138.197.21.218

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	$f2bV_matches	2020-08-30 05:55:45
attack	Aug 18 05:51:35 vmd17057 sshd[15897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 Aug 18 05:51:37 vmd17057 sshd[15897]: Failed password for invalid user arkserver from 138.197.21.218 port 55982 ssh2 ...	2020-08-18 17:03:28
attackbotsspam	Aug 15 23:18:17 ip106 sshd[9143]: Failed password for root from 138.197.21.218 port 35068 ssh2 ...	2020-08-16 06:18:38
attack	Aug 9 17:17:04 lanister sshd[24871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 user=root Aug 9 17:17:05 lanister sshd[24871]: Failed password for root from 138.197.21.218 port 48560 ssh2 Aug 9 17:18:44 lanister sshd[24878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 user=root Aug 9 17:18:46 lanister sshd[24878]: Failed password for root from 138.197.21.218 port 50916 ssh2	2020-08-10 07:26:18
attackspam	Failed password for invalid user admin from 138.197.21.218 port 48140 ssh2	2020-07-25 02:17:30
attack	2020-07-12T17:16:31.804856abusebot-5.cloudsearch.cf sshd[29847]: Invalid user uucp from 138.197.21.218 port 54742 2020-07-12T17:16:31.810008abusebot-5.cloudsearch.cf sshd[29847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.hostingbytg.com 2020-07-12T17:16:31.804856abusebot-5.cloudsearch.cf sshd[29847]: Invalid user uucp from 138.197.21.218 port 54742 2020-07-12T17:16:33.729762abusebot-5.cloudsearch.cf sshd[29847]: Failed password for invalid user uucp from 138.197.21.218 port 54742 ssh2 2020-07-12T17:21:03.275434abusebot-5.cloudsearch.cf sshd[29855]: Invalid user france from 138.197.21.218 port 39324 2020-07-12T17:21:03.280858abusebot-5.cloudsearch.cf sshd[29855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.hostingbytg.com 2020-07-12T17:21:03.275434abusebot-5.cloudsearch.cf sshd[29855]: Invalid user france from 138.197.21.218 port 39324 2020-07-12T17:21:05.207261abusebot-5.cloudsearch.cf ssh ...	2020-07-13 03:51:39
attackbots	$f2bV_matches	2020-07-09 13:23:08
attackbotsspam	Jul 7 09:56:06 Tower sshd[25751]: Connection from 138.197.21.218 port 39614 on 192.168.10.220 port 22 rdomain "" Jul 7 09:56:07 Tower sshd[25751]: Invalid user frida from 138.197.21.218 port 39614 Jul 7 09:56:07 Tower sshd[25751]: error: Could not get shadow information for NOUSER Jul 7 09:56:07 Tower sshd[25751]: Failed password for invalid user frida from 138.197.21.218 port 39614 ssh2 Jul 7 09:56:07 Tower sshd[25751]: Received disconnect from 138.197.21.218 port 39614:11: Bye Bye [preauth] Jul 7 09:56:07 Tower sshd[25751]: Disconnected from invalid user frida 138.197.21.218 port 39614 [preauth]	2020-07-07 21:58:54
attack	Jul 3 22:34:41 ns381471 sshd[28016]: Failed password for postgres from 138.197.21.218 port 50612 ssh2	2020-07-04 04:58:18
attackbots	Jun 23 09:32:43 *** sshd[24350]: Invalid user beta from 138.197.21.218	2020-06-23 19:30:36
attack	Jun 20 01:02:40 sso sshd[17405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 Jun 20 01:02:42 sso sshd[17405]: Failed password for invalid user syftp from 138.197.21.218 port 41444 ssh2 ...	2020-06-20 08:42:06
attackbotsspam	Jun 17 22:16:08 dignus sshd[27339]: Failed password for invalid user dima from 138.197.21.218 port 47988 ssh2 Jun 17 22:19:09 dignus sshd[27646]: Invalid user oracle from 138.197.21.218 port 47520 Jun 17 22:19:09 dignus sshd[27646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 Jun 17 22:19:11 dignus sshd[27646]: Failed password for invalid user oracle from 138.197.21.218 port 47520 ssh2 Jun 17 22:22:05 dignus sshd[27897]: Invalid user bungee from 138.197.21.218 port 47056 ...	2020-06-18 13:23:13
attackbots	Jun 16 16:39:27 server sshd[29359]: Failed password for invalid user deploy from 138.197.21.218 port 51574 ssh2 Jun 16 16:42:41 server sshd[32215]: Failed password for root from 138.197.21.218 port 51386 ssh2 Jun 16 16:45:49 server sshd[34920]: Failed password for invalid user core from 138.197.21.218 port 51204 ssh2	2020-06-16 22:46:38
attackspam	Port Scan detected from 138.197.21.218 (US/United States/New Jersey/Clifton/ns1.hostingbytg.com). 4 hits in the last 251 seconds	2020-06-15 16:31:39
