138.68.226.234

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	2020-09-22T21:25:12.592896hostname sshd[12805]: Failed password for invalid user diego from 138.68.226.234 port 43930 ssh2 ...	2020-09-23 02:38:45
attackbotsspam	TCP ports : 16483 / 29795	2020-09-22 18:44:20
attackspam	TCP port : 22600	2020-09-19 21:23:47
attackbotsspam	(sshd) Failed SSH login from 138.68.226.234 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 19 00:00:53 optimus sshd[23873]: Invalid user user3 from 138.68.226.234 Sep 19 00:00:53 optimus sshd[23873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Sep 19 00:00:55 optimus sshd[23873]: Failed password for invalid user user3 from 138.68.226.234 port 41596 ssh2 Sep 19 00:05:49 optimus sshd[25393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root Sep 19 00:05:51 optimus sshd[25393]: Failed password for root from 138.68.226.234 port 51150 ssh2	2020-09-19 13:16:53
attackbots	" "	2020-09-19 04:55:25
attackspam	TCP (SYN) 138.68.226.234:58065 -> port 6328, len 44	2020-09-02 05:01:06
attack	Invalid user delilah from 138.68.226.234 port 60524	2020-08-29 20:03:41
attackbotsspam	Aug 28 21:45:49 pkdns2 sshd\[50496\]: Invalid user audio from 138.68.226.234Aug 28 21:45:51 pkdns2 sshd\[50496\]: Failed password for invalid user audio from 138.68.226.234 port 45746 ssh2Aug 28 21:49:19 pkdns2 sshd\[50658\]: Invalid user dgy from 138.68.226.234Aug 28 21:49:21 pkdns2 sshd\[50658\]: Failed password for invalid user dgy from 138.68.226.234 port 52758 ssh2Aug 28 21:52:48 pkdns2 sshd\[50810\]: Invalid user dorin from 138.68.226.234Aug 28 21:52:50 pkdns2 sshd\[50810\]: Failed password for invalid user dorin from 138.68.226.234 port 59772 ssh2 ...	2020-08-29 03:45:50
attackbotsspam	k+ssh-bruteforce	2020-08-25 15:39:00
attackbots	Automatic report - Banned IP Access	2020-08-20 20:52:28
attackbots	2020-08-19T19:10:48.622122lavrinenko.info sshd[22559]: Invalid user admin2 from 138.68.226.234 port 37408 2020-08-19T19:10:48.627759lavrinenko.info sshd[22559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 2020-08-19T19:10:48.622122lavrinenko.info sshd[22559]: Invalid user admin2 from 138.68.226.234 port 37408 2020-08-19T19:10:50.751270lavrinenko.info sshd[22559]: Failed password for invalid user admin2 from 138.68.226.234 port 37408 ssh2 2020-08-19T19:12:10.691248lavrinenko.info sshd[22651]: Invalid user suporte from 138.68.226.234 port 58086 ...	2020-08-20 00:18:07
attack	2020-08-10T14:01:09.372605hostname sshd[2181]: Failed password for root from 138.68.226.234 port 32918 ssh2 2020-08-10T14:04:54.403426hostname sshd[3376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root 2020-08-10T14:04:56.376749hostname sshd[3376]: Failed password for root from 138.68.226.234 port 43160 ssh2 ...	2020-08-10 19:35:26
attackspam	sshd jail - ssh hack attempt	2020-07-29 07:20:18
attack	Port scan: Attack repeated for 24 hours	2020-07-21 19:36:37
attackbotsspam	Jul 19 13:31:52 h1745522 sshd[5139]: Invalid user firefart from 138.68.226.234 port 35490 Jul 19 13:31:52 h1745522 sshd[5139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 19 13:31:52 h1745522 sshd[5139]: Invalid user firefart from 138.68.226.234 port 35490 Jul 19 13:31:54 h1745522 sshd[5139]: Failed password for invalid user firefart from 138.68.226.234 port 35490 ssh2 Jul 19 13:36:06 h1745522 sshd[5328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=backup Jul 19 13:36:08 h1745522 sshd[5328]: Failed password for backup from 138.68.226.234 port 57370 ssh2 Jul 19 13:40:54 h1745522 sshd[5602]: Invalid user lam from 138.68.226.234 port 51018 Jul 19 13:40:54 h1745522 sshd[5602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 19 13:40:54 h1745522 sshd[5602]: Invalid user lam from 138.68.226.234 port 51018 Ju ...	2020-07-19 20:45:44
attack	Invalid user test from 138.68.226.234 port 52066	2020-07-18 21:57:11
