138.197.132.143

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 15 20:41:02 plex-server sshd[1648105]: Failed password for root from 138.197.132.143 port 51136 ssh2 Aug 15 20:43:25 plex-server sshd[1649059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=root Aug 15 20:43:28 plex-server sshd[1649059]: Failed password for root from 138.197.132.143 port 54774 ssh2 Aug 15 20:45:52 plex-server sshd[1650024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=root Aug 15 20:45:54 plex-server sshd[1650024]: Failed password for root from 138.197.132.143 port 58412 ssh2 ...	2020-08-16 05:48:34
attack	Aug 1 05:47:55 jane sshd[7581]: Failed password for root from 138.197.132.143 port 56552 ssh2 ...	2020-08-01 15:41:56
attackbotsspam	Bruteforce detected by fail2ban	2020-08-01 03:13:59
attack	Jul 16 17:39:06 OPSO sshd\[22379\]: Invalid user vicky from 138.197.132.143 port 56898 Jul 16 17:39:06 OPSO sshd\[22379\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 Jul 16 17:39:08 OPSO sshd\[22379\]: Failed password for invalid user vicky from 138.197.132.143 port 56898 ssh2 Jul 16 17:44:30 OPSO sshd\[23837\]: Invalid user www from 138.197.132.143 port 43260 Jul 16 17:44:31 OPSO sshd\[23837\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143	2020-07-16 23:45:34
attackspambots	Jul 11 13:19:00 askasleikir sshd[68028]: Failed password for invalid user ta from 138.197.132.143 port 45522 ssh2	2020-07-12 03:44:26
attackbotsspam	Jul 4 15:24:14 rocket sshd[30447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 Jul 4 15:24:15 rocket sshd[30447]: Failed password for invalid user unix from 138.197.132.143 port 59814 ssh2 ...	2020-07-05 01:23:18
attack	$f2bV_matches	2020-07-04 05:51:14
attackspambots	Jun 27 02:18:40 php1 sshd\[18484\]: Invalid user ubuntu from 138.197.132.143 Jun 27 02:18:40 php1 sshd\[18484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 Jun 27 02:18:42 php1 sshd\[18484\]: Failed password for invalid user ubuntu from 138.197.132.143 port 39232 ssh2 Jun 27 02:22:29 php1 sshd\[18741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=root Jun 27 02:22:31 php1 sshd\[18741\]: Failed password for root from 138.197.132.143 port 39980 ssh2	2020-06-27 20:23:44
attack	Jun 20 14:58:50 ip-172-31-62-245 sshd\[17334\]: Invalid user wocloud from 138.197.132.143\ Jun 20 14:58:53 ip-172-31-62-245 sshd\[17334\]: Failed password for invalid user wocloud from 138.197.132.143 port 49700 ssh2\ Jun 20 15:02:33 ip-172-31-62-245 sshd\[17348\]: Invalid user vuser from 138.197.132.143\ Jun 20 15:02:35 ip-172-31-62-245 sshd\[17348\]: Failed password for invalid user vuser from 138.197.132.143 port 50966 ssh2\ Jun 20 15:06:20 ip-172-31-62-245 sshd\[17374\]: Invalid user vnc from 138.197.132.143\	2020-06-21 00:20:56
attackspam	2020-06-17T05:52:33.682003rocketchat.forhosting.nl sshd[19182]: Invalid user j from 138.197.132.143 port 35820 2020-06-17T05:52:35.984305rocketchat.forhosting.nl sshd[19182]: Failed password for invalid user j from 138.197.132.143 port 35820 ssh2 2020-06-17T05:56:40.065579rocketchat.forhosting.nl sshd[19253]: Invalid user sale from 138.197.132.143 port 36166 ...	2020-06-17 12:38:55
attackbotsspam	(sshd) Failed SSH login from 138.197.132.143 (CA/Canada/-): 5 in the last 3600 secs	2020-06-10 01:56:37
attack	SSH Brute-Force reported by Fail2Ban	2020-06-03 06:05:09
attackbots	Jun 1 14:22:42 PorscheCustomer sshd[11831]: Failed password for root from 138.197.132.143 port 46332 ssh2 Jun 1 14:27:14 PorscheCustomer sshd[11987]: Failed password for root from 138.197.132.143 port 51378 ssh2 ...	2020-06-01 20:56:40
