138.197.120.219

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Dec 8 17:59:52 hcbbdb sshd\[31878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 user=root Dec 8 17:59:54 hcbbdb sshd\[31878\]: Failed password for root from 138.197.120.219 port 44084 ssh2 Dec 8 18:05:21 hcbbdb sshd\[32579\]: Invalid user sleep from 138.197.120.219 Dec 8 18:05:21 hcbbdb sshd\[32579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 Dec 8 18:05:23 hcbbdb sshd\[32579\]: Failed password for invalid user sleep from 138.197.120.219 port 53118 ssh2	2019-12-09 06:52:28
attackbots	Dec 6 16:17:00 mail1 sshd\[20105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 user=news Dec 6 16:17:01 mail1 sshd\[20105\]: Failed password for news from 138.197.120.219 port 50482 ssh2 Dec 6 16:27:32 mail1 sshd\[24744\]: Invalid user rpc from 138.197.120.219 port 49248 Dec 6 16:27:32 mail1 sshd\[24744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 Dec 6 16:27:34 mail1 sshd\[24744\]: Failed password for invalid user rpc from 138.197.120.219 port 49248 ssh2 ...	2019-12-07 02:10:39
attackspambots	Dec 4 08:38:35 web1 sshd\[25362\]: Invalid user gunnarsen from 138.197.120.219 Dec 4 08:38:35 web1 sshd\[25362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 Dec 4 08:38:37 web1 sshd\[25362\]: Failed password for invalid user gunnarsen from 138.197.120.219 port 58756 ssh2 Dec 4 08:44:06 web1 sshd\[26004\]: Invalid user arleen from 138.197.120.219 Dec 4 08:44:06 web1 sshd\[26004\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219	2019-12-05 02:58:55
attackbotsspam	2019-12-02T04:59:11.412585abusebot-2.cloudsearch.cf sshd\[22998\]: Invalid user ronneke from 138.197.120.219 port 59218	2019-12-02 13:04:27
attackbotsspam	Nov 30 01:04:01 tdfoods sshd\[4975\]: Invalid user guest from 138.197.120.219 Nov 30 01:04:01 tdfoods sshd\[4975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 Nov 30 01:04:03 tdfoods sshd\[4975\]: Failed password for invalid user guest from 138.197.120.219 port 35642 ssh2 Nov 30 01:07:09 tdfoods sshd\[5161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 user=root Nov 30 01:07:11 tdfoods sshd\[5161\]: Failed password for root from 138.197.120.219 port 43464 ssh2	2019-11-30 19:14:27
attackspambots	Nov 28 07:26:01 MK-Soft-Root2 sshd[24089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 Nov 28 07:26:02 MK-Soft-Root2 sshd[24089]: Failed password for invalid user adamj from 138.197.120.219 port 42096 ssh2 ...	2019-11-28 17:56:33
