138.197.145.131

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Jan 15 11:54:52 amit sshd\[31044\]: Invalid user wilma from 138.197.145.131 Jan 15 11:54:52 amit sshd\[31044\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.131 Jan 15 11:54:54 amit sshd\[31044\]: Failed password for invalid user wilma from 138.197.145.131 port 48602 ssh2 ...	2020-01-15 20:04:38

Type

Details

Datetime

attackbots

Jan 15 11:54:52 amit sshd\[31044\]: Invalid user wilma from 138.197.145.131
Jan 15 11:54:52 amit sshd\[31044\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.131
Jan 15 11:54:54 amit sshd\[31044\]: Failed password for invalid user wilma from 138.197.145.131 port 48602 ssh2
...

2020-01-15 20:04:38

Comments on same subnet:

IP	Type	Details	Datetime
138.197.145.163	attackbots	Sent packet to closed port: 10394	2020-08-09 12:36:59
138.197.145.163	attackspambots	17087/tcp 14465/tcp 31783/tcp... [2020-06-22/08-04]112pkt,43pt.(tcp)	2020-08-05 06:04:02
138.197.145.163	attackspambots	Fail2Ban Ban Triggered	2020-07-28 23:02:10
138.197.145.26	attackspambots	Jul 27 11:20:58 mout sshd[4165]: Invalid user iwan from 138.197.145.26 port 37396	2020-07-27 17:31:36
138.197.145.26	attackbots	firewall-block, port(s): 8113/tcp	2020-07-26 15:25:19
138.197.145.26	attack	Scanned 3 times in the last 24 hours on port 22	2020-07-25 08:36:15
138.197.145.26	attackbots	Jul 24 10:54:47 vpn01 sshd[2993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 24 10:54:49 vpn01 sshd[2993]: Failed password for invalid user batal from 138.197.145.26 port 53418 ssh2 ...	2020-07-24 17:20:04
138.197.145.26	attackbots	Jul 18 15:58:36 ns382633 sshd\[12725\]: Invalid user sdo from 138.197.145.26 port 41884 Jul 18 15:58:36 ns382633 sshd\[12725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 18 15:58:38 ns382633 sshd\[12725\]: Failed password for invalid user sdo from 138.197.145.26 port 41884 ssh2 Jul 18 16:00:58 ns382633 sshd\[13430\]: Invalid user user from 138.197.145.26 port 45014 Jul 18 16:00:58 ns382633 sshd\[13430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26	2020-07-19 02:24:34
138.197.145.26	attack	srv02 Mass scanning activity detected Target: 25369 ..	2020-07-18 13:38:06
138.197.145.26	attackspam	Exploited Host.	2020-07-16 02:26:50
138.197.145.163	attack	firewall-block, port(s): 135/tcp	2020-07-11 22:47:12
138.197.145.26	attackbotsspam	Jul 9 23:55:58 santamaria sshd\[24973\]: Invalid user newsmagazine from 138.197.145.26 Jul 9 23:55:58 santamaria sshd\[24973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 9 23:56:00 santamaria sshd\[24973\]: Failed password for invalid user newsmagazine from 138.197.145.26 port 39498 ssh2 ...	2020-07-10 06:27:33
138.197.145.26	attackspam	SSH Login Bruteforce	2020-07-09 13:22:45
138.197.145.26	attack	21 attempts against mh-ssh on echoip	2020-07-04 05:12:45
138.197.145.26	attackspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-06-29 00:57:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.145.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31276
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.145.131.		IN	A

;; AUTHORITY SECTION:
.			564	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011500 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 15 20:04:34 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 131.145.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 131.145.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
74.207.242.199	attack	Port 22 Scan, PTR: None	2020-02-11 21:36:44
180.244.104.230	attackbots	unauthorized connection attempt	2020-02-11 21:41:00
182.232.208.41	attack	unauthorized connection attempt	2020-02-11 21:05:00
41.41.178.228	attack	unauthorized connection attempt	2020-02-11 21:08:17
222.186.30.209	attackbotsspam	Feb 11 14:48:41 MK-Soft-VM4 sshd[1059]: Failed password for root from 222.186.30.209 port 39473 ssh2 ...	2020-02-11 21:50:52
196.89.219.9	attackspam	unauthorized connection attempt	2020-02-11 21:29:59
27.20.196.160	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2020-02-11 21:51:47
150.109.170.115	attackspam	unauthorized connection attempt	2020-02-11 21:46:46
77.42.94.99	attackspambots	unauthorized connection attempt	2020-02-11 21:36:15
118.98.96.184	attack	port	2020-02-11 21:13:16
104.244.73.223	attackspambots	Feb 11 00:11:04 auw2 sshd\[17225\]: Invalid user vd from 104.244.73.223 Feb 11 00:11:04 auw2 sshd\[17225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.73.223 Feb 11 00:11:07 auw2 sshd\[17225\]: Failed password for invalid user vd from 104.244.73.223 port 47398 ssh2 Feb 11 00:13:05 auw2 sshd\[17406\]: Invalid user lhu from 104.244.73.223 Feb 11 00:13:05 auw2 sshd\[17406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.73.223	2020-02-11 21:34:42
125.25.45.206	attack	unauthorized connection attempt	2020-02-11 21:10:36
91.240.63.129	attackspambots	unauthorized connection attempt	2020-02-11 21:11:50
189.173.134.155	attack	unauthorized connection attempt	2020-02-11 21:15:36
157.245.158.97	attackbotsspam	Feb 11 06:47:18 toyboy sshd[7242]: Invalid user god from 157.245.158.97 Feb 11 06:47:18 toyboy sshd[7242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.158.97 Feb 11 06:47:20 toyboy sshd[7242]: Failed password for invalid user god from 157.245.158.97 port 47012 ssh2 Feb 11 06:47:20 toyboy sshd[7242]: Received disconnect from 157.245.158.97: 11: Bye Bye [preauth] Feb 11 06:57:53 toyboy sshd[8185]: Invalid user prf from 157.245.158.97 Feb 11 06:57:53 toyboy sshd[8185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.158.97 Feb 11 06:57:56 toyboy sshd[8185]: Failed password for invalid user prf from 157.245.158.97 port 53932 ssh2 Feb 11 06:57:56 toyboy sshd[8185]: Received disconnect from 157.245.158.97: 11: Bye Bye [preauth] Feb 11 07:01:14 toyboy sshd[8391]: Invalid user hhostname from 157.245.158.97 Feb 11 07:01:14 toyboy sshd[8391]: pam_unix(sshd:auth): authentication fai........ -------------------------------	2020-02-11 21:09:58

Recently Reported IPs

124.78.44.35	244.3.72.50	157.245.60.59	117.4.247.211
103.17.39.140	122.14.195.58	146.65.16.39	101.95.129.106
31.173.113.46	131.234.128.162	1.1.164.51	29.239.184.175
164.68.120.168	122.183.97.90	49.145.206.47	156.251.174.241
61.153.104.62	187.134.53.102	109.96.84.46	36.70.232.164