138.68.68.234 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Sep 13 17:43:52 vps647732 sshd[10898]: Failed password for root from 138.68.68.234 port 40276 ssh2 ...	2020-09-14 02:35:29
attackspambots	Sep 13 12:08:49 ns382633 sshd\[20008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root Sep 13 12:08:51 ns382633 sshd\[20008\]: Failed password for root from 138.68.68.234 port 50270 ssh2 Sep 13 12:21:53 ns382633 sshd\[22580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root Sep 13 12:21:55 ns382633 sshd\[22580\]: Failed password for root from 138.68.68.234 port 45654 ssh2 Sep 13 12:30:28 ns382633 sshd\[24406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root	2020-09-13 18:34:49

类型

评论内容

时间

attackbots

Sep 13 17:43:52 vps647732 sshd[10898]: Failed password for root from 138.68.68.234 port 40276 ssh2
...

2020-09-14 02:35:29

attackspambots

Sep 13 12:08:49 ns382633 sshd\[20008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234  user=root
Sep 13 12:08:51 ns382633 sshd\[20008\]: Failed password for root from 138.68.68.234 port 50270 ssh2
Sep 13 12:21:53 ns382633 sshd\[22580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234  user=root
Sep 13 12:21:55 ns382633 sshd\[22580\]: Failed password for root from 138.68.68.234 port 45654 ssh2
Sep 13 12:30:28 ns382633 sshd\[24406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234  user=root

2020-09-13 18:34:49

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.68.204	attack	TCP (SYN) 138.68.68.204:49946 -> port 22, len 48	2020-10-11 03:50:21
138.68.68.204	attack	[INST1] Automatic report - Banned IP Access	2020-10-10 19:44:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.68.234
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25873
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.68.234.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091300 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 13 18:34:44 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

234.68.68.138.in-addr.arpa domain name pointer ai.gearup.ai.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
234.68.68.138.in-addr.arpa	name = ai.gearup.ai.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
188.165.211.206	attackspambots	"PHP Injection Attack: High-Risk PHP Function Name Found - Matched Data: shell_exec found within ARGS:callback: shell_exec"	2020-10-14 02:13:20
14.241.244.189	attackspam	(smtpauth) Failed SMTP AUTH login from 14.241.244.189 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-10-12 17:44:26 dovecot_plain authenticator failed for (mail.bakof.com.br) [14.241.244.189]:49417: 535 Incorrect authentication data (set_id=pcp) 2020-10-12 17:44:33 dovecot_plain authenticator failed for (mail.bakof.com.br) [14.241.244.189]:49417: 535 Incorrect authentication data (set_id=pcp) 2020-10-12 17:44:40 dovecot_plain authenticator failed for (mail.bakof.com.br) [14.241.244.189]:49417: 535 Incorrect authentication data (set_id=q1w2e3r4) 2020-10-12 17:44:59 dovecot_plain authenticator failed for (mail.bakof.com.br) [14.241.244.189]:49546: 535 Incorrect authentication data (set_id=pcp@bakof.com.br) 2020-10-12 17:45:18 dovecot_plain authenticator failed for (mail.bakof.com.br) [14.241.244.189]:49546: 535 Incorrect authentication data (set_id=pcp@bakof.com.br)	2020-10-14 02:19:35
129.211.42.153	attackbotsspam	various type of attack	2020-10-14 02:30:55
177.194.49.35	attackspam	Oct 13 12:11:15 vlre-nyc-1 sshd\[16240\]: Invalid user httpd from 177.194.49.35 Oct 13 12:11:15 vlre-nyc-1 sshd\[16240\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.194.49.35 Oct 13 12:11:17 vlre-nyc-1 sshd\[16240\]: Failed password for invalid user httpd from 177.194.49.35 port 8374 ssh2 Oct 13 12:13:31 vlre-nyc-1 sshd\[16279\]: Invalid user klement from 177.194.49.35 Oct 13 12:13:31 vlre-nyc-1 sshd\[16279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.194.49.35 ...	2020-10-14 01:53:49
119.192.206.158	attackbots	various type of attack	2020-10-14 01:49:05
210.66.115.238	attack	Unauthorized connection attempt from IP address 210.66.115.238 on Port 445(SMB)	2020-10-14 01:53:03
103.235.167.47	attack	Unauthorized connection attempt from IP address 103.235.167.47 on Port 445(SMB)	2020-10-14 02:28:03
177.25.236.226	attackbotsspam	Hit honeypot r.	2020-10-14 02:27:12
36.255.91.70	attackspam	Unauthorized connection attempt from IP address 36.255.91.70 on Port 445(SMB)	2020-10-14 01:47:44
5.196.75.140	attackbotsspam	5.196.75.140 (FR/France/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 13 13:55:10 server2 sshd[16513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.151.177.85 user=root Oct 13 14:02:10 server2 sshd[20255]: Failed password for root from 51.68.199.188 port 47498 ssh2 Oct 13 13:55:12 server2 sshd[16513]: Failed password for root from 62.151.177.85 port 42326 ssh2 Oct 13 14:00:26 server2 sshd[19233]: Failed password for root from 144.34.207.84 port 56404 ssh2 Oct 13 14:00:54 server2 sshd[19357]: Failed password for root from 5.196.75.140 port 32878 ssh2 IP Addresses Blocked: 62.151.177.85 (US/United States/-) 51.68.199.188 (GB/United Kingdom/-) 144.34.207.84 (US/United States/-)	2020-10-14 02:13:02
121.237.169.154	attackbotsspam	2020-10-13 19:04:13,302 fail2ban.actions: WARNING [ssh] Ban 121.237.169.154	2020-10-14 02:14:04
201.102.193.63	attackspam	Unauthorized connection attempt from IP address 201.102.193.63 on Port 445(SMB)	2020-10-14 02:29:01
123.207.10.199	attackspam	no	2020-10-14 02:31:28
121.229.20.121	attack	2020-10-12T03:45:05.210273hostname sshd[43615]: Failed password for invalid user margaret from 121.229.20.121 port 58127 ssh2 ...	2020-10-14 02:03:15
37.139.11.239	attackspam	Automatic report - Banned IP Access	2020-10-14 02:15:35

最近上报的IP列表

79.255.10.204	91.137.189.62	202.28.35.24	107.175.151.94
94.208.138.113	185.193.90.98	151.80.77.132	126.207.9.167
117.69.159.249	176.115.125.234	115.99.212.233	147.36.107.34
20.36.194.79	74.120.14.22	27.79.159.141	27.6.184.227
185.245.41.4	89.183.69.234	49.147.192.215	185.237.204.99