138.68.68.234 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Sep 13 17:43:52 vps647732 sshd[10898]: Failed password for root from 138.68.68.234 port 40276 ssh2 ...	2020-09-14 02:35:29
attackspambots	Sep 13 12:08:49 ns382633 sshd\[20008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root Sep 13 12:08:51 ns382633 sshd\[20008\]: Failed password for root from 138.68.68.234 port 50270 ssh2 Sep 13 12:21:53 ns382633 sshd\[22580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root Sep 13 12:21:55 ns382633 sshd\[22580\]: Failed password for root from 138.68.68.234 port 45654 ssh2 Sep 13 12:30:28 ns382633 sshd\[24406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root	2020-09-13 18:34:49

类型

评论内容

时间

attackbots

Sep 13 17:43:52 vps647732 sshd[10898]: Failed password for root from 138.68.68.234 port 40276 ssh2
...

2020-09-14 02:35:29

attackspambots

Sep 13 12:08:49 ns382633 sshd\[20008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234  user=root
Sep 13 12:08:51 ns382633 sshd\[20008\]: Failed password for root from 138.68.68.234 port 50270 ssh2
Sep 13 12:21:53 ns382633 sshd\[22580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234  user=root
Sep 13 12:21:55 ns382633 sshd\[22580\]: Failed password for root from 138.68.68.234 port 45654 ssh2
Sep 13 12:30:28 ns382633 sshd\[24406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234  user=root

2020-09-13 18:34:49

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.68.204	attack	TCP (SYN) 138.68.68.204:49946 -> port 22, len 48	2020-10-11 03:50:21
138.68.68.204	attack	[INST1] Automatic report - Banned IP Access	2020-10-10 19:44:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.68.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25873
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.68.234.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091300 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 13 18:34:44 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

