138.68.226.234

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	2020-09-22T21:25:12.592896hostname sshd[12805]: Failed password for invalid user diego from 138.68.226.234 port 43930 ssh2 ...	2020-09-23 02:38:45
attackbotsspam	TCP ports : 16483 / 29795	2020-09-22 18:44:20
attackspam	TCP port : 22600	2020-09-19 21:23:47
attackbotsspam	(sshd) Failed SSH login from 138.68.226.234 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 19 00:00:53 optimus sshd[23873]: Invalid user user3 from 138.68.226.234 Sep 19 00:00:53 optimus sshd[23873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Sep 19 00:00:55 optimus sshd[23873]: Failed password for invalid user user3 from 138.68.226.234 port 41596 ssh2 Sep 19 00:05:49 optimus sshd[25393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root Sep 19 00:05:51 optimus sshd[25393]: Failed password for root from 138.68.226.234 port 51150 ssh2	2020-09-19 13:16:53
attackbots	" "	2020-09-19 04:55:25
attackspam	TCP (SYN) 138.68.226.234:58065 -> port 6328, len 44	2020-09-02 05:01:06
attack	Invalid user delilah from 138.68.226.234 port 60524	2020-08-29 20:03:41
attackbotsspam	Aug 28 21:45:49 pkdns2 sshd\[50496\]: Invalid user audio from 138.68.226.234Aug 28 21:45:51 pkdns2 sshd\[50496\]: Failed password for invalid user audio from 138.68.226.234 port 45746 ssh2Aug 28 21:49:19 pkdns2 sshd\[50658\]: Invalid user dgy from 138.68.226.234Aug 28 21:49:21 pkdns2 sshd\[50658\]: Failed password for invalid user dgy from 138.68.226.234 port 52758 ssh2Aug 28 21:52:48 pkdns2 sshd\[50810\]: Invalid user dorin from 138.68.226.234Aug 28 21:52:50 pkdns2 sshd\[50810\]: Failed password for invalid user dorin from 138.68.226.234 port 59772 ssh2 ...	2020-08-29 03:45:50
attackbotsspam	k+ssh-bruteforce	2020-08-25 15:39:00
attackbots	Automatic report - Banned IP Access	2020-08-20 20:52:28
attackbots	2020-08-19T19:10:48.622122lavrinenko.info sshd[22559]: Invalid user admin2 from 138.68.226.234 port 37408 2020-08-19T19:10:48.627759lavrinenko.info sshd[22559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 2020-08-19T19:10:48.622122lavrinenko.info sshd[22559]: Invalid user admin2 from 138.68.226.234 port 37408 2020-08-19T19:10:50.751270lavrinenko.info sshd[22559]: Failed password for invalid user admin2 from 138.68.226.234 port 37408 ssh2 2020-08-19T19:12:10.691248lavrinenko.info sshd[22651]: Invalid user suporte from 138.68.226.234 port 58086 ...	2020-08-20 00:18:07
attack	2020-08-10T14:01:09.372605hostname sshd[2181]: Failed password for root from 138.68.226.234 port 32918 ssh2 2020-08-10T14:04:54.403426hostname sshd[3376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root 2020-08-10T14:04:56.376749hostname sshd[3376]: Failed password for root from 138.68.226.234 port 43160 ssh2 ...	2020-08-10 19:35:26
attackspam	sshd jail - ssh hack attempt	2020-07-29 07:20:18
attack	Port scan: Attack repeated for 24 hours	2020-07-21 19:36:37
attackbotsspam	Jul 19 13:31:52 h1745522 sshd[5139]: Invalid user firefart from 138.68.226.234 port 35490 Jul 19 13:31:52 h1745522 sshd[5139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 19 13:31:52 h1745522 sshd[5139]: Invalid user firefart from 138.68.226.234 port 35490 Jul 19 13:31:54 h1745522 sshd[5139]: Failed password for invalid user firefart from 138.68.226.234 port 35490 ssh2 Jul 19 13:36:06 h1745522 sshd[5328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=backup Jul 19 13:36:08 h1745522 sshd[5328]: Failed password for backup from 138.68.226.234 port 57370 ssh2 Jul 19 13:40:54 h1745522 sshd[5602]: Invalid user lam from 138.68.226.234 port 51018 Jul 19 13:40:54 h1745522 sshd[5602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 19 13:40:54 h1745522 sshd[5602]: Invalid user lam from 138.68.226.234 port 51018 Ju ...	2020-07-19 20:45:44
attack	Invalid user test from 138.68.226.234 port 52066	2020-07-18 21:57:11
attackspambots	Jul 18 00:29:03 george sshd[308]: Failed password for invalid user nobe from 138.68.226.234 port 41736 ssh2 Jul 18 00:32:55 george sshd[452]: Invalid user csr1dev from 138.68.226.234 port 56512 Jul 18 00:32:55 george sshd[452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 18 00:32:56 george sshd[452]: Failed password for invalid user csr1dev from 138.68.226.234 port 56512 ssh2 Jul 18 00:36:39 george sshd[518]: Invalid user losts from 138.68.226.234 port 43058 ...	2020-07-18 12:44:57
