138.68.55.201 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SS5,WP GET /wp-login.php	2020-02-25 19:47:59
attackbotsspam	Wordpress login attempts	2019-11-19 22:53:53
attack	WordPress wp-login brute force :: 138.68.55.201 0.044 BYPASS [26/Sep/2019:13:56:51 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-26 12:56:42
attack	masters-of-media.de 138.68.55.201 \[05/Jul/2019:00:59:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 5856 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" masters-of-media.de 138.68.55.201 \[05/Jul/2019:00:59:25 +0200\] "POST /wp-login.php HTTP/1.1" 200 5820 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-05 07:15:33

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.55.147	attackspambots	SSH login attempts.	2020-10-10 23:27:05
138.68.55.147	attackspambots	SSH login attempts.	2020-10-10 15:16:18
138.68.55.193	attack	Invalid user charisse from 138.68.55.193 port 45654	2020-09-15 03:19:26
138.68.55.193	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-14 19:14:19
138.68.55.199	attackspam	Mar 17 08:35:54 php1 sshd\[8604\]: Invalid user xautomation from 138.68.55.199 Mar 17 08:35:54 php1 sshd\[8604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.55.199 Mar 17 08:35:56 php1 sshd\[8604\]: Failed password for invalid user xautomation from 138.68.55.199 port 35208 ssh2 Mar 17 08:40:41 php1 sshd\[9275\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.55.199 user=root Mar 17 08:40:43 php1 sshd\[9275\]: Failed password for root from 138.68.55.199 port 59432 ssh2	2020-03-18 04:02:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.55.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12924
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.55.201.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070401 1800 900 604800 86400

