68.183.48.14 - IPInfo

基本信息:

城市(city): Clifton

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-04-19 01:07:13
attackspambots	CMS (WordPress or Joomla) login attempt.	2020-04-02 09:07:42
attack	Automatic report - XMLRPC Attack	2020-03-04 18:27:17
attackspam	xmlrpc attack	2020-01-24 04:54:05
attackbots	GET /cms/wp-login.php	2019-12-26 23:58:34
attack	Automatic report - XMLRPC Attack	2019-12-07 17:05:08
attack	WordPress login Brute force / Web App Attack on client site.	2019-11-10 13:54:58
attackspambots	wp bruteforce	2019-11-07 21:31:26

相同子网IP讨论:

IP	类型	评论内容	时间
68.183.48.172	attackspambots	Jul 5 03:55:27 jumpserver sshd[346116]: Failed password for invalid user cbq from 68.183.48.172 port 56018 ssh2 Jul 5 03:56:31 jumpserver sshd[346122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 user=root Jul 5 03:56:33 jumpserver sshd[346122]: Failed password for root from 68.183.48.172 port 60827 ssh2 ...	2020-07-05 12:09:18
68.183.48.172	attack	Jun 30 13:07:23 ws12vmsma01 sshd[12675]: Invalid user stephanie from 68.183.48.172 Jun 30 13:07:25 ws12vmsma01 sshd[12675]: Failed password for invalid user stephanie from 68.183.48.172 port 52667 ssh2 Jun 30 13:12:48 ws12vmsma01 sshd[13413]: Invalid user ywf from 68.183.48.172 ...	2020-07-01 01:54:47
68.183.48.172	attack	2020-06-27T23:33:25.465925hostname sshd[84265]: Failed password for root from 68.183.48.172 port 39077 ssh2 ...	2020-06-28 02:24:39
68.183.48.172	attackbots	2020-06-25T14:47:19.890770shield sshd\[15992\]: Invalid user facturacion from 68.183.48.172 port 43242 2020-06-25T14:47:19.894714shield sshd\[15992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 2020-06-25T14:47:21.533105shield sshd\[15992\]: Failed password for invalid user facturacion from 68.183.48.172 port 43242 ssh2 2020-06-25T14:52:08.471509shield sshd\[16685\]: Invalid user dany from 68.183.48.172 port 43264 2020-06-25T14:52:08.475188shield sshd\[16685\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172	2020-06-26 04:16:33
68.183.48.172	attackspambots	Jun 19 10:48:38 mout sshd[31884]: Invalid user rafal from 68.183.48.172 port 46881 Jun 19 10:48:39 mout sshd[31884]: Failed password for invalid user rafal from 68.183.48.172 port 46881 ssh2 Jun 19 10:48:40 mout sshd[31884]: Disconnected from invalid user rafal 68.183.48.172 port 46881 [preauth]	2020-06-19 16:55:53
68.183.48.172	attackspambots	Jun 13 15:28:11 jane sshd[13671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 Jun 13 15:28:14 jane sshd[13671]: Failed password for invalid user tinasong from 68.183.48.172 port 50380 ssh2 ...	2020-06-13 22:45:10
68.183.48.172	attack	Jun 11 12:31:41 django-0 sshd\[5281\]: Invalid user t24dev05 from 68.183.48.172Jun 11 12:31:43 django-0 sshd\[5281\]: Failed password for invalid user t24dev05 from 68.183.48.172 port 35655 ssh2Jun 11 12:36:23 django-0 sshd\[5355\]: Failed password for root from 68.183.48.172 port 36089 ssh2 ...	2020-06-12 02:25:23
68.183.48.172	attack	Jun 10 23:56:02 mail sshd\[8667\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 user=root ...	2020-06-11 14:36:08
68.183.48.172	attack	May 31 00:19:10 v2202003116398111542 sshd[1233913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 May 31 00:19:12 v2202003116398111542 sshd[1233913]: Failed password for invalid user admin from 68.183.48.172 port 58242 ssh2 May 31 00:19:12 v2202003116398111542 sshd[1233913]: Disconnected from invalid user admin 68.183.48.172 port 58242 [preauth] May 31 00:21:36 v2202003116398111542 sshd[1238370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 user=root May 31 00:21:37 v2202003116398111542 sshd[1238370]: Failed password for root from 68.183.48.172 port 45350 ssh2 May 31 00:23:59 v2202003116398111542 sshd[1242701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 user=root May 31 00:24:01 v2202003116398111542 sshd[1242701]: Failed password for root from 68.183.48.172 port 60691 ssh2 May 31 00:26:25 v2202003116398111542 sshd[1247128]: Invalid user	2020-06-03 02:00:11
68.183.48.172	attack	$f2bV_matches	2020-05-21 17:51:19
68.183.48.172	attackspambots	May 20 13:39:37 ny01 sshd[31819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 May 20 13:39:38 ny01 sshd[31819]: Failed password for invalid user kmb from 68.183.48.172 port 45222 ssh2 May 20 13:42:47 ny01 sshd[32241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172	2020-05-21 01:51:27
68.183.48.172	attack	May 7 00:53:00 NPSTNNYC01T sshd[3996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 May 7 00:53:02 NPSTNNYC01T sshd[3996]: Failed password for invalid user yvonne from 68.183.48.172 port 59682 ssh2 May 7 00:58:14 NPSTNNYC01T sshd[4567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 ...	2020-05-07 14:34:40
68.183.48.172	attack	May 5 12:10:55 lukav-desktop sshd\[2101\]: Invalid user vsm from 68.183.48.172 May 5 12:10:55 lukav-desktop sshd\[2101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 May 5 12:10:57 lukav-desktop sshd\[2101\]: Failed password for invalid user vsm from 68.183.48.172 port 43146 ssh2 May 5 12:20:51 lukav-desktop sshd\[10604\]: Invalid user test1 from 68.183.48.172 May 5 12:20:51 lukav-desktop sshd\[10604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172	2020-05-05 17:47:40
68.183.48.172	attack	May 3 04:56:00 l02a sshd[5783]: Invalid user kato from 68.183.48.172 May 3 04:56:00 l02a sshd[5783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 May 3 04:56:00 l02a sshd[5783]: Invalid user kato from 68.183.48.172 May 3 04:56:03 l02a sshd[5783]: Failed password for invalid user kato from 68.183.48.172 port 50237 ssh2	2020-05-03 13:07:24
68.183.48.172	attackspam	SSH Invalid Login	2020-05-02 05:47:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 68.183.48.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40866
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;68.183.48.14.			IN	A

