138.197.152.113

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Failed password for root from 138.197.152.113 port 51452 ssh2 Invalid user www from 138.197.152.113 port 58106 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Failed password for invalid user www from 138.197.152.113 port 58106 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 user=root	2020-03-12 01:03:26
attackbots	Mar 7 14:35:04 lnxmysql61 sshd[7482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113	2020-03-07 21:44:36
attackbots	Mar 6 00:56:43 web1 sshd\[27229\]: Invalid user sandor from 138.197.152.113 Mar 6 00:56:43 web1 sshd\[27229\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Mar 6 00:56:45 web1 sshd\[27229\]: Failed password for invalid user sandor from 138.197.152.113 port 33440 ssh2 Mar 6 00:59:51 web1 sshd\[27514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 user=root Mar 6 00:59:53 web1 sshd\[27514\]: Failed password for root from 138.197.152.113 port 60704 ssh2	2020-03-06 19:00:17
attackbotsspam	Feb 18 07:45:12 server sshd\[20050\]: Invalid user update from 138.197.152.113 Feb 18 07:45:12 server sshd\[20050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Feb 18 07:45:14 server sshd\[20050\]: Failed password for invalid user update from 138.197.152.113 port 33238 ssh2 Feb 18 07:58:53 server sshd\[22371\]: Invalid user ming from 138.197.152.113 Feb 18 07:58:53 server sshd\[22371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 ...	2020-02-18 14:19:38
attack	Jan 31 11:40:53 163-172-32-151 sshd[7007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Jan 31 11:40:53 163-172-32-151 sshd[7007]: Invalid user kantimoy from 138.197.152.113 port 43064 Jan 31 11:40:56 163-172-32-151 sshd[7007]: Failed password for invalid user kantimoy from 138.197.152.113 port 43064 ssh2 ...	2020-02-01 14:22:36
attack	Jan 3 16:14:26 powerpi2 sshd[1709]: Invalid user tss from 138.197.152.113 port 52928 Jan 3 16:14:28 powerpi2 sshd[1709]: Failed password for invalid user tss from 138.197.152.113 port 52928 ssh2 Jan 3 16:20:02 powerpi2 sshd[1999]: Invalid user undernet from 138.197.152.113 port 40290 ...	2020-01-04 00:27:12
attackbotsspam	Invalid user cvsroot from 138.197.152.113 port 59552	2019-12-22 07:08:01
attackspam	Invalid user cvsroot from 138.197.152.113 port 59552	2019-12-21 16:43:16
attackspam	Invalid user cvsroot from 138.197.152.113 port 59552	2019-12-21 05:31:05
attack	Invalid user cvsroot from 138.197.152.113 port 59552	2019-12-20 06:28:02
attack	Invalid user admin from 138.197.152.113 port 53674	2019-12-19 08:15:48
attack	Invalid user admin from 138.197.152.113 port 53674	2019-12-18 09:19:24
attackbotsspam	leo_www	2019-12-17 05:11:13
attack	Dec 15 18:34:43 ny01 sshd[19667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Dec 15 18:34:45 ny01 sshd[19667]: Failed password for invalid user mysql from 138.197.152.113 port 56276 ssh2 Dec 15 18:39:51 ny01 sshd[20214]: Failed password for root from 138.197.152.113 port 34440 ssh2	2019-12-16 07:54:01
attack	2019-12-11T07:34:31.667409abusebot-2.cloudsearch.cf sshd\[16368\]: Invalid user P4sswOrd from 138.197.152.113 port 60326	2019-12-11 15:36:16
attack	Dec 9 20:25:36 php1 sshd\[29342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 user=root Dec 9 20:25:38 php1 sshd\[29342\]: Failed password for root from 138.197.152.113 port 35070 ssh2 Dec 9 20:30:54 php1 sshd\[29835\]: Invalid user gdm from 138.197.152.113 Dec 9 20:30:54 php1 sshd\[29835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Dec 9 20:30:55 php1 sshd\[29835\]: Failed password for invalid user gdm from 138.197.152.113 port 43248 ssh2	2019-12-10 15:12:09
attackspambots	Dec 6 21:37:02 MK-Soft-Root2 sshd[30428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Dec 6 21:37:04 MK-Soft-Root2 sshd[30428]: Failed password for invalid user webalizer1 from 138.197.152.113 port 43348 ssh2 ...	2019-12-07 05:17:26
attackbotsspam	2019-12-04T07:01:51.382178abusebot-6.cloudsearch.cf sshd\[17916\]: Invalid user backup from 138.197.152.113 port 45926	2019-12-04 16:19:14
attackbots	2019-11-30T00:13:04.947728tmaserv sshd\[11757\]: Failed password for invalid user 99999 from 138.197.152.113 port 51462 ssh2 2019-11-30T01:13:20.404972tmaserv sshd\[14427\]: Invalid user 123456 from 138.197.152.113 port 51366 2019-11-30T01:13:20.409630tmaserv sshd\[14427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 2019-11-30T01:13:22.775743tmaserv sshd\[14427\]: Failed password for invalid user 123456 from 138.197.152.113 port 51366 ssh2 2019-11-30T01:16:24.386218tmaserv sshd\[14727\]: Invalid user samuel from 138.197.152.113 port 58418 2019-11-30T01:16:24.391262tmaserv sshd\[14727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 ...	2019-11-30 08:57:35
attackbots	Nov 14 15:26:58 mail sshd[17905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Nov 14 15:27:00 mail sshd[17905]: Failed password for invalid user tamio from 138.197.152.113 port 59388 ssh2 Nov 14 15:30:35 mail sshd[19143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113	2019-11-15 05:16:44
attackbots	Nov 6 12:35:28 server sshd\[8382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 user=root Nov 6 12:35:30 server sshd\[8382\]: Failed password for root from 138.197.152.113 port 58598 ssh2 Nov 6 12:55:43 server sshd\[13440\]: Invalid user mdpi from 138.197.152.113 Nov 6 12:55:43 server sshd\[13440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Nov 6 12:55:45 server sshd\[13440\]: Failed password for invalid user mdpi from 138.197.152.113 port 42148 ssh2 ...	2019-11-06 20:55:36
attack	2019-11-02T08:54:46.060844abusebot-5.cloudsearch.cf sshd\[22473\]: Invalid user database from 138.197.152.113 port 60422	2019-11-02 19:04:02
attack	Invalid user openbraov from 138.197.152.113 port 57180	2019-10-31 07:32:15
attackbots	Oct 29 02:39:58 web9 sshd\[6880\]: Invalid user yi from 138.197.152.113 Oct 29 02:39:58 web9 sshd\[6880\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Oct 29 02:40:00 web9 sshd\[6880\]: Failed password for invalid user yi from 138.197.152.113 port 47262 ssh2 Oct 29 02:44:13 web9 sshd\[7441\]: Invalid user test123!@\# from 138.197.152.113 Oct 29 02:44:13 web9 sshd\[7441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113	2019-10-29 22:44:05
attack	$f2bV_matches	2019-10-27 04:36:21
attack	Oct 19 16:19:59 MK-Soft-VM7 sshd[4850]: Failed password for root from 138.197.152.113 port 44890 ssh2 Oct 19 16:26:53 MK-Soft-VM7 sshd[4883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 ...	2019-10-19 22:38:16
attackbots	Oct 3 06:57:48 tuotantolaitos sshd[16172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Oct 3 06:57:50 tuotantolaitos sshd[16172]: Failed password for invalid user bernier1 from 138.197.152.113 port 55124 ssh2 ...	2019-10-03 14:34:58
attack	Sep 26 18:08:13 php1 sshd\[31849\]: Invalid user lm from 138.197.152.113 Sep 26 18:08:13 php1 sshd\[31849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113 Sep 26 18:08:15 php1 sshd\[31849\]: Failed password for invalid user lm from 138.197.152.113 port 34350 ssh2 Sep 26 18:12:22 php1 sshd\[32290\]: Invalid user postgres from 138.197.152.113 Sep 26 18:12:22 php1 sshd\[32290\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.152.113	2019-09-27 12:29:00
attackspam	Sep 27 00:03:21 core sshd[15120]: Invalid user vhost from 138.197.152.113 port 51388 Sep 27 00:03:23 core sshd[15120]: Failed password for invalid user vhost from 138.197.152.113 port 51388 ssh2 ...	2019-09-27 06:25:19
attackspambots	2019-09-21T13:30:37.466931abusebot-7.cloudsearch.cf sshd\[16028\]: Invalid user agoncillo from 138.197.152.113 port 58402	2019-09-21 23:39:11

