必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
Nov 22 09:22:28 dallas01 sshd[22802]: Failed password for backup from 138.197.199.249 port 37951 ssh2
Nov 22 09:28:31 dallas01 sshd[23802]: Failed password for root from 138.197.199.249 port 55944 ssh2
2020-01-28 09:10:32
attack
Nov 25 07:39:41 ny01 sshd[25197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Nov 25 07:39:43 ny01 sshd[25197]: Failed password for invalid user simon from 138.197.199.249 port 44820 ssh2
Nov 25 07:42:52 ny01 sshd[25490]: Failed password for root from 138.197.199.249 port 34081 ssh2
2019-11-25 20:46:22
attack
Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249
Nov 16 08:27:23 ncomp sshd[1976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249
Nov 16 08:27:25 ncomp sshd[1976]: Failed password for invalid user home from 138.197.199.249 port 59156 ssh2
2019-11-16 16:17:14
attack
Nov 15 15:42:42 meumeu sshd[10060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 
Nov 15 15:42:45 meumeu sshd[10060]: Failed password for invalid user thorsteinsen from 138.197.199.249 port 48292 ssh2
Nov 15 15:45:58 meumeu sshd[10479]: Failed password for root from 138.197.199.249 port 37908 ssh2
...
2019-11-15 22:49:04
attackbots
Nov 14 13:39:02 sachi sshd\[14303\]: Invalid user abcdefghijklmno from 138.197.199.249
Nov 14 13:39:02 sachi sshd\[14303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Nov 14 13:39:04 sachi sshd\[14303\]: Failed password for invalid user abcdefghijklmno from 138.197.199.249 port 58829 ssh2
Nov 14 13:42:27 sachi sshd\[14661\]: Invalid user hege from 138.197.199.249
Nov 14 13:42:27 sachi sshd\[14661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
2019-11-15 07:50:50
attackbots
Nov 14 00:20:41 wbs sshd\[17952\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249  user=backup
Nov 14 00:20:43 wbs sshd\[17952\]: Failed password for backup from 138.197.199.249 port 33559 ssh2
Nov 14 00:23:50 wbs sshd\[18210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249  user=root
Nov 14 00:23:53 wbs sshd\[18210\]: Failed password for root from 138.197.199.249 port 51354 ssh2
Nov 14 00:27:05 wbs sshd\[18482\]: Invalid user michalsen from 138.197.199.249
Nov 14 00:27:05 wbs sshd\[18482\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
2019-11-14 18:34:08
attack
k+ssh-bruteforce
2019-11-09 16:59:30
attackspambots
Nov  7 14:49:17 mail sshd\[10002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249  user=root
...
2019-11-08 06:35:12
attackbotsspam
Nov  5 13:36:53 ws19vmsma01 sshd[77290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Nov  5 13:36:54 ws19vmsma01 sshd[77290]: Failed password for invalid user mainastcheck from 138.197.199.249 port 53497 ssh2
...
2019-11-06 02:59:29
attack
Nov  4 06:38:41 ip-172-31-1-72 sshd\[16809\]: Invalid user prasobsub from 138.197.199.249
Nov  4 06:38:41 ip-172-31-1-72 sshd\[16809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Nov  4 06:38:43 ip-172-31-1-72 sshd\[16809\]: Failed password for invalid user prasobsub from 138.197.199.249 port 54096 ssh2
Nov  4 06:42:02 ip-172-31-1-72 sshd\[16956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249  user=root
Nov  4 06:42:04 ip-172-31-1-72 sshd\[16956\]: Failed password for root from 138.197.199.249 port 44557 ssh2
2019-11-04 15:05:57
attackbots
2019-11-02T14:46:59.565135abusebot-3.cloudsearch.cf sshd\[14004\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249  user=root
2019-11-03 01:56:50
attackbots
Automatic report - Banned IP Access
2019-10-25 21:22:18
attackbots
$f2bV_matches
2019-10-14 12:43:06
attackbotsspam
Sep 27 00:14:42 plusreed sshd[20679]: Invalid user nscd from 138.197.199.249
...
2019-09-27 12:28:13
attackspam
Sep 26 21:08:20 plusreed sshd[11049]: Invalid user simulation from 138.197.199.249
...
