138.197.145.26

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jul 27 11:20:58 mout sshd[4165]: Invalid user iwan from 138.197.145.26 port 37396	2020-07-27 17:31:36
attackbots	firewall-block, port(s): 8113/tcp	2020-07-26 15:25:19
attack	Scanned 3 times in the last 24 hours on port 22	2020-07-25 08:36:15
attackbots	Jul 24 10:54:47 vpn01 sshd[2993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 24 10:54:49 vpn01 sshd[2993]: Failed password for invalid user batal from 138.197.145.26 port 53418 ssh2 ...	2020-07-24 17:20:04
attackbots	Jul 18 15:58:36 ns382633 sshd\[12725\]: Invalid user sdo from 138.197.145.26 port 41884 Jul 18 15:58:36 ns382633 sshd\[12725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 18 15:58:38 ns382633 sshd\[12725\]: Failed password for invalid user sdo from 138.197.145.26 port 41884 ssh2 Jul 18 16:00:58 ns382633 sshd\[13430\]: Invalid user user from 138.197.145.26 port 45014 Jul 18 16:00:58 ns382633 sshd\[13430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26	2020-07-19 02:24:34
attack	srv02 Mass scanning activity detected Target: 25369 ..	2020-07-18 13:38:06
attackspam	Exploited Host.	2020-07-16 02:26:50
attackbotsspam	Jul 9 23:55:58 santamaria sshd\[24973\]: Invalid user newsmagazine from 138.197.145.26 Jul 9 23:55:58 santamaria sshd\[24973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 9 23:56:00 santamaria sshd\[24973\]: Failed password for invalid user newsmagazine from 138.197.145.26 port 39498 ssh2 ...	2020-07-10 06:27:33
attackspam	SSH Login Bruteforce	2020-07-09 13:22:45
attack	21 attempts against mh-ssh on echoip	2020-07-04 05:12:45
attackspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-06-29 00:57:31
attackbots	Fail2Ban Ban Triggered	2020-06-27 14:33:29
attackspam	Jun 18 14:03:29 inter-technics sshd[13964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 user=root Jun 18 14:03:31 inter-technics sshd[13964]: Failed password for root from 138.197.145.26 port 42076 ssh2 Jun 18 14:06:48 inter-technics sshd[14325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 user=root Jun 18 14:06:49 inter-technics sshd[14325]: Failed password for root from 138.197.145.26 port 43642 ssh2 Jun 18 14:09:58 inter-technics sshd[14632]: Invalid user eti from 138.197.145.26 port 45206 ...	2020-06-18 20:23:24
attackbots	Invalid user guest from 138.197.145.26 port 50704	2020-06-12 15:42:21
attackbots	Jun 10 00:24:52 * sshd[25534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jun 10 00:24:54 * sshd[25534]: Failed password for invalid user zrxiang from 138.197.145.26 port 47228 ssh2	2020-06-10 08:11:54
attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-31 14:34:55
attackbots	Invalid user telco from 138.197.145.26 port 51032	2020-05-28 06:25:18
attack	May 10 09:07:19 localhost sshd\[5389\]: Invalid user dan from 138.197.145.26 May 10 09:07:19 localhost sshd\[5389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 May 10 09:07:20 localhost sshd\[5389\]: Failed password for invalid user dan from 138.197.145.26 port 39494 ssh2 May 10 09:11:00 localhost sshd\[5697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 user=root May 10 09:11:03 localhost sshd\[5697\]: Failed password for root from 138.197.145.26 port 48226 ssh2 ...	2020-05-10 16:31:30
attackbotsspam	May 8 19:20:09 mockhub sshd[26835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 May 8 19:20:11 mockhub sshd[26835]: Failed password for invalid user zimbra from 138.197.145.26 port 56604 ssh2 ...	2020-05-09 22:50:26
attackspam	May 6 02:40:52 ws22vmsma01 sshd[167209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 May 6 02:40:54 ws22vmsma01 sshd[167209]: Failed password for invalid user system from 138.197.145.26 port 51780 ssh2 ...	2020-05-06 18:35:00
