138.197.221.114

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2020-07-04 04:47:46
attackspambots	May 7 16:14:20 haigwepa sshd[4299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 May 7 16:14:22 haigwepa sshd[4299]: Failed password for invalid user uat from 138.197.221.114 port 52882 ssh2 ...	2020-05-08 01:14:27
attack	May 3 06:25:22 localhost sshd\[1581\]: Invalid user dwj from 138.197.221.114 May 3 06:25:22 localhost sshd\[1581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 May 3 06:25:24 localhost sshd\[1581\]: Failed password for invalid user dwj from 138.197.221.114 port 42304 ssh2 May 3 06:28:52 localhost sshd\[2167\]: Invalid user pedro from 138.197.221.114 May 3 06:28:52 localhost sshd\[2167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2020-05-03 12:53:58
attack	(sshd) Failed SSH login from 138.197.221.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 26 18:34:29 srv sshd[18043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Apr 26 18:34:31 srv sshd[18043]: Failed password for root from 138.197.221.114 port 36902 ssh2 Apr 26 18:39:09 srv sshd[18137]: Invalid user sshuser from 138.197.221.114 port 34832 Apr 26 18:39:11 srv sshd[18137]: Failed password for invalid user sshuser from 138.197.221.114 port 34832 ssh2 Apr 26 18:43:00 srv sshd[18195]: Invalid user els from 138.197.221.114 port 59194	2020-04-27 02:13:59
attackspambots	SSH auth scanning - multiple failed logins	2020-04-25 02:59:05
attackbotsspam	Apr 23 20:37:23 ourumov-web sshd\[12672\]: Invalid user ubuntu from 138.197.221.114 port 43688 Apr 23 20:37:23 ourumov-web sshd\[12672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Apr 23 20:37:24 ourumov-web sshd\[12672\]: Failed password for invalid user ubuntu from 138.197.221.114 port 43688 ssh2 ...	2020-04-24 03:21:57
attackspam	Apr 16 15:12:46 ns3164893 sshd[11576]: Failed password for root from 138.197.221.114 port 44450 ssh2 Apr 16 15:28:01 ns3164893 sshd[11787]: Invalid user admin from 138.197.221.114 port 41254 ...	2020-04-16 21:54:58
attackbotsspam	2020-04-09T12:27:07.848590shield sshd\[19411\]: Invalid user work from 138.197.221.114 port 49258 2020-04-09T12:27:07.852107shield sshd\[19411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2020-04-09T12:27:09.433581shield sshd\[19411\]: Failed password for invalid user work from 138.197.221.114 port 49258 ssh2 2020-04-09T12:31:58.959651shield sshd\[19967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root 2020-04-09T12:32:01.489662shield sshd\[19967\]: Failed password for root from 138.197.221.114 port 58546 ssh2	2020-04-09 20:32:56
attackspambots	IP blocked	2020-04-01 20:17:36
attackspambots	SSH Invalid Login	2020-03-27 08:03:56
attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-03-19 07:45:41
attackspambots	Mar 17 07:08:07 php1 sshd\[32035\]: Invalid user dasusrl from 138.197.221.114 Mar 17 07:08:07 php1 sshd\[32035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Mar 17 07:08:09 php1 sshd\[32035\]: Failed password for invalid user dasusrl from 138.197.221.114 port 37862 ssh2 Mar 17 07:08:37 php1 sshd\[32062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Mar 17 07:08:39 php1 sshd\[32062\]: Failed password for root from 138.197.221.114 port 43522 ssh2	2020-03-18 01:28:56
attackbots	Mar 7 12:20:34 hpm sshd\[24814\]: Invalid user bs from 138.197.221.114 Mar 7 12:20:34 hpm sshd\[24814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Mar 7 12:20:35 hpm sshd\[24814\]: Failed password for invalid user bs from 138.197.221.114 port 59304 ssh2 Mar 7 12:25:59 hpm sshd\[25217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Mar 7 12:26:01 hpm sshd\[25217\]: Failed password for root from 138.197.221.114 port 49840 ssh2	2020-03-08 06:35:15
