138.197.140.222

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Invalid user prestashop from 138.197.140.222 port 45132	2019-09-26 08:30:21
attack	Sep 24 03:16:07 wbs sshd\[9628\]: Invalid user Admin from 138.197.140.222 Sep 24 03:16:07 wbs sshd\[9628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222 Sep 24 03:16:09 wbs sshd\[9628\]: Failed password for invalid user Admin from 138.197.140.222 port 44218 ssh2 Sep 24 03:20:35 wbs sshd\[9986\]: Invalid user le from 138.197.140.222 Sep 24 03:20:35 wbs sshd\[9986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222	2019-09-24 21:36:01
attackspambots	Sep 22 10:01:30 bouncer sshd\[5061\]: Invalid user julien from 138.197.140.222 port 52803 Sep 22 10:01:30 bouncer sshd\[5061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222 Sep 22 10:01:32 bouncer sshd\[5061\]: Failed password for invalid user julien from 138.197.140.222 port 52803 ssh2 ...	2019-09-22 19:25:48
attack	Sep 10 07:35:50 MK-Soft-VM7 sshd\[29538\]: Invalid user 153 from 138.197.140.222 port 40327 Sep 10 07:35:50 MK-Soft-VM7 sshd\[29538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222 Sep 10 07:35:52 MK-Soft-VM7 sshd\[29538\]: Failed password for invalid user 153 from 138.197.140.222 port 40327 ssh2 ...	2019-09-10 15:53:12
attackspam	Sep 7 01:50:31 hcbb sshd\[13866\]: Invalid user tststs from 138.197.140.222 Sep 7 01:50:31 hcbb sshd\[13866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222 Sep 7 01:50:33 hcbb sshd\[13866\]: Failed password for invalid user tststs from 138.197.140.222 port 60288 ssh2 Sep 7 01:55:11 hcbb sshd\[14225\]: Invalid user 123 from 138.197.140.222 Sep 7 01:55:11 hcbb sshd\[14225\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222	2019-09-08 04:59:48

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.140.184	attack	SSH brute-force: detected 22 distinct usernames within a 24-hour window.	2019-11-16 03:32:14
138.197.140.184	attack	(sshd) Failed SSH login from 138.197.140.184 (CA/Canada/dev.ei.eckinox.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Nov 15 10:18:55 elude sshd[12535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Nov 15 10:18:57 elude sshd[12535]: Failed password for root from 138.197.140.184 port 60440 ssh2 Nov 15 10:31:24 elude sshd[14372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Nov 15 10:31:27 elude sshd[14372]: Failed password for root from 138.197.140.184 port 53648 ssh2 Nov 15 10:34:35 elude sshd[14814]: Invalid user guest from 138.197.140.184 port 40368	2019-11-15 20:05:33
138.197.140.184	attackbotsspam	Nov 15 00:50:58 pkdns2 sshd\[13981\]: Invalid user ej from 138.197.140.184Nov 15 00:51:00 pkdns2 sshd\[13981\]: Failed password for invalid user ej from 138.197.140.184 port 54146 ssh2Nov 15 00:53:59 pkdns2 sshd\[14095\]: Invalid user lundby from 138.197.140.184Nov 15 00:54:01 pkdns2 sshd\[14095\]: Failed password for invalid user lundby from 138.197.140.184 port 33442 ssh2Nov 15 00:57:00 pkdns2 sshd\[14241\]: Invalid user kraska from 138.197.140.184Nov 15 00:57:02 pkdns2 sshd\[14241\]: Failed password for invalid user kraska from 138.197.140.184 port 40974 ssh2 ...	2019-11-15 08:45:38
138.197.140.184	attack	Nov 12 09:10:09 srv1 sshd[11339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 Nov 12 09:10:11 srv1 sshd[11339]: Failed password for invalid user gamino from 138.197.140.184 port 56030 ssh2 ...	2019-11-12 16:24:09
138.197.140.184	attack	2019-11-10T01:22:36.736308tmaserv sshd\[7461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-11-10T01:22:38.127499tmaserv sshd\[7461\]: Failed password for root from 138.197.140.184 port 45142 ssh2 2019-11-10T01:30:21.365358tmaserv sshd\[7711\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-11-10T01:30:23.257657tmaserv sshd\[7711\]: Failed password for root from 138.197.140.184 port 49988 ssh2 2019-11-10T01:33:27.241936tmaserv sshd\[7926\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-11-10T01:33:29.003653tmaserv sshd\[7926\]: Failed password for root from 138.197.140.184 port 37734 ssh2 ...	2019-11-10 07:35:36
