138.197.221.114

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2020-07-04 04:47:46
attackspambots	May 7 16:14:20 haigwepa sshd[4299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 May 7 16:14:22 haigwepa sshd[4299]: Failed password for invalid user uat from 138.197.221.114 port 52882 ssh2 ...	2020-05-08 01:14:27
attack	May 3 06:25:22 localhost sshd\[1581\]: Invalid user dwj from 138.197.221.114 May 3 06:25:22 localhost sshd\[1581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 May 3 06:25:24 localhost sshd\[1581\]: Failed password for invalid user dwj from 138.197.221.114 port 42304 ssh2 May 3 06:28:52 localhost sshd\[2167\]: Invalid user pedro from 138.197.221.114 May 3 06:28:52 localhost sshd\[2167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2020-05-03 12:53:58
attack	(sshd) Failed SSH login from 138.197.221.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 26 18:34:29 srv sshd[18043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Apr 26 18:34:31 srv sshd[18043]: Failed password for root from 138.197.221.114 port 36902 ssh2 Apr 26 18:39:09 srv sshd[18137]: Invalid user sshuser from 138.197.221.114 port 34832 Apr 26 18:39:11 srv sshd[18137]: Failed password for invalid user sshuser from 138.197.221.114 port 34832 ssh2 Apr 26 18:43:00 srv sshd[18195]: Invalid user els from 138.197.221.114 port 59194	2020-04-27 02:13:59
attackspambots	SSH auth scanning - multiple failed logins	2020-04-25 02:59:05
attackbotsspam	Apr 23 20:37:23 ourumov-web sshd\[12672\]: Invalid user ubuntu from 138.197.221.114 port 43688 Apr 23 20:37:23 ourumov-web sshd\[12672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Apr 23 20:37:24 ourumov-web sshd\[12672\]: Failed password for invalid user ubuntu from 138.197.221.114 port 43688 ssh2 ...	2020-04-24 03:21:57
attackspam	Apr 16 15:12:46 ns3164893 sshd[11576]: Failed password for root from 138.197.221.114 port 44450 ssh2 Apr 16 15:28:01 ns3164893 sshd[11787]: Invalid user admin from 138.197.221.114 port 41254 ...	2020-04-16 21:54:58
attackbotsspam	2020-04-09T12:27:07.848590shield sshd\[19411\]: Invalid user work from 138.197.221.114 port 49258 2020-04-09T12:27:07.852107shield sshd\[19411\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2020-04-09T12:27:09.433581shield sshd\[19411\]: Failed password for invalid user work from 138.197.221.114 port 49258 ssh2 2020-04-09T12:31:58.959651shield sshd\[19967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root 2020-04-09T12:32:01.489662shield sshd\[19967\]: Failed password for root from 138.197.221.114 port 58546 ssh2	2020-04-09 20:32:56
attackspambots	IP blocked	2020-04-01 20:17:36
attackspambots	SSH Invalid Login	2020-03-27 08:03:56
attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-03-19 07:45:41
attackspambots	Mar 17 07:08:07 php1 sshd\[32035\]: Invalid user dasusrl from 138.197.221.114 Mar 17 07:08:07 php1 sshd\[32035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Mar 17 07:08:09 php1 sshd\[32035\]: Failed password for invalid user dasusrl from 138.197.221.114 port 37862 ssh2 Mar 17 07:08:37 php1 sshd\[32062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Mar 17 07:08:39 php1 sshd\[32062\]: Failed password for root from 138.197.221.114 port 43522 ssh2	2020-03-18 01:28:56
attackbots	Mar 7 12:20:34 hpm sshd\[24814\]: Invalid user bs from 138.197.221.114 Mar 7 12:20:34 hpm sshd\[24814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Mar 7 12:20:35 hpm sshd\[24814\]: Failed password for invalid user bs from 138.197.221.114 port 59304 ssh2 Mar 7 12:25:59 hpm sshd\[25217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Mar 7 12:26:01 hpm sshd\[25217\]: Failed password for root from 138.197.221.114 port 49840 ssh2	2020-03-08 06:35:15
attack	suspicious action Mon, 24 Feb 2020 01:48:41 -0300	2020-02-24 18:05:27
