138.68.94.173 - IPInfo

基本信息:

城市(city): Frankfurt am Main

省份(region): Hesse

国家(country): Germany

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Aug 20 07:03:08 rancher-0 sshd[1172212]: Invalid user redmine from 138.68.94.173 port 54758 ...	2020-08-20 13:25:48
attackbots	Port Scan detected from 138.68.94.173 (DE/Germany/Hesse/Frankfurt am Main/-). 4 hits in the last 161 seconds	2020-08-16 00:13:26
attackspam	$f2bV_matches	2020-08-03 05:14:37
attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-27 16:40:58
attackspambots	Jul 12 13:00:04 localhost sshd[46230]: Invalid user fating from 138.68.94.173 port 43596 Jul 12 13:00:04 localhost sshd[46230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Jul 12 13:00:04 localhost sshd[46230]: Invalid user fating from 138.68.94.173 port 43596 Jul 12 13:00:06 localhost sshd[46230]: Failed password for invalid user fating from 138.68.94.173 port 43596 ssh2 Jul 12 13:06:23 localhost sshd[46873]: Invalid user gena from 138.68.94.173 port 34574 ...	2020-07-12 21:20:56
attackspambots	Jun 24 10:15:12 gw1 sshd[10611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Jun 24 10:15:14 gw1 sshd[10611]: Failed password for invalid user dmitry from 138.68.94.173 port 36224 ssh2 ...	2020-06-24 16:08:39
attack	(sshd) Failed SSH login from 138.68.94.173 (DE/Germany/-): 12 in the last 3600 secs	2020-06-20 16:45:55
attackbotsspam	May 29 22:50:17 vps639187 sshd\[10409\]: Invalid user 111111 from 138.68.94.173 port 54672 May 29 22:50:17 vps639187 sshd\[10409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 May 29 22:50:19 vps639187 sshd\[10409\]: Failed password for invalid user 111111 from 138.68.94.173 port 54672 ssh2 ...	2020-05-30 05:39:28
attack	2020-05-23T18:05:51.062450morrigan.ad5gb.com sshd[11987]: Invalid user kyn from 138.68.94.173 port 42690 2020-05-23T18:05:52.667755morrigan.ad5gb.com sshd[11987]: Failed password for invalid user kyn from 138.68.94.173 port 42690 ssh2 2020-05-23T18:05:53.571711morrigan.ad5gb.com sshd[11987]: Disconnected from invalid user kyn 138.68.94.173 port 42690 [preauth]	2020-05-24 08:06:04
attack	May 21 06:37:02 eventyay sshd[13562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 May 21 06:37:04 eventyay sshd[13562]: Failed password for invalid user jiaxin from 138.68.94.173 port 58952 ssh2 May 21 06:44:52 eventyay sshd[13863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 ...	2020-05-21 13:03:04
attackbots	Invalid user eas from 138.68.94.173 port 50486	2020-05-16 06:45:56
attack	May 13 03:30:13 XXXXXX sshd[5595]: Invalid user user from 138.68.94.173 port 33904	2020-05-13 12:04:38
attackbots	$f2bV_matches	2020-05-11 19:09:37
attackbotsspam	Brute-force attempt banned	2020-05-10 07:39:07
attack	May 7 10:37:57 plex sshd[30495]: Invalid user ragnarok from 138.68.94.173 port 46768	2020-05-07 16:46:37
attackbotsspam	2020-05-04T20:42:24.619339abusebot-7.cloudsearch.cf sshd[28618]: Invalid user hadoopuser from 138.68.94.173 port 48510 2020-05-04T20:42:24.626006abusebot-7.cloudsearch.cf sshd[28618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2020-05-04T20:42:24.619339abusebot-7.cloudsearch.cf sshd[28618]: Invalid user hadoopuser from 138.68.94.173 port 48510 2020-05-04T20:42:27.213818abusebot-7.cloudsearch.cf sshd[28618]: Failed password for invalid user hadoopuser from 138.68.94.173 port 48510 ssh2 2020-05-04T20:50:24.529361abusebot-7.cloudsearch.cf sshd[29112]: Invalid user info from 138.68.94.173 port 58300 2020-05-04T20:50:24.537641abusebot-7.cloudsearch.cf sshd[29112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2020-05-04T20:50:24.529361abusebot-7.cloudsearch.cf sshd[29112]: Invalid user info from 138.68.94.173 port 58300 2020-05-04T20:50:27.020123abusebot-7.cloudsearch.cf sshd[2 ...	2020-05-05 06:04:28
