138.197.221.114

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2020-07-04 04:47:46
attackspambots	May 7 16:14:20 haigwepa sshd[4299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 May 7 16:14:22 haigwepa sshd[4299]: Failed password for invalid user uat from 138.197.221.114 port 52882 ssh2 ...	2020-05-08 01:14:27
attack	May 3 06:25:22 localhost sshd\[1581\]: Invalid user dwj from 138.197.221.114 May 3 06:25:22 localhost sshd\[1581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 May 3 06:25:24 localhost sshd\[1581\]: Failed password for invalid user dwj from 138.197.221.114 port 42304 ssh2 May 3 06:28:52 localhost sshd\[2167\]: Invalid user pedro from 138.197.221.114 May 3 06:28:52 localhost sshd\[2167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2020-05-03 12:53:58
attack	(sshd) Failed SSH login from 138.197.221.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 26 18:34:29 srv sshd[18043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Apr 26 18:34:31 srv sshd[18043]: Failed password for root from 138.197.221.114 port 36902 ssh2 Apr 26 18:39:09 srv sshd[18137]: Invalid user sshuser from 138.197.221.114 port 34832 Apr 26 18:39:11 srv sshd[18137]: Failed password for invalid user sshuser from 138.197.221.114 port 34832 ssh2 Apr 26 18:43:00 srv sshd[18195]: Invalid user els from 138.197.221.114 port 59194	2020-04-27 02:13:59
attackspambots	SSH auth scanning - multiple failed logins	2020-04-25 02:59:05
attackbotsspam	Apr 23 20:37:23 ourumov-web sshd\[12672\]: Invalid user ubuntu from 138.197.221.114 port 43688 Apr 23 20:37:23 ourumov-web sshd\[12672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Apr 23 20:37:24 ourumov-web sshd\[12672\]: Failed password for invalid user ubuntu from 138.197.221.114 port 43688 ssh2 ...	2020-04-24 03:21:57
attackspam	Apr 16 15:12:46 ns3164893 sshd[11576]: Failed password for root from 138.197.221.114 port 44450 ssh2 Apr 16 15:28:01 ns3164893 sshd[11787]: Invalid user admin from 138.197.221.114 port 41254 ...	2020-04-16 21:54:58
attackbotsspam	2020-04-09T12:27:07.848590shield sshd\[19411\]: Invalid user work from 138.197.221.114 port 49258 2020-04-09T12:27:07.852107shield sshd\[19411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2020-04-09T12:27:09.433581shield sshd\[19411\]: Failed password for invalid user work from 138.197.221.114 port 49258 ssh2 2020-04-09T12:31:58.959651shield sshd\[19967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root 2020-04-09T12:32:01.489662shield sshd\[19967\]: Failed password for root from 138.197.221.114 port 58546 ssh2	2020-04-09 20:32:56
attackspambots	IP blocked	2020-04-01 20:17:36
attackspambots	SSH Invalid Login	2020-03-27 08:03:56
attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-03-19 07:45:41
attackspambots	Mar 17 07:08:07 php1 sshd\[32035\]: Invalid user dasusrl from 138.197.221.114 Mar 17 07:08:07 php1 sshd\[32035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Mar 17 07:08:09 php1 sshd\[32035\]: Failed password for invalid user dasusrl from 138.197.221.114 port 37862 ssh2 Mar 17 07:08:37 php1 sshd\[32062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Mar 17 07:08:39 php1 sshd\[32062\]: Failed password for root from 138.197.221.114 port 43522 ssh2	2020-03-18 01:28:56
attackbots	Mar 7 12:20:34 hpm sshd\[24814\]: Invalid user bs from 138.197.221.114 Mar 7 12:20:34 hpm sshd\[24814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Mar 7 12:20:35 hpm sshd\[24814\]: Failed password for invalid user bs from 138.197.221.114 port 59304 ssh2 Mar 7 12:25:59 hpm sshd\[25217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Mar 7 12:26:01 hpm sshd\[25217\]: Failed password for root from 138.197.221.114 port 49840 ssh2	2020-03-08 06:35:15
