138.197.199.249

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Nov 22 09:22:28 dallas01 sshd[22802]: Failed password for backup from 138.197.199.249 port 37951 ssh2 Nov 22 09:28:31 dallas01 sshd[23802]: Failed password for root from 138.197.199.249 port 55944 ssh2	2020-01-28 09:10:32
attack	Nov 25 07:39:41 ny01 sshd[25197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 25 07:39:43 ny01 sshd[25197]: Failed password for invalid user simon from 138.197.199.249 port 44820 ssh2 Nov 25 07:42:52 ny01 sshd[25490]: Failed password for root from 138.197.199.249 port 34081 ssh2	2019-11-25 20:46:22
attack	Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249 Nov 16 08:27:23 ncomp sshd[1976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249 Nov 16 08:27:25 ncomp sshd[1976]: Failed password for invalid user home from 138.197.199.249 port 59156 ssh2	2019-11-16 16:17:14
attack	Nov 15 15:42:42 meumeu sshd[10060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 15 15:42:45 meumeu sshd[10060]: Failed password for invalid user thorsteinsen from 138.197.199.249 port 48292 ssh2 Nov 15 15:45:58 meumeu sshd[10479]: Failed password for root from 138.197.199.249 port 37908 ssh2 ...	2019-11-15 22:49:04
attackbots	Nov 14 13:39:02 sachi sshd\[14303\]: Invalid user abcdefghijklmno from 138.197.199.249 Nov 14 13:39:02 sachi sshd\[14303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 14 13:39:04 sachi sshd\[14303\]: Failed password for invalid user abcdefghijklmno from 138.197.199.249 port 58829 ssh2 Nov 14 13:42:27 sachi sshd\[14661\]: Invalid user hege from 138.197.199.249 Nov 14 13:42:27 sachi sshd\[14661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-11-15 07:50:50
attackbots	Nov 14 00:20:41 wbs sshd\[17952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=backup Nov 14 00:20:43 wbs sshd\[17952\]: Failed password for backup from 138.197.199.249 port 33559 ssh2 Nov 14 00:23:50 wbs sshd\[18210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Nov 14 00:23:53 wbs sshd\[18210\]: Failed password for root from 138.197.199.249 port 51354 ssh2 Nov 14 00:27:05 wbs sshd\[18482\]: Invalid user michalsen from 138.197.199.249 Nov 14 00:27:05 wbs sshd\[18482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-11-14 18:34:08
attack	k+ssh-bruteforce	2019-11-09 16:59:30
attackspambots	Nov 7 14:49:17 mail sshd\[10002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root ...	2019-11-08 06:35:12
attackbotsspam	Nov 5 13:36:53 ws19vmsma01 sshd[77290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 5 13:36:54 ws19vmsma01 sshd[77290]: Failed password for invalid user mainastcheck from 138.197.199.249 port 53497 ssh2 ...	2019-11-06 02:59:29
attack	Nov 4 06:38:41 ip-172-31-1-72 sshd\[16809\]: Invalid user prasobsub from 138.197.199.249 Nov 4 06:38:41 ip-172-31-1-72 sshd\[16809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 4 06:38:43 ip-172-31-1-72 sshd\[16809\]: Failed password for invalid user prasobsub from 138.197.199.249 port 54096 ssh2 Nov 4 06:42:02 ip-172-31-1-72 sshd\[16956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Nov 4 06:42:04 ip-172-31-1-72 sshd\[16956\]: Failed password for root from 138.197.199.249 port 44557 ssh2	2019-11-04 15:05:57
attackbots	2019-11-02T14:46:59.565135abusebot-3.cloudsearch.cf sshd\[14004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root	2019-11-03 01:56:50
attackbots	Automatic report - Banned IP Access	2019-10-25 21:22:18
attackbots	$f2bV_matches	2019-10-14 12:43:06
attackbotsspam	Sep 27 00:14:42 plusreed sshd[20679]: Invalid user nscd from 138.197.199.249 ...	2019-09-27 12:28:13
attackspam	Sep 26 21:08:20 plusreed sshd[11049]: Invalid user simulation from 138.197.199.249 ...	2019-09-27 09:26:11
attack	Sep 23 18:48:41 saschabauer sshd[18379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 23 18:48:43 saschabauer sshd[18379]: Failed password for invalid user m from 138.197.199.249 port 37275 ssh2	2019-09-24 00:50:48
attack	Sep 12 18:00:55 localhost sshd\[5514\]: Invalid user qwe123 from 138.197.199.249 port 43757 Sep 12 18:00:55 localhost sshd\[5514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 12 18:00:56 localhost sshd\[5514\]: Failed password for invalid user qwe123 from 138.197.199.249 port 43757 ssh2	2019-09-13 00:23:52