attackspam	(sshd) Failed SSH login from 138.197.21.218 (US/United States/ns1.hostingbytg.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 10 08:32:54 amsweb01 sshd[31686]: Invalid user tb5 from 138.197.21.218 port 44916 Jun 10 08:32:56 amsweb01 sshd[31686]: Failed password for invalid user tb5 from 138.197.21.218 port 44916 ssh2 Jun 10 08:46:22 amsweb01 sshd[1391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 user=root Jun 10 08:46:25 amsweb01 sshd[1391]: Failed password for root from 138.197.21.218 port 40634 ssh2 Jun 10 08:49:33 amsweb01 sshd[1841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 user=root	2020-06-10 16:09:01
attackbotsspam	Invalid user vmz from 138.197.21.218 port 53358	2020-05-24 13:00:51
attack	$f2bV_matches	2020-05-20 01:50:37
attackbotsspam	Invalid user deploy from 138.197.21.218 port 34252	2020-05-16 19:05:15
attack	Brute force attempt	2020-05-10 14:47:14
attackspambots	Invalid user admin from 138.197.21.218 port 37946	2020-04-30 15:24:11
attack	2020-04-28T12:14:51.736473abusebot-8.cloudsearch.cf sshd[3437]: Invalid user aiken from 138.197.21.218 port 48178 2020-04-28T12:14:51.745697abusebot-8.cloudsearch.cf sshd[3437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.hostingbytg.com 2020-04-28T12:14:51.736473abusebot-8.cloudsearch.cf sshd[3437]: Invalid user aiken from 138.197.21.218 port 48178 2020-04-28T12:14:53.711938abusebot-8.cloudsearch.cf sshd[3437]: Failed password for invalid user aiken from 138.197.21.218 port 48178 ssh2 2020-04-28T12:20:45.393788abusebot-8.cloudsearch.cf sshd[3778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.hostingbytg.com user=root 2020-04-28T12:20:47.625617abusebot-8.cloudsearch.cf sshd[3778]: Failed password for root from 138.197.21.218 port 52590 ssh2 2020-04-28T12:23:00.550716abusebot-8.cloudsearch.cf sshd[4042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=n ...	2020-04-28 21:45:17
attack	Apr 23 15:41:48 ourumov-web sshd\[25846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 user=root Apr 23 15:41:49 ourumov-web sshd\[25846\]: Failed password for root from 138.197.21.218 port 36100 ssh2 Apr 23 15:48:15 ourumov-web sshd\[26309\]: Invalid user techuser from 138.197.21.218 port 55286 ...	2020-04-23 23:13:48
attackspambots	(sshd) Failed SSH login from 138.197.21.218 (US/United States/ns1.hostingbytg.com): 5 in the last 3600 secs	2020-04-19 20:22:31
attackspam	Apr 16 08:05:17 pornomens sshd\[5072\]: Invalid user ubuntu from 138.197.21.218 port 45902 Apr 16 08:05:17 pornomens sshd\[5072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 Apr 16 08:05:19 pornomens sshd\[5072\]: Failed password for invalid user ubuntu from 138.197.21.218 port 45902 ssh2 ...	2020-04-16 17:02:28
attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-04-13 12:36:02
attackspam	2020-04-10T08:08:13.825000sorsha.thespaminator.com sshd[6973]: Invalid user user from 138.197.21.218 port 40922 2020-04-10T08:08:16.101899sorsha.thespaminator.com sshd[6973]: Failed password for invalid user user from 138.197.21.218 port 40922 ssh2 ...	2020-04-11 00:10:17
attackspambots	SSH Brute-Force attacks	2020-04-07 18:21:58
attackspambots	2020-04-03T10:16:25.106488abusebot-8.cloudsearch.cf sshd[6149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.hostingbytg.com user=root 2020-04-03T10:16:26.833062abusebot-8.cloudsearch.cf sshd[6149]: Failed password for root from 138.197.21.218 port 51648 ssh2 2020-04-03T10:20:06.791157abusebot-8.cloudsearch.cf sshd[6339]: Invalid user user12 from 138.197.21.218 port 36478 2020-04-03T10:20:06.801197abusebot-8.cloudsearch.cf sshd[6339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns1.hostingbytg.com 2020-04-03T10:20:06.791157abusebot-8.cloudsearch.cf sshd[6339]: Invalid user user12 from 138.197.21.218 port 36478 2020-04-03T10:20:08.531158abusebot-8.cloudsearch.cf sshd[6339]: Failed password for invalid user user12 from 138.197.21.218 port 36478 ssh2 2020-04-03T10:23:45.630021abusebot-8.cloudsearch.cf sshd[6533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos ...	2020-04-03 19:01:01
attack	<6 unauthorized SSH connections	2020-04-01 15:25:26
attack	Mar 30 07:13:14 server1 sshd\[25901\]: Invalid user nisuser1 from 138.197.21.218 Mar 30 07:13:14 server1 sshd\[25901\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 Mar 30 07:13:16 server1 sshd\[25901\]: Failed password for invalid user nisuser1 from 138.197.21.218 port 42534 ssh2 Mar 30 07:18:24 server1 sshd\[27356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.21.218 user=root Mar 30 07:18:26 server1 sshd\[27356\]: Failed password for root from 138.197.21.218 port 54358 ssh2 ...	2020-03-30 21:41:28