attack	2020-05-01T05:22:25.537538mail.thespaminator.com sshd[22499]: Invalid user test from 138.68.94.173 port 51982 2020-05-01T05:22:27.837364mail.thespaminator.com sshd[22499]: Failed password for invalid user test from 138.68.94.173 port 51982 ssh2 ...	2020-05-01 18:56:38
attackspam	Apr 26 14:04:39 haigwepa sshd[32365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Apr 26 14:04:41 haigwepa sshd[32365]: Failed password for invalid user test from 138.68.94.173 port 55416 ssh2 ...	2020-04-27 02:03:41
attackbotsspam	Apr 21 04:55:36 mockhub sshd[31698]: Failed password for root from 138.68.94.173 port 40550 ssh2 ...	2020-04-21 20:43:12
attack	Apr 19 19:17:02 lukav-desktop sshd\[19372\]: Invalid user dm from 138.68.94.173 Apr 19 19:17:02 lukav-desktop sshd\[19372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Apr 19 19:17:03 lukav-desktop sshd\[19372\]: Failed password for invalid user dm from 138.68.94.173 port 38322 ssh2 Apr 19 19:26:37 lukav-desktop sshd\[19719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 user=root Apr 19 19:26:38 lukav-desktop sshd\[19719\]: Failed password for root from 138.68.94.173 port 59662 ssh2	2020-04-20 00:29:58
attackspam	2020-04-09T03:54:47.859663abusebot-4.cloudsearch.cf sshd[5086]: Invalid user jboss from 138.68.94.173 port 55898 2020-04-09T03:54:47.867644abusebot-4.cloudsearch.cf sshd[5086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2020-04-09T03:54:47.859663abusebot-4.cloudsearch.cf sshd[5086]: Invalid user jboss from 138.68.94.173 port 55898 2020-04-09T03:54:50.048845abusebot-4.cloudsearch.cf sshd[5086]: Failed password for invalid user jboss from 138.68.94.173 port 55898 ssh2 2020-04-09T04:03:39.719508abusebot-4.cloudsearch.cf sshd[5718]: Invalid user prometheus from 138.68.94.173 port 38036 2020-04-09T04:03:39.738147abusebot-4.cloudsearch.cf sshd[5718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2020-04-09T04:03:39.719508abusebot-4.cloudsearch.cf sshd[5718]: Invalid user prometheus from 138.68.94.173 port 38036 2020-04-09T04:03:40.952001abusebot-4.cloudsearch.cf sshd[5718]: Fail ...	2020-04-09 15:22:01
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-04-08 05:46:47
attackbotsspam	Apr 4 08:14:12 prox sshd[32501]: Failed password for root from 138.68.94.173 port 44148 ssh2	2020-04-04 14:51:47
attackspam	Mar 25 09:32:28 ny01 sshd[27651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Mar 25 09:32:30 ny01 sshd[27651]: Failed password for invalid user nexus from 138.68.94.173 port 59166 ssh2 Mar 25 09:40:55 ny01 sshd[31174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173	2020-03-25 21:53:20
attackbotsspam	Mar 4 19:08:16 server sshd[620149]: Failed password for invalid user cpanelphpmyadmin from 138.68.94.173 port 56204 ssh2 Mar 4 19:29:44 server sshd[654967]: Failed password for invalid user server from 138.68.94.173 port 38528 ssh2 Mar 4 19:50:56 server sshd[689501]: Failed password for invalid user svnuser from 138.68.94.173 port 49088 ssh2	2020-03-05 04:27:08
attackbots	Mar 1 20:36:38 vps647732 sshd[13667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Mar 1 20:36:40 vps647732 sshd[13667]: Failed password for invalid user jayheo from 138.68.94.173 port 51050 ssh2 ...	2020-03-02 04:12:11
attackbotsspam	$f2bV_matches_ltvn	2020-02-26 11:23:32
attackbotsspam	Invalid user autodoor from 138.68.94.173 port 52722	2020-01-10 23:08:22
attackbots	2019-12-31T15:42:10.838811shield sshd\[4100\]: Invalid user pass1235 from 138.68.94.173 port 51884 2019-12-31T15:42:10.843508shield sshd\[4100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2019-12-31T15:42:12.855318shield sshd\[4100\]: Failed password for invalid user pass1235 from 138.68.94.173 port 51884 ssh2 2019-12-31T15:44:33.603106shield sshd\[4612\]: Invalid user music from 138.68.94.173 port 40518 2019-12-31T15:44:33.606559shield sshd\[4612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173	2019-12-31 23:52:19
attack	Fail2Ban Ban Triggered	2019-12-26 02:20:50