attackspambots	Nov 24 13:45:41 hpm sshd\[318\]: Invalid user thchen!@\# from 138.197.120.219 Nov 24 13:45:41 hpm sshd\[318\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 Nov 24 13:45:43 hpm sshd\[318\]: Failed password for invalid user thchen!@\# from 138.197.120.219 port 59170 ssh2 Nov 24 13:51:46 hpm sshd\[931\]: Invalid user dubroff from 138.197.120.219 Nov 24 13:51:46 hpm sshd\[931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219	2019-11-25 08:03:49
attackbots	Nov 19 03:43:14 riskplan-s sshd[26642]: Invalid user alice from 138.197.120.219 Nov 19 03:43:14 riskplan-s sshd[26642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 Nov 19 03:43:16 riskplan-s sshd[26642]: Failed password for invalid user alice from 138.197.120.219 port 55782 ssh2 Nov 19 03:43:16 riskplan-s sshd[26642]: Received disconnect from 138.197.120.219: 11: Bye Bye [preauth] Nov 19 04:03:37 riskplan-s sshd[26795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 user=lp Nov 19 04:03:40 riskplan-s sshd[26795]: Failed password for lp from 138.197.120.219 port 39314 ssh2 Nov 19 04:03:40 riskplan-s sshd[26795]: Received disconnect from 138.197.120.219: 11: Bye Bye [preauth] Nov 19 04:06:58 riskplan-s sshd[26830]: Invalid user vishostnameor from 138.197.120.219 Nov 19 04:06:58 riskplan-s sshd[26830]: pam_unix(sshd:auth): authentication failure; logname= ........ -------------------------------	2019-11-20 05:54:17
attackbots	Nov 19 03:43:14 riskplan-s sshd[26642]: Invalid user alice from 138.197.120.219 Nov 19 03:43:14 riskplan-s sshd[26642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 Nov 19 03:43:16 riskplan-s sshd[26642]: Failed password for invalid user alice from 138.197.120.219 port 55782 ssh2 Nov 19 03:43:16 riskplan-s sshd[26642]: Received disconnect from 138.197.120.219: 11: Bye Bye [preauth] Nov 19 04:03:37 riskplan-s sshd[26795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 user=lp Nov 19 04:03:40 riskplan-s sshd[26795]: Failed password for lp from 138.197.120.219 port 39314 ssh2 Nov 19 04:03:40 riskplan-s sshd[26795]: Received disconnect from 138.197.120.219: 11: Bye Bye [preauth] Nov 19 04:06:58 riskplan-s sshd[26830]: Invalid user vishostnameor from 138.197.120.219 Nov 19 04:06:58 riskplan-s sshd[26830]: pam_unix(sshd:auth): authentication failure; logname= ........ -------------------------------	2019-11-19 14:56:07
attack	Nov 18 17:43:07 server sshd\[3766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 user=operator Nov 18 17:43:09 server sshd\[3766\]: Failed password for operator from 138.197.120.219 port 44746 ssh2 Nov 18 17:49:07 server sshd\[5307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.120.219 user=root Nov 18 17:49:09 server sshd\[5307\]: Failed password for root from 138.197.120.219 port 39172 ssh2 Nov 18 17:52:44 server sshd\[6437\]: Invalid user guest from 138.197.120.219 ...	2019-11-18 23:03:14