2019-09-27 09:26:11
attack
Sep 23 18:48:41 saschabauer sshd[18379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Sep 23 18:48:43 saschabauer sshd[18379]: Failed password for invalid user m from 138.197.199.249 port 37275 ssh2
2019-09-24 00:50:48
attack
Sep 12 18:00:55 localhost sshd\[5514\]: Invalid user qwe123 from 138.197.199.249 port 43757
Sep 12 18:00:55 localhost sshd\[5514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Sep 12 18:00:56 localhost sshd\[5514\]: Failed password for invalid user qwe123 from 138.197.199.249 port 43757 ssh2
2019-09-13 00:23:52
attackspam
Sep  8 09:55:31 aiointranet sshd\[25030\]: Invalid user vagrant from 138.197.199.249
Sep  8 09:55:31 aiointranet sshd\[25030\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Sep  8 09:55:33 aiointranet sshd\[25030\]: Failed password for invalid user vagrant from 138.197.199.249 port 58486 ssh2
Sep  8 09:59:31 aiointranet sshd\[25342\]: Invalid user vbox@123 from 138.197.199.249
Sep  8 09:59:31 aiointranet sshd\[25342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
2019-09-09 08:57:35
attackspam
Sep  8 05:54:22 aiointranet sshd\[2428\]: Invalid user sinusbot from 138.197.199.249
Sep  8 05:54:22 aiointranet sshd\[2428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Sep  8 05:54:24 aiointranet sshd\[2428\]: Failed password for invalid user sinusbot from 138.197.199.249 port 52813 ssh2
Sep  8 05:58:27 aiointranet sshd\[2746\]: Invalid user uftp from 138.197.199.249
Sep  8 05:58:27 aiointranet sshd\[2746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
2019-09-09 00:06:54
attack
Aug 31 05:57:26 hb sshd\[16110\]: Invalid user testuser from 138.197.199.249
Aug 31 05:57:26 hb sshd\[16110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Aug 31 05:57:28 hb sshd\[16110\]: Failed password for invalid user testuser from 138.197.199.249 port 41469 ssh2
Aug 31 06:01:55 hb sshd\[16531\]: Invalid user postgres from 138.197.199.249
Aug 31 06:01:55 hb sshd\[16531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
2019-08-31 14:09:09
attackbotsspam
Aug 19 11:00:17 cp sshd[12703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
2019-08-19 17:19:50
attackspambots
2019-08-14T08:29:55.999823lon01.zurich-datacenter.net sshd\[8809\]: Invalid user movie from 138.197.199.249 port 57964
2019-08-14T08:29:56.008167lon01.zurich-datacenter.net sshd\[8809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
2019-08-14T08:29:57.717964lon01.zurich-datacenter.net sshd\[8809\]: Failed password for invalid user movie from 138.197.199.249 port 57964 ssh2
2019-08-14T08:35:00.506107lon01.zurich-datacenter.net sshd\[8905\]: Invalid user oracle from 138.197.199.249 port 53959
2019-08-14T08:35:00.517315lon01.zurich-datacenter.net sshd\[8905\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
...
2019-08-14 14:57:08
attackspambots
Brute force SMTP login attempted.
...
2019-08-10 03:10:11
attackspambots
Feb 28 04:46:24 motanud sshd\[2029\]: Invalid user rs from 138.197.199.249 port 36368
Feb 28 04:46:24 motanud sshd\[2029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Feb 28 04:46:25 motanud sshd\[2029\]: Failed password for invalid user rs from 138.197.199.249 port 36368 ssh2
2019-08-06 18:35:20
attackspam
Aug  2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Invalid user nexus from 138.197.199.249
Aug  2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Aug  2 15:11:40 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Failed password for invalid user nexus from 138.197.199.249 port 39281 ssh2
Aug  2 15:16:13 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249  user=root
Aug  2 15:16:15 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: Failed password for root from 138.197.199.249 port 36950 ssh2
...
2019-08-02 17:46:40
attackbots
Jul 28 14:30:35 icinga sshd[32230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Jul 28 14:30:37 icinga sshd[32230]: Failed password for invalid user server2007 from 138.197.199.249 port 37472 ssh2
...