attack	Jul 12 03:49:55 *** sshd[3242]: Invalid user fax1 from 138.68.226.234	2020-07-12 17:53:03
attackbotsspam	Jul 7 23:33:02 OPSO sshd\[16303\]: Invalid user keith from 138.68.226.234 port 34292 Jul 7 23:33:02 OPSO sshd\[16303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 7 23:33:04 OPSO sshd\[16303\]: Failed password for invalid user keith from 138.68.226.234 port 34292 ssh2 Jul 7 23:42:04 OPSO sshd\[18129\]: Invalid user toye from 138.68.226.234 port 42992 Jul 7 23:42:04 OPSO sshd\[18129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234	2020-07-08 05:53:41
attackbotsspam	Jul 7 08:03:45 Ubuntu-1404-trusty-64-minimal sshd\[26647\]: Invalid user miroslav from 138.68.226.234 Jul 7 08:03:45 Ubuntu-1404-trusty-64-minimal sshd\[26647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 7 08:03:47 Ubuntu-1404-trusty-64-minimal sshd\[26647\]: Failed password for invalid user miroslav from 138.68.226.234 port 33200 ssh2 Jul 7 08:09:01 Ubuntu-1404-trusty-64-minimal sshd\[28584\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root Jul 7 08:09:03 Ubuntu-1404-trusty-64-minimal sshd\[28584\]: Failed password for root from 138.68.226.234 port 52968 ssh2	2020-07-07 14:46:50
attackspambots	Jul 4 14:04:00 abendstille sshd\[5511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root Jul 4 14:04:02 abendstille sshd\[5511\]: Failed password for root from 138.68.226.234 port 44418 ssh2 Jul 4 14:08:32 abendstille sshd\[9910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root Jul 4 14:08:34 abendstille sshd\[9910\]: Failed password for root from 138.68.226.234 port 43274 ssh2 Jul 4 14:13:29 abendstille sshd\[14639\]: Invalid user click from 138.68.226.234 Jul 4 14:13:30 abendstille sshd\[14639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 ...	2020-07-04 21:23:03
attackspambots	sshd	2020-06-14 01:43:34
attackbotsspam	Jun 11 09:36:42 legacy sshd[11225]: Failed password for root from 138.68.226.234 port 53094 ssh2 Jun 11 09:38:26 legacy sshd[11302]: Failed password for root from 138.68.226.234 port 51914 ssh2 ...	2020-06-11 15:44:06
attackspambots	Jun 9 02:32:12 mx sshd[18496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jun 9 02:32:14 mx sshd[18496]: Failed password for invalid user jingxin from 138.68.226.234 port 43686 ssh2	2020-06-09 19:21:06
attackbots	Jun 3 14:24:44 home sshd[18423]: Failed password for root from 138.68.226.234 port 55330 ssh2 Jun 3 14:28:16 home sshd[18775]: Failed password for root from 138.68.226.234 port 58960 ssh2 ...	2020-06-03 21:10:08
attack	May 28 13:45:54 Host-KEWR-E sshd[3111]: User root from 138.68.226.234 not allowed because not listed in AllowUsers ...	2020-05-29 02:07:15
attackspam	Invalid user jianqiao1 from 138.68.226.234 port 58358	2020-05-24 08:13:08
attackbotsspam	May 6 22:49:25 vlre-nyc-1 sshd\[2325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root May 6 22:49:27 vlre-nyc-1 sshd\[2325\]: Failed password for root from 138.68.226.234 port 43902 ssh2 May 6 22:52:55 vlre-nyc-1 sshd\[2403\]: Invalid user juan from 138.68.226.234 May 6 22:52:55 vlre-nyc-1 sshd\[2403\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 May 6 22:52:57 vlre-nyc-1 sshd\[2403\]: Failed password for invalid user juan from 138.68.226.234 port 52762 ssh2 ...	2020-05-07 07:50:53
attackbots	Invalid user git from 138.68.226.234 port 57526	2020-04-30 04:00:14
attackspam	"fail2ban match"	2020-04-24 02:05:56

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.226.175	attack	k+ssh-bruteforce	2020-10-11 03:58:06
138.68.226.175	attackbots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "test" at 2020-10-10T10:41:46Z	2020-10-10 19:52:49
138.68.226.175	attackbotsspam	frenzy	2020-09-11 21:42:37