attackspambots	Jul 18 00:29:03 george sshd[308]: Failed password for invalid user nobe from 138.68.226.234 port 41736 ssh2 Jul 18 00:32:55 george sshd[452]: Invalid user csr1dev from 138.68.226.234 port 56512 Jul 18 00:32:55 george sshd[452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 18 00:32:56 george sshd[452]: Failed password for invalid user csr1dev from 138.68.226.234 port 56512 ssh2 Jul 18 00:36:39 george sshd[518]: Invalid user losts from 138.68.226.234 port 43058 ...	2020-07-18 12:44:57
attack	Jul 12 03:49:55 *** sshd[3242]: Invalid user fax1 from 138.68.226.234	2020-07-12 17:53:03
attackbotsspam	Jul 7 23:33:02 OPSO sshd\[16303\]: Invalid user keith from 138.68.226.234 port 34292 Jul 7 23:33:02 OPSO sshd\[16303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 7 23:33:04 OPSO sshd\[16303\]: Failed password for invalid user keith from 138.68.226.234 port 34292 ssh2 Jul 7 23:42:04 OPSO sshd\[18129\]: Invalid user toye from 138.68.226.234 port 42992 Jul 7 23:42:04 OPSO sshd\[18129\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234	2020-07-08 05:53:41
attackbotsspam	Jul 7 08:03:45 Ubuntu-1404-trusty-64-minimal sshd\[26647\]: Invalid user miroslav from 138.68.226.234 Jul 7 08:03:45 Ubuntu-1404-trusty-64-minimal sshd\[26647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jul 7 08:03:47 Ubuntu-1404-trusty-64-minimal sshd\[26647\]: Failed password for invalid user miroslav from 138.68.226.234 port 33200 ssh2 Jul 7 08:09:01 Ubuntu-1404-trusty-64-minimal sshd\[28584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root Jul 7 08:09:03 Ubuntu-1404-trusty-64-minimal sshd\[28584\]: Failed password for root from 138.68.226.234 port 52968 ssh2	2020-07-07 14:46:50
attackspambots	Jul 4 14:04:00 abendstille sshd\[5511\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root Jul 4 14:04:02 abendstille sshd\[5511\]: Failed password for root from 138.68.226.234 port 44418 ssh2 Jul 4 14:08:32 abendstille sshd\[9910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root Jul 4 14:08:34 abendstille sshd\[9910\]: Failed password for root from 138.68.226.234 port 43274 ssh2 Jul 4 14:13:29 abendstille sshd\[14639\]: Invalid user click from 138.68.226.234 Jul 4 14:13:30 abendstille sshd\[14639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 ...	2020-07-04 21:23:03
attackspambots	sshd	2020-06-14 01:43:34
attackbotsspam	Jun 11 09:36:42 legacy sshd[11225]: Failed password for root from 138.68.226.234 port 53094 ssh2 Jun 11 09:38:26 legacy sshd[11302]: Failed password for root from 138.68.226.234 port 51914 ssh2 ...	2020-06-11 15:44:06
attackspambots	Jun 9 02:32:12 mx sshd[18496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 Jun 9 02:32:14 mx sshd[18496]: Failed password for invalid user jingxin from 138.68.226.234 port 43686 ssh2	2020-06-09 19:21:06
attackbots	Jun 3 14:24:44 home sshd[18423]: Failed password for root from 138.68.226.234 port 55330 ssh2 Jun 3 14:28:16 home sshd[18775]: Failed password for root from 138.68.226.234 port 58960 ssh2 ...	2020-06-03 21:10:08
attack	May 28 13:45:54 Host-KEWR-E sshd[3111]: User root from 138.68.226.234 not allowed because not listed in AllowUsers ...	2020-05-29 02:07:15
attackspam	Invalid user jianqiao1 from 138.68.226.234 port 58358	2020-05-24 08:13:08
attackbotsspam	May 6 22:49:25 vlre-nyc-1 sshd\[2325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 user=root May 6 22:49:27 vlre-nyc-1 sshd\[2325\]: Failed password for root from 138.68.226.234 port 43902 ssh2 May 6 22:52:55 vlre-nyc-1 sshd\[2403\]: Invalid user juan from 138.68.226.234 May 6 22:52:55 vlre-nyc-1 sshd\[2403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.234 May 6 22:52:57 vlre-nyc-1 sshd\[2403\]: Failed password for invalid user juan from 138.68.226.234 port 52762 ssh2 ...	2020-05-07 07:50:53
attackbots	Invalid user git from 138.68.226.234 port 57526	2020-04-30 04:00:14
attackspam	"fail2ban match"	2020-04-24 02:05:56

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.226.175	attack	k+ssh-bruteforce	2020-10-11 03:58:06