234.68.68.138.in-addr.arpa domain name pointer ai.gearup.ai.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
234.68.68.138.in-addr.arpa	name = ai.gearup.ai.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
95.216.153.84	attack	Port scan on 2 port(s): 6669 6822	2020-03-26 21:40:30
195.97.75.174	attack	Invalid user coduo from 195.97.75.174 port 58276	2020-03-26 21:24:59
183.62.250.75	attack	Email rejected due to spam filtering	2020-03-26 21:48:05
111.30.128.39	attackbots	ICMP MH Probe, Scan /Distributed -	2020-03-26 21:39:48
139.59.18.215	attack	Mar 26 15:08:43 pkdns2 sshd\[63166\]: Invalid user tasia from 139.59.18.215Mar 26 15:08:45 pkdns2 sshd\[63166\]: Failed password for invalid user tasia from 139.59.18.215 port 44902 ssh2Mar 26 15:12:54 pkdns2 sshd\[63363\]: Invalid user thad from 139.59.18.215Mar 26 15:12:56 pkdns2 sshd\[63363\]: Failed password for invalid user thad from 139.59.18.215 port 60166 ssh2Mar 26 15:17:12 pkdns2 sshd\[63586\]: Invalid user chench from 139.59.18.215Mar 26 15:17:14 pkdns2 sshd\[63586\]: Failed password for invalid user chench from 139.59.18.215 port 47206 ssh2 ...	2020-03-26 21:29:39
188.80.248.236	attackbotsspam	Email rejected due to spam filtering	2020-03-26 21:53:36
138.197.171.149	attackbotsspam	Mar 26 14:07:50 vps sshd[401306]: Failed password for invalid user at from 138.197.171.149 port 51352 ssh2 Mar 26 14:11:08 vps sshd[423937]: Invalid user ricardo from 138.197.171.149 port 35394 Mar 26 14:11:08 vps sshd[423937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.171.149 Mar 26 14:11:09 vps sshd[423937]: Failed password for invalid user ricardo from 138.197.171.149 port 35394 ssh2 Mar 26 14:14:38 vps sshd[442098]: Invalid user market from 138.197.171.149 port 47276 ...	2020-03-26 21:21:23
51.254.116.137	attackspambots	Mar 26 09:01:12 ny01 sshd[17268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.116.137 Mar 26 09:01:14 ny01 sshd[17268]: Failed password for invalid user david from 51.254.116.137 port 34646 ssh2 Mar 26 09:08:32 ny01 sshd[20189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.116.137	2020-03-26 21:18:14
47.91.92.228	attackbots	Mar 26 06:24:20 server1 sshd\[11082\]: Failed password for invalid user admin from 47.91.92.228 port 45186 ssh2 Mar 26 06:24:20 server1 sshd\[11083\]: Failed password for invalid user admin from 47.91.92.228 port 45188 ssh2 Mar 26 06:25:11 server1 sshd\[11489\]: Invalid user kayla from 47.91.92.228 Mar 26 06:25:11 server1 sshd\[11489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.91.92.228 Mar 26 06:25:11 server1 sshd\[11490\]: Invalid user kayla from 47.91.92.228 ...	2020-03-26 21:44:34
207.180.243.116	attackbotsspam	Mar 25 19:23:35 fwweb01 sshd[22938]: Invalid user gemss from 207.180.243.116 Mar 25 19:23:37 fwweb01 sshd[22938]: Failed password for invalid user gemss from 207.180.243.116 port 45454 ssh2 Mar 25 19:23:37 fwweb01 sshd[22938]: Received disconnect from 207.180.243.116: 11: Bye Bye [preauth] Mar 25 19:32:13 fwweb01 sshd[23477]: Invalid user lr from 207.180.243.116 Mar 25 19:32:15 fwweb01 sshd[23477]: Failed password for invalid user lr from 207.180.243.116 port 58446 ssh2 Mar 25 19:32:15 fwweb01 sshd[23477]: Received disconnect from 207.180.243.116: 11: Bye Bye [preauth] Mar 25 19:35:14 fwweb01 sshd[23664]: Invalid user fq from 207.180.243.116 Mar 25 19:35:16 fwweb01 sshd[23664]: Failed password for invalid user fq from 207.180.243.116 port 60230 ssh2 Mar 25 19:35:16 fwweb01 sshd[23664]: Received disconnect from 207.180.243.116: 11: Bye Bye [preauth] Mar 25 19:38:29 fwweb01 sshd[23840]: Invalid user sunliang from 207.180.243.116 Mar 25 19:38:31 fwweb01 sshd[23840]: Failed........ -------------------------------	2020-03-26 21:41:21
190.237.172.208	attackspambots	Brute force attempt	2020-03-26 21:43:43
196.41.123.155	attackspambots	10 attempts against mh-misc-ban on soil	2020-03-26 21:33:13
41.139.225.135	attackspam	2020-03-26T08:25:22.970187mail.thespaminator.com sshd[4609]: Invalid user admin from 41.139.225.135 port 52989 2020-03-26T08:25:24.811871mail.thespaminator.com sshd[4609]: Failed password for invalid user admin from 41.139.225.135 port 52989 ssh2 ...	2020-03-26 21:34:23
222.186.15.158	attackspambots	Mar 26 13:23:18 IngegnereFirenze sshd[17865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root ...	2020-03-26 21:29:09
218.92.0.202	attackspambots	Mar 26 13:21:53 ewelt sshd[14779]: Failed password for root from 218.92.0.202 port 37308 ssh2 Mar 26 13:21:55 ewelt sshd[14779]: Failed password for root from 218.92.0.202 port 37308 ssh2 Mar 26 13:25:39 ewelt sshd[15013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.202 user=root Mar 26 13:25:41 ewelt sshd[15013]: Failed password for root from 218.92.0.202 port 57294 ssh2 ...	2020-03-26 21:09:23

最近上报的IP列表

79.255.10.204	91.137.189.62	202.28.35.24	107.175.151.94
94.208.138.113	185.193.90.98	151.80.77.132	126.207.9.167
117.69.159.249	176.115.125.234	115.99.212.233	147.36.107.34
20.36.194.79	74.120.14.22	27.79.159.141	27.6.184.227
185.245.41.4	89.183.69.234	49.147.192.215	185.237.204.99