138.68.30.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	53413/udp 53413/udp 53413/udp... [2019-10-21/11-21]1223pkt,1pt.(udp)	2019-11-21 19:51:21
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-10 19:55:08
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-07 01:08:00
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-01 00:43:09
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-30 20:32:01

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.30.2	attack	138.68.30.2 - - \[28/Dec/2019:20:38:27 +0100\] "POST /wp-login.php HTTP/1.0" 200 3080 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.30.2 - - \[28/Dec/2019:20:38:29 +0100\] "POST /wp-login.php HTTP/1.0" 200 3039 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.30.2 - - \[28/Dec/2019:20:38:32 +0100\] "POST /wp-login.php HTTP/1.0" 200 3048 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-29 06:02:51
138.68.30.2	attack	Automatic report - Banned IP Access	2019-11-26 00:59:16
138.68.30.2	attack	11/24/2019-07:29:55.129981 138.68.30.2 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-11-24 14:45:51
138.68.30.2	attack	WordPress wp-login brute force :: 138.68.30.2 0.116 BYPASS [24/Oct/2019:14:45:53 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-24 18:35:47
138.68.30.2	attack	plussize.fitness 138.68.30.2 \[20/Sep/2019:01:05:51 +0200\] "POST /wp-login.php HTTP/1.1" 200 5629 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" plussize.fitness 138.68.30.2 \[20/Sep/2019:01:05:52 +0200\] "POST /wp-login.php HTTP/1.1" 200 5582 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-09-20 09:02:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.30.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12448
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.30.68.			IN	A

;; AUTHORITY SECTION:
.			411	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103000 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 20:31:57 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 68.30.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.30.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
145.239.82.192	attack	SSH Brute Force	2020-08-08 08:29:17
177.221.97.4	attackbotsspam	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 177.221.97.4, Reason:[(mod_security) mod_security (id:210350) triggered by 177.221.97.4 (BR/Brazil/ns4.imperiotelecom.net): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-08-08 08:03:12
165.22.31.24	attackbots	165.22.31.24 - - [08/Aug/2020:05:59:22 +0200] "GET /wp-login.php HTTP/1.1" 200 5738 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.31.24 - - [08/Aug/2020:05:59:23 +0200] "POST /wp-login.php HTTP/1.1" 200 6055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.31.24 - - [08/Aug/2020:05:59:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-08 12:05:14
178.128.88.244	attackspambots	Aug 8 00:13:32 abendstille sshd\[20112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.88.244 user=root Aug 8 00:13:34 abendstille sshd\[20112\]: Failed password for root from 178.128.88.244 port 54452 ssh2 Aug 8 00:17:56 abendstille sshd\[23949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.88.244 user=root Aug 8 00:17:57 abendstille sshd\[23949\]: Failed password for root from 178.128.88.244 port 37786 ssh2 Aug 8 00:22:25 abendstille sshd\[28271\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.88.244 user=root ...	2020-08-08 08:16:17
196.206.254.240	attack	Aug 8 05:55:16 ip40 sshd[14203]: Failed password for root from 196.206.254.240 port 49302 ssh2 ...	2020-08-08 12:02:50
157.55.39.102	attack	Joomla User(visforms) : try to access forms...	2020-08-08 08:24:27
191.33.170.162	attack	Automated report (2020-08-08T04:24:02+08:00). Referrer spam originating from this address detected (anti-crisis-seo.com).	2020-08-08 08:06:52
180.183.232.96	attackbotsspam	1596859165 - 08/08/2020 05:59:25 Host: 180.183.232.96/180.183.232.96 Port: 445 TCP Blocked	2020-08-08 12:04:12
112.172.147.34	attackbots	Aug 8 05:56:25 piServer sshd[8577]: Failed password for root from 112.172.147.34 port 41350 ssh2 Aug 8 05:57:52 piServer sshd[8721]: Failed password for root from 112.172.147.34 port 62006 ssh2 ...	2020-08-08 12:10:48
195.54.161.59	attack	Multiport scan : 60 ports scanned 33 60 900 3320 4545 6389 8899 9389 9527 9802 11111 24006 24038 24063 24118 24120 24139 24148 24161 24175 24199 24212 24222 24234 24265 24327 24344 24380 24400 24402 24411 24474 24477 24479 24488 24495 24530 24541 24551 24588 24590 24602 24611 24621 24648 24703 24731 24743 24746 24747 24748 24771 24777 24786 24797 24862 24919 24949 24952 24959	2020-08-08 08:25:20
113.88.167.201	attack	$f2bV_matches	2020-08-08 08:31:08
202.58.95.8	attackbotsspam	1596831821 - 08/07/2020 22:23:41 Host: 202.58.95.8/202.58.95.8 Port: 445 TCP Blocked	2020-08-08 08:20:02
68.235.43.70	attackbots	2020-08-07T16:23:54.771401sorsha.thespaminator.com sshd[8727]: Invalid user ubnt from 68.235.43.70 port 52914 2020-08-07T16:23:59.608172sorsha.thespaminator.com sshd[8727]: Failed password for invalid user ubnt from 68.235.43.70 port 52914 ssh2 ...	2020-08-08 08:08:40
195.69.222.175	attackspam	TCP (SYN) 195.69.222.175:48458 -> port 6368, len 44	2020-08-08 08:20:51
114.143.139.222	attack	Aug 8 00:58:57 root sshd[1849]: Failed password for root from 114.143.139.222 port 56056 ssh2 Aug 8 01:08:28 root sshd[3174]: Failed password for root from 114.143.139.222 port 44870 ssh2 ...	2020-08-08 08:09:32

最近上报的IP列表

46.44.10.139	61.120.221.157	218.206.53.207	134.110.205.161
237.180.70.225	247.125.67.248	92.129.173.102	157.230.16.157
201.174.73.120	254.31.52.92	26.4.180.62	51.147.19.119
152.101.81.117	109.86.249.194	218.67.168.174	191.181.98.122
54.90.2.123	184.168.224.0	119.90.1.49	98.46.186.186