68.183.31.42 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	[munged]::80 68.183.31.42 - - [31/Jul/2019:10:10:09 +0200] "POST /[munged]: HTTP/1.1" 200 2062 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::80 68.183.31.42 - - [31/Jul/2019:10:10:10 +0200] "POST /[munged]: HTTP/1.1" 200 2061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::80 68.183.31.42 - - [31/Jul/2019:10:10:10 +0200] "POST /[munged]: HTTP/1.1" 200 2061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::80 68.183.31.42 - - [31/Jul/2019:10:10:11 +0200] "POST /[munged]: HTTP/1.1" 200 2056 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::80 68.183.31.42 - - [31/Jul/2019:10:10:11 +0200] "POST /[munged]: HTTP/1.1" 200 2056 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::80 68.183.31.42 - - [31/Jul/2019:10:10:12 +0200] "POST /[munged]: HTTP/1.1" 200 2060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x8	2019-07-31 17:03:22
attackbots	blogonese.net 68.183.31.42 \[26/Jul/2019:01:05:27 +0200\] "POST /wp-login.php HTTP/1.1" 200 5771 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" blogonese.net 68.183.31.42 \[26/Jul/2019:01:05:28 +0200\] "POST /wp-login.php HTTP/1.1" 200 5731 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-26 10:37:27
attackspam	Automatic report - Banned IP Access	2019-07-16 08:15:35
attackbots	schuetzenmusikanten.de 68.183.31.42 \[10/Jul/2019:15:03:58 +0200\] "POST /wp-login.php HTTP/1.1" 200 5684 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" schuetzenmusikanten.de 68.183.31.42 \[10/Jul/2019:15:03:59 +0200\] "POST /wp-login.php HTTP/1.1" 200 5650 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" schuetzenmusikanten.de 68.183.31.42 \[10/Jul/2019:15:04:01 +0200\] "POST /wp-login.php HTTP/1.1" 200 5641 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-11 02:44:58
attackbotsspam	Automatic report - Web App Attack	2019-06-30 16:57:21

相同子网IP讨论:

