138.68.8.165 - IPInfo

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.81.162	attack	2020-10-13T08:05:05.291545mail.thespaminator.com sshd[31503]: Failed password for root from 138.68.81.162 port 41028 ssh2 2020-10-13T08:09:40.391450mail.thespaminator.com sshd[32109]: Invalid user qwerty from 138.68.81.162 port 37522 ...	2020-10-13 20:53:02
138.68.81.162	attackbotsspam	Oct 13 02:03:02 web-main sshd[3402804]: Failed password for invalid user victor from 138.68.81.162 port 48810 ssh2 Oct 13 02:17:56 web-main sshd[3404657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.81.162 user=root Oct 13 02:17:59 web-main sshd[3404657]: Failed password for root from 138.68.81.162 port 54682 ssh2	2020-10-13 12:22:30
138.68.81.162	attack	Oct 12 21:10:20 ws26vmsma01 sshd[193768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.81.162 Oct 12 21:10:22 ws26vmsma01 sshd[193768]: Failed password for invalid user nishida from 138.68.81.162 port 49444 ssh2 ...	2020-10-13 05:12:06
138.68.80.235	attackbots	138.68.80.235 - - [05/Oct/2020:07:51:33 -0700] "GET /wp-login.php HTTP/1.1" 301 561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 06:43:36
138.68.80.235	attack	138.68.80.235 - - [05/Oct/2020:07:51:33 -0700] "GET /wp-login.php HTTP/1.1" 301 561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 22:52:10
138.68.80.235	attack	hacking	2020-10-05 14:46:56
138.68.80.235	attack	138.68.80.235 - - [29/Sep/2020:17:56:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2243 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:17:57:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:17:57:00 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 04:31:31
138.68.80.235	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-29 20:39:51
138.68.80.235	attackspam	138.68.80.235 - - [29/Sep/2020:03:56:38 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:03:56:40 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:03:56:41 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 12:48:53
138.68.80.235	attackbotsspam	C1,WP GET /suche/wp-login.php	2020-09-29 06:51:54
138.68.81.162	attack	Sep 28 15:48:49 lanister sshd[18241]: Failed password for invalid user tom from 138.68.81.162 port 49648 ssh2 Sep 28 15:53:58 lanister sshd[18288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.81.162 user=root Sep 28 15:53:59 lanister sshd[18288]: Failed password for root from 138.68.81.162 port 58818 ssh2 Sep 28 15:58:48 lanister sshd[18336]: Invalid user corinna from 138.68.81.162	2020-09-29 04:16:32
138.68.80.235	attack	xmlrpc attack	2020-09-28 23:19:46
138.68.81.162	attackspam	Invalid user richard from 138.68.81.162 port 35616	2020-09-28 20:30:29
138.68.80.235	attack	xmlrpc attack	2020-09-28 15:23:17
138.68.85.208	attackspambots	Sep 20 18:31:32 localhost sshd\[25615\]: Invalid user postgres from 138.68.85.208 Sep 20 18:31:32 localhost sshd\[25615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 Sep 20 18:31:33 localhost sshd\[25615\]: Failed password for invalid user postgres from 138.68.85.208 port 43364 ssh2 Sep 20 18:37:14 localhost sshd\[25845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 user=root Sep 20 18:37:15 localhost sshd\[25845\]: Failed password for root from 138.68.85.208 port 55630 ssh2 ...	2020-09-21 01:43:19

