138.197.140.222

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Invalid user prestashop from 138.197.140.222 port 45132	2019-09-26 08:30:21
attack	Sep 24 03:16:07 wbs sshd\[9628\]: Invalid user Admin from 138.197.140.222 Sep 24 03:16:07 wbs sshd\[9628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222 Sep 24 03:16:09 wbs sshd\[9628\]: Failed password for invalid user Admin from 138.197.140.222 port 44218 ssh2 Sep 24 03:20:35 wbs sshd\[9986\]: Invalid user le from 138.197.140.222 Sep 24 03:20:35 wbs sshd\[9986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222	2019-09-24 21:36:01
attackspambots	Sep 22 10:01:30 bouncer sshd\[5061\]: Invalid user julien from 138.197.140.222 port 52803 Sep 22 10:01:30 bouncer sshd\[5061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222 Sep 22 10:01:32 bouncer sshd\[5061\]: Failed password for invalid user julien from 138.197.140.222 port 52803 ssh2 ...	2019-09-22 19:25:48
attack	Sep 10 07:35:50 MK-Soft-VM7 sshd\[29538\]: Invalid user 153 from 138.197.140.222 port 40327 Sep 10 07:35:50 MK-Soft-VM7 sshd\[29538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222 Sep 10 07:35:52 MK-Soft-VM7 sshd\[29538\]: Failed password for invalid user 153 from 138.197.140.222 port 40327 ssh2 ...	2019-09-10 15:53:12
attackspam	Sep 7 01:50:31 hcbb sshd\[13866\]: Invalid user tststs from 138.197.140.222 Sep 7 01:50:31 hcbb sshd\[13866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222 Sep 7 01:50:33 hcbb sshd\[13866\]: Failed password for invalid user tststs from 138.197.140.222 port 60288 ssh2 Sep 7 01:55:11 hcbb sshd\[14225\]: Invalid user 123 from 138.197.140.222 Sep 7 01:55:11 hcbb sshd\[14225\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.222	2019-09-08 04:59:48

