138.197.199.249

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Nov 22 09:22:28 dallas01 sshd[22802]: Failed password for backup from 138.197.199.249 port 37951 ssh2 Nov 22 09:28:31 dallas01 sshd[23802]: Failed password for root from 138.197.199.249 port 55944 ssh2	2020-01-28 09:10:32
attack	Nov 25 07:39:41 ny01 sshd[25197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 25 07:39:43 ny01 sshd[25197]: Failed password for invalid user simon from 138.197.199.249 port 44820 ssh2 Nov 25 07:42:52 ny01 sshd[25490]: Failed password for root from 138.197.199.249 port 34081 ssh2	2019-11-25 20:46:22
attack	Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249 Nov 16 08:27:23 ncomp sshd[1976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249 Nov 16 08:27:25 ncomp sshd[1976]: Failed password for invalid user home from 138.197.199.249 port 59156 ssh2	2019-11-16 16:17:14
attack	Nov 15 15:42:42 meumeu sshd[10060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 15 15:42:45 meumeu sshd[10060]: Failed password for invalid user thorsteinsen from 138.197.199.249 port 48292 ssh2 Nov 15 15:45:58 meumeu sshd[10479]: Failed password for root from 138.197.199.249 port 37908 ssh2 ...	2019-11-15 22:49:04
attackbots	Nov 14 13:39:02 sachi sshd\[14303\]: Invalid user abcdefghijklmno from 138.197.199.249 Nov 14 13:39:02 sachi sshd\[14303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 14 13:39:04 sachi sshd\[14303\]: Failed password for invalid user abcdefghijklmno from 138.197.199.249 port 58829 ssh2 Nov 14 13:42:27 sachi sshd\[14661\]: Invalid user hege from 138.197.199.249 Nov 14 13:42:27 sachi sshd\[14661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-11-15 07:50:50
attackbots	Nov 14 00:20:41 wbs sshd\[17952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=backup Nov 14 00:20:43 wbs sshd\[17952\]: Failed password for backup from 138.197.199.249 port 33559 ssh2 Nov 14 00:23:50 wbs sshd\[18210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Nov 14 00:23:53 wbs sshd\[18210\]: Failed password for root from 138.197.199.249 port 51354 ssh2 Nov 14 00:27:05 wbs sshd\[18482\]: Invalid user michalsen from 138.197.199.249 Nov 14 00:27:05 wbs sshd\[18482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-11-14 18:34:08
attack	k+ssh-bruteforce	2019-11-09 16:59:30
attackspambots	Nov 7 14:49:17 mail sshd\[10002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root ...	2019-11-08 06:35:12
attackbotsspam	Nov 5 13:36:53 ws19vmsma01 sshd[77290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 5 13:36:54 ws19vmsma01 sshd[77290]: Failed password for invalid user mainastcheck from 138.197.199.249 port 53497 ssh2 ...	2019-11-06 02:59:29
attack	Nov 4 06:38:41 ip-172-31-1-72 sshd\[16809\]: Invalid user prasobsub from 138.197.199.249 Nov 4 06:38:41 ip-172-31-1-72 sshd\[16809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 4 06:38:43 ip-172-31-1-72 sshd\[16809\]: Failed password for invalid user prasobsub from 138.197.199.249 port 54096 ssh2 Nov 4 06:42:02 ip-172-31-1-72 sshd\[16956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Nov 4 06:42:04 ip-172-31-1-72 sshd\[16956\]: Failed password for root from 138.197.199.249 port 44557 ssh2	2019-11-04 15:05:57
attackbots	2019-11-02T14:46:59.565135abusebot-3.cloudsearch.cf sshd\[14004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root	2019-11-03 01:56:50
attackbots	Automatic report - Banned IP Access	2019-10-25 21:22:18
attackbots	$f2bV_matches	2019-10-14 12:43:06
attackbotsspam	Sep 27 00:14:42 plusreed sshd[20679]: Invalid user nscd from 138.197.199.249 ...	2019-09-27 12:28:13
attackspam	Sep 26 21:08:20 plusreed sshd[11049]: Invalid user simulation from 138.197.199.249 ...	2019-09-27 09:26:11
attack	Sep 23 18:48:41 saschabauer sshd[18379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 23 18:48:43 saschabauer sshd[18379]: Failed password for invalid user m from 138.197.199.249 port 37275 ssh2	2019-09-24 00:50:48
attack	Sep 12 18:00:55 localhost sshd\[5514\]: Invalid user qwe123 from 138.197.199.249 port 43757 Sep 12 18:00:55 localhost sshd\[5514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 12 18:00:56 localhost sshd\[5514\]: Failed password for invalid user qwe123 from 138.197.199.249 port 43757 ssh2	2019-09-13 00:23:52
