138.68.50.1 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	web Attack on Wordpress site at 2020-01-02.	2020-01-03 02:46:50
attack	SSH login attempts with user root.	2019-11-19 02:02:27

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.50.78	attackspambots	(sshd) Failed SSH login from 138.68.50.78 (US/United States/-): 5 in the last 3600 secs	2020-10-12 04:12:44
138.68.50.78	attack	Oct 11 12:26:48 server sshd[4930]: Failed password for invalid user new from 138.68.50.78 port 52160 ssh2 Oct 11 12:30:19 server sshd[6901]: Failed password for root from 138.68.50.78 port 58464 ssh2 Oct 11 12:33:58 server sshd[8755]: Failed password for invalid user apache from 138.68.50.78 port 36560 ssh2	2020-10-11 20:11:56
138.68.50.78	attack	Oct 11 06:13:19 root sshd[27400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.78 user=root Oct 11 06:13:21 root sshd[27400]: Failed password for root from 138.68.50.78 port 33222 ssh2 ...	2020-10-11 12:10:50
138.68.50.78	attackbotsspam	SSH Brute Force	2020-10-11 05:34:25
138.68.50.18	attack	Exploited Host.	2020-07-26 02:43:14
138.68.50.18	attackbots	Jun 19 15:38:55 vps687878 sshd\[20915\]: Failed password for invalid user testftp from 138.68.50.18 port 52366 ssh2 Jun 19 15:40:42 vps687878 sshd\[21173\]: Invalid user developer from 138.68.50.18 port 43972 Jun 19 15:40:42 vps687878 sshd\[21173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 19 15:40:44 vps687878 sshd\[21173\]: Failed password for invalid user developer from 138.68.50.18 port 43972 ssh2 Jun 19 15:42:32 vps687878 sshd\[21506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root ...	2020-06-19 22:05:17
138.68.50.18	attackbots	Jun 15 03:52:34 ws26vmsma01 sshd[91294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 15 03:52:36 ws26vmsma01 sshd[91294]: Failed password for invalid user gateway from 138.68.50.18 port 39384 ssh2 ...	2020-06-15 15:54:57
138.68.50.18	attackbots	Jun 13 23:03:10 vps sshd[899884]: Failed password for invalid user mmadmin from 138.68.50.18 port 39616 ssh2 Jun 13 23:04:09 vps sshd[903541]: Invalid user Welkome$#1234 from 138.68.50.18 port 49994 Jun 13 23:04:09 vps sshd[903541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 13 23:04:11 vps sshd[903541]: Failed password for invalid user Welkome$#1234 from 138.68.50.18 port 49994 ssh2 Jun 13 23:05:09 vps sshd[911289]: Invalid user meres from 138.68.50.18 port 60372 ...	2020-06-14 09:19:01
138.68.50.18	attack	May 24 12:12:24 ns3033917 sshd[29082]: Failed password for root from 138.68.50.18 port 38006 ssh2 May 24 12:13:44 ns3033917 sshd[29088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root May 24 12:13:46 ns3033917 sshd[29088]: Failed password for root from 138.68.50.18 port 53416 ssh2 ...	2020-05-24 22:48:00
138.68.50.18	attackbotsspam	Invalid user training from 138.68.50.18 port 44196	2020-05-16 13:18:10
138.68.50.18	attackbots	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-04-16 14:21:51
138.68.50.18	attackspambots	$f2bV_matches	2020-04-13 12:43:28
138.68.50.18	attack	2020-03-09 UTC: (2x) - miyazawa,nproc	2020-03-10 21:31:21
138.68.50.18	attackbots	Mar 9 18:40:18 areeb-Workstation sshd[26509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Mar 9 18:40:19 areeb-Workstation sshd[26509]: Failed password for invalid user miyazawa from 138.68.50.18 port 42038 ssh2 ...	2020-03-09 22:27:55
138.68.50.18	attackspam	Feb 14 19:43:39 plusreed sshd[9310]: Invalid user close from 138.68.50.18 ...	2020-02-15 09:07:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.50.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28561
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.50.1.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111800 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 19 02:02:24 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 1.50.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.50.68.138.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
37.49.229.183	attackspam	firewall-block, port(s): 6080/udp	2020-03-29 03:34:39
87.251.74.12	attack	ET DROP Dshield Block Listed Source group 1 - port: 53334 proto: TCP cat: Misc Attack	2020-03-29 03:19:04
61.164.96.98	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 49 - port: 2323 proto: TCP cat: Misc Attack	2020-03-29 03:27:09
185.176.27.42	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 1341 proto: TCP cat: Misc Attack	2020-03-29 03:06:13
185.209.0.17	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 3308 proto: TCP cat: Misc Attack	2020-03-29 03:44:44
45.143.220.251	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-29 03:30:12
192.241.238.166	attackspambots	Port Scan detected from 192.241.238.166 (US/United States/California/San Francisco/zg-0312b-140.stretchoid.com). 4 hits in the last 220 seconds	2020-03-29 03:39:27
185.176.27.174	attackspam	03/28/2020-15:44:19.449778 185.176.27.174 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-29 03:45:39
61.219.11.153	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 50 - port: 443 proto: TCP cat: Misc Attack	2020-03-29 03:26:37
162.243.132.148	attackspambots	ET SCAN Suspicious inbound to mySQL port 3306 - port: 3306 proto: TCP cat: Potentially Bad Traffic	2020-03-29 03:10:31
87.251.74.14	attack	03/28/2020-15:08:37.448536 87.251.74.14 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-29 03:18:43
45.141.84.29	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 27 - port: 4000 proto: TCP cat: Misc Attack	2020-03-29 03:31:23
141.98.83.11	attack	ET SCAN MS Terminal Server Traffic on Non-standard Port - port: 10000 proto: TCP cat: Attempted Information Leak	2020-03-29 03:11:59
196.43.171.28	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-03-29 03:38:36
58.49.59.12	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 40 - port: 1433 proto: TCP cat: Misc Attack	2020-03-29 03:28:31

最近上报的IP列表

171.38.192.16	82.64.2.114	173.208.201.58	106.54.16.96
222.142.248.193	114.254.125.95	213.153.127.69	201.220.95.235
193.111.78.71	65.84.135.66	45.82.35.22	35.2.119.68
114.41.236.212	127.140.82.186	55.206.99.174	33.109.168.110
44.125.176.181	151.106.161.182	194.242.149.94	179.222.22.199