138.197.199.249

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Nov 22 09:22:28 dallas01 sshd[22802]: Failed password for backup from 138.197.199.249 port 37951 ssh2 Nov 22 09:28:31 dallas01 sshd[23802]: Failed password for root from 138.197.199.249 port 55944 ssh2	2020-01-28 09:10:32
attack	Nov 25 07:39:41 ny01 sshd[25197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 25 07:39:43 ny01 sshd[25197]: Failed password for invalid user simon from 138.197.199.249 port 44820 ssh2 Nov 25 07:42:52 ny01 sshd[25490]: Failed password for root from 138.197.199.249 port 34081 ssh2	2019-11-25 20:46:22
attack	Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249 Nov 16 08:27:23 ncomp sshd[1976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249 Nov 16 08:27:25 ncomp sshd[1976]: Failed password for invalid user home from 138.197.199.249 port 59156 ssh2	2019-11-16 16:17:14
attack	Nov 15 15:42:42 meumeu sshd[10060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 15 15:42:45 meumeu sshd[10060]: Failed password for invalid user thorsteinsen from 138.197.199.249 port 48292 ssh2 Nov 15 15:45:58 meumeu sshd[10479]: Failed password for root from 138.197.199.249 port 37908 ssh2 ...	2019-11-15 22:49:04
attackbots	Nov 14 13:39:02 sachi sshd\[14303\]: Invalid user abcdefghijklmno from 138.197.199.249 Nov 14 13:39:02 sachi sshd\[14303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 14 13:39:04 sachi sshd\[14303\]: Failed password for invalid user abcdefghijklmno from 138.197.199.249 port 58829 ssh2 Nov 14 13:42:27 sachi sshd\[14661\]: Invalid user hege from 138.197.199.249 Nov 14 13:42:27 sachi sshd\[14661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-11-15 07:50:50
attackbots	Nov 14 00:20:41 wbs sshd\[17952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=backup Nov 14 00:20:43 wbs sshd\[17952\]: Failed password for backup from 138.197.199.249 port 33559 ssh2 Nov 14 00:23:50 wbs sshd\[18210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Nov 14 00:23:53 wbs sshd\[18210\]: Failed password for root from 138.197.199.249 port 51354 ssh2 Nov 14 00:27:05 wbs sshd\[18482\]: Invalid user michalsen from 138.197.199.249 Nov 14 00:27:05 wbs sshd\[18482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-11-14 18:34:08
attack	k+ssh-bruteforce	2019-11-09 16:59:30
attackspambots	Nov 7 14:49:17 mail sshd\[10002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root ...	2019-11-08 06:35:12
attackbotsspam	Nov 5 13:36:53 ws19vmsma01 sshd[77290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 5 13:36:54 ws19vmsma01 sshd[77290]: Failed password for invalid user mainastcheck from 138.197.199.249 port 53497 ssh2 ...	2019-11-06 02:59:29
attack	Nov 4 06:38:41 ip-172-31-1-72 sshd\[16809\]: Invalid user prasobsub from 138.197.199.249 Nov 4 06:38:41 ip-172-31-1-72 sshd\[16809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 4 06:38:43 ip-172-31-1-72 sshd\[16809\]: Failed password for invalid user prasobsub from 138.197.199.249 port 54096 ssh2 Nov 4 06:42:02 ip-172-31-1-72 sshd\[16956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Nov 4 06:42:04 ip-172-31-1-72 sshd\[16956\]: Failed password for root from 138.197.199.249 port 44557 ssh2	2019-11-04 15:05:57
attackbots	2019-11-02T14:46:59.565135abusebot-3.cloudsearch.cf sshd\[14004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root	2019-11-03 01:56:50
attackbots	Automatic report - Banned IP Access	2019-10-25 21:22:18
attackbots	$f2bV_matches	2019-10-14 12:43:06
attackbotsspam	Sep 27 00:14:42 plusreed sshd[20679]: Invalid user nscd from 138.197.199.249 ...	2019-09-27 12:28:13
attackspam	Sep 26 21:08:20 plusreed sshd[11049]: Invalid user simulation from 138.197.199.249 ...	2019-09-27 09:26:11
attack	Sep 23 18:48:41 saschabauer sshd[18379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 23 18:48:43 saschabauer sshd[18379]: Failed password for invalid user m from 138.197.199.249 port 37275 ssh2	2019-09-24 00:50:48
attack	Sep 12 18:00:55 localhost sshd\[5514\]: Invalid user qwe123 from 138.197.199.249 port 43757 Sep 12 18:00:55 localhost sshd\[5514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 12 18:00:56 localhost sshd\[5514\]: Failed password for invalid user qwe123 from 138.197.199.249 port 43757 ssh2	2019-09-13 00:23:52