attackspam	Sep 8 09:55:31 aiointranet sshd\[25030\]: Invalid user vagrant from 138.197.199.249 Sep 8 09:55:31 aiointranet sshd\[25030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 8 09:55:33 aiointranet sshd\[25030\]: Failed password for invalid user vagrant from 138.197.199.249 port 58486 ssh2 Sep 8 09:59:31 aiointranet sshd\[25342\]: Invalid user vbox@123 from 138.197.199.249 Sep 8 09:59:31 aiointranet sshd\[25342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-09-09 08:57:35
attackspam	Sep 8 05:54:22 aiointranet sshd\[2428\]: Invalid user sinusbot from 138.197.199.249 Sep 8 05:54:22 aiointranet sshd\[2428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 8 05:54:24 aiointranet sshd\[2428\]: Failed password for invalid user sinusbot from 138.197.199.249 port 52813 ssh2 Sep 8 05:58:27 aiointranet sshd\[2746\]: Invalid user uftp from 138.197.199.249 Sep 8 05:58:27 aiointranet sshd\[2746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-09-09 00:06:54
attack	Aug 31 05:57:26 hb sshd\[16110\]: Invalid user testuser from 138.197.199.249 Aug 31 05:57:26 hb sshd\[16110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Aug 31 05:57:28 hb sshd\[16110\]: Failed password for invalid user testuser from 138.197.199.249 port 41469 ssh2 Aug 31 06:01:55 hb sshd\[16531\]: Invalid user postgres from 138.197.199.249 Aug 31 06:01:55 hb sshd\[16531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-08-31 14:09:09
attackbotsspam	Aug 19 11:00:17 cp sshd[12703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-08-19 17:19:50
attackspambots	2019-08-14T08:29:55.999823lon01.zurich-datacenter.net sshd\[8809\]: Invalid user movie from 138.197.199.249 port 57964 2019-08-14T08:29:56.008167lon01.zurich-datacenter.net sshd\[8809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 2019-08-14T08:29:57.717964lon01.zurich-datacenter.net sshd\[8809\]: Failed password for invalid user movie from 138.197.199.249 port 57964 ssh2 2019-08-14T08:35:00.506107lon01.zurich-datacenter.net sshd\[8905\]: Invalid user oracle from 138.197.199.249 port 53959 2019-08-14T08:35:00.517315lon01.zurich-datacenter.net sshd\[8905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 ...	2019-08-14 14:57:08
attackspambots	Brute force SMTP login attempted. ...	2019-08-10 03:10:11
attackspambots	Feb 28 04:46:24 motanud sshd\[2029\]: Invalid user rs from 138.197.199.249 port 36368 Feb 28 04:46:24 motanud sshd\[2029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Feb 28 04:46:25 motanud sshd\[2029\]: Failed password for invalid user rs from 138.197.199.249 port 36368 ssh2	2019-08-06 18:35:20
attackspam	Aug 2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Invalid user nexus from 138.197.199.249 Aug 2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Aug 2 15:11:40 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Failed password for invalid user nexus from 138.197.199.249 port 39281 ssh2 Aug 2 15:16:13 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Aug 2 15:16:15 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: Failed password for root from 138.197.199.249 port 36950 ssh2 ...	2019-08-02 17:46:40
attackbots	Jul 28 14:30:35 icinga sshd[32230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Jul 28 14:30:37 icinga sshd[32230]: Failed password for invalid user server2007 from 138.197.199.249 port 37472 ssh2 ...	2019-07-28 21:03:15
attackbots	Jul 13 18:19:06 dedicated sshd[4381]: Invalid user admin from 138.197.199.249 port 44759	2019-07-14 00:19:23
attackbots	2019-07-07T06:52:15.3269211240 sshd\[17224\]: Invalid user conf from 138.197.199.249 port 50957 2019-07-07T06:52:15.3317751240 sshd\[17224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 2019-07-07T06:52:16.9193911240 sshd\[17224\]: Failed password for invalid user conf from 138.197.199.249 port 50957 ssh2 ...	2019-07-07 13:38:41
attack	Jul 2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249 Jul 2 17:20:55 srv206 sshd[23863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Jul 2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249 Jul 2 17:20:57 srv206 sshd[23863]: Failed password for invalid user ckodhek from 138.197.199.249 port 55190 ssh2 ...	2019-07-02 23:54:21