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.94.142	attack	Sep 15 14:51:57 router sshd[6506]: Failed password for root from 138.68.94.142 port 51963 ssh2 Sep 15 15:02:08 router sshd[6558]: Failed password for root from 138.68.94.142 port 58331 ssh2 ...	2020-09-16 00:55:41
138.68.94.142	attack	Port scan denied	2020-09-15 16:47:08
138.68.94.142	attack	Port scan: Attack repeated for 24 hours	2020-09-12 02:27:28
138.68.94.142	attackbotsspam	Automatic report - Banned IP Access	2020-09-11 18:21:17
138.68.94.142	attack	TCP port : 2280	2020-09-09 19:51:34
138.68.94.142	attackbots	Port scan: Attack repeated for 24 hours	2020-09-09 13:50:00
138.68.94.142	attackbots	TCP (SYN) 138.68.94.142:55075 -> port 2280, len 44	2020-09-09 06:01:29
138.68.94.142	attackbotsspam	firewall-block, port(s): 28171/tcp	2020-08-30 14:03:14
138.68.94.142	attack	TCP port : 15460	2020-08-24 18:49:37
138.68.94.142	attackspam	Port scan: Attack repeated for 24 hours	2020-08-10 15:07:31
138.68.94.142	attackspam	TCP (SYN) 138.68.94.142:48510 -> port 13357, len 44	2020-08-06 17:59:02
138.68.94.142	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 22933 26188	2020-07-29 22:08:04
138.68.94.142	attackspam	Jul 23 22:23:53 vps639187 sshd\[8838\]: Invalid user lazare from 138.68.94.142 port 47458 Jul 23 22:23:53 vps639187 sshd\[8838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 23 22:23:55 vps639187 sshd\[8838\]: Failed password for invalid user lazare from 138.68.94.142 port 47458 ssh2 ...	2020-07-24 04:58:42
138.68.94.142	attackspam	Jul 22 21:36:02 ns382633 sshd\[20639\]: Invalid user hg from 138.68.94.142 port 40958 Jul 22 21:36:02 ns382633 sshd\[20639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 22 21:36:04 ns382633 sshd\[20639\]: Failed password for invalid user hg from 138.68.94.142 port 40958 ssh2 Jul 22 21:54:07 ns382633 sshd\[23882\]: Invalid user coi from 138.68.94.142 port 49014 Jul 22 21:54:07 ns382633 sshd\[23882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142	2020-07-23 04:15:58
138.68.94.142	attack	Multiport scan 32 ports : 2720 3282 4445 4836 4969 8299 8769 9207 10227 11609 14585 15385 16082 16142 16936 17633 17930 18243 18554 20440 22852 23740 24495 26075 26210 27033 29231 29900 30040 31131 31176 31864	2020-07-21 07:31:03

