138.68.50.1 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	web Attack on Wordpress site at 2020-01-02.	2020-01-03 02:46:50
attack	SSH login attempts with user root.	2019-11-19 02:02:27

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.50.78	attackspambots	(sshd) Failed SSH login from 138.68.50.78 (US/United States/-): 5 in the last 3600 secs	2020-10-12 04:12:44
138.68.50.78	attack	Oct 11 12:26:48 server sshd[4930]: Failed password for invalid user new from 138.68.50.78 port 52160 ssh2 Oct 11 12:30:19 server sshd[6901]: Failed password for root from 138.68.50.78 port 58464 ssh2 Oct 11 12:33:58 server sshd[8755]: Failed password for invalid user apache from 138.68.50.78 port 36560 ssh2	2020-10-11 20:11:56
138.68.50.78	attack	Oct 11 06:13:19 root sshd[27400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.78 user=root Oct 11 06:13:21 root sshd[27400]: Failed password for root from 138.68.50.78 port 33222 ssh2 ...	2020-10-11 12:10:50
138.68.50.78	attackbotsspam	SSH Brute Force	2020-10-11 05:34:25
138.68.50.18	attack	Exploited Host.	2020-07-26 02:43:14
138.68.50.18	attackbots	Jun 19 15:38:55 vps687878 sshd\[20915\]: Failed password for invalid user testftp from 138.68.50.18 port 52366 ssh2 Jun 19 15:40:42 vps687878 sshd\[21173\]: Invalid user developer from 138.68.50.18 port 43972 Jun 19 15:40:42 vps687878 sshd\[21173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 19 15:40:44 vps687878 sshd\[21173\]: Failed password for invalid user developer from 138.68.50.18 port 43972 ssh2 Jun 19 15:42:32 vps687878 sshd\[21506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root ...	2020-06-19 22:05:17
138.68.50.18	attackbots	Jun 15 03:52:34 ws26vmsma01 sshd[91294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 15 03:52:36 ws26vmsma01 sshd[91294]: Failed password for invalid user gateway from 138.68.50.18 port 39384 ssh2 ...	2020-06-15 15:54:57
138.68.50.18	attackbots	Jun 13 23:03:10 vps sshd[899884]: Failed password for invalid user mmadmin from 138.68.50.18 port 39616 ssh2 Jun 13 23:04:09 vps sshd[903541]: Invalid user Welkome$#1234 from 138.68.50.18 port 49994 Jun 13 23:04:09 vps sshd[903541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 13 23:04:11 vps sshd[903541]: Failed password for invalid user Welkome$#1234 from 138.68.50.18 port 49994 ssh2 Jun 13 23:05:09 vps sshd[911289]: Invalid user meres from 138.68.50.18 port 60372 ...	2020-06-14 09:19:01
138.68.50.18	attack	May 24 12:12:24 ns3033917 sshd[29082]: Failed password for root from 138.68.50.18 port 38006 ssh2 May 24 12:13:44 ns3033917 sshd[29088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root May 24 12:13:46 ns3033917 sshd[29088]: Failed password for root from 138.68.50.18 port 53416 ssh2 ...	2020-05-24 22:48:00
138.68.50.18	attackbotsspam	Invalid user training from 138.68.50.18 port 44196	2020-05-16 13:18:10
138.68.50.18	attackbots	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-04-16 14:21:51
138.68.50.18	attackspambots	$f2bV_matches	2020-04-13 12:43:28
138.68.50.18	attack	2020-03-09 UTC: (2x) - miyazawa,nproc	2020-03-10 21:31:21
138.68.50.18	attackbots	Mar 9 18:40:18 areeb-Workstation sshd[26509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Mar 9 18:40:19 areeb-Workstation sshd[26509]: Failed password for invalid user miyazawa from 138.68.50.18 port 42038 ssh2 ...	2020-03-09 22:27:55
138.68.50.18	attackspam	Feb 14 19:43:39 plusreed sshd[9310]: Invalid user close from 138.68.50.18 ...	2020-02-15 09:07:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.50.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28561
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.50.1.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111800 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 19 02:02:24 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 1.50.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.50.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
193.36.225.118	attack	193.36.225.118 - - [30/Jun/2020:20:06:37 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 193.36.225.118 - - [30/Jun/2020:20:06:39 +0100] "POST /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 193.36.225.118 - - [30/Jun/2020:20:11:16 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-07-01 18:12:46
219.73.1.122	attackspambots	Honeypot attack, port: 5555, PTR: n219073001122.netvigator.com.	2020-07-01 17:30:20
77.42.88.160	attackbotsspam	Automatic report - Port Scan Attack	2020-07-01 17:58:57
13.78.230.118	attackbots	Jun 30 19:31:12 Ubuntu-1404-trusty-64-minimal sshd\[5781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.78.230.118 user=root Jun 30 19:31:14 Ubuntu-1404-trusty-64-minimal sshd\[5781\]: Failed password for root from 13.78.230.118 port 1024 ssh2 Jun 30 20:25:38 Ubuntu-1404-trusty-64-minimal sshd\[8906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.78.230.118 user=root Jun 30 20:25:40 Ubuntu-1404-trusty-64-minimal sshd\[8906\]: Failed password for root from 13.78.230.118 port 1152 ssh2 Jun 30 20:49:07 Ubuntu-1404-trusty-64-minimal sshd\[22577\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.78.230.118 user=root	2020-07-01 17:28:37
162.243.132.150	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-01 17:26:03
109.232.109.58	attack	Multiple SSH authentication failures from 109.232.109.58	2020-07-01 17:27:33
189.213.109.179	attack	Unauthorized connection attempt detected from IP address 189.213.109.179 to port 23	2020-07-01 18:13:10
46.221.46.133	attackbots	Unauthorized connection attempt detected from IP address 46.221.46.133 to port 8080	2020-07-01 17:28:22
178.62.116.156	attackbots	50050/tcp [2020-06-30]1pkt	2020-07-01 17:48:42
197.253.6.70	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-01 17:25:13
118.212.143.46	attack	06/28/2020-19:33:10.323112 118.212.143.46 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-01 17:58:22
196.52.43.65	attackspambots	Jun 30 10:59:49 propaganda sshd[14712]: Connection from 196.52.43.65 port 53623 on 10.0.0.160 port 22 rdomain "" Jun 30 10:59:58 propaganda sshd[14712]: Connection reset by 196.52.43.65 port 53623 [preauth]	2020-07-01 17:47:38
103.234.102.11	attackbotsspam	Unauthorized connection attempt detected from IP address 103.234.102.11 to port 445	2020-07-01 17:39:15
89.211.178.222	attack	Unauthorized connection attempt detected from IP address 89.211.178.222 to port 445 [T]	2020-07-01 17:25:45
220.135.250.178	attackspam	TCP (SYN) 220.135.250.178:39563 -> port 23, len 44	2020-07-01 18:15:18

最近上报的IP列表

171.38.192.16	82.64.2.114	173.208.201.58	106.54.16.96
222.142.248.193	114.254.125.95	213.153.127.69	201.220.95.235
193.111.78.71	65.84.135.66	45.82.35.22	35.2.119.68
114.41.236.212	127.140.82.186	55.206.99.174	33.109.168.110
44.125.176.181	151.106.161.182	194.242.149.94	179.222.22.199