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.217.210	spamattack	PHISHING ATTACK 138.197.217.210Richard Wilcox - richardwilcoo@gmail.com - How Are You?, 19 May 2021 08:11:52 NetRange: 138.197.0.0 - 138.197.255.255 NetName: DIGITALOCEAN-138-197-0-0	2021-05-20 05:08:38
138.197.213.160	attack	138.197.213.160 - - [13/Oct/2020:23:18:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2386 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.213.160 - - [13/Oct/2020:23:18:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2319 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.213.160 - - [13/Oct/2020:23:18:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-14 07:06:35
138.197.216.162	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-12 02:05:57
138.197.216.162	attack	Oct 11 06:58:59 ajax sshd[29351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.216.162 Oct 11 06:59:02 ajax sshd[29351]: Failed password for invalid user vnc from 138.197.216.162 port 55872 ssh2	2020-10-11 17:55:01
138.197.213.241	attackspambots	$f2bV_matches	2020-10-05 02:35:36
138.197.216.135	attackspam	(sshd) Failed SSH login from 138.197.216.135 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 4 11:16:42 optimus sshd[23211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.216.135 user=root Oct 4 11:16:43 optimus sshd[23211]: Failed password for root from 138.197.216.135 port 45342 ssh2 Oct 4 11:20:31 optimus sshd[24282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.216.135 user=root Oct 4 11:20:33 optimus sshd[24282]: Failed password for root from 138.197.216.135 port 51740 ssh2 Oct 4 11:24:11 optimus sshd[25688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.216.135 user=root	2020-10-05 02:01:14
138.197.213.241	attackspam	Invalid user mikael from 138.197.213.241 port 49748	2020-10-04 18:18:38
138.197.216.135	attackspam	Oct 4 09:29:05 onepixel sshd[490332]: Failed password for root from 138.197.216.135 port 40108 ssh2 Oct 4 09:31:02 onepixel sshd[490629]: Invalid user saurabh from 138.197.216.135 port 46082 Oct 4 09:31:02 onepixel sshd[490629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.216.135 Oct 4 09:31:02 onepixel sshd[490629]: Invalid user saurabh from 138.197.216.135 port 46082 Oct 4 09:31:04 onepixel sshd[490629]: Failed password for invalid user saurabh from 138.197.216.135 port 46082 ssh2	2020-10-04 17:44:02
138.197.216.162	attackspam	Invalid user zabbix from 138.197.216.162 port 33422	2020-09-30 06:53:52
138.197.216.162	attackspam	Sep 29 20:28:50 dhoomketu sshd[3455985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.216.162 Sep 29 20:28:50 dhoomketu sshd[3455985]: Invalid user informix from 138.197.216.162 port 50836 Sep 29 20:28:52 dhoomketu sshd[3455985]: Failed password for invalid user informix from 138.197.216.162 port 50836 ssh2 Sep 29 20:30:21 dhoomketu sshd[3456001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.216.162 user=root Sep 29 20:30:22 dhoomketu sshd[3456001]: Failed password for root from 138.197.216.162 port 37730 ssh2 ...	2020-09-29 23:10:54
138.197.216.162	attackbotsspam	Sep 29 03:46:30 hell sshd[5598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.216.162 Sep 29 03:46:32 hell sshd[5598]: Failed password for invalid user solaris from 138.197.216.162 port 34338 ssh2 ...	2020-09-29 15:29:44
138.197.214.200	attackbots	[MK-VM5] Blocked by UFW	2020-09-28 07:37:51
138.197.214.200	attackbotsspam	[MK-VM5] Blocked by UFW	2020-09-28 00:09:42
138.197.214.200	attackspambots	[MK-VM5] Blocked by UFW	2020-09-27 16:11:15
138.197.217.164	attackbotsspam	Sep 26 01:04:37 * sshd[30361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.217.164 Sep 26 01:04:39 * sshd[30361]: Failed password for invalid user Guest from 138.197.217.164 port 47290 ssh2	2020-09-26 07:10:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.21.218
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11959
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.21.218.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080301 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 04 08:44:58 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