attack	suspicious action Mon, 24 Feb 2020 01:48:41 -0300	2020-02-24 18:05:27
attackbotsspam	Feb 12 09:35:31 silence02 sshd[18040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Feb 12 09:35:34 silence02 sshd[18040]: Failed password for invalid user p@ssw0rd from 138.197.221.114 port 51610 ssh2 Feb 12 09:38:41 silence02 sshd[18277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2020-02-12 16:52:10
attack	Feb 12 00:11:12 legacy sshd[10327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Feb 12 00:11:14 legacy sshd[10327]: Failed password for invalid user annice from 138.197.221.114 port 54208 ssh2 Feb 12 00:14:21 legacy sshd[10583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2020-02-12 07:25:20
attackbotsspam	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-28 07:45:18
attackspambots	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-15 18:34:30
attack	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-07 15:05:06
attackspam	(sshd) Failed SSH login from 138.197.221.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 3 18:27:46 blur sshd[13971]: Invalid user user4 from 138.197.221.114 port 49608 Jan 3 18:27:48 blur sshd[13971]: Failed password for invalid user user4 from 138.197.221.114 port 49608 ssh2 Jan 3 18:45:54 blur sshd[17141]: Invalid user xoy from 138.197.221.114 port 42808 Jan 3 18:45:56 blur sshd[17141]: Failed password for invalid user xoy from 138.197.221.114 port 42808 ssh2 Jan 3 18:48:58 blur sshd[17621]: Invalid user fubonbank from 138.197.221.114 port 44910	2020-01-04 03:46:12
attackspam	Triggered by Fail2Ban at Vostok web server	2019-12-30 18:00:24
attackbots	2019-12-25T23:20:02.214895shield sshd\[21257\]: Invalid user squid from 138.197.221.114 port 38384 2019-12-25T23:20:02.217918shield sshd\[21257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2019-12-25T23:20:04.364547shield sshd\[21257\]: Failed password for invalid user squid from 138.197.221.114 port 38384 ssh2 2019-12-25T23:22:25.855142shield sshd\[21659\]: Invalid user 1234567890 from 138.197.221.114 port 60102 2019-12-25T23:22:25.860414shield sshd\[21659\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2019-12-26 07:35:34
attack	leo_www	2019-12-20 18:27:38
attackbotsspam	Dec 18 19:32:50 gw1 sshd[28608]: Failed password for nobody from 138.197.221.114 port 53660 ssh2 ...	2019-12-18 22:40:04
attackbotsspam	Dec 2 14:57:49 lnxweb62 sshd[17936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Dec 2 14:57:49 lnxweb62 sshd[17936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2019-12-03 01:00:11
attackspambots	2019-11-30T08:57:01.273097shield sshd\[11908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root 2019-11-30T08:57:03.410640shield sshd\[11908\]: Failed password for root from 138.197.221.114 port 41090 ssh2 2019-11-30T09:01:27.220833shield sshd\[12622\]: Invalid user ichim from 138.197.221.114 port 47828 2019-11-30T09:01:27.225332shield sshd\[12622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2019-11-30T09:01:29.879686shield sshd\[12622\]: Failed password for invalid user ichim from 138.197.221.114 port 47828 ssh2	2019-11-30 17:14:59
attack	until 2019-11-27T00:54:52+00:00, observations: 3, bad account names: 1	2019-11-27 21:44:50
attack	Nov 26 13:52:33 vps46666688 sshd[9908]: Failed password for mysql from 138.197.221.114 port 34290 ssh2 Nov 26 13:59:04 vps46666688 sshd[9963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2019-11-27 01:44:50
attack	Nov 17 14:03:57 ncomp sshd[1956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Nov 17 14:03:59 ncomp sshd[1956]: Failed password for root from 138.197.221.114 port 51544 ssh2 Nov 17 14:11:41 ncomp sshd[2152]: Invalid user dirk from 138.197.221.114	2019-11-17 20:24:02
attackbots	k+ssh-bruteforce	2019-11-16 03:10:22