138.68.226.175	attackbots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "test" at 2020-10-10T10:41:46Z	2020-10-10 19:52:49
138.68.226.175	attackbotsspam	frenzy	2020-09-11 21:42:37
138.68.226.175	attackbotsspam	Sep 11 07:31:35 inter-technics sshd[20686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Sep 11 07:31:37 inter-technics sshd[20686]: Failed password for root from 138.68.226.175 port 37212 ssh2 Sep 11 07:35:51 inter-technics sshd[20881]: Invalid user oracle from 138.68.226.175 port 50748 Sep 11 07:35:51 inter-technics sshd[20881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Sep 11 07:35:51 inter-technics sshd[20881]: Invalid user oracle from 138.68.226.175 port 50748 Sep 11 07:35:53 inter-technics sshd[20881]: Failed password for invalid user oracle from 138.68.226.175 port 50748 ssh2 ...	2020-09-11 13:50:55
138.68.226.175	attack	Sep 10 17:53:29 gospond sshd[23088]: Failed password for root from 138.68.226.175 port 41844 ssh2 Sep 10 17:57:36 gospond sshd[23141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Sep 10 17:57:38 gospond sshd[23141]: Failed password for root from 138.68.226.175 port 45474 ssh2 ...	2020-09-11 01:23:18
138.68.226.175	attackspambots	2020-09-10T14:51:20.840025hostname sshd[60951]: Failed password for root from 138.68.226.175 port 45896 ssh2 2020-09-10T14:55:12.194179hostname sshd[61411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root 2020-09-10T14:55:14.149557hostname sshd[61411]: Failed password for root from 138.68.226.175 port 51478 ssh2 ...	2020-09-10 16:42:49
138.68.226.175	attackspam	Unauthorized SSH login attempts	2020-09-10 07:18:29
138.68.226.175	attackbotsspam	Sep 9 21:10:58 dhoomketu sshd[2978251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Sep 9 21:10:58 dhoomketu sshd[2978251]: Invalid user dstat from 138.68.226.175 port 60758 Sep 9 21:10:59 dhoomketu sshd[2978251]: Failed password for invalid user dstat from 138.68.226.175 port 60758 ssh2 Sep 9 21:13:19 dhoomketu sshd[2978267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Sep 9 21:13:21 dhoomketu sshd[2978267]: Failed password for root from 138.68.226.175 port 40910 ssh2 ...	2020-09-09 23:57:49
138.68.226.175	attackbotsspam	...	2020-09-09 17:29:17
138.68.226.175	attack	Invalid user test from 138.68.226.175 port 35506	2020-09-05 21:09:45
138.68.226.175	attackbotsspam	Automatic Fail2ban report - Trying login SSH	2020-09-05 12:45:17
138.68.226.175	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-05 05:33:51
138.68.226.175	attack	Sep 1 05:48:42 rocket sshd[10462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Sep 1 05:48:44 rocket sshd[10462]: Failed password for invalid user test from 138.68.226.175 port 55412 ssh2 ...	2020-09-01 13:56:41
138.68.226.175	attackspam	Aug 30 15:10:37 gamehost-one sshd[13895]: Failed password for root from 138.68.226.175 port 48288 ssh2 Aug 30 15:20:50 gamehost-one sshd[14821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Aug 30 15:20:52 gamehost-one sshd[14821]: Failed password for invalid user center from 138.68.226.175 port 51788 ssh2 ...	2020-08-31 04:38:49
138.68.226.175	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-30 03:58:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.226.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57408
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.226.234.			IN	A

;; AUTHORITY SECTION:
.			360	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031100 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 11 20:51:59 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 234.226.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 234.226.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
2a03:b0c0:2:f0::246:7001	attackspam	Fail2Ban Ban Triggered	2019-11-20 19:04:14
77.40.61.149	attack	failed_logins	2019-11-20 19:38:19
195.22.225.19	attackspambots	Nov 20 10:30:38 vmanager6029 sshd\[24102\]: Invalid user inbae from 195.22.225.19 port 43076 Nov 20 10:30:38 vmanager6029 sshd\[24102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.22.225.19 Nov 20 10:30:40 vmanager6029 sshd\[24102\]: Failed password for invalid user inbae from 195.22.225.19 port 43076 ssh2	2019-11-20 19:13:17