attackbotsspam	Feb 12 09:35:31 silence02 sshd[18040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Feb 12 09:35:34 silence02 sshd[18040]: Failed password for invalid user p@ssw0rd from 138.197.221.114 port 51610 ssh2 Feb 12 09:38:41 silence02 sshd[18277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2020-02-12 16:52:10
attack	Feb 12 00:11:12 legacy sshd[10327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Feb 12 00:11:14 legacy sshd[10327]: Failed password for invalid user annice from 138.197.221.114 port 54208 ssh2 Feb 12 00:14:21 legacy sshd[10583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2020-02-12 07:25:20
attackbotsspam	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-28 07:45:18
attackspambots	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-15 18:34:30
attack	Unauthorized connection attempt detected from IP address 138.197.221.114 to port 2220 [J]	2020-01-07 15:05:06
attackspam	(sshd) Failed SSH login from 138.197.221.114 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jan 3 18:27:46 blur sshd[13971]: Invalid user user4 from 138.197.221.114 port 49608 Jan 3 18:27:48 blur sshd[13971]: Failed password for invalid user user4 from 138.197.221.114 port 49608 ssh2 Jan 3 18:45:54 blur sshd[17141]: Invalid user xoy from 138.197.221.114 port 42808 Jan 3 18:45:56 blur sshd[17141]: Failed password for invalid user xoy from 138.197.221.114 port 42808 ssh2 Jan 3 18:48:58 blur sshd[17621]: Invalid user fubonbank from 138.197.221.114 port 44910	2020-01-04 03:46:12
attackspam	Triggered by Fail2Ban at Vostok web server	2019-12-30 18:00:24
attackbots	2019-12-25T23:20:02.214895shield sshd\[21257\]: Invalid user squid from 138.197.221.114 port 38384 2019-12-25T23:20:02.217918shield sshd\[21257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2019-12-25T23:20:04.364547shield sshd\[21257\]: Failed password for invalid user squid from 138.197.221.114 port 38384 ssh2 2019-12-25T23:22:25.855142shield sshd\[21659\]: Invalid user 1234567890 from 138.197.221.114 port 60102 2019-12-25T23:22:25.860414shield sshd\[21659\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2019-12-26 07:35:34
attack	leo_www	2019-12-20 18:27:38
attackbotsspam	Dec 18 19:32:50 gw1 sshd[28608]: Failed password for nobody from 138.197.221.114 port 53660 ssh2 ...	2019-12-18 22:40:04
attackbotsspam	Dec 2 14:57:49 lnxweb62 sshd[17936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 Dec 2 14:57:49 lnxweb62 sshd[17936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114	2019-12-03 01:00:11
attackspambots	2019-11-30T08:57:01.273097shield sshd\[11908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root 2019-11-30T08:57:03.410640shield sshd\[11908\]: Failed password for root from 138.197.221.114 port 41090 ssh2 2019-11-30T09:01:27.220833shield sshd\[12622\]: Invalid user ichim from 138.197.221.114 port 47828 2019-11-30T09:01:27.225332shield sshd\[12622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 2019-11-30T09:01:29.879686shield sshd\[12622\]: Failed password for invalid user ichim from 138.197.221.114 port 47828 ssh2	2019-11-30 17:14:59
attack	until 2019-11-27T00:54:52+00:00, observations: 3, bad account names: 1	2019-11-27 21:44:50
attack	Nov 26 13:52:33 vps46666688 sshd[9908]: Failed password for mysql from 138.197.221.114 port 34290 ssh2 Nov 26 13:59:04 vps46666688 sshd[9963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 ...	2019-11-27 01:44:50
attack	Nov 17 14:03:57 ncomp sshd[1956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.221.114 user=root Nov 17 14:03:59 ncomp sshd[1956]: Failed password for root from 138.197.221.114 port 51544 ssh2 Nov 17 14:11:41 ncomp sshd[2152]: Invalid user dirk from 138.197.221.114	2019-11-17 20:24:02
attackbots	k+ssh-bruteforce	2019-11-16 03:10:22