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.94.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18181
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.94.173.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:21:03 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 173.94.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 173.94.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
206.189.41.17	attack	Nov 8 08:57:37 MK-Soft-VM6 sshd[22731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.41.17 Nov 8 08:57:39 MK-Soft-VM6 sshd[22731]: Failed password for invalid user delhi13 from 206.189.41.17 port 46930 ssh2 ...	2019-11-08 16:39:18
51.79.70.223	attackbots	2019-11-08T08:32:53.450694abusebot-5.cloudsearch.cf sshd\[29970\]: Invalid user 123456 from 51.79.70.223 port 47522	2019-11-08 16:53:03
222.186.173.154	attackspambots	Nov 8 09:31:16 [host] sshd[31853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Nov 8 09:31:18 [host] sshd[31853]: Failed password for root from 222.186.173.154 port 52424 ssh2 Nov 8 09:31:44 [host] sshd[31862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root	2019-11-08 16:32:39
51.83.42.108	attack	Nov 8 08:06:59 SilenceServices sshd[29921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.42.108 Nov 8 08:07:02 SilenceServices sshd[29921]: Failed password for invalid user 123456789 from 51.83.42.108 port 41512 ssh2 Nov 8 08:10:32 SilenceServices sshd[30977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.42.108	2019-11-08 17:06:08
103.140.31.195	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-08 16:57:18
45.125.65.48	attack	\[2019-11-08 03:47:38\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-08T03:47:38.090-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="8806701148672520014",SessionID="0x7fdf2c8a8ab8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.48/49761",ACLName="no_extension_match" \[2019-11-08 03:47:44\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-08T03:47:44.202-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="8477501148297661002",SessionID="0x7fdf2cd1cd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.48/52455",ACLName="no_extension_match" \[2019-11-08 03:47:44\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-08T03:47:44.773-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="8142201148778878004",SessionID="0x7fdf2c0fd388",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.48/54068",ACLNam	2019-11-08 16:59:15
45.136.109.215	attackproxy	2019-11-08T09:02:30+01:00 zywall-usg-20 CEF: 0\|ZyXEL\|ZyWALL USG 20\|3.30(BDQ.9)\|0\|Access Control\|5\|src=45.136.109.215 dst=212.18.30.235 spt=57369 dpt=751 msg=Match default rule, DROP proto=6 app=others 2019-11-08T09:02:36+01:00 zywall-usg-20 CEF: 0\|ZyXEL\|ZyWALL USG 20\|3.30(BDQ.9)\|0\|Access Control\|5\|src=45.136.109.215 dst=212.18.30.235 spt=57369 dpt=9124 msg=Match default rule, DROP proto=6 app=others 2019-11-08T09:02:38+01:00 zywall-usg-20 CEF: 0\|ZyXEL\|ZyWALL USG 20\|3.30(BDQ.9)\|0\|Access Control\|5\|src=45.136.109.215 dst=212.18.30.235 spt=57369 dpt=6859 msg=Match default rule, DROP proto=6 app=others 2019-11-08T09:02:44+01:00 zywall-usg-20 CEF: 0\|ZyXEL\|ZyWALL USG 20\|3.30(BDQ.9)\|0\|Access Control\|5\|src=45.136.109.215 dst=212.18.30.235 spt=57369 dpt=8268 msg=Match default rule, DROP proto=6 app=others 2019-11-08T09:02:48+01:00 zywall-usg-20 CEF: 0\|ZyXEL\|ZyWALL USG 20\|3.30(BDQ.9)\|0\|Access Control\|5\|src=45.136.109.215 dst=212.18.30.235 spt=57369 dpt=1634 msg=Match default rule, DROP proto=6 app=others	2019-11-08 17:03:33
78.35.40.51	proxy	n	2019-11-08 16:53:39
110.184.114.49	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-08 16:54:11
86.12.128.253	attack	Honeypot attack, port: 23, PTR: 253-128-12-86.static.virginm.net.	2019-11-08 16:30:01
124.217.235.145	attack	POST /wp-login.php HTTP/1.1 200 1827 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0	2019-11-08 16:52:30
184.82.129.66	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-08 16:48:08
78.35.40.51	spambotsproxynormal	o	2019-11-08 16:55:45
138.68.80.235	attackspam	POST /wp-login.php HTTP/1.1 200 1827 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0	2019-11-08 16:35:34
118.27.3.163	attackspam	Nov 8 06:17:12 shadeyouvpn sshd[8299]: Invalid user sinus from 118.27.3.163 Nov 8 06:17:14 shadeyouvpn sshd[8299]: Failed password for invalid user sinus from 118.27.3.163 port 33114 ssh2 Nov 8 06:17:14 shadeyouvpn sshd[8299]: Received disconnect from 118.27.3.163: 11: Bye Bye [preauth] Nov 8 06:29:42 shadeyouvpn sshd[19371]: Invalid user vyatta from 118.27.3.163 Nov 8 06:29:44 shadeyouvpn sshd[19371]: Failed password for invalid user vyatta from 118.27.3.163 port 58448 ssh2 Nov 8 06:29:44 shadeyouvpn sshd[19371]: Received disconnect from 118.27.3.163: 11: Bye Bye [preauth] Nov 8 06:33:55 shadeyouvpn sshd[24559]: Invalid user dods from 118.27.3.163 Nov 8 06:33:57 shadeyouvpn sshd[24559]: Failed password for invalid user dods from 118.27.3.163 port 41730 ssh2 Nov 8 06:33:58 shadeyouvpn sshd[24559]: Received disconnect from 118.27.3.163: 11: Bye Bye [preauth] Nov 8 06:38:11 shadeyouvpn sshd[27899]: Failed password for r.r from 118.27.3.163 port 53250 ssh2 Nov 8........ -------------------------------	2019-11-08 16:56:55

最近上报的IP列表

122.176.60.95	118.25.27.67	78.24.100.42	49.206.209.88
171.233.98.4	92.51.121.206	197.210.143.2	200.50.110.66
199.16.56.84	201.217.196.162	164.77.77.251	94.155.17.149
188.163.22.53	23.225.150.125	206.189.232.45	145.239.95.55
5.134.219.226	1.164.34.69	202.83.42.25	139.162.90.220