attackspambots	May 31 11:20:28 abendstille sshd\[31989\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=root May 31 11:20:30 abendstille sshd\[31989\]: Failed password for root from 138.197.132.143 port 59798 ssh2 May 31 11:24:52 abendstille sshd\[3760\]: Invalid user nagios from 138.197.132.143 May 31 11:24:52 abendstille sshd\[3760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 May 31 11:24:53 abendstille sshd\[3760\]: Failed password for invalid user nagios from 138.197.132.143 port 36140 ssh2 ...	2020-05-31 17:34:24
attackspambots	Invalid user pma from 138.197.132.143 port 42732	2020-05-26 03:12:29
attack	May 25 03:47:33 ip-172-31-62-245 sshd\[29463\]: Failed password for root from 138.197.132.143 port 60942 ssh2\ May 25 03:49:59 ip-172-31-62-245 sshd\[29493\]: Invalid user elias from 138.197.132.143\ May 25 03:50:01 ip-172-31-62-245 sshd\[29493\]: Failed password for invalid user elias from 138.197.132.143 port 38966 ssh2\ May 25 03:52:27 ip-172-31-62-245 sshd\[29536\]: Failed password for root from 138.197.132.143 port 45220 ssh2\ May 25 03:54:54 ip-172-31-62-245 sshd\[29549\]: Invalid user nevez from 138.197.132.143\	2020-05-25 13:19:03
attack	May 10 22:36:41 [host] sshd[24027]: Invalid user j May 10 22:36:41 [host] sshd[24027]: pam_unix(sshd: May 10 22:36:44 [host] sshd[24027]: Failed passwor	2020-05-11 04:53:54
attack	Apr 29 16:36:53 sshd\[4047\]: Invalid user stud1 from 138.197.132.143Apr 29 16:36:55 sshd\[4047\]: Failed password for invalid user stud1 from 138.197.132.143 port 39004 ssh2 ...	2020-04-30 00:12:11
attackspam	Invalid user ubuntu from 138.197.132.143 port 60722	2020-04-19 06:53:09
attackspam	Apr 1 09:34:40 nandi sshd[12941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=r.r Apr 1 09:34:42 nandi sshd[12941]: Failed password for r.r from 138.197.132.143 port 59522 ssh2 Apr 1 09:34:42 nandi sshd[12941]: Received disconnect from 138.197.132.143: 11: Bye Bye [preauth] Apr 1 09:45:24 nandi sshd[19097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=r.r Apr 1 09:45:25 nandi sshd[19097]: Failed password for r.r from 138.197.132.143 port 39832 ssh2 Apr 1 09:45:26 nandi sshd[19097]: Received disconnect from 138.197.132.143: 11: Bye Bye [preauth] Apr 1 09:49:38 nandi sshd[21044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=r.r Apr 1 09:49:40 nandi sshd[21044]: Failed password for r.r from 138.197.132.143 port 35854 ssh2 Apr 1 09:49:40 nandi sshd[21044]: Received disconn........ -------------------------------	2020-04-03 19:28:40
attackspam	Apr 1 09:34:40 nandi sshd[12941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=r.r Apr 1 09:34:42 nandi sshd[12941]: Failed password for r.r from 138.197.132.143 port 59522 ssh2 Apr 1 09:34:42 nandi sshd[12941]: Received disconnect from 138.197.132.143: 11: Bye Bye [preauth] Apr 1 09:45:24 nandi sshd[19097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=r.r Apr 1 09:45:25 nandi sshd[19097]: Failed password for r.r from 138.197.132.143 port 39832 ssh2 Apr 1 09:45:26 nandi sshd[19097]: Received disconnect from 138.197.132.143: 11: Bye Bye [preauth] Apr 1 09:49:38 nandi sshd[21044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.132.143 user=r.r Apr 1 09:49:40 nandi sshd[21044]: Failed password for r.r from 138.197.132.143 port 35854 ssh2 Apr 1 09:49:40 nandi sshd[21044]: Received disconn........ -------------------------------	2020-04-03 00:23:12