138.197.140.184	attackbotsspam	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Failed password for root from 138.197.140.184 port 44932 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Failed password for root from 138.197.140.184 port 33654 ssh2 Invalid user aecpro from 138.197.140.184 port 50532	2019-11-09 05:51:22
138.197.140.184	attackspam	$f2bV_matches	2019-11-06 07:27:37
138.197.140.184	attackbotsspam	Nov 5 22:26:46 gw1 sshd[667]: Failed password for root from 138.197.140.184 port 56282 ssh2 Nov 5 22:30:07 gw1 sshd[731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 ...	2019-11-06 01:38:42
138.197.140.184	attackspam	Invalid user yd from 138.197.140.184 port 60836	2019-10-31 19:19:50
138.197.140.184	attackbots	Oct 27 15:05:04 [host] sshd[12970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Oct 27 15:05:06 [host] sshd[12970]: Failed password for root from 138.197.140.184 port 38344 ssh2 Oct 27 15:08:17 [host] sshd[13084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root	2019-10-28 00:15:35
138.197.140.184	attackspambots	2019-10-24T10:49:22.411433abusebot-5.cloudsearch.cf sshd\[18700\]: Invalid user user1 from 138.197.140.184 port 59672	2019-10-24 18:49:26
138.197.140.184	attackbotsspam	Oct 21 14:53:16 game-panel sshd[8057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 Oct 21 14:53:18 game-panel sshd[8057]: Failed password for invalid user hemant from 138.197.140.184 port 33820 ssh2 Oct 21 15:01:36 game-panel sshd[8331]: Failed password for root from 138.197.140.184 port 59448 ssh2	2019-10-21 23:11:35
138.197.140.184	attackbotsspam	Oct 14 20:14:05 hpm sshd\[15664\]: Invalid user 1234 from 138.197.140.184 Oct 14 20:14:05 hpm sshd\[15664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net Oct 14 20:14:07 hpm sshd\[15664\]: Failed password for invalid user 1234 from 138.197.140.184 port 46326 ssh2 Oct 14 20:17:47 hpm sshd\[15959\]: Invalid user test from 138.197.140.184 Oct 14 20:17:47 hpm sshd\[15959\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net	2019-10-15 16:18:46
138.197.140.184	attackspambots	Oct 14 23:37:13 * sshd[23583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 Oct 14 23:37:15 * sshd[23583]: Failed password for invalid user 12345 from 138.197.140.184 port 48164 ssh2	2019-10-15 06:56:37
138.197.140.184	attackbots	2019-10-13T12:23:50.953172shield sshd\[25157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-10-13T12:23:52.304726shield sshd\[25157\]: Failed password for root from 138.197.140.184 port 40764 ssh2 2019-10-13T12:27:16.762663shield sshd\[26500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-10-13T12:27:19.062116shield sshd\[26500\]: Failed password for root from 138.197.140.184 port 32894 ssh2 2019-10-13T12:30:43.221600shield sshd\[27377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root	2019-10-13 20:39:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.140.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43825
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.140.222.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090700 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 18:25:35 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 222.140.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 222.140.197.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.53.249.204	attackspam	Aug 10 12:00:01 rush sshd[29432]: Failed password for root from 106.53.249.204 port 9986 ssh2 Aug 10 12:06:20 rush sshd[29629]: Failed password for root from 106.53.249.204 port 19345 ssh2 ...	2020-08-10 20:29:04
66.45.251.150	attack	TCP port : 5500	2020-08-10 20:06:27