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.221.208	attackbotsspam	$f2bV_matches	2020-02-19 23:37:00
138.197.221.98	attackspambots	Nov 25 12:45:38 MK-Soft-VM7 sshd[698]: Failed password for root from 138.197.221.98 port 42022 ssh2 ...	2019-11-25 22:19:13

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.221.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57762
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.221.114.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 22:27:45 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 114.221.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 114.221.197.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
14.44.100.44	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-31 20:42:37
111.10.24.147	attack	Mar 31 12:28:40 sshd\[25169\]: Invalid user wisonadmin from 111.10.24.147Mar 31 12:28:41 sshd\[25169\]: Failed password for invalid user wisonadmin from 111.10.24.147 port 20663 ssh2 ...	2020-03-31 20:38:12
196.75.183.3	attackspam	SSH login attempts.	2020-03-31 20:44:32
198.38.94.126	attackspam	Repeated RDP login failures. Last user: Intern	2020-03-31 20:13:36
106.12.134.168	attackspam	SSH login attempts.	2020-03-31 20:41:38
177.69.19.96	attackspam	23/tcp [2020-03-31]1pkt	2020-03-31 20:41:25
206.123.88.89	attackbotsspam	port	2020-03-31 20:29:17
180.76.54.123	attack	SSH login attempts.	2020-03-31 20:43:00
92.63.194.104	attackspam	Mar 31 01:51:33 web9 sshd\[26079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.104 user=root Mar 31 01:51:34 web9 sshd\[26079\]: Failed password for root from 92.63.194.104 port 39411 ssh2 Mar 31 01:51:51 web9 sshd\[26127\]: Invalid user guest from 92.63.194.104 Mar 31 01:51:51 web9 sshd\[26127\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.104 Mar 31 01:51:53 web9 sshd\[26127\]: Failed password for invalid user guest from 92.63.194.104 port 33597 ssh2	2020-03-31 20:08:24
91.210.8.7	attack	Mar 30 17:44:30 zimbra sshd[20963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.210.8.7 user=r.r Mar 30 17:44:32 zimbra sshd[20963]: Failed password for r.r from 91.210.8.7 port 46569 ssh2 Mar 30 17:44:32 zimbra sshd[20963]: Received disconnect from 91.210.8.7 port 46569:11: Bye Bye [preauth] Mar 30 17:44:32 zimbra sshd[20963]: Disconnected from 91.210.8.7 port 46569 [preauth] Mar 30 17:51:48 zimbra sshd[26139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.210.8.7 user=r.r Mar 30 17:51:51 zimbra sshd[26139]: Failed password for r.r from 91.210.8.7 port 58792 ssh2 Mar 30 17:51:51 zimbra sshd[26139]: Received disconnect from 91.210.8.7 port 58792:11: Bye Bye [preauth] Mar 30 17:51:51 zimbra sshd[26139]: Disconnected from 91.210.8.7 port 58792 [preauth] Mar 30 17:53:34 zimbra sshd[27773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.2........ -------------------------------	2020-03-31 20:16:52
94.176.189.11	attack	SpamScore above: 10.0	2020-03-31 20:11:42
51.15.41.165	attackbots	2020-03-31T11:17:22.425191dmca.cloudsearch.cf sshd[32765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.41.165 user=root 2020-03-31T11:17:24.875425dmca.cloudsearch.cf sshd[32765]: Failed password for root from 51.15.41.165 port 36996 ssh2 2020-03-31T11:21:08.788272dmca.cloudsearch.cf sshd[554]: Invalid user mq from 51.15.41.165 port 49076 2020-03-31T11:21:08.795052dmca.cloudsearch.cf sshd[554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.41.165 2020-03-31T11:21:08.788272dmca.cloudsearch.cf sshd[554]: Invalid user mq from 51.15.41.165 port 49076 2020-03-31T11:21:10.938975dmca.cloudsearch.cf sshd[554]: Failed password for invalid user mq from 51.15.41.165 port 49076 ssh2 2020-03-31T11:25:10.261268dmca.cloudsearch.cf sshd[868]: Invalid user mq from 51.15.41.165 port 32922 ...	2020-03-31 20:20:10
185.220.101.139	attackbotsspam	Mar 31 14:34:56 srv-ubuntu-dev3 sshd[57346]: Invalid user guest from 185.220.101.139 Mar 31 14:34:56 srv-ubuntu-dev3 sshd[57346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.139 Mar 31 14:34:56 srv-ubuntu-dev3 sshd[57346]: Invalid user guest from 185.220.101.139 Mar 31 14:34:58 srv-ubuntu-dev3 sshd[57346]: Failed password for invalid user guest from 185.220.101.139 port 45503 ssh2 Mar 31 14:34:56 srv-ubuntu-dev3 sshd[57346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.139 Mar 31 14:34:56 srv-ubuntu-dev3 sshd[57346]: Invalid user guest from 185.220.101.139 Mar 31 14:34:58 srv-ubuntu-dev3 sshd[57346]: Failed password for invalid user guest from 185.220.101.139 port 45503 ssh2 Mar 31 14:35:00 srv-ubuntu-dev3 sshd[57346]: Failed password for invalid user guest from 185.220.101.139 port 45503 ssh2 Mar 31 14:34:56 srv-ubuntu-dev3 sshd[57346]: pam_unix(sshd:auth): authentication fai ...	2020-03-31 20:44:47
68.183.19.84	attackspam	Mar 31 09:33:34 mail sshd[25154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.19.84 user=root Mar 31 09:33:36 mail sshd[25154]: Failed password for root from 68.183.19.84 port 51908 ssh2 ...	2020-03-31 20:16:28
103.138.41.74	attackspambots	Mar 31 13:02:09 jane sshd[6196]: Failed password for root from 103.138.41.74 port 60499 ssh2 ...	2020-03-31 20:22:56

最近上报的IP列表

140.143.32.113	121.190.197.205	111.230.64.83	108.59.252.85
107.170.231.42	104.131.167.107	103.120.178.95	98.206.161.171
96.76.166.105	94.247.177.171	91.219.253.183	85.214.17.133
84.13.54.169	83.136.86.224	54.36.163.3	46.101.235.214
37.235.1.109	36.103.242.14	218.103.112.98	218.58.70.250