138.197.196.243

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	WordPress wp-login brute force :: 138.197.196.243 0.052 BYPASS [06/Jul/2019:23:24:29 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-07 03:25:38

类型

评论内容

时间

attackspambots

WordPress wp-login brute force :: 138.197.196.243 0.052 BYPASS [06/Jul/2019:23:24:29  1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2019-07-07 03:25:38

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.196.221	attackbotsspam	$f2bV_matches	2020-07-04 04:59:18
138.197.196.221	attackbotsspam	Jun 26 08:17:01 roki sshd[30702]: Invalid user csgoserver from 138.197.196.221 Jun 26 08:17:01 roki sshd[30702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 Jun 26 08:17:03 roki sshd[30702]: Failed password for invalid user csgoserver from 138.197.196.221 port 37656 ssh2 Jun 26 08:23:30 roki sshd[31127]: Invalid user anselmo from 138.197.196.221 Jun 26 08:23:30 roki sshd[31127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 ...	2020-06-26 16:40:26
138.197.196.221	attackbotsspam	$f2bV_matches	2020-06-25 08:39:54
138.197.196.221	attack	Jun 21 08:28:43 pbkit sshd[155018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 Jun 21 08:28:43 pbkit sshd[155018]: Invalid user user from 138.197.196.221 port 43700 Jun 21 08:28:45 pbkit sshd[155018]: Failed password for invalid user user from 138.197.196.221 port 43700 ssh2 ...	2020-06-21 17:16:37
138.197.196.221	attackbots	SSH Invalid Login	2020-06-21 06:14:47
138.197.196.221	attackspam	Total attacks: 2	2020-06-16 23:06:12
138.197.196.208	attackbots	Jun 12 18:53:33 vps647732 sshd[7706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.208 Jun 12 18:53:36 vps647732 sshd[7706]: Failed password for invalid user angel2019 from 138.197.196.208 port 38854 ssh2 ...	2020-06-13 01:32:22
138.197.196.208	attackbots	Jun 7 08:28:05 cloud sshd[2056]: Failed password for root from 138.197.196.208 port 52264 ssh2	2020-06-07 14:44:14
138.197.196.221	attack	SSH Brute-Force Attack	2020-06-03 20:58:10
138.197.196.221	attackspambots	May 28 21:10:35 vpn01 sshd[21806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 May 28 21:10:37 vpn01 sshd[21806]: Failed password for invalid user upload from 138.197.196.221 port 55214 ssh2 ...	2020-05-29 03:55:57
138.197.196.208	attack	(sshd) Failed SSH login from 138.197.196.208 (US/United States/-): 5 in the last 3600 secs	2020-05-24 23:14:58
138.197.196.208	attackspambots	odoo8 ...	2020-05-22 08:15:58
138.197.196.221	attack	May 15 10:24:07 electroncash sshd[60452]: Invalid user teamspeak3 from 138.197.196.221 port 46732 May 15 10:24:07 electroncash sshd[60452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 May 15 10:24:07 electroncash sshd[60452]: Invalid user teamspeak3 from 138.197.196.221 port 46732 May 15 10:24:09 electroncash sshd[60452]: Failed password for invalid user teamspeak3 from 138.197.196.221 port 46732 ssh2 May 15 10:26:01 electroncash sshd[60931]: Invalid user timo from 138.197.196.221 port 50092 ...	2020-05-15 16:36:01
138.197.196.221	attackbots	prod11 ...	2020-05-14 02:16:47
138.197.196.221	attackspambots	SSH Login Bruteforce	2020-05-10 17:20:02

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.196.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31416
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.196.243.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052802 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 29 07:43:01 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