attack	(sshd) Failed SSH login from 138.197.145.26 (CA/Canada/-): 5 in the last 3600 secs	2020-04-26 04:40:35
attack	Apr 19 09:50:49 gw1 sshd[32196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Apr 19 09:50:50 gw1 sshd[32196]: Failed password for invalid user dx from 138.197.145.26 port 34636 ssh2 ...	2020-04-19 12:56:25
attackspambots	2020-04-14T14:15:13.227796centos sshd[19734]: Invalid user backup from 138.197.145.26 port 35888 2020-04-14T14:15:15.873029centos sshd[19734]: Failed password for invalid user backup from 138.197.145.26 port 35888 ssh2 2020-04-14T14:19:06.909736centos sshd[19927]: Invalid user fiction from 138.197.145.26 port 43172 ...	2020-04-14 21:23:58
attackspambots	Apr 12 22:27:51 ns382633 sshd\[25766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 user=root Apr 12 22:27:53 ns382633 sshd\[25766\]: Failed password for root from 138.197.145.26 port 36840 ssh2 Apr 12 22:39:25 ns382633 sshd\[28220\]: Invalid user bealle from 138.197.145.26 port 60722 Apr 12 22:39:25 ns382633 sshd\[28220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Apr 12 22:39:27 ns382633 sshd\[28220\]: Failed password for invalid user bealle from 138.197.145.26 port 60722 ssh2	2020-04-13 07:40:08
attack	(sshd) Failed SSH login from 138.197.145.26 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 7 18:52:48 srv sshd[13246]: Invalid user postgres from 138.197.145.26 port 44204 Apr 7 18:52:49 srv sshd[13246]: Failed password for invalid user postgres from 138.197.145.26 port 44204 ssh2 Apr 7 18:58:47 srv sshd[13831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 user=root Apr 7 18:58:49 srv sshd[13831]: Failed password for root from 138.197.145.26 port 47066 ssh2 Apr 7 19:02:15 srv sshd[14188]: Invalid user mcserver from 138.197.145.26 port 45630	2020-04-08 00:17:34
attackspambots	Apr 5 08:03:22 minden010 sshd[18729]: Failed password for root from 138.197.145.26 port 51790 ssh2 Apr 5 08:08:51 minden010 sshd[21402]: Failed password for root from 138.197.145.26 port 51308 ssh2 ...	2020-04-05 14:36:26
attackspambots	5x Failed Password	2020-03-13 21:10:11
attackbots	Automatic report - Banned IP Access	2020-03-12 04:01:56
attackspam	Feb 21 16:16:28 [host] sshd[10764]: pam_unix(sshd: Feb 21 16:16:30 [host] sshd[10764]: Failed passwor Feb 21 16:21:04 [host] sshd[10910]: Invalid user m	2020-02-22 05:18:10
attack	Feb 19 13:29:03 vlre-nyc-1 sshd\[10601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 user=man Feb 19 13:29:04 vlre-nyc-1 sshd\[10601\]: Failed password for man from 138.197.145.26 port 58002 ssh2 Feb 19 13:37:48 vlre-nyc-1 sshd\[10720\]: Invalid user test from 138.197.145.26 Feb 19 13:37:48 vlre-nyc-1 sshd\[10720\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Feb 19 13:37:49 vlre-nyc-1 sshd\[10720\]: Failed password for invalid user test from 138.197.145.26 port 52934 ssh2 ...	2020-02-19 22:06:20

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.145.163	attackbots	Sent packet to closed port: 10394	2020-08-09 12:36:59
138.197.145.163	attackspambots	17087/tcp 14465/tcp 31783/tcp... [2020-06-22/08-04]112pkt,43pt.(tcp)	2020-08-05 06:04:02
138.197.145.163	attackspambots	Fail2Ban Ban Triggered	2020-07-28 23:02:10
138.197.145.163	attack	firewall-block, port(s): 135/tcp	2020-07-11 22:47:12