相同子网IP讨论:

IP	类型	评论内容	时间
138.197.221.208	attackbotsspam	$f2bV_matches	2020-02-19 23:37:00
138.197.221.98	attackspambots	Nov 25 12:45:38 MK-Soft-VM7 sshd[698]: Failed password for root from 138.197.221.98 port 42022 ssh2 ...	2019-11-25 22:19:13

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.221.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57762
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.221.114.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 22:27:45 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 114.221.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 114.221.197.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.211.245.170	attackbotsspam	Aug 30 04:38:10 mail postfix/smtpd\[20454\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 30 05:12:31 mail postfix/smtpd\[25160\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 30 05:42:36 mail postfix/smtpd\[25272\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 30 05:42:53 mail postfix/smtpd\[27295\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-08-30 12:02:29
104.236.175.127	attack	SSH Brute Force, server-1 sshd[12993]: Failed password for invalid user flink from 104.236.175.127 port 42458 ssh2	2019-08-30 11:49:05
177.16.117.248	attackbotsspam	Telnet Server BruteForce Attack	2019-08-30 12:30:30
50.62.190.126	attack	WordPress brute force	2019-08-30 11:49:35
165.227.41.202	attack	Aug 30 02:47:28 thevastnessof sshd[7210]: Failed password for root from 165.227.41.202 port 55380 ssh2 ...	2019-08-30 12:11:58
89.216.113.174	attack	SSH invalid-user multiple login attempts	2019-08-30 12:08:57
186.15.77.199	attackspam	Spam	2019-08-30 12:29:30
221.231.57.245	attackspambots	Aug 28 19:58:55 econome sshd[21782]: Failed password for invalid user usuario from 221.231.57.245 port 38955 ssh2 Aug 28 19:58:58 econome sshd[21782]: Failed password for invalid user usuario from 221.231.57.245 port 38955 ssh2 Aug 28 19:59:02 econome sshd[21782]: Failed password for invalid user usuario from 221.231.57.245 port 38955 ssh2 Aug 28 19:59:06 econome sshd[21782]: Failed password for invalid user usuario from 221.231.57.245 port 38955 ssh2 Aug 28 19:59:10 econome sshd[21782]: Failed password for invalid user usuario from 221.231.57.245 port 38955 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=221.231.57.245	2019-08-30 11:55:32
51.38.64.134	attackspambots	WordPress wp-login brute force :: 51.38.64.134 0.160 BYPASS [30/Aug/2019:11:12:07 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-30 12:22:08
188.165.243.162	attack	Faked Googlebot	2019-08-30 12:25:54
206.189.36.69	attackbots	$f2bV_matches	2019-08-30 12:22:28
37.59.38.216	attackbots	Aug 29 22:25:38 mail sshd\[26835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.38.216 Aug 29 22:25:41 mail sshd\[26835\]: Failed password for invalid user ta from 37.59.38.216 port 37546 ssh2 Aug 29 22:33:20 mail sshd\[27558\]: Invalid user lj from 37.59.38.216 port 33042 Aug 29 22:33:20 mail sshd\[27558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.38.216 Aug 29 22:33:22 mail sshd\[27558\]: Failed password for invalid user lj from 37.59.38.216 port 33042 ssh2	2019-08-30 12:28:00
42.117.113.159	attackbots	firewall-block, port(s): 23/tcp	2019-08-30 12:03:04
139.99.221.61	attackbotsspam	Aug 29 22:50:31 localhost sshd\[25746\]: Invalid user free from 139.99.221.61 port 56025 Aug 29 22:50:31 localhost sshd\[25746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Aug 29 22:50:33 localhost sshd\[25746\]: Failed password for invalid user free from 139.99.221.61 port 56025 ssh2 ...	2019-08-30 12:10:22
169.197.112.102	attackbotsspam	2019-08-17T15:24:45.765649wiz-ks3 sshd[7379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.197.112.102 user=root 2019-08-17T15:24:47.617440wiz-ks3 sshd[7379]: Failed password for root from 169.197.112.102 port 45650 ssh2 2019-08-17T15:24:50.300604wiz-ks3 sshd[7379]: Failed password for root from 169.197.112.102 port 45650 ssh2 2019-08-17T15:24:45.765649wiz-ks3 sshd[7379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.197.112.102 user=root 2019-08-17T15:24:47.617440wiz-ks3 sshd[7379]: Failed password for root from 169.197.112.102 port 45650 ssh2 2019-08-17T15:24:50.300604wiz-ks3 sshd[7379]: Failed password for root from 169.197.112.102 port 45650 ssh2 2019-08-17T15:24:45.765649wiz-ks3 sshd[7379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=169.197.112.102 user=root 2019-08-17T15:24:47.617440wiz-ks3 sshd[7379]: Failed password for root from 169.197.112.102 port 45650 ssh2 2	2019-08-30 11:56:20

最近上报的IP列表

140.143.32.113	121.190.197.205	111.230.64.83	108.59.252.85
107.170.231.42	104.131.167.107	103.120.178.95	98.206.161.171
96.76.166.105	94.247.177.171	91.219.253.183	85.214.17.133
84.13.54.169	83.136.86.224	54.36.163.3	46.101.235.214
37.235.1.109	36.103.242.14	218.103.112.98	218.58.70.250