IP	类型	评论内容	时间
68.183.31.114	attack	Sep 23 18:38:35 mx sshd[907654]: Invalid user allen from 68.183.31.114 port 59912 Sep 23 18:38:35 mx sshd[907654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 Sep 23 18:38:35 mx sshd[907654]: Invalid user allen from 68.183.31.114 port 59912 Sep 23 18:38:37 mx sshd[907654]: Failed password for invalid user allen from 68.183.31.114 port 59912 ssh2 Sep 23 18:42:18 mx sshd[907762]: Invalid user josh from 68.183.31.114 port 41564 ...	2020-09-23 21:39:53
68.183.31.114	attackbots	Sep 23 05:51:28 ip-172-31-42-142 sshd\[27165\]: Invalid user hadoop from 68.183.31.114\ Sep 23 05:51:30 ip-172-31-42-142 sshd\[27165\]: Failed password for invalid user hadoop from 68.183.31.114 port 41512 ssh2\ Sep 23 05:55:11 ip-172-31-42-142 sshd\[27180\]: Failed password for ubuntu from 68.183.31.114 port 51624 ssh2\ Sep 23 05:58:48 ip-172-31-42-142 sshd\[27190\]: Invalid user teste from 68.183.31.114\ Sep 23 05:58:50 ip-172-31-42-142 sshd\[27190\]: Failed password for invalid user teste from 68.183.31.114 port 33502 ssh2\	2020-09-23 13:59:52
68.183.31.114	attackbotsspam	SSH Invalid Login	2020-09-23 05:49:05
68.183.31.114	attackbots	(sshd) Failed SSH login from 68.183.31.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 19 08:11:55 server2 sshd[25334]: Invalid user prueba from 68.183.31.114 Sep 19 08:11:55 server2 sshd[25334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 Sep 19 08:11:57 server2 sshd[25334]: Failed password for invalid user prueba from 68.183.31.114 port 59398 ssh2 Sep 19 08:24:37 server2 sshd[4754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root Sep 19 08:24:39 server2 sshd[4754]: Failed password for root from 68.183.31.114 port 59994 ssh2	2020-09-19 21:32:12
68.183.31.114	attack	Sep 18 20:23:38 mavik sshd[29122]: Invalid user admin from 68.183.31.114 Sep 18 20:23:38 mavik sshd[29122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 Sep 18 20:23:40 mavik sshd[29122]: Failed password for invalid user admin from 68.183.31.114 port 35522 ssh2 Sep 18 20:27:27 mavik sshd[29298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root Sep 18 20:27:29 mavik sshd[29298]: Failed password for root from 68.183.31.114 port 46790 ssh2 ...	2020-09-19 05:04:16
68.183.31.114	attack	Sep 18 12:38:15 ns382633 sshd\[29251\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root Sep 18 12:38:16 ns382633 sshd\[29251\]: Failed password for root from 68.183.31.114 port 50466 ssh2 Sep 18 12:48:09 ns382633 sshd\[31154\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root Sep 18 12:48:11 ns382633 sshd\[31154\]: Failed password for root from 68.183.31.114 port 47390 ssh2 Sep 18 12:51:50 ns382633 sshd\[31796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root	2020-09-18 22:15:57
68.183.31.114	attack	2020-09-18T08:45:47.648175lavrinenko.info sshd[24448]: Failed password for invalid user sniffer from 68.183.31.114 port 36404 ssh2 2020-09-18T08:49:28.081886lavrinenko.info sshd[24573]: Invalid user bernadette from 68.183.31.114 port 46944 2020-09-18T08:49:28.088183lavrinenko.info sshd[24573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 2020-09-18T08:49:28.081886lavrinenko.info sshd[24573]: Invalid user bernadette from 68.183.31.114 port 46944 2020-09-18T08:49:30.105241lavrinenko.info sshd[24573]: Failed password for invalid user bernadette from 68.183.31.114 port 46944 ssh2 ...	2020-09-18 14:30:52
68.183.31.114	attack	68.183.31.114 (US/United States/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-09-18 04:48:18
68.183.31.114	attackspam	2020-09-08T15:59:37+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-09-08 22:59:30
68.183.31.114	attackspam	Failed password for invalid user emecha from 68.183.31.114 port 37664 ssh2	2020-09-08 14:43:32
68.183.31.114	attackspambots	2020-09-07T23:27:44.949326amanda2.illicoweb.com sshd\[1891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root 2020-09-07T23:27:47.060639amanda2.illicoweb.com sshd\[1891\]: Failed password for root from 68.183.31.114 port 47972 ssh2 2020-09-07T23:30:56.062722amanda2.illicoweb.com sshd\[1967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root 2020-09-07T23:30:58.530476amanda2.illicoweb.com sshd\[1967\]: Failed password for root from 68.183.31.114 port 53748 ssh2 2020-09-07T23:34:14.606012amanda2.illicoweb.com sshd\[2091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root ...	2020-09-08 07:14:47
68.183.31.114	attackspam	Aug 23 20:28:40 php1 sshd\[9910\]: Invalid user newadmin from 68.183.31.114 Aug 23 20:28:40 php1 sshd\[9910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 Aug 23 20:28:42 php1 sshd\[9910\]: Failed password for invalid user newadmin from 68.183.31.114 port 43008 ssh2 Aug 23 20:32:40 php1 sshd\[10263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 user=root Aug 23 20:32:42 php1 sshd\[10263\]: Failed password for root from 68.183.31.114 port 53090 ssh2	2020-08-24 15:14:11
68.183.31.114	attackbotsspam	Invalid user gbc from 68.183.31.114 port 50994	2020-08-23 17:18:17
68.183.31.114	attack	Aug 19 15:32:36 home sshd[1611173]: Invalid user yly from 68.183.31.114 port 52056 Aug 19 15:32:36 home sshd[1611173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.31.114 Aug 19 15:32:36 home sshd[1611173]: Invalid user yly from 68.183.31.114 port 52056 Aug 19 15:32:38 home sshd[1611173]: Failed password for invalid user yly from 68.183.31.114 port 52056 ssh2 Aug 19 15:36:17 home sshd[1613282]: Invalid user lc from 68.183.31.114 port 60354 ...	2020-08-19 21:46:04
68.183.31.167	attackbotsspam	xmlrpc attack	2020-06-07 07:06:15