138.68.226.175	attackbotsspam	Sep 11 07:31:35 inter-technics sshd[20686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Sep 11 07:31:37 inter-technics sshd[20686]: Failed password for root from 138.68.226.175 port 37212 ssh2 Sep 11 07:35:51 inter-technics sshd[20881]: Invalid user oracle from 138.68.226.175 port 50748 Sep 11 07:35:51 inter-technics sshd[20881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Sep 11 07:35:51 inter-technics sshd[20881]: Invalid user oracle from 138.68.226.175 port 50748 Sep 11 07:35:53 inter-technics sshd[20881]: Failed password for invalid user oracle from 138.68.226.175 port 50748 ssh2 ...	2020-09-11 13:50:55
138.68.226.175	attack	Sep 10 17:53:29 gospond sshd[23088]: Failed password for root from 138.68.226.175 port 41844 ssh2 Sep 10 17:57:36 gospond sshd[23141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Sep 10 17:57:38 gospond sshd[23141]: Failed password for root from 138.68.226.175 port 45474 ssh2 ...	2020-09-11 01:23:18
138.68.226.175	attackspambots	2020-09-10T14:51:20.840025hostname sshd[60951]: Failed password for root from 138.68.226.175 port 45896 ssh2 2020-09-10T14:55:12.194179hostname sshd[61411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root 2020-09-10T14:55:14.149557hostname sshd[61411]: Failed password for root from 138.68.226.175 port 51478 ssh2 ...	2020-09-10 16:42:49
138.68.226.175	attackspam	Unauthorized SSH login attempts	2020-09-10 07:18:29
138.68.226.175	attackbotsspam	Sep 9 21:10:58 dhoomketu sshd[2978251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Sep 9 21:10:58 dhoomketu sshd[2978251]: Invalid user dstat from 138.68.226.175 port 60758 Sep 9 21:10:59 dhoomketu sshd[2978251]: Failed password for invalid user dstat from 138.68.226.175 port 60758 ssh2 Sep 9 21:13:19 dhoomketu sshd[2978267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Sep 9 21:13:21 dhoomketu sshd[2978267]: Failed password for root from 138.68.226.175 port 40910 ssh2 ...	2020-09-09 23:57:49
138.68.226.175	attackbotsspam	...	2020-09-09 17:29:17
138.68.226.175	attack	Invalid user test from 138.68.226.175 port 35506	2020-09-05 21:09:45
138.68.226.175	attackbotsspam	Automatic Fail2ban report - Trying login SSH	2020-09-05 12:45:17
138.68.226.175	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-05 05:33:51
138.68.226.175	attack	Sep 1 05:48:42 rocket sshd[10462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Sep 1 05:48:44 rocket sshd[10462]: Failed password for invalid user test from 138.68.226.175 port 55412 ssh2 ...	2020-09-01 13:56:41
138.68.226.175	attackspam	Aug 30 15:10:37 gamehost-one sshd[13895]: Failed password for root from 138.68.226.175 port 48288 ssh2 Aug 30 15:20:50 gamehost-one sshd[14821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Aug 30 15:20:52 gamehost-one sshd[14821]: Failed password for invalid user center from 138.68.226.175 port 51788 ssh2 ...	2020-08-31 04:38:49
138.68.226.175	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-30 03:58:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.226.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57408
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.226.234.			IN	A

;; AUTHORITY SECTION:
.			360	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031100 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 11 20:51:59 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 234.226.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 234.226.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
180.251.153.112	attackbotsspam	Unauthorized connection attempt from IP address 180.251.153.112 on Port 445(SMB)	2019-11-23 01:56:10
222.186.3.249	attackspambots	Nov 22 18:15:21 vps691689 sshd[25721]: Failed password for root from 222.186.3.249 port 34588 ssh2 Nov 22 18:16:30 vps691689 sshd[25738]: Failed password for root from 222.186.3.249 port 10464 ssh2 ...	2019-11-23 01:32:13
177.1.213.19	attackbotsspam	detected by Fail2Ban	2019-11-23 02:10:10
36.67.135.146	attackspambots	Unauthorized connection attempt from IP address 36.67.135.146 on Port 445(SMB)	2019-11-23 01:58:53
103.10.30.204	attack	2019-11-22T14:49:18.055345homeassistant sshd[18420]: Invalid user doby from 103.10.30.204 port 52812 2019-11-22T14:49:18.062817homeassistant sshd[18420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.10.30.204 ...	2019-11-23 01:44:52