attackspam	Sep 8 09:55:31 aiointranet sshd\[25030\]: Invalid user vagrant from 138.197.199.249 Sep 8 09:55:31 aiointranet sshd\[25030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 8 09:55:33 aiointranet sshd\[25030\]: Failed password for invalid user vagrant from 138.197.199.249 port 58486 ssh2 Sep 8 09:59:31 aiointranet sshd\[25342\]: Invalid user vbox@123 from 138.197.199.249 Sep 8 09:59:31 aiointranet sshd\[25342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-09-09 08:57:35
attackspam	Sep 8 05:54:22 aiointranet sshd\[2428\]: Invalid user sinusbot from 138.197.199.249 Sep 8 05:54:22 aiointranet sshd\[2428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 8 05:54:24 aiointranet sshd\[2428\]: Failed password for invalid user sinusbot from 138.197.199.249 port 52813 ssh2 Sep 8 05:58:27 aiointranet sshd\[2746\]: Invalid user uftp from 138.197.199.249 Sep 8 05:58:27 aiointranet sshd\[2746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-09-09 00:06:54
attack	Aug 31 05:57:26 hb sshd\[16110\]: Invalid user testuser from 138.197.199.249 Aug 31 05:57:26 hb sshd\[16110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Aug 31 05:57:28 hb sshd\[16110\]: Failed password for invalid user testuser from 138.197.199.249 port 41469 ssh2 Aug 31 06:01:55 hb sshd\[16531\]: Invalid user postgres from 138.197.199.249 Aug 31 06:01:55 hb sshd\[16531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-08-31 14:09:09
attackbotsspam	Aug 19 11:00:17 cp sshd[12703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-08-19 17:19:50
attackspambots	2019-08-14T08:29:55.999823lon01.zurich-datacenter.net sshd\[8809\]: Invalid user movie from 138.197.199.249 port 57964 2019-08-14T08:29:56.008167lon01.zurich-datacenter.net sshd\[8809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 2019-08-14T08:29:57.717964lon01.zurich-datacenter.net sshd\[8809\]: Failed password for invalid user movie from 138.197.199.249 port 57964 ssh2 2019-08-14T08:35:00.506107lon01.zurich-datacenter.net sshd\[8905\]: Invalid user oracle from 138.197.199.249 port 53959 2019-08-14T08:35:00.517315lon01.zurich-datacenter.net sshd\[8905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 ...	2019-08-14 14:57:08
attackspambots	Brute force SMTP login attempted. ...	2019-08-10 03:10:11
attackspambots	Feb 28 04:46:24 motanud sshd\[2029\]: Invalid user rs from 138.197.199.249 port 36368 Feb 28 04:46:24 motanud sshd\[2029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Feb 28 04:46:25 motanud sshd\[2029\]: Failed password for invalid user rs from 138.197.199.249 port 36368 ssh2	2019-08-06 18:35:20
attackspam	Aug 2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Invalid user nexus from 138.197.199.249 Aug 2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Aug 2 15:11:40 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Failed password for invalid user nexus from 138.197.199.249 port 39281 ssh2 Aug 2 15:16:13 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Aug 2 15:16:15 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: Failed password for root from 138.197.199.249 port 36950 ssh2 ...	2019-08-02 17:46:40
attackbots	Jul 28 14:30:35 icinga sshd[32230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Jul 28 14:30:37 icinga sshd[32230]: Failed password for invalid user server2007 from 138.197.199.249 port 37472 ssh2 ...	2019-07-28 21:03:15
attackbots	Jul 13 18:19:06 dedicated sshd[4381]: Invalid user admin from 138.197.199.249 port 44759	2019-07-14 00:19:23
attackbots	2019-07-07T06:52:15.3269211240 sshd\[17224\]: Invalid user conf from 138.197.199.249 port 50957 2019-07-07T06:52:15.3317751240 sshd\[17224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 2019-07-07T06:52:16.9193911240 sshd\[17224\]: Failed password for invalid user conf from 138.197.199.249 port 50957 ssh2 ...	2019-07-07 13:38:41
attack	Jul 2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249 Jul 2 17:20:55 srv206 sshd[23863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Jul 2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249 Jul 2 17:20:57 srv206 sshd[23863]: Failed password for invalid user ckodhek from 138.197.199.249 port 55190 ssh2 ...	2019-07-02 23:54:21