83.234.252.237	attackspambots	Unauthorized connection attempt detected from IP address 83.234.252.237 to port 80 [T]	2020-08-10 20:04:04
112.85.42.194	attackbotsspam	Aug 10 15:07:10 ift sshd\[48160\]: Failed password for root from 112.85.42.194 port 43566 ssh2Aug 10 15:08:09 ift sshd\[48209\]: Failed password for root from 112.85.42.194 port 18903 ssh2Aug 10 15:08:12 ift sshd\[48209\]: Failed password for root from 112.85.42.194 port 18903 ssh2Aug 10 15:08:14 ift sshd\[48209\]: Failed password for root from 112.85.42.194 port 18903 ssh2Aug 10 15:09:14 ift sshd\[48353\]: Failed password for root from 112.85.42.194 port 37831 ssh2 ...	2020-08-10 20:39:18
180.76.151.189	attackbots	Aug 10 08:00:23 vm0 sshd[18043]: Failed password for root from 180.76.151.189 port 49228 ssh2 ...	2020-08-10 20:45:08
79.104.58.62	attackbots	Aug 10 14:06:01 vm0 sshd[9114]: Failed password for root from 79.104.58.62 port 50716 ssh2 ...	2020-08-10 20:26:48
222.186.180.130	attackspambots	Aug 10 14:09:42 vmanager6029 sshd\[14706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Aug 10 14:09:45 vmanager6029 sshd\[14704\]: error: PAM: Authentication failure for root from 222.186.180.130 Aug 10 14:09:45 vmanager6029 sshd\[14707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root	2020-08-10 20:11:23
122.144.212.226	attackbots	Aug 10 14:21:24 PorscheCustomer sshd[29935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.144.212.226 Aug 10 14:21:27 PorscheCustomer sshd[29935]: Failed password for invalid user P@$$w0rd222 from 122.144.212.226 port 47896 ssh2 Aug 10 14:25:40 PorscheCustomer sshd[30026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.144.212.226 ...	2020-08-10 20:32:32
212.83.175.207	attack	212.83.175.207 - - [10/Aug/2020:13:18:47 +0200] "blog.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 212.83.175.207 - - [10/Aug/2020:13:18:49 +0200] "blog.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 500 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 212.83.175.207 - - [10/Aug/2020:13:18:49 +0200] "blog.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 500 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 212.83.175.207 - - [10/Aug/2020:14:09:10 +0200] "blog.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ...	2020-08-10 20:43:58
45.80.64.246	attack	Aug 10 14:10:10 piServer sshd[1601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.246 Aug 10 14:10:13 piServer sshd[1601]: Failed password for invalid user passwordqwe123 from 45.80.64.246 port 33180 ssh2 Aug 10 14:14:45 piServer sshd[2007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.64.246 ...	2020-08-10 20:22:26
106.13.113.91	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-10 20:01:13
217.23.10.20	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-10T11:06:29Z and 2020-08-10T12:09:18Z	2020-08-10 20:37:58
122.228.19.79	attack	SSH Bruteforce Attempt on Honeypot	2020-08-10 20:35:09
59.42.192.195	attackspambots	TCP (SYN) 59.42.192.195:56741 -> port 1433, len 44	2020-08-10 20:06:57
128.199.146.93	attack	2020-08-10T12:08:12.363598shield sshd\[21044\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.146.93 user=root 2020-08-10T12:08:14.264163shield sshd\[21044\]: Failed password for root from 128.199.146.93 port 44824 ssh2 2020-08-10T12:11:04.670643shield sshd\[21370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.146.93 user=root 2020-08-10T12:11:06.851983shield sshd\[21370\]: Failed password for root from 128.199.146.93 port 57434 ssh2 2020-08-10T12:13:52.480603shield sshd\[21524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.146.93 user=root	2020-08-10 20:19:56

最近上报的IP列表

189.112.206.81	185.140.29.94	14.240.20.112	103.248.127.86
89.71.156.219	84.54.247.209	115.79.117.53	177.38.194.5
126.93.92.193	222.23.248.123	220.229.129.64	178.62.9.122
71.219.87.61	215.75.155.83	142.169.129.243	117.208.13.199
184.126.105.181	227.194.167.239	59.63.206.47	191.31.4.95