138.197.145.163	attackspam	May 31 22:46:06 cumulus sshd[17512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.163 user=r.r May 31 22:46:08 cumulus sshd[17512]: Failed password for r.r from 138.197.145.163 port 43564 ssh2 May 31 22:46:08 cumulus sshd[17512]: Received disconnect from 138.197.145.163 port 43564:11: Bye Bye [preauth] May 31 22:46:08 cumulus sshd[17512]: Disconnected from 138.197.145.163 port 43564 [preauth] May 31 22:57:00 cumulus sshd[18577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.163 user=r.r May 31 22:57:03 cumulus sshd[18577]: Failed password for r.r from 138.197.145.163 port 44404 ssh2 May 31 22:57:03 cumulus sshd[18577]: Received disconnect from 138.197.145.163 port 44404:11: Bye Bye [preauth] May 31 22:57:03 cumulus sshd[18577]: Disconnected from 138.197.145.163 port 44404 [preauth] May 31 23:00:33 cumulus sshd[18940]: pam_unix(sshd:auth): authentication failure........ -------------------------------	2020-06-02 18:14:26
138.197.145.101	attackbotsspam	Bruteforce detected by fail2ban	2020-04-15 20:14:30
138.197.145.131	attackbots	Jan 15 11:54:52 amit sshd\[31044\]: Invalid user wilma from 138.197.145.131 Jan 15 11:54:52 amit sshd\[31044\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.131 Jan 15 11:54:54 amit sshd\[31044\]: Failed password for invalid user wilma from 138.197.145.131 port 48602 ssh2 ...	2020-01-15 20:04:38

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.145.26
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44611
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.145.26.			IN	A

;; AUTHORITY SECTION:
.			1882	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081401 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 15 11:09:02 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 26.145.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 26.145.197.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
164.132.44.25	attackbotsspam	Jul 18 04:13:08 SilenceServices sshd[26171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.44.25 Jul 18 04:13:10 SilenceServices sshd[26171]: Failed password for invalid user alix from 164.132.44.25 port 40422 ssh2 Jul 18 04:19:31 SilenceServices sshd[32007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.44.25	2019-07-18 10:43:13
220.92.16.70	attack	2019-07-18T01:27:22.538117abusebot-2.cloudsearch.cf sshd\[6153\]: Invalid user web3 from 220.92.16.70 port 46028 2019-07-18T01:27:22.542965abusebot-2.cloudsearch.cf sshd\[6153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.92.16.70	2019-07-18 10:44:11
117.232.72.154	attackspam	/var/log/messages:Jul 16 10:32:27 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1563273147.982:32827): pid=13231 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=13232 suid=74 rport=1397 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=117.232.72.154 terminal=? res=success' /var/log/messages:Jul 16 10:32:27 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1563273147.986:32828): pid=13231 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=13232 suid=74 rport=1397 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=117.232.72.154 terminal=? res=success' /var/log/messages:Jul 16 10:32:29 sanyalnet-cloud-vps fail2ban.filter[5325]: INFO [sshd] Found........ -------------------------------	2019-07-18 10:38:33
92.238.51.136	attack	2019-07-18T03:25:09.345805lon01.zurich-datacenter.net sshd\[19163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpc110361-king13-2-0-cust903.19-1.cable.virginm.net user=root 2019-07-18T03:25:11.453583lon01.zurich-datacenter.net sshd\[19163\]: Failed password for root from 92.238.51.136 port 42406 ssh2 2019-07-18T03:25:34.965935lon01.zurich-datacenter.net sshd\[19206\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpc110361-king13-2-0-cust903.19-1.cable.virginm.net user=root 2019-07-18T03:25:37.147399lon01.zurich-datacenter.net sshd\[19206\]: Failed password for root from 92.238.51.136 port 43930 ssh2 2019-07-18T03:26:02.807828lon01.zurich-datacenter.net sshd\[19208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpc110361-king13-2-0-cust903.19-1.cable.virginm.net user=root ...	2019-07-18 11:28:41
