138.68.5.192 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	sshguard	2020-10-08 00:16:28
attack	$f2bV_matches	2020-10-07 16:22:52
attackbotsspam	Invalid user max from 138.68.5.192 port 57036	2020-10-02 07:51:35
attackspambots	Invalid user steam from 138.68.5.192 port 54078	2020-10-02 00:26:20
attackspam	Invalid user steam from 138.68.5.192 port 54078	2020-10-01 16:31:26
attackbotsspam	2020-09-30T20:35:42.805752lavrinenko.info sshd[27593]: Invalid user pcguest from 138.68.5.192 port 45358 2020-09-30T20:35:42.816406lavrinenko.info sshd[27593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.5.192 2020-09-30T20:35:42.805752lavrinenko.info sshd[27593]: Invalid user pcguest from 138.68.5.192 port 45358 2020-09-30T20:35:44.962136lavrinenko.info sshd[27593]: Failed password for invalid user pcguest from 138.68.5.192 port 45358 ssh2 2020-09-30T20:40:01.048089lavrinenko.info sshd[27670]: Invalid user mcserver from 138.68.5.192 port 51278 ...	2020-10-01 04:13:59
attack	Invalid user steam from 138.68.5.192 port 54078	2020-09-30 20:24:23
attackspam	ssh brute force	2020-09-30 12:51:39
attackbots	Sep 29 23:51:07 OPSO sshd\[16054\]: Invalid user lisa from 138.68.5.192 port 46326 Sep 29 23:51:07 OPSO sshd\[16054\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.5.192 Sep 29 23:51:08 OPSO sshd\[16054\]: Failed password for invalid user lisa from 138.68.5.192 port 46326 ssh2 Sep 29 23:57:34 OPSO sshd\[17091\]: Invalid user pgsql1 from 138.68.5.192 port 36564 Sep 29 23:57:34 OPSO sshd\[17091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.5.192	2020-09-30 06:09:22
attackbotsspam	Invalid user steam from 138.68.5.192 port 54078	2020-09-29 22:21:26

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.50.78	attackspambots	(sshd) Failed SSH login from 138.68.50.78 (US/United States/-): 5 in the last 3600 secs	2020-10-12 04:12:44
138.68.50.78	attack	Oct 11 12:26:48 server sshd[4930]: Failed password for invalid user new from 138.68.50.78 port 52160 ssh2 Oct 11 12:30:19 server sshd[6901]: Failed password for root from 138.68.50.78 port 58464 ssh2 Oct 11 12:33:58 server sshd[8755]: Failed password for invalid user apache from 138.68.50.78 port 36560 ssh2	2020-10-11 20:11:56
138.68.50.78	attack	Oct 11 06:13:19 root sshd[27400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.78 user=root Oct 11 06:13:21 root sshd[27400]: Failed password for root from 138.68.50.78 port 33222 ssh2 ...	2020-10-11 12:10:50
138.68.50.78	attackbotsspam	SSH Brute Force	2020-10-11 05:34:25
138.68.55.147	attackspambots	SSH login attempts.	2020-10-10 23:27:05
138.68.55.147	attackspambots	SSH login attempts.	2020-10-10 15:16:18
138.68.58.131	attackbotsspam	SSH Invalid Login	2020-10-06 07:04:05
138.68.58.131	attack	2020-10-05T09:04:19.454581mail.thespaminator.com sshd[7191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.58.131 user=root 2020-10-05T09:04:21.304301mail.thespaminator.com sshd[7191]: Failed password for root from 138.68.58.131 port 51398 ssh2 ...	2020-10-05 23:17:03
138.68.58.131	attackbots	Oct 4 11:36:27 XXX sshd[11052]: Invalid user nisec from 138.68.58.131 port 51320	2020-10-05 15:15:35
138.68.58.131	attack	Sep 28 19:32:13 ns381471 sshd[12813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.58.131 Sep 28 19:32:15 ns381471 sshd[12813]: Failed password for invalid user vpn from 138.68.58.131 port 44270 ssh2	2020-09-29 02:28:49
138.68.58.131	attack	Invalid user postgres from 138.68.58.131 port 36800	2020-09-28 18:36:31
138.68.55.193	attack	Invalid user charisse from 138.68.55.193 port 45654	2020-09-15 03:19:26
138.68.55.193	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-14 19:14:19
138.68.52.53	attackspam	Automatic report - XMLRPC Attack	2020-09-09 20:54:56
138.68.52.53	attackspam	Automatic report - XMLRPC Attack	2020-09-09 14:52:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.5.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27348
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.5.192.			IN	A

