138.68.73.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Fail2Ban	2020-08-18 02:50:17
attack	Aug 9 23:01:15 buvik sshd[19454]: Failed password for root from 138.68.73.20 port 54672 ssh2 Aug 9 23:04:44 buvik sshd[19886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.73.20 user=root Aug 9 23:04:45 buvik sshd[19886]: Failed password for root from 138.68.73.20 port 36668 ssh2 ...	2020-08-10 05:13:16
attackspambots	Aug 8 12:49:07 hosting sshd[15448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.73.20 user=root Aug 8 12:49:08 hosting sshd[15448]: Failed password for root from 138.68.73.20 port 49486 ssh2 ...	2020-08-08 18:10:54
attack	Aug 1 15:33:48 rancher-0 sshd[708136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.73.20 user=root Aug 1 15:33:49 rancher-0 sshd[708136]: Failed password for root from 138.68.73.20 port 45194 ssh2 ...	2020-08-01 23:57:07
attackbotsspam	Jul 31 08:14:31 propaganda sshd[48776]: Connection from 138.68.73.20 port 60260 on 10.0.0.160 port 22 rdomain "" Jul 31 08:14:32 propaganda sshd[48776]: Connection closed by 138.68.73.20 port 60260 [preauth]	2020-07-31 23:16:20
attack	Jul 30 06:14:50 ns381471 sshd[26082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.73.20 Jul 30 06:14:52 ns381471 sshd[26082]: Failed password for invalid user gourav from 138.68.73.20 port 34844 ssh2	2020-07-30 13:46:01
attackspam	Jul 22 03:25:11 web1 sshd\[563\]: Invalid user postgres from 138.68.73.20 Jul 22 03:25:12 web1 sshd\[563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.73.20 Jul 22 03:25:13 web1 sshd\[563\]: Failed password for invalid user postgres from 138.68.73.20 port 58594 ssh2 Jul 22 03:29:23 web1 sshd\[694\]: Invalid user cloud from 138.68.73.20 Jul 22 03:29:23 web1 sshd\[694\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.73.20	2020-07-22 09:34:25

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.73.41	attackspam	" "	2020-10-14 09:04:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.73.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61261
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.73.20.			IN	A

;; AUTHORITY SECTION:
.			425	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072102 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 22 09:34:22 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