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.8.165
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8757
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.8.165.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 17 07:38:11 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 165.8.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 165.8.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
202.179.20.27	attackspambots	firewall-block, port(s): 1433/tcp	2020-04-09 15:20:52
193.112.102.52	attack	SSH login attempts.	2020-04-09 15:30:35
183.88.210.105	attackspambots	IMAP login attempt (user=)	2020-04-09 15:11:12
197.53.210.229	attackbotsspam	Bruteforce detected by fail2ban	2020-04-09 14:52:20
47.75.172.46	attackbots	xmlrpc attack	2020-04-09 15:03:40
71.83.123.141	spambotsattackproxynormal	Sent attack	2020-04-09 15:00:06
207.244.119.5	attackbotsspam	(From eric@talkwithwebvisitor.com) Good day, My name is Eric and unlike a lot of emails you might get, I wanted to instead provide you with a word of encouragement – Congratulations What for? Part of my job is to check out websites and the work you’ve done with lakechirocenter.com definitely stands out. It’s clear you took building a website seriously and made a real investment of time and resources into making it top quality. There is, however, a catch… more accurately, a question… So when someone like me happens to find your site – maybe at the top of the search results (nice job BTW) or just through a random link, how do you know? More importantly, how do you make a connection with that person? Studies show that 7 out of 10 visitors don’t stick around – they’re there one second and then gone with the wind. Here’s a way to create INSTANT engagement that you may not have known about… Talk With Web Visitor is a software widget that’s works on your site, ready to capture any	2020-04-09 15:28:28
157.230.42.206	attack	(sshd) Failed SSH login from 157.230.42.206 (SG/Singapore/ubuntu-lamp-on-18.04): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 9 05:45:46 amsweb01 sshd[14208]: Invalid user zxin10 from 157.230.42.206 port 52262 Apr 9 05:45:48 amsweb01 sshd[14208]: Failed password for invalid user zxin10 from 157.230.42.206 port 52262 ssh2 Apr 9 05:53:48 amsweb01 sshd[15322]: Invalid user deploy from 157.230.42.206 port 44354 Apr 9 05:53:50 amsweb01 sshd[15322]: Failed password for invalid user deploy from 157.230.42.206 port 44354 ssh2 Apr 9 06:00:40 amsweb01 sshd[16258]: Invalid user ubuntu from 157.230.42.206 port 54494	2020-04-09 15:21:29
106.13.57.117	attackbotsspam	Apr 8 22:34:29 pixelmemory sshd[31345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 Apr 8 22:34:30 pixelmemory sshd[31345]: Failed password for invalid user postgres from 106.13.57.117 port 49406 ssh2 Apr 8 22:41:40 pixelmemory sshd[435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.57.117 ...	2020-04-09 15:17:38
80.209.152.82	attackbots	Unauthorised access (Apr 9) SRC=80.209.152.82 LEN=48 TTL=115 ID=7984 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-09 14:51:32
182.254.172.219	attack	ssh brute force	2020-04-09 15:10:14
190.166.83.203	attackbots	Apr 8 18:34:34 hanapaa sshd\[21067\]: Invalid user ubuntu from 190.166.83.203 Apr 8 18:34:34 hanapaa sshd\[21067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.166.83.203 Apr 8 18:34:36 hanapaa sshd\[21067\]: Failed password for invalid user ubuntu from 190.166.83.203 port 60878 ssh2 Apr 8 18:37:59 hanapaa sshd\[21279\]: Invalid user ubuntu from 190.166.83.203 Apr 8 18:37:59 hanapaa sshd\[21279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.166.83.203	2020-04-09 15:09:30
103.76.201.118	attackbots	(From taylor.buchanan@gmail.com) Hello n95 masks directly from our factory in U.S.A. We have large stocks. Order here https://screenshot.photos/n95masks2 Sincerely "Sent from my Samsung"	2020-04-09 15:29:03
46.219.3.139	attackbotsspam	<6 unauthorized SSH connections	2020-04-09 15:21:44
203.83.121.14	spambotsattackproxynormal	Sent attack	2020-04-09 15:02:35

最近上报的IP列表

157.230.141.3	51.6.183.56	73.107.137.94	220.110.164.66
130.117.173.14	201.177.9.26	125.64.119.132	177.87.110.52
89.144.151.138	186.148.83.53	116.238.224.222	113.100.255.50
190.233.21.220	109.184.123.187	222.188.180.110	201.123.127.172
205.205.150.9	144.217.82.205	200.196.42.100	180.110.43.137