2019-07-28 21:03:15
attackbots
Jul 13 18:19:06 dedicated sshd[4381]: Invalid user admin from 138.197.199.249 port 44759
2019-07-14 00:19:23
attackbots
2019-07-07T06:52:15.3269211240 sshd\[17224\]: Invalid user conf from 138.197.199.249 port 50957
2019-07-07T06:52:15.3317751240 sshd\[17224\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
2019-07-07T06:52:16.9193911240 sshd\[17224\]: Failed password for invalid user conf from 138.197.199.249 port 50957 ssh2
...
2019-07-07 13:38:41
attack
Jul  2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249
Jul  2 17:20:55 srv206 sshd[23863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249
Jul  2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249
Jul  2 17:20:57 srv206 sshd[23863]: Failed password for invalid user ckodhek from 138.197.199.249 port 55190 ssh2
...
2019-07-02 23:54:21
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.199.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61778
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.199.249.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 05:20:48 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:
249.199.197.138.in-addr.arpa domain name pointer 185439.cloudwaysapps.com.
NSLOOKUP信息:
Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
249.199.197.138.in-addr.arpa	name = 185439.cloudwaysapps.com.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
87.94.215.219 attack
port scan and connect, tcp 1433 (ms-sql-s)
2020-03-18 08:07:35
132.232.40.86 attackspam
Mar 17 19:15:59 plex sshd[32480]: Failed password for root from 132.232.40.86 port 36700 ssh2
Mar 17 19:17:19 plex sshd[32505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.40.86  user=root
Mar 17 19:17:21 plex sshd[32505]: Failed password for root from 132.232.40.86 port 51874 ssh2
Mar 17 19:17:19 plex sshd[32505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.40.86  user=root
Mar 17 19:17:21 plex sshd[32505]: Failed password for root from 132.232.40.86 port 51874 ssh2
2020-03-18 07:52:17
106.12.30.133 attackspam
Invalid user deploy from 106.12.30.133 port 35344
2020-03-18 08:22:21
106.12.18.248 attackbotsspam
5x Failed Password
2020-03-18 07:59:58
51.158.162.242 attackbotsspam
DATE:2020-03-17 23:53:56, IP:51.158.162.242, PORT:ssh SSH brute force auth (docker-dc)
2020-03-18 08:21:42
124.94.178.62 attackspam
Mar 17 19:16:47 debian-2gb-nbg1-2 kernel: \[6728122.295864\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=124.94.178.62 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=42 ID=3528 PROTO=TCP SPT=19177 DPT=23 WINDOW=64019 RES=0x00 SYN URGP=0
2020-03-18 08:26:17
49.234.96.24 attackbots
Brute force SMTP login attempted.
...
2020-03-18 08:08:29
106.12.144.3 attackspambots
Invalid user amax from 106.12.144.3 port 42376
2020-03-18 07:50:15
201.156.169.109 attack
Telnet Server BruteForce Attack
2020-03-18 08:24:52
138.68.16.40 attack
Invalid user genedimen from 138.68.16.40 port 33510
2020-03-18 07:54:51
222.186.15.166 attackbots
18.03.2020 00:13:59 SSH access blocked by firewall
2020-03-18 08:27:25
111.229.231.21 attack
Fail2Ban Ban Triggered (2)
2020-03-18 08:22:56
118.25.94.105 attack
$f2bV_matches
2020-03-18 08:26:34
114.36.125.180 attackbots
Telnet/23 MH Probe, Scan, BF, Hack -
2020-03-18 07:57:17
58.87.74.123 attackbotsspam
Brute-force attempt banned
2020-03-18 07:49:21

最近上报的IP列表

151.49.43.200 51.38.185.238 190.173.142.95 193.188.23.23
45.227.255.214 220.194.70.25 159.65.42.207 38.89.142.34
125.165.187.65 123.206.128.231 185.120.79.2 103.66.79.173
118.24.255.191 38.128.66.158 54.38.47.28 118.25.76.244
124.173.71.245 188.0.133.20 192.0.215.179 216.244.82.50