.162	2019-08-19 15:24:58
77.42.74.82	attackspam	Automatic report - Port Scan Attack	2019-08-19 15:23:11
123.57.254.142	attackspam	fail2ban honeypot	2019-08-19 16:00:36
212.47.228.121	attackspam	212.47.228.121 - - [19/Aug/2019:02:22:36 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-08-19 15:38:58
94.198.110.205	attackbots	Aug 18 21:54:17 auw2 sshd\[26271\]: Invalid user dc from 94.198.110.205 Aug 18 21:54:18 auw2 sshd\[26271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.198.110.205 Aug 18 21:54:20 auw2 sshd\[26271\]: Failed password for invalid user dc from 94.198.110.205 port 50493 ssh2 Aug 18 21:58:35 auw2 sshd\[26662\]: Invalid user bds from 94.198.110.205 Aug 18 21:58:35 auw2 sshd\[26662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.198.110.205	2019-08-19 16:10:43
159.65.4.86	attack	Aug 18 21:36:57 aiointranet sshd\[9460\]: Invalid user admin from 159.65.4.86 Aug 18 21:36:57 aiointranet sshd\[9460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.4.86 Aug 18 21:36:59 aiointranet sshd\[9460\]: Failed password for invalid user admin from 159.65.4.86 port 41572 ssh2 Aug 18 21:41:57 aiointranet sshd\[10048\]: Invalid user student from 159.65.4.86 Aug 18 21:41:57 aiointranet sshd\[10048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.4.86	2019-08-19 15:48:37
218.92.0.202	attack	Aug 19 09:42:44 eventyay sshd[12031]: Failed password for root from 218.92.0.202 port 62255 ssh2 Aug 19 09:43:32 eventyay sshd[12074]: Failed password for root from 218.92.0.202 port 24925 ssh2 ...	2019-08-19 15:57:54
104.229.105.140	attackbotsspam	Aug 19 09:41:57 MK-Soft-Root1 sshd\[13837\]: Invalid user test from 104.229.105.140 port 41560 Aug 19 09:41:57 MK-Soft-Root1 sshd\[13837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.229.105.140 Aug 19 09:41:59 MK-Soft-Root1 sshd\[13837\]: Failed password for invalid user test from 104.229.105.140 port 41560 ssh2 ...	2019-08-19 15:44:41
36.156.24.78	attackbotsspam	Aug 19 15:00:28 webhost01 sshd[1539]: Failed password for root from 36.156.24.78 port 43560 ssh2 ...	2019-08-19 16:11:40

最近上报的IP列表

73.213.82.68	36.68.7.120	169.154.195.75	161.189.63.160
83.138.222.91	160.153.146.80	195.176.3.229	160.153.153.30
77.247.110.141	217.72.168.173	103.216.156.130	196.2.99.128
45.124.85.61	118.163.120.67	182.254.130.16	66.249.79.159
177.137.195.18	40.77.167.4	104.131.247.13	174.108.209.195