attackspam	Sep 8 09:55:31 aiointranet sshd\[25030\]: Invalid user vagrant from 138.197.199.249 Sep 8 09:55:31 aiointranet sshd\[25030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 8 09:55:33 aiointranet sshd\[25030\]: Failed password for invalid user vagrant from 138.197.199.249 port 58486 ssh2 Sep 8 09:59:31 aiointranet sshd\[25342\]: Invalid user vbox@123 from 138.197.199.249 Sep 8 09:59:31 aiointranet sshd\[25342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-09-09 08:57:35
attackspam	Sep 8 05:54:22 aiointranet sshd\[2428\]: Invalid user sinusbot from 138.197.199.249 Sep 8 05:54:22 aiointranet sshd\[2428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 8 05:54:24 aiointranet sshd\[2428\]: Failed password for invalid user sinusbot from 138.197.199.249 port 52813 ssh2 Sep 8 05:58:27 aiointranet sshd\[2746\]: Invalid user uftp from 138.197.199.249 Sep 8 05:58:27 aiointranet sshd\[2746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-09-09 00:06:54
attack	Aug 31 05:57:26 hb sshd\[16110\]: Invalid user testuser from 138.197.199.249 Aug 31 05:57:26 hb sshd\[16110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Aug 31 05:57:28 hb sshd\[16110\]: Failed password for invalid user testuser from 138.197.199.249 port 41469 ssh2 Aug 31 06:01:55 hb sshd\[16531\]: Invalid user postgres from 138.197.199.249 Aug 31 06:01:55 hb sshd\[16531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-08-31 14:09:09
attackbotsspam	Aug 19 11:00:17 cp sshd[12703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-08-19 17:19:50
attackspambots	2019-08-14T08:29:55.999823lon01.zurich-datacenter.net sshd\[8809\]: Invalid user movie from 138.197.199.249 port 57964 2019-08-14T08:29:56.008167lon01.zurich-datacenter.net sshd\[8809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 2019-08-14T08:29:57.717964lon01.zurich-datacenter.net sshd\[8809\]: Failed password for invalid user movie from 138.197.199.249 port 57964 ssh2 2019-08-14T08:35:00.506107lon01.zurich-datacenter.net sshd\[8905\]: Invalid user oracle from 138.197.199.249 port 53959 2019-08-14T08:35:00.517315lon01.zurich-datacenter.net sshd\[8905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 ...	2019-08-14 14:57:08
attackspambots	Brute force SMTP login attempted. ...	2019-08-10 03:10:11
attackspambots	Feb 28 04:46:24 motanud sshd\[2029\]: Invalid user rs from 138.197.199.249 port 36368 Feb 28 04:46:24 motanud sshd\[2029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Feb 28 04:46:25 motanud sshd\[2029\]: Failed password for invalid user rs from 138.197.199.249 port 36368 ssh2	2019-08-06 18:35:20
attackspam	Aug 2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Invalid user nexus from 138.197.199.249 Aug 2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Aug 2 15:11:40 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Failed password for invalid user nexus from 138.197.199.249 port 39281 ssh2 Aug 2 15:16:13 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Aug 2 15:16:15 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: Failed password for root from 138.197.199.249 port 36950 ssh2 ...	2019-08-02 17:46:40
attackbots	Jul 28 14:30:35 icinga sshd[32230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Jul 28 14:30:37 icinga sshd[32230]: Failed password for invalid user server2007 from 138.197.199.249 port 37472 ssh2 ...	2019-07-28 21:03:15
attackbots	Jul 13 18:19:06 dedicated sshd[4381]: Invalid user admin from 138.197.199.249 port 44759	2019-07-14 00:19:23
attackbots	2019-07-07T06:52:15.3269211240 sshd\[17224\]: Invalid user conf from 138.197.199.249 port 50957 2019-07-07T06:52:15.3317751240 sshd\[17224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 2019-07-07T06:52:16.9193911240 sshd\[17224\]: Failed password for invalid user conf from 138.197.199.249 port 50957 ssh2 ...	2019-07-07 13:38:41
attack	Jul 2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249 Jul 2 17:20:55 srv206 sshd[23863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Jul 2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249 Jul 2 17:20:57 srv206 sshd[23863]: Failed password for invalid user ckodhek from 138.197.199.249 port 55190 ssh2 ...	2019-07-02 23:54:21