69.167.210.118	attack	Nov 22 17:35:16 thevastnessof sshd[16172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.167.210.118 ...	2019-11-23 01:51:55
14.186.129.125	attackspambots	Nov 22 15:38:11 mail postfix/smtpd[412]: warning: unknown[14.186.129.125]: SASL PLAIN authentication failed: Nov 22 15:41:27 mail postfix/smtpd[410]: warning: unknown[14.186.129.125]: SASL PLAIN authentication failed: Nov 22 15:44:15 mail postfix/smtpd[2488]: warning: unknown[14.186.129.125]: SASL PLAIN authentication failed:	2019-11-23 02:04:51
45.82.153.134	attackbots	2019-11-22 18:34:15 dovecot_login authenticator failed for \(\[45.82.153.134\]\) \[45.82.153.134\]: 535 Incorrect authentication data \(set_id=info@nophost.com\) 2019-11-22 18:34:27 dovecot_login authenticator failed for \(\[45.82.153.134\]\) \[45.82.153.134\]: 535 Incorrect authentication data 2019-11-22 18:34:40 dovecot_login authenticator failed for \(\[45.82.153.134\]\) \[45.82.153.134\]: 535 Incorrect authentication data 2019-11-22 18:34:45 dovecot_login authenticator failed for \(\[45.82.153.134\]\) \[45.82.153.134\]: 535 Incorrect authentication data 2019-11-22 18:35:02 dovecot_login authenticator failed for \(\[45.82.153.134\]\) \[45.82.153.134\]: 535 Incorrect authentication data	2019-11-23 01:35:18
117.50.36.53	attack	Nov 18 16:00:22 server2101 sshd[21119]: Invalid user ikezoye from 117.50.36.53 port 52210 Nov 18 16:00:22 server2101 sshd[21119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.36.53 Nov 18 16:00:24 server2101 sshd[21119]: Failed password for invalid user ikezoye from 117.50.36.53 port 52210 ssh2 Nov 18 16:00:25 server2101 sshd[21119]: Received disconnect from 117.50.36.53 port 52210:11: Bye Bye [preauth] Nov 18 16:00:25 server2101 sshd[21119]: Disconnected from 117.50.36.53 port 52210 [preauth] Nov 18 16:17:59 server2101 sshd[21505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.36.53 user=r.r Nov 18 16:18:01 server2101 sshd[21505]: Failed password for r.r from 117.50.36.53 port 54872 ssh2 Nov 18 16:18:01 server2101 sshd[21505]: Received disconnect from 117.50.36.53 port 54872:11: Bye Bye [preauth] Nov 18 16:18:01 server2101 sshd[21505]: Disconnected from 117.50.36.53 port........ -------------------------------	2019-11-23 01:58:37
125.164.232.60	attack	Unauthorized connection attempt from IP address 125.164.232.60 on Port 445(SMB)	2019-11-23 01:53:14
118.112.187.230	attackspambots	Unauthorized connection attempt from IP address 118.112.187.230 on Port 445(SMB)	2019-11-23 01:34:24
222.190.143.206	attack	SSH Brute Force, server-1 sshd[4948]: Failed password for invalid user 100 from 222.190.143.206 port 9137 ssh2	2019-11-23 01:45:28
222.186.175.212	attackspambots	2019-11-22T17:44:27.035569abusebot-3.cloudsearch.cf sshd\[4622\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root	2019-11-23 01:46:03
163.172.207.104	attackbotsspam	\[2019-11-22 12:18:25\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-22T12:18:25.573-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="369011972592277524",SessionID="0x7f26c40441e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/53516",ACLName="no_extension_match" \[2019-11-22 12:22:28\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-22T12:22:28.166-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="69011972592277524",SessionID="0x7f26c40441e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/60408",ACLName="no_extension_match" \[2019-11-22 12:26:32\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-22T12:26:32.130-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="85011972592277524",SessionID="0x7f26c40441e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.207.104/65358",AC	2019-11-23 01:40:11
49.206.4.124	attack	Unauthorized connection attempt from IP address 49.206.4.124 on Port 445(SMB)	2019-11-23 02:08:34

最近上报的IP列表

83.222.97.197	41.250.251.178	37.78.152.78	37.49.226.154
223.196.176.242	167.172.49.247	111.89.176.116	31.13.145.29
202.29.87.1	187.108.0.157	183.91.4.97	122.252.136.131
77.111.240.173	182.74.86.75	180.87.209.69	177.128.229.145
171.248.98.184	157.245.110.95	175.176.50.102	145.128.176.157