218.21.197.138.in-addr.arpa domain name pointer ns1.hostingbytg.com.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
218.21.197.138.in-addr.arpa	name = ns1.hostingbytg.com.

Authoritative answers can be found from:

IP	类型	评论内容	时间
176.9.137.17	attack	MegaIndex.ru/2.0	2019-07-02 09:56:30
178.128.107.61	attack	2019-07-02T00:42:03.395869abusebot-8.cloudsearch.cf sshd\[5288\]: Invalid user Robert from 178.128.107.61 port 34022	2019-07-02 10:04:37
192.141.236.140	attack	Lines containing failures of 192.141.236.140 Jul 2 00:46:44 shared11 sshd[15895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.141.236.140 user=r.r Jul 2 00:46:45 shared11 sshd[15895]: Failed password for r.r from 192.141.236.140 port 2223 ssh2 Jul 2 00:46:48 shared11 sshd[15895]: Failed password for r.r from 192.141.236.140 port 2223 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.141.236.140	2019-07-02 10:18:53
167.71.176.96	attack	2019-07-02T01:03:51.252744abusebot-6.cloudsearch.cf sshd\[20468\]: Invalid user 1234 from 167.71.176.96 port 47258	2019-07-02 10:09:38
138.97.246.68	attackbotsspam	Try access to SMTP/POP/IMAP server.	2019-07-02 10:12:38
187.167.68.31	attack	Unauthorized connection attempt from IP address 187.167.68.31 on Port 445(SMB)	2019-07-02 10:39:43
165.22.81.168	attackspam	SSHScan	2019-07-02 10:37:23
24.153.201.28	attackbotsspam	Unauthorized connection attempt from IP address 24.153.201.28 on Port 445(SMB)	2019-07-02 10:24:26
140.143.4.188	attack	Jul 2 04:17:55 rpi sshd[12905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.4.188 Jul 2 04:17:58 rpi sshd[12905]: Failed password for invalid user demo from 140.143.4.188 port 56846 ssh2	2019-07-02 10:21:05
46.101.49.156	attack	Jul 1 23:04:42 MK-Soft-VM6 sshd\[20826\]: Invalid user joeflores from 46.101.49.156 port 51640 Jul 1 23:04:42 MK-Soft-VM6 sshd\[20826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.49.156 Jul 1 23:04:44 MK-Soft-VM6 sshd\[20826\]: Failed password for invalid user joeflores from 46.101.49.156 port 51640 ssh2 ...	2019-07-02 10:26:22
67.250.162.22	attackbotsspam	$f2bV_matches	2019-07-02 10:16:06
218.219.246.124	attackbots	Jul 2 02:49:36 mail sshd\[2701\]: Invalid user louise from 218.219.246.124 port 36100 Jul 2 02:49:36 mail sshd\[2701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.219.246.124 ...	2019-07-02 10:04:20
94.60.46.194	attackspam	Trying to deliver email spam, but blocked by RBL	2019-07-02 10:38:06
92.222.84.34	attackspam	2019-07-02T01:05:19.8898771240 sshd\[3206\]: Invalid user admin from 92.222.84.34 port 59776 2019-07-02T01:05:19.8953381240 sshd\[3206\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.84.34 2019-07-02T01:05:22.0656231240 sshd\[3206\]: Failed password for invalid user admin from 92.222.84.34 port 59776 ssh2 ...	2019-07-02 10:06:03
42.153.140.220	attackbotsspam	Hit on /wp-login.php	2019-07-02 10:14:52

最近上报的IP列表

139.81.135.66	99.233.245.22	82.117.191.2	107.159.171.46
77.42.117.174	66.249.64.208	46.148.120.206	46.101.54.199
68.183.167.60	42.87.163.65	108.170.108.155	139.155.143.195
194.254.124.58	218.21.218.10	233.123.229.130	191.15.255.138
170.144.248.148	77.31.26.228	3.15.111.205	21.236.115.202