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.140.184	attack	SSH brute-force: detected 22 distinct usernames within a 24-hour window.	2019-11-16 03:32:14
138.197.140.184	attack	(sshd) Failed SSH login from 138.197.140.184 (CA/Canada/dev.ei.eckinox.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Nov 15 10:18:55 elude sshd[12535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Nov 15 10:18:57 elude sshd[12535]: Failed password for root from 138.197.140.184 port 60440 ssh2 Nov 15 10:31:24 elude sshd[14372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Nov 15 10:31:27 elude sshd[14372]: Failed password for root from 138.197.140.184 port 53648 ssh2 Nov 15 10:34:35 elude sshd[14814]: Invalid user guest from 138.197.140.184 port 40368	2019-11-15 20:05:33
138.197.140.184	attackbotsspam	Nov 15 00:50:58 pkdns2 sshd\[13981\]: Invalid user ej from 138.197.140.184Nov 15 00:51:00 pkdns2 sshd\[13981\]: Failed password for invalid user ej from 138.197.140.184 port 54146 ssh2Nov 15 00:53:59 pkdns2 sshd\[14095\]: Invalid user lundby from 138.197.140.184Nov 15 00:54:01 pkdns2 sshd\[14095\]: Failed password for invalid user lundby from 138.197.140.184 port 33442 ssh2Nov 15 00:57:00 pkdns2 sshd\[14241\]: Invalid user kraska from 138.197.140.184Nov 15 00:57:02 pkdns2 sshd\[14241\]: Failed password for invalid user kraska from 138.197.140.184 port 40974 ssh2 ...	2019-11-15 08:45:38
138.197.140.184	attack	Nov 12 09:10:09 srv1 sshd[11339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 Nov 12 09:10:11 srv1 sshd[11339]: Failed password for invalid user gamino from 138.197.140.184 port 56030 ssh2 ...	2019-11-12 16:24:09
138.197.140.184	attack	2019-11-10T01:22:36.736308tmaserv sshd\[7461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-11-10T01:22:38.127499tmaserv sshd\[7461\]: Failed password for root from 138.197.140.184 port 45142 ssh2 2019-11-10T01:30:21.365358tmaserv sshd\[7711\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-11-10T01:30:23.257657tmaserv sshd\[7711\]: Failed password for root from 138.197.140.184 port 49988 ssh2 2019-11-10T01:33:27.241936tmaserv sshd\[7926\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-11-10T01:33:29.003653tmaserv sshd\[7926\]: Failed password for root from 138.197.140.184 port 37734 ssh2 ...	2019-11-10 07:35:36
138.197.140.184	attackbotsspam	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Failed password for root from 138.197.140.184 port 44932 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Failed password for root from 138.197.140.184 port 33654 ssh2 Invalid user aecpro from 138.197.140.184 port 50532	2019-11-09 05:51:22
138.197.140.184	attackspam	$f2bV_matches	2019-11-06 07:27:37
138.197.140.184	attackbotsspam	Nov 5 22:26:46 gw1 sshd[667]: Failed password for root from 138.197.140.184 port 56282 ssh2 Nov 5 22:30:07 gw1 sshd[731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 ...	2019-11-06 01:38:42
138.197.140.184	attackspam	Invalid user yd from 138.197.140.184 port 60836	2019-10-31 19:19:50
138.197.140.184	attackbots	Oct 27 15:05:04 [host] sshd[12970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root Oct 27 15:05:06 [host] sshd[12970]: Failed password for root from 138.197.140.184 port 38344 ssh2 Oct 27 15:08:17 [host] sshd[13084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 user=root	2019-10-28 00:15:35
138.197.140.184	attackspambots	2019-10-24T10:49:22.411433abusebot-5.cloudsearch.cf sshd\[18700\]: Invalid user user1 from 138.197.140.184 port 59672	2019-10-24 18:49:26
138.197.140.184	attackbotsspam	Oct 21 14:53:16 game-panel sshd[8057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 Oct 21 14:53:18 game-panel sshd[8057]: Failed password for invalid user hemant from 138.197.140.184 port 33820 ssh2 Oct 21 15:01:36 game-panel sshd[8331]: Failed password for root from 138.197.140.184 port 59448 ssh2	2019-10-21 23:11:35
138.197.140.184	attackbotsspam	Oct 14 20:14:05 hpm sshd\[15664\]: Invalid user 1234 from 138.197.140.184 Oct 14 20:14:05 hpm sshd\[15664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net Oct 14 20:14:07 hpm sshd\[15664\]: Failed password for invalid user 1234 from 138.197.140.184 port 46326 ssh2 Oct 14 20:17:47 hpm sshd\[15959\]: Invalid user test from 138.197.140.184 Oct 14 20:17:47 hpm sshd\[15959\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net	2019-10-15 16:18:46
138.197.140.184	attackspambots	Oct 14 23:37:13 * sshd[23583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.140.184 Oct 14 23:37:15 * sshd[23583]: Failed password for invalid user 12345 from 138.197.140.184 port 48164 ssh2	2019-10-15 06:56:37
138.197.140.184	attackbots	2019-10-13T12:23:50.953172shield sshd\[25157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-10-13T12:23:52.304726shield sshd\[25157\]: Failed password for root from 138.197.140.184 port 40764 ssh2 2019-10-13T12:27:16.762663shield sshd\[26500\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root 2019-10-13T12:27:19.062116shield sshd\[26500\]: Failed password for root from 138.197.140.184 port 32894 ssh2 2019-10-13T12:30:43.221600shield sshd\[27377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dev.ei.eckinox.net user=root	2019-10-13 20:39:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.140.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43825
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.140.222.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090700 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 18:25:35 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 222.140.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 222.140.197.138.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
37.115.72.55	attack	Email rejected due to spam filtering	2020-02-22 06:41:48
27.131.212.186	attackspambots	Unauthorized connection attempt from IP address 27.131.212.186 on Port 445(SMB)	2020-02-22 06:39:22
212.118.18.212	attackbots	Unauthorized connection attempt from IP address 212.118.18.212 on Port 445(SMB)	2020-02-22 06:19:03
118.99.105.66	attack	Unauthorized connection attempt from IP address 118.99.105.66 on Port 445(SMB)	2020-02-22 06:47:45
95.180.223.111	attackspam	Email rejected due to spam filtering	2020-02-22 06:48:09
84.2.62.48	attackspam	Feb 21 12:00:52 auw2 sshd\[29068\]: Invalid user doug from 84.2.62.48 Feb 21 12:00:52 auw2 sshd\[29068\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dsl54023e30.fixip.t-online.hu Feb 21 12:00:53 auw2 sshd\[29068\]: Failed password for invalid user doug from 84.2.62.48 port 52686 ssh2 Feb 21 12:05:10 auw2 sshd\[29438\]: Invalid user admin from 84.2.62.48 Feb 21 12:05:10 auw2 sshd\[29438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=dsl54023e30.fixip.t-online.hu	2020-02-22 06:19:52
112.85.42.178	attack	Feb 21 22:22:59 localhost sshd\[35217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root Feb 21 22:23:01 localhost sshd\[35217\]: Failed password for root from 112.85.42.178 port 37238 ssh2 Feb 21 22:23:05 localhost sshd\[35217\]: Failed password for root from 112.85.42.178 port 37238 ssh2 Feb 21 22:23:08 localhost sshd\[35217\]: Failed password for root from 112.85.42.178 port 37238 ssh2 Feb 21 22:23:12 localhost sshd\[35217\]: Failed password for root from 112.85.42.178 port 37238 ssh2 ...	2020-02-22 06:28:28
181.228.191.126	attackbots	Email rejected due to spam filtering	2020-02-22 06:38:06
197.221.230.118	attack	Unauthorized connection attempt from IP address 197.221.230.118 on Port 445(SMB)	2020-02-22 06:22:25
112.85.42.180	attackbots	Multiple SSH login attempts.	2020-02-22 06:21:26
121.229.25.154	attack	Automatic report - SSH Brute-Force Attack	2020-02-22 06:22:50
106.54.123.84	attackspam	Feb 21 22:13:17 game-panel sshd[29543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.123.84 Feb 21 22:13:19 game-panel sshd[29543]: Failed password for invalid user sistemas from 106.54.123.84 port 41240 ssh2 Feb 21 22:16:34 game-panel sshd[29715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.123.84	2020-02-22 06:21:50
200.195.171.74	attack	Invalid user chris from 200.195.171.74 port 51374	2020-02-22 06:55:33
170.239.232.157	attackbots	Unauthorized connection attempt from IP address 170.239.232.157 on Port 445(SMB)	2020-02-22 06:34:04
94.25.172.205	attack	Unauthorized connection attempt from IP address 94.25.172.205 on Port 445(SMB)	2020-02-22 06:54:09

最近上报的IP列表

189.112.206.81	185.140.29.94	14.240.20.112	103.248.127.86
89.71.156.219	84.54.247.209	115.79.117.53	177.38.194.5
126.93.92.193	222.23.248.123	220.229.129.64	178.62.9.122
71.219.87.61	215.75.155.83	142.169.129.243	117.208.13.199
184.126.105.181	227.194.167.239	59.63.206.47	191.31.4.95