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.199.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61778
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.199.249.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 05:20:48 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

249.199.197.138.in-addr.arpa domain name pointer 185439.cloudwaysapps.com.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
249.199.197.138.in-addr.arpa	name = 185439.cloudwaysapps.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
87.94.215.219	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-03-18 08:07:35
132.232.40.86	attackspam	Mar 17 19:15:59 plex sshd[32480]: Failed password for root from 132.232.40.86 port 36700 ssh2 Mar 17 19:17:19 plex sshd[32505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.40.86 user=root Mar 17 19:17:21 plex sshd[32505]: Failed password for root from 132.232.40.86 port 51874 ssh2 Mar 17 19:17:19 plex sshd[32505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.40.86 user=root Mar 17 19:17:21 plex sshd[32505]: Failed password for root from 132.232.40.86 port 51874 ssh2	2020-03-18 07:52:17
106.12.30.133	attackspam	Invalid user deploy from 106.12.30.133 port 35344	2020-03-18 08:22:21
106.12.18.248	attackbotsspam	5x Failed Password	2020-03-18 07:59:58
51.158.162.242	attackbotsspam	DATE:2020-03-17 23:53:56, IP:51.158.162.242, PORT:ssh SSH brute force auth (docker-dc)	2020-03-18 08:21:42
124.94.178.62	attackspam	Mar 17 19:16:47 debian-2gb-nbg1-2 kernel: \[6728122.295864\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=124.94.178.62 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=42 ID=3528 PROTO=TCP SPT=19177 DPT=23 WINDOW=64019 RES=0x00 SYN URGP=0	2020-03-18 08:26:17
49.234.96.24	attackbots	Brute force SMTP login attempted. ...	2020-03-18 08:08:29
106.12.144.3	attackspambots	Invalid user amax from 106.12.144.3 port 42376	2020-03-18 07:50:15
201.156.169.109	attack	Telnet Server BruteForce Attack	2020-03-18 08:24:52
138.68.16.40	attack	Invalid user genedimen from 138.68.16.40 port 33510	2020-03-18 07:54:51
222.186.15.166	attackbots	18.03.2020 00:13:59 SSH access blocked by firewall	2020-03-18 08:27:25
111.229.231.21	attack	Fail2Ban Ban Triggered (2)	2020-03-18 08:22:56
118.25.94.105	attack	$f2bV_matches	2020-03-18 08:26:34
114.36.125.180	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-18 07:57:17
58.87.74.123	attackbotsspam	Brute-force attempt banned	2020-03-18 07:49:21

最近上报的IP列表

151.49.43.200	51.38.185.238	190.173.142.95	193.188.23.23
45.227.255.214	220.194.70.25	159.65.42.207	38.89.142.34
125.165.187.65	123.206.128.231	185.120.79.2	103.66.79.173
118.24.255.191	38.128.66.158	54.38.47.28	118.25.76.244
124.173.71.245	188.0.133.20	192.0.215.179	216.244.82.50