20.73.68.138.in-addr.arpa domain name pointer dev2.logeecom.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.73.68.138.in-addr.arpa	name = dev2.logeecom.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
182.254.186.229	attack	Jun 4 04:06:23 vt0 sshd[36347]: Failed password for root from 182.254.186.229 port 39390 ssh2 Jun 4 04:06:23 vt0 sshd[36347]: Disconnected from authenticating user root 182.254.186.229 port 39390 [preauth] ...	2020-06-04 19:21:51
195.158.7.66	attackspambots	nft/Honeypot/21/73e86	2020-06-04 19:07:09
178.170.221.76	attack	detected by Fail2Ban	2020-06-04 18:59:21
103.65.195.163	attack	Jun 4 10:47:23 webhost01 sshd[18711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.65.195.163 Jun 4 10:47:25 webhost01 sshd[18711]: Failed password for invalid user abracadabra\r from 103.65.195.163 port 38732 ssh2 ...	2020-06-04 19:04:26
179.124.34.8	attackbotsspam	bruteforce detected	2020-06-04 18:53:25
118.172.95.96	attackbotsspam	Icarus honeypot on github	2020-06-04 19:29:31
111.229.103.67	attackspam	Jun 4 12:46:38 Ubuntu-1404-trusty-64-minimal sshd\[25532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.103.67 user=root Jun 4 12:46:40 Ubuntu-1404-trusty-64-minimal sshd\[25532\]: Failed password for root from 111.229.103.67 port 56668 ssh2 Jun 4 13:04:00 Ubuntu-1404-trusty-64-minimal sshd\[8884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.103.67 user=root Jun 4 13:04:02 Ubuntu-1404-trusty-64-minimal sshd\[8884\]: Failed password for root from 111.229.103.67 port 54210 ssh2 Jun 4 13:09:19 Ubuntu-1404-trusty-64-minimal sshd\[14598\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.103.67 user=root	2020-06-04 19:19:21
118.140.55.30	attack	langenachtfulda.de 118.140.55.30 [04/Jun/2020:05:47:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4276 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" langenachtfulda.de 118.140.55.30 [04/Jun/2020:05:47:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4276 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-06-04 18:48:47
159.65.228.82	attackbots	2020-06-04T03:00:26.881941linuxbox-skyline sshd[128615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.228.82 user=root 2020-06-04T03:00:29.072150linuxbox-skyline sshd[128615]: Failed password for root from 159.65.228.82 port 56940 ssh2 ...	2020-06-04 18:59:57
111.231.93.242	attackbots	Jun 4 11:59:36 cdc sshd[30635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.93.242 user=root Jun 4 11:59:38 cdc sshd[30635]: Failed password for invalid user root from 111.231.93.242 port 33712 ssh2	2020-06-04 19:11:43
46.101.200.68	attackbotsspam	SSH_attack	2020-06-04 18:59:37
45.153.248.13	attackbots	From inforeturn@confirapravoce.live Thu Jun 04 00:47:45 2020 Received: from cronos-mx3.confirapravoce.live ([45.153.248.13]:53143)	2020-06-04 18:48:32
49.233.185.63	attackbots	Jun 4 03:30:58 localhost sshd\[13640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.185.63 user=root Jun 4 03:31:01 localhost sshd\[13640\]: Failed password for root from 49.233.185.63 port 33358 ssh2 Jun 4 03:47:29 localhost sshd\[13843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.185.63 user=root ...	2020-06-04 19:03:09
207.194.35.197	attackbotsspam	Jun 4 06:41:14 ws12vmsma01 sshd[24741]: Failed password for root from 207.194.35.197 port 49938 ssh2 Jun 4 06:44:53 ws12vmsma01 sshd[25553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.194.35.197 user=root Jun 4 06:44:55 ws12vmsma01 sshd[25553]: Failed password for root from 207.194.35.197 port 52850 ssh2 ...	2020-06-04 18:46:00
139.217.233.15	attack	Lines containing failures of 139.217.233.15 (max 1000) Jun 1 12:34:50 archiv sshd[26031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.233.15 user=r.r Jun 1 12:34:52 archiv sshd[26031]: Failed password for r.r from 139.217.233.15 port 36296 ssh2 Jun 1 12:34:53 archiv sshd[26031]: Received disconnect from 139.217.233.15 port 36296:11: Bye Bye [preauth] Jun 1 12:34:53 archiv sshd[26031]: Disconnected from 139.217.233.15 port 36296 [preauth] Jun 1 12:41:33 archiv sshd[26136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.217.233.15 user=r.r Jun 1 12:41:35 archiv sshd[26136]: Failed password for r.r from 139.217.233.15 port 37232 ssh2 Jun 1 12:41:35 archiv sshd[26136]: Received disconnect from 139.217.233.15 port 37232:11: Bye Bye [preauth] Jun 1 12:41:35 archiv sshd[26136]: Disconnected from 139.217.233.15 port 37232 [preauth] Jun 1 12:45:26 archiv sshd[26226]: pam_un........ ------------------------------	2020-06-04 19:13:04

最近上报的IP列表

155.212.29.136	36.210.155.179	219.163.240.26	130.210.72.41
0.252.140.107	34.91.131.182	101.245.64.199	190.151.15.202
179.160.226.25	157.245.87.205	107.3.47.164	129.204.12.9
122.116.29.168	114.242.25.188	103.217.255.188	77.8.110.159
226.245.81.243	49.232.202.58	40.68.94.141	39.181.228.101