243.196.197.138.in-addr.arpa domain name pointer zemfa.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
243.196.197.138.in-addr.arpa	name = zemfa.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.83.69.99	attackspam	51.83.69.99 - - [01/Nov/2019:00:53:35 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2019-11-01 04:55:06
198.23.251.111	attackbotsspam	2019-10-31T21:28:15.346171scmdmz1 sshd\[21393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.251.111 user=root 2019-10-31T21:28:17.354268scmdmz1 sshd\[21393\]: Failed password for root from 198.23.251.111 port 54462 ssh2 2019-10-31T21:35:08.637074scmdmz1 sshd\[21861\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.251.111 user=root ...	2019-11-01 04:53:51
196.206.139.162	attack	B: Magento admin pass /admin/ test (wrong country)	2019-11-01 05:30:23
68.183.171.232	attackbots	Oct 28 00:47:42 extapp sshd[13560]: Invalid user cyndi from 68.183.171.232 Oct 28 00:47:44 extapp sshd[13560]: Failed password for invalid user cyndi from 68.183.171.232 port 39850 ssh2 Oct 28 00:57:07 extapp sshd[18170]: Failed password for r.r from 68.183.171.232 port 51080 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=68.183.171.232	2019-11-01 05:12:54
194.247.27.79	attackspambots	slow and persistent scanner	2019-11-01 05:09:53
106.52.18.180	attack	$f2bV_matches	2019-11-01 05:15:40
81.34.135.101	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/81.34.135.101/ ES - 1H : (58) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN3352 IP : 81.34.135.101 CIDR : 81.34.0.0/16 PREFIX COUNT : 662 UNIQUE IP COUNT : 10540800 ATTACKS DETECTED ASN3352 : 1H - 6 3H - 9 6H - 12 12H - 16 24H - 24 DateTime : 2019-10-31 21:14:40 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-01 05:16:56
185.67.0.188	attack	Automatic report - XMLRPC Attack	2019-11-01 05:33:24
148.70.192.84	attack	Oct 31 10:28:04 eddieflores sshd\[7432\]: Invalid user blahblah from 148.70.192.84 Oct 31 10:28:04 eddieflores sshd\[7432\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.192.84 Oct 31 10:28:05 eddieflores sshd\[7432\]: Failed password for invalid user blahblah from 148.70.192.84 port 47418 ssh2 Oct 31 10:32:40 eddieflores sshd\[7795\]: Invalid user azman from 148.70.192.84 Oct 31 10:32:40 eddieflores sshd\[7795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.192.84	2019-11-01 05:17:28
181.40.73.86	attack	Oct 31 21:36:06 lnxded63 sshd[31472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.73.86 Oct 31 21:36:08 lnxded63 sshd[31472]: Failed password for invalid user user from 181.40.73.86 port 60270 ssh2 Oct 31 21:45:27 lnxded63 sshd[32289]: Failed password for root from 181.40.73.86 port 22549 ssh2	2019-11-01 04:59:51
220.133.137.119	attack	Unauthorized connection attempt from IP address 220.133.137.119 on Port 445(SMB)	2019-11-01 04:58:48
51.254.32.228	attackbots	Oct 27 23:28:57 eola sshd[3619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.32.228 user=r.r Oct 27 23:28:59 eola sshd[3619]: Failed password for r.r from 51.254.32.228 port 34976 ssh2 Oct 27 23:28:59 eola sshd[3619]: Received disconnect from 51.254.32.228 port 34976:11: Bye Bye [preauth] Oct 27 23:28:59 eola sshd[3619]: Disconnected from 51.254.32.228 port 34976 [preauth] Oct 27 23:38:55 eola sshd[3842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.32.228 user=r.r Oct 27 23:38:58 eola sshd[3842]: Failed password for r.r from 51.254.32.228 port 52110 ssh2 Oct 27 23:38:58 eola sshd[3842]: Received disconnect from 51.254.32.228 port 52110:11: Bye Bye [preauth] Oct 27 23:38:58 eola sshd[3842]: Disconnected from 51.254.32.228 port 52110 [preauth] Oct 27 23:42:36 eola sshd[4009]: Invalid user vision from 51.254.32.228 port 37494 Oct 27 23:42:36 eola sshd[4009]: pam_unix(ssh........ -------------------------------	2019-11-01 05:24:30
54.37.225.179	attackspam	Oct 31 22:58:09 server sshd\[21167\]: Invalid user atlas from 54.37.225.179 Oct 31 22:58:09 server sshd\[21167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.ip-54-37-225.eu Oct 31 22:58:11 server sshd\[21167\]: Failed password for invalid user atlas from 54.37.225.179 port 36768 ssh2 Oct 31 23:15:15 server sshd\[25310\]: Invalid user ax400 from 54.37.225.179 Oct 31 23:15:15 server sshd\[25310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.ip-54-37-225.eu ...	2019-11-01 04:55:49
222.186.175.215	attackspam	Oct 31 22:08:24 meumeu sshd[28248]: Failed password for root from 222.186.175.215 port 21540 ssh2 Oct 31 22:08:46 meumeu sshd[28248]: error: maximum authentication attempts exceeded for root from 222.186.175.215 port 21540 ssh2 [preauth] Oct 31 22:08:57 meumeu sshd[28313]: Failed password for root from 222.186.175.215 port 36002 ssh2 ...	2019-11-01 05:21:00
175.197.77.3	attack	Oct 31 10:27:16 web9 sshd\[25039\]: Invalid user debora from 175.197.77.3 Oct 31 10:27:16 web9 sshd\[25039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.197.77.3 Oct 31 10:27:18 web9 sshd\[25039\]: Failed password for invalid user debora from 175.197.77.3 port 34891 ssh2 Oct 31 10:33:21 web9 sshd\[25899\]: Invalid user guest from 175.197.77.3 Oct 31 10:33:21 web9 sshd\[25899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.197.77.3	2019-11-01 05:00:10

最近上报的IP列表

159.65.198.48	198.46.81.60	218.37.227.7	123.163.114.168
223.166.75.172	121.128.135.73	213.124.88.158	165.22.129.117
112.146.87.89	247.235.220.17	238.27.245.250	200.84.115.118
234.159.21.180	193.53.116.13	32.118.255.195	84.51.100.181
130.123.117.123	219.128.51.65	91.98.95.211	161.173.170.228