attack	suspicious action Mon, 24 Feb 2020 01:48:41 -0300	2020-02-24 18:05:27
attackbotsspam	Feb 12 09:35:31 silence02 sshd[18040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Feb 12 09:35:34 silence02 sshd[18040]: Failed password for invalid user p@ssw0rd from 138.197.221.114 port 51610 ssh2 Feb 12 09:38:41 silence02 sshd[18277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2020-02-12 16:52:10
attack	Feb 12 00:11:12 legacy sshd[10327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Feb 12 00:11:14 legacy sshd[10327]: Failed password for invalid user annice from 138.197.221.114 port 54208 ssh2 Feb 12 00:14:21 legacy sshd[10583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2020-02-12 07:25:20
attackbotsspam	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-28 07:45:18
attackspambots	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-15 18:34:30
attack	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-07 15:05:06
attackspam	(sshd) Failed SSH login from 138.197.221.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 3 18:27:46 blur sshd[13971]: Invalid user user4 from 138.197.221.114 port 49608 Jan 3 18:27:48 blur sshd[13971]: Failed password for invalid user user4 from 138.197.221.114 port 49608 ssh2 Jan 3 18:45:54 blur sshd[17141]: Invalid user xoy from 138.197.221.114 port 42808 Jan 3 18:45:56 blur sshd[17141]: Failed password for invalid user xoy from 138.197.221.114 port 42808 ssh2 Jan 3 18:48:58 blur sshd[17621]: Invalid user fubonbank from 138.197.221.114 port 44910	2020-01-04 03:46:12
attackspam	Triggered by Fail2Ban at Vostok web server	2019-12-30 18:00:24
attackbots	2019-12-25T23:20:02.214895shield sshd\[21257\]: Invalid user squid from 138.197.221.114 port 38384 2019-12-25T23:20:02.217918shield sshd\[21257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2019-12-25T23:20:04.364547shield sshd\[21257\]: Failed password for invalid user squid from 138.197.221.114 port 38384 ssh2 2019-12-25T23:22:25.855142shield sshd\[21659\]: Invalid user 1234567890 from 138.197.221.114 port 60102 2019-12-25T23:22:25.860414shield sshd\[21659\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2019-12-26 07:35:34
attack	leo_www	2019-12-20 18:27:38
attackbotsspam	Dec 18 19:32:50 gw1 sshd[28608]: Failed password for nobody from 138.197.221.114 port 53660 ssh2 ...	2019-12-18 22:40:04
attackbotsspam	Dec 2 14:57:49 lnxweb62 sshd[17936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Dec 2 14:57:49 lnxweb62 sshd[17936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2019-12-03 01:00:11
attackspambots	2019-11-30T08:57:01.273097shield sshd\[11908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root 2019-11-30T08:57:03.410640shield sshd\[11908\]: Failed password for root from 138.197.221.114 port 41090 ssh2 2019-11-30T09:01:27.220833shield sshd\[12622\]: Invalid user ichim from 138.197.221.114 port 47828 2019-11-30T09:01:27.225332shield sshd\[12622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2019-11-30T09:01:29.879686shield sshd\[12622\]: Failed password for invalid user ichim from 138.197.221.114 port 47828 ssh2	2019-11-30 17:14:59
attack	until 2019-11-27T00:54:52+00:00, observations: 3, bad account names: 1	2019-11-27 21:44:50
attack	Nov 26 13:52:33 vps46666688 sshd[9908]: Failed password for mysql from 138.197.221.114 port 34290 ssh2 Nov 26 13:59:04 vps46666688 sshd[9963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2019-11-27 01:44:50
attack	Nov 17 14:03:57 ncomp sshd[1956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Nov 17 14:03:59 ncomp sshd[1956]: Failed password for root from 138.197.221.114 port 51544 ssh2 Nov 17 14:11:41 ncomp sshd[2152]: Invalid user dirk from 138.197.221.114	2019-11-17 20:24:02
attackbots	k+ssh-bruteforce	2019-11-16 03:10:22