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.132.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3858
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.132.143.		IN	A

;; AUTHORITY SECTION:
.			353	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040200 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 03 00:23:04 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

Host 143.132.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 143.132.197.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
46.101.41.162	attackbotsspam	Nov 4 18:37:29 legacy sshd[17221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.41.162 Nov 4 18:37:32 legacy sshd[17221]: Failed password for invalid user vnc from 46.101.41.162 port 39464 ssh2 Nov 4 18:41:22 legacy sshd[17347]: Failed password for root from 46.101.41.162 port 49536 ssh2 ...	2019-11-05 04:26:04
188.165.242.200	attackspam	Nov 4 20:47:11 XXX sshd[45559]: Invalid user ofsaa from 188.165.242.200 port 59464	2019-11-05 04:21:44
113.100.14.249	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-05 04:24:46
45.227.253.140	attack	2019-11-04 21:12:07 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data $set_id=admin@orogest.it$ 2019-11-04 21:12:14 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data $set_id=admin$ 2019-11-04 21:12:23 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data 2019-11-04 21:12:39 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data 2019-11-04 21:12:47 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data	2019-11-05 04:16:34
222.186.175.140	attackbotsspam	2019-11-04T19:44:47.959203abusebot-5.cloudsearch.cf sshd\[17986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.140 user=root	2019-11-05 03:53:41
180.245.222.92	attackspambots	Chat Spam	2019-11-05 03:50:53
24.181.158.142	attackbots	Brute force attempt	2019-11-05 04:08:46
153.92.127.204	attack	Nov 4 19:18:57 server sshd\[25742\]: Invalid user konowicz from 153.92.127.204 port 53094 Nov 4 19:18:57 server sshd\[25742\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.92.127.204 Nov 4 19:18:59 server sshd\[25742\]: Failed password for invalid user konowicz from 153.92.127.204 port 53094 ssh2 Nov 4 19:22:37 server sshd\[29882\]: Invalid user zhejiang@\#$longteng789520 from 153.92.127.204 port 37144 Nov 4 19:22:37 server sshd\[29882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.92.127.204	2019-11-05 04:06:24
102.133.232.70	attack	Time: Mon Nov 4 11:22:43 2019 -0300 IP: 102.133.232.70 (ZA/South Africa/-) Failures: 30 (smtpauth) Interval: 3600 seconds Blocked: Permanent Block	2019-11-05 03:55:07
52.66.250.121	attack	Honeypot attack, port: 23, PTR: ec2-52-66-250-121.ap-south-1.compute.amazonaws.com.	2019-11-05 04:01:41
31.28.23.16	attackspambots	Automatically reported by fail2ban report script (powermetal_old)	2019-11-05 03:53:21
120.236.87.3	attack	11/04/2019-09:29:52.369920 120.236.87.3 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-05 04:09:41
18.194.104.163	attack	TCP connect flood, port scan (port 22/TCP, SSH). Date: 2019 Nov 04. 16:40:29 Source IP: 18.194.104.163 Details: 2019 Nov 04 16:40:29 - TCP Connection warning: 151 connections from same ip address (18.194.104.163) 2019 Nov 04 16:45:32 - TCP Connection warning: 125 connections from same ip address (18.194.104.163) 2019 Nov 04 16:50:15 - TCP Connection warning: 138 connections from same ip address (18.194.104.163) 2019 Nov 04 16:55:23 - TCP Connection warning: 112 connections from same ip address (18.194.104.163)	2019-11-05 04:00:04
117.240.80.202	attackspam	Unauthorized connection attempt from IP address 117.240.80.202 on Port 445(SMB)	2019-11-05 03:47:01
183.103.35.198	attack	2019-11-04T18:56:25.932396abusebot-5.cloudsearch.cf sshd\[17677\]: Invalid user robert from 183.103.35.198 port 35752	2019-11-05 03:58:48

最近上报的IP列表

109.147.137.97	161.25.29.198	167.25.156.171	124.181.226.5
82.138.102.209	73.131.246.242	164.177.33.149	87.5.44.114
207.106.170.238	184.59.153.210	89.204.117.194	136.87.170.158
120.223.79.245	86.168.102.244	15.27.138.88	123.195.117.240
218.7.251.84	49.34.22.87	85.146.39.248	184.116.84.43