Comments on same subnet:

IP	Type	Details	Datetime
138.197.120.36	attackspambots	Jul 23 05:59:14 [host] sshd[4795]: Invalid user no Jul 23 05:59:14 [host] sshd[4795]: pam_unix(sshd:a Jul 23 05:59:16 [host] sshd[4795]: Failed password	2020-07-23 12:20:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.120.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23064
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.120.219.		IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111800 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 18 23:03:06 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 219.120.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 219.120.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.234.130.87	attack	Aug 3 17:12:25 NPSTNNYC01T sshd[23433]: Failed password for root from 62.234.130.87 port 44364 ssh2 Aug 3 17:15:24 NPSTNNYC01T sshd[23778]: Failed password for root from 62.234.130.87 port 49546 ssh2 ...	2020-08-04 05:29:53
132.232.251.171	attack	SSH Brute-Forcing (server1)	2020-08-04 05:20:17
45.55.156.19	attackspambots	(sshd) Failed SSH login from 45.55.156.19 (US/United States/-): 5 in the last 3600 secs	2020-08-04 05:05:21
91.204.196.218	attack	Aug 3 16:27:54 mx sshd[13995]: Failed password for root from 91.204.196.218 port 60196 ssh2	2020-08-04 05:25:36
103.217.243.241	attackbotsspam	Aug 3 22:51:08 piServer sshd[6246]: Failed password for root from 103.217.243.241 port 37276 ssh2 Aug 3 22:55:43 piServer sshd[6770]: Failed password for root from 103.217.243.241 port 48622 ssh2 ...	2020-08-04 05:09:12
180.76.55.119	attackspam	Aug 3 17:34:48 ws12vmsma01 sshd[42616]: Failed password for root from 180.76.55.119 port 57692 ssh2 Aug 3 17:39:26 ws12vmsma01 sshd[43343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.55.119 user=root Aug 3 17:39:28 ws12vmsma01 sshd[43343]: Failed password for root from 180.76.55.119 port 37324 ssh2 ...	2020-08-04 05:03:49
129.226.67.78	attackbots	2020-08-03T20:29:31.795901abusebot-8.cloudsearch.cf sshd[21274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.67.78 user=root 2020-08-03T20:29:33.846915abusebot-8.cloudsearch.cf sshd[21274]: Failed password for root from 129.226.67.78 port 39298 ssh2 2020-08-03T20:32:16.843962abusebot-8.cloudsearch.cf sshd[21282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.67.78 user=root 2020-08-03T20:32:18.880336abusebot-8.cloudsearch.cf sshd[21282]: Failed password for root from 129.226.67.78 port 57748 ssh2 2020-08-03T20:34:55.673664abusebot-8.cloudsearch.cf sshd[21286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.67.78 user=root 2020-08-03T20:34:57.870252abusebot-8.cloudsearch.cf sshd[21286]: Failed password for root from 129.226.67.78 port 47974 ssh2 2020-08-03T20:37:36.423175abusebot-8.cloudsearch.cf sshd[21340]: pam_unix(sshd:auth): authe ...	2020-08-04 05:01:59
111.67.51.209	attack	Port probing on unauthorized port 445	2020-08-04 05:28:26
91.121.30.186	attackbotsspam	Aug 3 23:07:06 ip106 sshd[27395]: Failed password for root from 91.121.30.186 port 46895 ssh2 ...	2020-08-04 05:13:33
80.89.234.147	attack	Port scan	2020-08-04 05:22:23
68.200.225.14	attackspambots	Attempts against non-existent wp-login	2020-08-04 04:59:05
172.81.253.233	attackbots	Aug 3 22:31:32 ns382633 sshd\[18168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.253.233 user=root Aug 3 22:31:34 ns382633 sshd\[18168\]: Failed password for root from 172.81.253.233 port 37870 ssh2 Aug 3 22:36:12 ns382633 sshd\[19157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.253.233 user=root Aug 3 22:36:14 ns382633 sshd\[19157\]: Failed password for root from 172.81.253.233 port 38330 ssh2 Aug 3 22:37:27 ns382633 sshd\[19218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.253.233 user=root	2020-08-04 05:05:45
134.209.149.64	attack	Aug 3 22:35:31 hidden sshd[34253]: Failed password for hidden from 134.209.149.64 port 56672 ssh2 Aug 3 22:40:56 hidden sshd[35116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.149.64 user=root Aug 3 22:40:59 hidden sshd[35116]: Failed password for hidden from 134.209.149.64 port 39982 ssh2	2020-08-04 04:58:40
62.57.227.12	attackbotsspam	Aug 3 22:33:55 * sshd[25207]: Failed password for root from 62.57.227.12 port 39950 ssh2	2020-08-04 04:57:10
213.197.180.91	attackbots	213.197.180.91 - - [03/Aug/2020:21:37:16 +0100] "POST /wp-login.php HTTP/1.1" 200 2013 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 213.197.180.91 - - [03/Aug/2020:21:37:18 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 213.197.180.91 - - [03/Aug/2020:21:37:19 +0100] "POST /wp-login.php HTTP/1.1" 200 1947 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-04 05:00:39

Recently Reported IPs

14.164.18.123	200.74.167.58	149.48.107.214	237.98.88.122
45.204.142.21	2.92.152.89	201.188.88.150	45.162.98.89
185.153.197.97	167.172.195.99	190.110.9.240	104.248.140.144
196.150.220.148	243.139.176.42	91.225.223.106	205.55.128.138
146.52.243.244	211.192.227.82	206.42.222.34	120.92.33.13