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 68.183.31.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13923
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;68.183.31.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060200 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 02 16:40:19 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 42.31.183.68.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.31.183.68.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
46.101.209.178	attackspam	$f2bV_matches	2020-10-14 07:47:48
54.155.28.105	attackbotsspam	pandalytics/1.0+(https://domainsbot.com/pandalytics/)	2020-10-14 07:34:16
188.166.235.22	attackbots	Auto Fail2Ban report, multiple SSH login attempts.	2020-10-14 07:41:37
218.69.98.170	attack	Port scan on 1 port(s): 1433	2020-10-14 07:53:49
193.169.254.107	attackspambots	Rude login attack (70 tries in 1d)	2020-10-14 07:50:55
157.230.19.72	attackspam	Oct 13 21:59:41 ip-172-31-42-142 sshd\[15469\]: Invalid user ralf from 157.230.19.72\ Oct 13 21:59:44 ip-172-31-42-142 sshd\[15469\]: Failed password for invalid user ralf from 157.230.19.72 port 54358 ssh2\ Oct 13 22:03:12 ip-172-31-42-142 sshd\[15542\]: Invalid user sandy from 157.230.19.72\ Oct 13 22:03:14 ip-172-31-42-142 sshd\[15542\]: Failed password for invalid user sandy from 157.230.19.72 port 59660 ssh2\ Oct 13 22:06:36 ip-172-31-42-142 sshd\[15610\]: Invalid user carlo from 157.230.19.72\	2020-10-14 07:26:18
218.75.77.92	attackspam	2020-10-13T22:42:41.641132shield sshd\[27400\]: Invalid user ftpuser from 218.75.77.92 port 47682 2020-10-13T22:42:41.650398shield sshd\[27400\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.77.92 2020-10-13T22:42:43.867241shield sshd\[27400\]: Failed password for invalid user ftpuser from 218.75.77.92 port 47682 ssh2 2020-10-13T22:46:06.669135shield sshd\[27866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.77.92 user=root 2020-10-13T22:46:08.363900shield sshd\[27866\]: Failed password for root from 218.75.77.92 port 9578 ssh2	2020-10-14 07:52:29
14.21.42.158	attackbotsspam	2020-10-13T18:51:46.6904971495-001 sshd[42431]: Invalid user hypo from 14.21.42.158 port 38852 2020-10-13T18:51:46.6996961495-001 sshd[42431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 2020-10-13T18:51:46.6904971495-001 sshd[42431]: Invalid user hypo from 14.21.42.158 port 38852 2020-10-13T18:51:49.0716691495-001 sshd[42431]: Failed password for invalid user hypo from 14.21.42.158 port 38852 ssh2 2020-10-13T18:55:51.5233111495-001 sshd[42664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.42.158 user=root 2020-10-13T18:55:53.1929741495-001 sshd[42664]: Failed password for root from 14.21.42.158 port 57124 ssh2 ...	2020-10-14 07:39:43
218.92.0.171	attack	Oct 14 00:30:58 mavik sshd[29514]: Failed password for root from 218.92.0.171 port 19131 ssh2 Oct 14 00:31:02 mavik sshd[29514]: Failed password for root from 218.92.0.171 port 19131 ssh2 Oct 14 00:31:06 mavik sshd[29514]: Failed password for root from 218.92.0.171 port 19131 ssh2 Oct 14 00:31:09 mavik sshd[29514]: Failed password for root from 218.92.0.171 port 19131 ssh2 Oct 14 00:31:13 mavik sshd[29514]: Failed password for root from 218.92.0.171 port 19131 ssh2 ...	2020-10-14 07:41:21
112.85.42.47	attackspam	2020-10-13T23:26:14.306645abusebot-8.cloudsearch.cf sshd[8113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.47 user=root 2020-10-13T23:26:15.910552abusebot-8.cloudsearch.cf sshd[8113]: Failed password for root from 112.85.42.47 port 26924 ssh2 2020-10-13T23:26:19.744047abusebot-8.cloudsearch.cf sshd[8113]: Failed password for root from 112.85.42.47 port 26924 ssh2 2020-10-13T23:26:14.306645abusebot-8.cloudsearch.cf sshd[8113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.47 user=root 2020-10-13T23:26:15.910552abusebot-8.cloudsearch.cf sshd[8113]: Failed password for root from 112.85.42.47 port 26924 ssh2 2020-10-13T23:26:19.744047abusebot-8.cloudsearch.cf sshd[8113]: Failed password for root from 112.85.42.47 port 26924 ssh2 2020-10-13T23:26:14.306645abusebot-8.cloudsearch.cf sshd[8113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112. ...	2020-10-14 07:32:28
88.88.251.45	attack	Oct 13 23:25:30 scw-focused-cartwright sshd[25944]: Failed password for root from 88.88.251.45 port 59859 ssh2 Oct 13 23:42:34 scw-focused-cartwright sshd[26262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.88.251.45	2020-10-14 07:53:26
106.13.225.13	attack	Oct 14 01:18:02 vpn01 sshd[8350]: Failed password for root from 106.13.225.13 port 44426 ssh2 ...	2020-10-14 07:25:23
196.52.43.60	attack	Automatic report - Banned IP Access	2020-10-14 07:46:54
188.82.251.42	attackspam	20/10/13@16:48:20: FAIL: Alarm-Network address from=188.82.251.42 20/10/13@16:48:20: FAIL: Alarm-Network address from=188.82.251.42 ...	2020-10-14 07:58:06
120.70.100.13	attackspam	Oct 14 01:38:20 Server sshd[1292595]: Failed password for root from 120.70.100.13 port 37023 ssh2 Oct 14 01:42:03 Server sshd[1293056]: Invalid user tomo from 120.70.100.13 port 37085 Oct 14 01:42:03 Server sshd[1293056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.100.13 Oct 14 01:42:03 Server sshd[1293056]: Invalid user tomo from 120.70.100.13 port 37085 Oct 14 01:42:05 Server sshd[1293056]: Failed password for invalid user tomo from 120.70.100.13 port 37085 ssh2 ...	2020-10-14 07:50:16

最近上报的IP列表

219.133.229.200	22.174.222.189	240.68.109.222	167.89.80.130
74.200.140.200	113.99.213.133	77.40.62.140	128.74.194.214
58.95.36.13	103.255.31.57	93.50.205.216	214.41.173.127
204.52.92.183	31.248.49.56	103.238.69.105	103.221.74.192
165.162.89.152	58.209.6.235	240.184.67.173	196.201.106.110