68.183.105.52	attack	Jul 18 05:05:25 ns3367391 sshd\[17825\]: Invalid user kaffee from 68.183.105.52 port 37164 Jul 18 05:05:25 ns3367391 sshd\[17825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.105.52 ...	2019-07-18 11:07:15
190.104.243.12	attack	Brute force attempt	2019-07-18 11:26:33
52.168.167.166	attack	Jul 18 04:32:59 icinga sshd[16552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.168.167.166 Jul 18 04:33:02 icinga sshd[16552]: Failed password for invalid user harry from 52.168.167.166 port 34422 ssh2 ...	2019-07-18 11:15:43
200.87.95.100	attackspambots	Jul 16 06:39:04 hurricane sshd[22434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.87.95.100 user=r.r Jul 16 06:39:05 hurricane sshd[22434]: Failed password for r.r from 200.87.95.100 port 61697 ssh2 Jul 16 06:39:05 hurricane sshd[22434]: Received disconnect from 200.87.95.100 port 61697:11: Bye Bye [preauth] Jul 16 06:39:05 hurricane sshd[22434]: Disconnected from 200.87.95.100 port 61697 [preauth] Jul 16 08:51:34 hurricane sshd[23167]: Invalid user school from 200.87.95.100 port 30100 Jul 16 08:51:34 hurricane sshd[23167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.87.95.100 Jul 16 08:51:35 hurricane sshd[23167]: Failed password for invalid user school from 200.87.95.100 port 30100 ssh2 Jul 16 08:51:35 hurricane sshd[23167]: Received disconnect from 200.87.95.100 port 30100:11: Bye Bye [preauth] Jul 16 08:51:35 hurricane sshd[23167]: Disconnected from 200.87.95.100 port 3........ -------------------------------	2019-07-18 10:40:05
115.186.41.75	attack	Unauthorised access (Jul 18) SRC=115.186.41.75 LEN=40 TTL=49 ID=44021 TCP DPT=23 WINDOW=30307 SYN	2019-07-18 11:30:20
195.206.105.217	attackbotsspam	Jul 18 03:27:23 giegler sshd[6956]: Failed password for root from 195.206.105.217 port 37276 ssh2 Jul 18 03:27:26 giegler sshd[6956]: Failed password for root from 195.206.105.217 port 37276 ssh2 Jul 18 03:27:29 giegler sshd[6956]: Failed password for root from 195.206.105.217 port 37276 ssh2 Jul 18 03:27:32 giegler sshd[6956]: Failed password for root from 195.206.105.217 port 37276 ssh2 Jul 18 03:27:35 giegler sshd[6956]: Failed password for root from 195.206.105.217 port 37276 ssh2	2019-07-18 10:56:21
166.111.7.104	attack	Jul 18 05:14:20 dedicated sshd[6570]: Invalid user me from 166.111.7.104 port 37078	2019-07-18 11:29:16
95.211.212.114	attackbotsspam	3389BruteforceFW23	2019-07-18 10:48:56
69.171.206.254	attack	Jul 17 21:44:48 aat-srv002 sshd[29364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.171.206.254 Jul 17 21:44:50 aat-srv002 sshd[29364]: Failed password for invalid user bs from 69.171.206.254 port 43497 ssh2 Jul 17 21:54:16 aat-srv002 sshd[29551]: Failed password for root from 69.171.206.254 port 31383 ssh2 Jul 17 22:04:01 aat-srv002 sshd[29765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.171.206.254 ...	2019-07-18 11:06:05
178.124.176.185	attack	failed_logins	2019-07-18 10:47:31
46.3.96.70	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-18 11:22:50

最近上报的IP列表

75.67.19.117	194.87.104.33	139.213.38.202	99.149.141.180
94.28.28.7	38.89.143.147	179.56.68.64	180.177.9.193
3.218.110.17	171.241.17.171	152.136.84.139	49.198.244.104
179.228.111.73	199.48.214.105	117.3.47.188	112.27.125.166
116.59.32.108	180.30.113.190	187.102.148.38	96.225.44.58