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.199.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61778
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.199.249.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 05:20:48 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

249.199.197.138.in-addr.arpa domain name pointer 185439.cloudwaysapps.com.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
249.199.197.138.in-addr.arpa	name = 185439.cloudwaysapps.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
213.60.165.77	attackbots	Invalid user b from 213.60.165.77 port 32926	2020-03-14 01:46:33
118.243.61.146	attack	Honeypot attack, port: 445, PTR: y061146.ppp.asahi-net.or.jp.	2020-03-14 01:41:52
94.25.160.175	attackspam	Unauthorized connection attempt from IP address 94.25.160.175 on Port 445(SMB)	2020-03-14 01:22:13
43.242.242.42	attack	Unauthorized connection attempt from IP address 43.242.242.42 on Port 445(SMB)	2020-03-14 01:42:30
96.68.92.22	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/96.68.92.22/ US - 1H : (331) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN7922 IP : 96.68.92.22 CIDR : 96.64.0.0/11 PREFIX COUNT : 1512 UNIQUE IP COUNT : 70992640 ATTACKS DETECTED ASN7922 : 1H - 12 3H - 12 6H - 12 12H - 12 24H - 12 DateTime : 2020-03-13 13:46:09 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-03-14 01:21:13
116.55.140.149	attack	Automatic report - Banned IP Access	2020-03-14 01:26:09
51.75.23.62	attackbotsspam	2020-03-13T17:23:33.754520homeassistant sshd[8631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.23.62 user=root 2020-03-13T17:23:35.901426homeassistant sshd[8631]: Failed password for root from 51.75.23.62 port 45860 ssh2 ...	2020-03-14 01:32:03
125.124.253.203	attackspambots	Mar 13 15:10:27 serwer sshd\[14162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.253.203 user=root Mar 13 15:10:28 serwer sshd\[14162\]: Failed password for root from 125.124.253.203 port 36928 ssh2 Mar 13 15:13:43 serwer sshd\[14757\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.253.203 user=root ...	2020-03-14 01:25:01
145.255.31.52	attackbotsspam	Jan 8 05:30:43 pi sshd[5077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.255.31.52 Jan 8 05:30:45 pi sshd[5077]: Failed password for invalid user grz from 145.255.31.52 port 39107 ssh2	2020-03-14 01:17:46
192.249.115.24	attack	HTTP/80/443/8080 Probe, BF, WP, Hack -	2020-03-14 01:57:35
195.20.28.192	attackbots	Unauthorized connection attempt from IP address 195.20.28.192 on Port 445(SMB)	2020-03-14 01:55:40
144.217.243.216	attackbotsspam	Jan 4 19:25:55 pi sshd[4944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.243.216 Jan 4 19:25:57 pi sshd[4944]: Failed password for invalid user dk from 144.217.243.216 port 44636 ssh2	2020-03-14 01:56:20
73.179.45.166	attackbotsspam	Honeypot attack, port: 5555, PTR: c-73-179-45-166.hsd1.fl.comcast.net.	2020-03-14 01:27:06
185.255.134.175	attackspam	2020-03-13T18:13:52.182923jannga.de sshd[3055]: Invalid user youtube from 185.255.134.175 port 37644 2020-03-13T18:13:54.912015jannga.de sshd[3055]: Failed password for invalid user youtube from 185.255.134.175 port 37644 ssh2 ...	2020-03-14 01:18:33
222.186.42.7	attackbots	Mar 13 18:16:34 plex sshd[11806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Mar 13 18:16:36 plex sshd[11806]: Failed password for root from 222.186.42.7 port 39026 ssh2	2020-03-14 01:24:03

最近上报的IP列表

151.49.43.200	51.38.185.238	190.173.142.95	193.188.23.23
45.227.255.214	220.194.70.25	159.65.42.207	38.89.142.34
125.165.187.65	123.206.128.231	185.120.79.2	103.66.79.173
118.24.255.191	38.128.66.158	54.38.47.28	118.25.76.244
124.173.71.245	188.0.133.20	192.0.215.179	216.244.82.50