;; AUTHORITY SECTION:
.			273	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110700 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 07 21:31:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 14.48.183.68.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 14.48.183.68.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
146.0.87.242	attack	unauthorized connection attempt	2020-01-12 13:08:22
115.221.211.156	attackbotsspam	Bad Postfix AUTH attempts	2020-01-12 09:08:16
177.20.224.176	attackspam	unauthorized connection attempt	2020-01-12 13:15:12
112.35.75.46	attackbotsspam	Jan 12 05:57:36 herz-der-gamer sshd[23555]: Invalid user test from 112.35.75.46 port 58730 Jan 12 05:57:36 herz-der-gamer sshd[23555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.35.75.46 Jan 12 05:57:36 herz-der-gamer sshd[23555]: Invalid user test from 112.35.75.46 port 58730 Jan 12 05:57:38 herz-der-gamer sshd[23555]: Failed password for invalid user test from 112.35.75.46 port 58730 ssh2 ...	2020-01-12 13:01:33
197.220.163.230	attackspam	unauthorized connection attempt	2020-01-12 13:05:36
129.211.77.44	attack	$f2bV_matches	2020-01-12 13:15:49
182.16.162.66	attack	unauthorized connection attempt	2020-01-12 13:07:18
222.124.149.138	attackbotsspam	$f2bV_matches	2020-01-12 09:10:22
49.88.112.61	attack	Jan 10 20:28:37 debian sshd[16209]: Unable to negotiate with 49.88.112.61 port 58519: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Jan 11 20:10:11 debian sshd[22792]: Unable to negotiate with 49.88.112.61 port 55651: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2020-01-12 09:11:37
138.99.216.171	attackbots	Attempts against SMTP/SSMTP	2020-01-12 13:01:10
41.38.25.188	attackbots	unauthorized connection attempt	2020-01-12 13:17:48
151.233.52.223	attackbots	unauthorized connection attempt	2020-01-12 13:25:31
219.136.250.36	attack	unauthorized connection attempt	2020-01-12 13:04:47
183.154.19.234	attackspambots	2020-01-11 22:57:14 dovecot_login authenticator failed for (vbloi) [183.154.19.234]:53022 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangguo@lerctr.org) 2020-01-11 22:57:22 dovecot_login authenticator failed for (zgfkf) [183.154.19.234]:53022 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangguo@lerctr.org) 2020-01-11 22:57:38 dovecot_login authenticator failed for (pccfi) [183.154.19.234]:53022 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=zhangguo@lerctr.org) ...	2020-01-12 13:00:56
101.128.75.15	attackbotsspam	unauthorized connection attempt	2020-01-12 13:09:12

最近上报的IP列表

188.75.80.159	106.13.219.148	186.54.111.160	173.212.200.13
79.107.138.74	94.23.31.12	138.68.222.78	51.38.49.17
118.24.238.238	219.134.115.114	103.31.109.247	181.196.137.82
90.188.249.22	45.230.7.76	49.79.67.110	1.48.251.183
5.189.186.191	3.13.78.50	46.151.151.211	49.146.1.53