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.199.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61778
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.199.249.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 05:20:48 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

249.199.197.138.in-addr.arpa domain name pointer 185439.cloudwaysapps.com.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
249.199.197.138.in-addr.arpa	name = 185439.cloudwaysapps.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
222.186.175.169	attackbots	Sep 21 17:38:49 gw1 sshd[1898]: Failed password for root from 222.186.175.169 port 4880 ssh2 Sep 21 17:39:01 gw1 sshd[1898]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 4880 ssh2 [preauth] ...	2020-09-21 20:44:39
51.38.191.126	attackspam	Sep 21 08:42:52 ip106 sshd[27214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.191.126 Sep 21 08:42:55 ip106 sshd[27214]: Failed password for invalid user user3 from 51.38.191.126 port 40200 ssh2 ...	2020-09-21 20:31:42
114.42.22.41	attackspam	Found on CINS badguys / proto=6 . srcport=12025 . dstport=23 . (2349)	2020-09-21 20:28:51
27.6.185.226	attackbots	Listed on zen-spamhaus also barracudaCentral and abuseat.org / proto=6 . srcport=37206 . dstport=8080 . (2351)	2020-09-21 20:15:52
45.129.33.46	attackspam	TCP (SYN) 45.129.33.46:55845 -> port 23704, len 44	2020-09-21 20:18:05
45.86.15.133	attackspambots	(From chelsey.broughton@hotmail.com) The best SEO & Most Powerful link building software for your business. I just checked out your website perlinechiropractic.com and wanted to find out if you need help for SEO Link Building ? If you aren't using SEO Software then you will know the amount of work load involved in creating accounts, confirming emails and submitting your contents to thousands of websites. With THIS SOFTWARE the link submission process will be the easiest task and completely automated, you will be able to build unlimited number of links and increase traffic to your websites which will lead to a higher number of customers and much more sales for you. IF YOU ARE INTERESTED, We offer you 7 days free trial => https://bit.ly/2ZPZrOn	2020-09-21 20:14:45
2.57.122.214	attackbots	SP-Scan 53551:23 detected 2020.09.20 01:41:02 blocked until 2020.11.08 17:43:49	2020-09-21 20:33:26
172.91.39.2	attack	172.91.39.2 (US/United States/cpe-172-91-39-2.socal.res.rr.com), 3 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 12:59:18 internal2 sshd[4123]: Invalid user admin from 124.180.32.34 port 47169 Sep 20 13:03:52 internal2 sshd[8106]: Invalid user admin from 172.91.39.2 port 56478 Sep 20 12:59:15 internal2 sshd[4103]: Invalid user admin from 124.180.32.34 port 47148 IP Addresses Blocked: 124.180.32.34 (AU/Australia/cpe-124-180-32-34.ab01.act.asp.telstra.net)	2020-09-21 20:34:49
142.93.101.46	attack	TCP port : 11535	2020-09-21 20:15:34
222.186.175.216	attack	Sep 21 14:27:47 db sshd[6499]: User root from 222.186.175.216 not allowed because none of user's groups are listed in AllowGroups ...	2020-09-21 20:34:34
138.68.246.71	attackspam	xmlrpc attack	2020-09-21 19:45:20
27.113.68.229	attack	TCP (SYN) 27.113.68.229:54130 -> port 23, len 40	2020-09-21 20:27:34
212.70.149.83	attackspam	2020-09-21 14:14:38 dovecot_login authenticator failed for $User$ \[212.70.149.83\]: 535 Incorrect authentication data $set_id=zzb@no-server.de$ 2020-09-21 14:15:04 dovecot_login authenticator failed for $User$ \[212.70.149.83\]: 535 Incorrect authentication data $set_id=q@no-server.de$ 2020-09-21 14:15:30 dovecot_login authenticator failed for $User$ \[212.70.149.83\]: 535 Incorrect authentication data $set_id=ne@no-server.de$ 2020-09-21 14:15:56 dovecot_login authenticator failed for $User$ \[212.70.149.83\]: 535 Incorrect authentication data $set_id=ricoh@no-server.de$ 2020-09-21 14:16:22 dovecot_login authenticator failed for $User$ \[212.70.149.83\]: 535 Incorrect authentication data $set_id=agro@no-server.de$ ...	2020-09-21 20:23:23
195.54.166.118	attackspam	RDP brute forcing (r)	2020-09-21 20:42:03
201.186.243.225	attack	Sep 20 21:07:09 vps639187 sshd\[32343\]: Invalid user cablecom from 201.186.243.225 port 47286 Sep 20 21:07:09 vps639187 sshd\[32343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.186.243.225 Sep 20 21:07:11 vps639187 sshd\[32343\]: Failed password for invalid user cablecom from 201.186.243.225 port 47286 ssh2 ...	2020-09-21 20:09:23

最近上报的IP列表

151.49.43.200	51.38.185.238	190.173.142.95	193.188.23.23
45.227.255.214	220.194.70.25	159.65.42.207	38.89.142.34
125.165.187.65	123.206.128.231	185.120.79.2	103.66.79.173
118.24.255.191	38.128.66.158	54.38.47.28	118.25.76.244
124.173.71.245	188.0.133.20	192.0.215.179	216.244.82.50