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.221.208	attackbotsspam	$f2bV_matches	2020-02-19 23:37:00
138.197.221.98	attackspambots	Nov 25 12:45:38 MK-Soft-VM7 sshd[698]: Failed password for root from 138.197.221.98 port 42022 ssh2 ...	2019-11-25 22:19:13

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.221.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57762
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.221.114.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 22:27:45 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 114.221.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 114.221.197.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.60.137.2	attackspambots	Nov 4 13:37:45 mercury wordpress(www.learnargentinianspanish.com)[7376]: XML-RPC authentication attempt for unknown user silvina from 103.60.137.2 ...	2020-03-04 00:00:40
178.33.104.129	attackspam	Automatic report - SSH Brute-Force Attack	2020-03-03 23:28:10
70.17.10.231	attackbotsspam	Mar 3 10:45:55 ws22vmsma01 sshd[82910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.17.10.231 Mar 3 10:45:57 ws22vmsma01 sshd[82910]: Failed password for invalid user cpanelrrdtool from 70.17.10.231 port 59980 ssh2 ...	2020-03-03 23:36:00
103.235.0.156	attack	2020-01-15T08:17:28.723Z CLOSE host=103.235.0.156 port=59752 fd=4 time=960.801 bytes=1693 ...	2020-03-03 23:51:52
103.73.225.182	attackspam	Dec 17 13:14:00 mercury wordpress(www.learnargentinianspanish.com)[8452]: XML-RPC authentication attempt for unknown user silvina from 103.73.225.182 ...	2020-03-03 23:58:42
62.89.15.210	attackspam	Email rejected due to spam filtering	2020-03-03 23:29:54
151.80.173.36	attackbotsspam	Mar 3 16:44:57 MK-Soft-VM4 sshd[23603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.173.36 Mar 3 16:44:58 MK-Soft-VM4 sshd[23603]: Failed password for invalid user uno85 from 151.80.173.36 port 47996 ssh2 ...	2020-03-03 23:54:25
178.93.9.178	attack	Dec 5 09:44:22 mercury auth[12599]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=josh@learnargentinianspanish.com rhost=178.93.9.178 ...	2020-03-03 23:42:28
178.22.145.234	attack	Mar 3 15:26:55 MK-Soft-Root1 sshd[18542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.22.145.234 Mar 3 15:26:57 MK-Soft-Root1 sshd[18542]: Failed password for invalid user mailman from 178.22.145.234 port 47202 ssh2 ...	2020-03-03 23:21:22
47.216.40.109	spamproxynormal	This IP address has been trying to hack me PlayStation as well as my epic games account for the last few months, I put a code on my epic games account and received notice that this IP address was attempting to log into my account	2020-03-03 23:43:35
181.49.150.45	attackspam	Mar 3 14:24:07 [snip] sshd[5175]: Invalid user liuzezhang from 181.49.150.45 port 41964 Mar 3 14:24:07 [snip] sshd[5175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.150.45 Mar 3 14:24:09 [snip] sshd[5175]: Failed password for invalid user liuzezhang from 181.49.150.45 port 41964 ssh2[...]	2020-03-03 23:59:51
81.246.218.220	attackspambots	Mar 3 14:24:14 localhost sshd\[10526\]: Invalid user pi from 81.246.218.220 Mar 3 14:24:14 localhost sshd\[10524\]: Invalid user pi from 81.246.218.220 Mar 3 14:24:14 localhost sshd\[10526\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.246.218.220 Mar 3 14:24:14 localhost sshd\[10524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.246.218.220 Mar 3 14:24:16 localhost sshd\[10526\]: Failed password for invalid user pi from 81.246.218.220 port 43076 ssh2 ...	2020-03-03 23:43:56
154.9.161.49	attack	LAMP,DEF GET http://meyer-pants.com/magmi/web/magmi.php	2020-03-03 23:44:46
106.107.133.161	attack	Dec 8 11:44:13 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:0d:8f:41:08:00 SRC=106.107.133.161 DST=109.74.200.221 LEN=32 TOS=0x00 PREC=0x00 TTL=43 ID=0 DF PROTO=UDP SPT=123 DPT=123 LEN=12 ...	2020-03-03 23:53:06
103.41.147.138	attackspambots	Jan 19 00:12:31 mercury wordpress(www.learnargentinianspanish.com)[25117]: XML-RPC authentication failure for luke from 103.41.147.138 ...	2020-03-03 23:50:18

最近上报的IP列表

140.143.32.113	121.190.197.205	111.230.64.83	108.59.252.85
107.170.231.42	104.131.167.107	103.120.178.95	98.206.161.171
96.76.166.105	94.247.177.171	91.219.253.183	85.214.17.133
84.13.54.169	83.136.86.224	54.36.163.3	46.101.235.214
37.235.1.109	36.103.242.14	218.103.112.98	218.58.70.250