;; AUTHORITY SECTION:
.			518	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092900 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 29 14:38:51 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 192.5.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 192.5.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.176.38.177	attackbotsspam	Sep 6 08:10:00 friendsofhawaii sshd\[4103\]: Invalid user password123 from 122.176.38.177 Sep 6 08:10:00 friendsofhawaii sshd\[4103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.176.38.177 Sep 6 08:10:02 friendsofhawaii sshd\[4103\]: Failed password for invalid user password123 from 122.176.38.177 port 64748 ssh2 Sep 6 08:15:39 friendsofhawaii sshd\[4597\]: Invalid user bkpuser from 122.176.38.177 Sep 6 08:15:39 friendsofhawaii sshd\[4597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.176.38.177	2019-09-07 07:09:20
121.140.179.171	attackspambots	Sep 6 15:13:29 XXX sshd[34672]: Invalid user ofsaa from 121.140.179.171 port 40104	2019-09-07 07:12:06
103.102.192.106	attackbots	Sep 6 12:23:15 Tower sshd[5810]: Connection from 103.102.192.106 port 16812 on 192.168.10.220 port 22 Sep 6 12:23:17 Tower sshd[5810]: Invalid user postgres from 103.102.192.106 port 16812 Sep 6 12:23:17 Tower sshd[5810]: error: Could not get shadow information for NOUSER Sep 6 12:23:17 Tower sshd[5810]: Failed password for invalid user postgres from 103.102.192.106 port 16812 ssh2 Sep 6 12:23:17 Tower sshd[5810]: Received disconnect from 103.102.192.106 port 16812:11: Bye Bye [preauth] Sep 6 12:23:17 Tower sshd[5810]: Disconnected from invalid user postgres 103.102.192.106 port 16812 [preauth]	2019-09-07 07:06:49
184.146.181.233	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-09-07 07:04:10
118.24.82.164	attack	web-1 [ssh] SSH Attack	2019-09-07 07:01:04
116.96.224.151	attackspam	Unauthorized connection attempt from IP address 116.96.224.151 on Port 445(SMB)	2019-09-07 06:49:46
220.94.205.222	attack	$f2bV_matches	2019-09-07 07:20:14
173.45.164.2	attackspambots	Sep 6 18:23:46 ny01 sshd[24018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.45.164.2 Sep 6 18:23:48 ny01 sshd[24018]: Failed password for invalid user 12345 from 173.45.164.2 port 34484 ssh2 Sep 6 18:27:19 ny01 sshd[25048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.45.164.2	2019-09-07 06:41:19
78.142.234.53	attack	Unauthorized connection attempt from IP address 78.142.234.53 on Port 445(SMB)	2019-09-07 06:47:13
188.169.27.13	attackspam	Automatic report - Port Scan Attack	2019-09-07 07:05:42
175.211.112.250	attackspam	SSH scan ::	2019-09-07 07:18:39
223.171.32.55	attackbotsspam	Sep 6 04:54:26 kapalua sshd\[26277\]: Invalid user test123 from 223.171.32.55 Sep 6 04:54:26 kapalua sshd\[26277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.171.32.55 Sep 6 04:54:28 kapalua sshd\[26277\]: Failed password for invalid user test123 from 223.171.32.55 port 30516 ssh2 Sep 6 04:59:22 kapalua sshd\[26792\]: Invalid user !QAZ1qaz from 223.171.32.55 Sep 6 04:59:22 kapalua sshd\[26792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.171.32.55	2019-09-07 07:19:03
51.83.78.56	attackbots	Sep 6 23:52:38 SilenceServices sshd[22138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.78.56 Sep 6 23:52:39 SilenceServices sshd[22138]: Failed password for invalid user cloud from 51.83.78.56 port 58772 ssh2 Sep 6 23:57:04 SilenceServices sshd[23811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.78.56	2019-09-07 07:02:37
106.12.99.218	attackspambots	Sep 7 00:49:43 mail sshd\[17399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.218 Sep 7 00:49:45 mail sshd\[17399\]: Failed password for invalid user ubuntu from 106.12.99.218 port 39510 ssh2 Sep 7 00:54:00 mail sshd\[17839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.99.218 user=mysql Sep 7 00:54:02 mail sshd\[17839\]: Failed password for mysql from 106.12.99.218 port 46360 ssh2 Sep 7 00:58:08 mail sshd\[18266\]: Invalid user butter from 106.12.99.218 port 53220	2019-09-07 07:04:33
212.112.108.98	attackbots	Sep 6 07:47:37 friendsofhawaii sshd\[2009\]: Invalid user nagios from 212.112.108.98 Sep 6 07:47:37 friendsofhawaii sshd\[2009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.112.108.98 Sep 6 07:47:39 friendsofhawaii sshd\[2009\]: Failed password for invalid user nagios from 212.112.108.98 port 53790 ssh2 Sep 6 07:52:26 friendsofhawaii sshd\[2419\]: Invalid user webster from 212.112.108.98 Sep 6 07:52:26 friendsofhawaii sshd\[2419\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.112.108.98	2019-09-07 07:21:22

最近上报的IP列表

123.206.53.230	152.32.173.160	202.189.238.235	157.245.110.124
153.146.109.197	227.1.241.124	62.211.97.105	5.152.182.251
198.211.107.224	192.169.244.239	76.14.255.18	98.23.122.25
146.255.88.172	88.255.217.68	219.154.107.140	151.229.159.37
189.220.193.199	157.230.103.4	88.99.227.205	173.180.162.171