125.117.214.203	attackbotsspam	Nov 20 07:12:47 xzibhostname postfix/smtpd[13477]: connect from unknown[125.117.214.203] Nov 20 07:12:47 xzibhostname postfix/smtpd[13477]: warning: unknown[125.117.214.203]: SASL LOGIN authentication failed: authentication failure Nov 20 07:12:48 xzibhostname postfix/smtpd[13477]: lost connection after AUTH from unknown[125.117.214.203] Nov 20 07:12:48 xzibhostname postfix/smtpd[13477]: disconnect from unknown[125.117.214.203] Nov 20 07:12:48 xzibhostname postfix/smtpd[17930]: connect from unknown[125.117.214.203] Nov 20 07:12:49 xzibhostname postfix/smtpd[17930]: warning: unknown[125.117.214.203]: SASL LOGIN authentication failed: authentication failure Nov 20 07:12:50 xzibhostname postfix/smtpd[17930]: lost connection after AUTH from unknown[125.117.214.203] Nov 20 07:12:50 xzibhostname postfix/smtpd[17930]: disconnect from unknown[125.117.214.203] Nov 20 07:12:51 xzibhostname postfix/smtpd[13477]: connect from unknown[125.117.214.203] Nov 20 07:12:52 xzibhostname po........ -------------------------------	2019-11-20 19:09:33
222.186.136.64	attack	Nov 20 11:55:28 server sshd\[21923\]: Invalid user dni from 222.186.136.64 Nov 20 11:55:28 server sshd\[21923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.136.64 Nov 20 11:55:30 server sshd\[21923\]: Failed password for invalid user dni from 222.186.136.64 port 60342 ssh2 Nov 20 12:10:15 server sshd\[25574\]: Invalid user rpm from 222.186.136.64 Nov 20 12:10:15 server sshd\[25574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.136.64 ...	2019-11-20 19:26:30
42.242.10.119	attackspambots	badbot	2019-11-20 19:05:27
103.17.159.54	attackbots	Nov 20 10:43:20 localhost sshd\[115549\]: Invalid user fun from 103.17.159.54 port 39204 Nov 20 10:43:20 localhost sshd\[115549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.17.159.54 Nov 20 10:43:22 localhost sshd\[115549\]: Failed password for invalid user fun from 103.17.159.54 port 39204 ssh2 Nov 20 10:47:15 localhost sshd\[115746\]: Invalid user administrator from 103.17.159.54 port 41368 Nov 20 10:47:15 localhost sshd\[115746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.17.159.54 ...	2019-11-20 19:35:12
223.245.213.12	attackbotsspam	badbot	2019-11-20 19:20:06
51.79.52.41	attack	$f2bV_matches	2019-11-20 19:38:49
51.255.168.202	attackspambots	Nov 20 12:04:00 MK-Soft-VM7 sshd[18545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.168.202 Nov 20 12:04:02 MK-Soft-VM7 sshd[18545]: Failed password for invalid user mysql from 51.255.168.202 port 52588 ssh2 ...	2019-11-20 19:06:34
124.243.198.190	attackspam	Nov 20 07:23:52 mail sshd\[16027\]: Invalid user cacti from 124.243.198.190 Nov 20 07:23:52 mail sshd\[16027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.243.198.190 Nov 20 07:23:53 mail sshd\[16027\]: Failed password for invalid user cacti from 124.243.198.190 port 52618 ssh2 ...	2019-11-20 19:34:40
182.72.178.114	attack	Nov 20 11:31:00 lnxmail61 sshd[3095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.72.178.114 Nov 20 11:31:00 lnxmail61 sshd[3095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.72.178.114	2019-11-20 19:11:05
112.133.237.10	attackbotsspam	xmlrpc attack	2019-11-20 19:19:11
201.116.12.217	attackspam	Nov 20 10:10:11 work-partkepr sshd\[14801\]: Invalid user ftpuser from 201.116.12.217 port 41620 Nov 20 10:10:11 work-partkepr sshd\[14801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.116.12.217 ...	2019-11-20 19:08:14
182.247.60.171	attack	badbot	2019-11-20 19:36:52

最近上报的IP列表

83.222.97.197	41.250.251.178	37.78.152.78	37.49.226.154
223.196.176.242	167.172.49.247	111.89.176.116	31.13.145.29
202.29.87.1	187.108.0.157	183.91.4.97	122.252.136.131
77.111.240.173	182.74.86.75	180.87.209.69	177.128.229.145
171.248.98.184	157.245.110.95	175.176.50.102	145.128.176.157