;; Query time: 6 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 05 07:15:19 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 201.55.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 201.55.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.12.98.14	attack	Feb 9 02:25:21 dedicated sshd[14623]: Invalid user six from 106.12.98.14 port 56288	2020-02-09 09:43:32
222.186.175.148	attack	Failed password for root from 222.186.175.148 port 61032 ssh2 Failed password for root from 222.186.175.148 port 61032 ssh2 Failed password for root from 222.186.175.148 port 61032 ssh2 Failed password for root from 222.186.175.148 port 61032 ssh2	2020-02-09 09:53:29
113.172.31.205	attack	2020-02-0901:44:591j0aiZ-0004mj-3q\<=verena@rs-solution.chH=static-170-246-152-4.ideay.net.ni$localhost$[170.246.152.4]:39920P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2305id=CACF792A21F5DB68B4B1F840B4EFCA03@rs-solution.chT="Ihopeyouareadecentperson"forlabanwillymwaijibe2015@gmail.com2020-02-0901:45:331j0aj6-00052T-H1\<=verena@rs-solution.chH=$localhost$[113.172.132.138]:48870P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2095id=7E7BCD9E95416FDC00054CF400D04DB4@rs-solution.chT="Ihopeyouareadecentperson"forguruprasad.gym@gmail.com2020-02-0901:46:151j0ajn-00054V-0g\<=verena@rs-solution.chH=$localhost$[113.172.230.198]:51953P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2179id=FDF84E1D16C2EC5F8386CF7783F3990C@rs-solution.chT="curiositysake"forhuntercogar9@gmail.com2020-02-0901:45:541j0ajR-00053O-2H\<=verena@rs-solution.chH=$localhost$[113.178.33.94]:34233P	2020-02-09 10:14:33
139.59.190.69	attackbots	Feb 8 21:46:11 ws22vmsma01 sshd[240264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69 Feb 8 21:46:13 ws22vmsma01 sshd[240264]: Failed password for invalid user xcx from 139.59.190.69 port 58653 ssh2 ...	2020-02-09 10:01:36
124.195.244.126	attackspambots	Feb 9 01:03:58 sip sshd[17143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.195.244.126 Feb 9 01:04:00 sip sshd[17143]: Failed password for invalid user knq from 124.195.244.126 port 54382 ssh2 Feb 9 01:47:01 sip sshd[28054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.195.244.126	2020-02-09 09:36:36
119.234.7.174	attackbots	SSH-BruteForce	2020-02-09 09:42:18
222.186.175.217	attack	Feb 9 02:37:56 meumeu sshd[29294]: Failed password for root from 222.186.175.217 port 44574 ssh2 Feb 9 02:38:00 meumeu sshd[29294]: Failed password for root from 222.186.175.217 port 44574 ssh2 Feb 9 02:38:04 meumeu sshd[29294]: Failed password for root from 222.186.175.217 port 44574 ssh2 Feb 9 02:38:08 meumeu sshd[29294]: Failed password for root from 222.186.175.217 port 44574 ssh2 ...	2020-02-09 09:39:43
90.118.50.45	attackbots	Feb 9 02:45:58 www5 sshd\[9603\]: Invalid user it.monitoring from 90.118.50.45 Feb 9 02:45:58 www5 sshd\[9603\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.118.50.45 Feb 9 02:46:00 www5 sshd\[9603\]: Failed password for invalid user it.monitoring from 90.118.50.45 port 39944 ssh2 ...	2020-02-09 10:10:37
106.12.182.142	attackspambots	Feb 9 00:24:36 goofy sshd\[6636\]: Invalid user vrd from 106.12.182.142 Feb 9 00:24:36 goofy sshd\[6636\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.182.142 Feb 9 00:24:39 goofy sshd\[6636\]: Failed password for invalid user vrd from 106.12.182.142 port 40322 ssh2 Feb 9 00:48:30 goofy sshd\[7826\]: Invalid user iig from 106.12.182.142 Feb 9 00:48:30 goofy sshd\[7826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.182.142	2020-02-09 09:45:48
138.186.63.73	attack	Feb 8 15:26:54 web9 sshd\[20724\]: Invalid user shy from 138.186.63.73 Feb 8 15:26:54 web9 sshd\[20724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.186.63.73 Feb 8 15:26:56 web9 sshd\[20724\]: Failed password for invalid user shy from 138.186.63.73 port 54440 ssh2 Feb 8 15:29:13 web9 sshd\[21105\]: Invalid user tsf from 138.186.63.73 Feb 8 15:29:13 web9 sshd\[21105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.186.63.73	2020-02-09 09:36:19
37.59.48.181	attackspam	Feb 2 23:35:31 HOST sshd[11421]: Failed password for invalid user clamav from 37.59.48.181 port 33714 ssh2 Feb 2 23:35:31 HOST sshd[11421]: Received disconnect from 37.59.48.181: 11: Bye Bye [preauth] Feb 2 23:40:11 HOST sshd[11724]: Failed password for invalid user teamspeak1 from 37.59.48.181 port 41004 ssh2 Feb 2 23:40:11 HOST sshd[11724]: Received disconnect from 37.59.48.181: 11: Bye Bye [preauth] Feb 2 23:41:46 HOST sshd[11790]: Failed password for invalid user saverio from 37.59.48.181 port 58668 ssh2 Feb 2 23:41:46 HOST sshd[11790]: Received disconnect from 37.59.48.181: 11: Bye Bye [preauth] Feb 3 00:43:53 HOST sshd[15202]: Failed password for invalid user rtrichardson from 37.59.48.181 port 39794 ssh2 Feb 3 00:43:53 HOST sshd[15202]: Received disconnect from 37.59.48.181: 11: Bye Bye [preauth] Feb 3 00:45:40 HOST sshd[15243]: Failed password for invalid user kong from 37.59.48.181 port 57630 ssh2 Feb 3 00:45:40 HOST sshd[15243]: Received disconnect f........ -------------------------------	2020-02-09 10:11:00
112.85.42.173	attackspambots	$f2bV_matches	2020-02-09 09:43:06
222.186.173.226	attack	Feb 9 06:53:26 gw1 sshd[18363]: Failed password for root from 222.186.173.226 port 49181 ssh2 Feb 9 06:53:39 gw1 sshd[18363]: error: maximum authentication attempts exceeded for root from 222.186.173.226 port 49181 ssh2 [preauth] ...	2020-02-09 09:53:55
62.234.62.206	attack	Feb 9 00:31:49 goofy sshd\[7004\]: Invalid user egj from 62.234.62.206 Feb 9 00:31:49 goofy sshd\[7004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.62.206 Feb 9 00:31:50 goofy sshd\[7004\]: Failed password for invalid user egj from 62.234.62.206 port 42684 ssh2 Feb 9 00:46:28 goofy sshd\[7749\]: Invalid user snb from 62.234.62.206 Feb 9 00:46:29 goofy sshd\[7749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.62.206	2020-02-09 10:13:46
201.190.176.19	attackspambots	Feb 9 01:44:06 silence02 sshd[28281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.190.176.19 Feb 9 01:44:07 silence02 sshd[28281]: Failed password for invalid user ftpuser from 201.190.176.19 port 39960 ssh2 Feb 9 01:46:09 silence02 sshd[29173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.190.176.19	2020-02-09 10:10:04

最近上报的IP列表

248.172.66.239	231.220.139.140	188.162.43.94	189.123.57.127
162.189.34.194	4.6.123.20	153.11.121.176	61.175.145.204
201.65.24.83	196.46.36.144	136.122.111.130	235.23.127.141
170.175.186.167	182.54.148.162	76.205.16.120	74.233.99.106
221.236.69.83	146.242.189.94	48.145.224.170	193.136.73.40