Comments on same subnet:

IP	Type	Details	Datetime
138.197.152.148	attackbotsspam	Port Scan ...	2020-10-12 07:08:45
138.197.152.148	attackbots	TCP port : 31881	2020-10-11 23:19:23
138.197.152.148	attackspam	firewall-block, port(s): 10363/tcp	2020-10-11 15:17:56
138.197.152.148	attackspam	firewall-block, port(s): 31881/tcp	2020-10-11 08:38:04
138.197.152.148	attackspam	Found on CINS badguys / proto=6 . srcport=54742 . dstport=8167 . (2866)	2020-10-05 01:54:57
138.197.152.148	attack	firewall-block, port(s): 8167/tcp	2020-10-04 17:37:55
138.197.152.148	attackspambots	TCP port : 24105	2020-09-16 19:24:34
138.197.152.122	attackspambots	138.197.152.122 - - [11/Sep/2020:18:52:57 +0200] "HEAD / HTTP/1.1" 405 0 "-" "Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36"	2020-09-12 16:24:13
138.197.152.148	attackspam	TCP (SYN) 138.197.152.148:44516 -> port 10395, len 44	2020-08-31 18:04:58
138.197.152.148	attackspambots	TCP (SYN) 138.197.152.148:43140 -> port 14078, len 44	2020-08-31 02:53:04
138.197.152.148	attack	firewall-block, port(s): 13226/tcp	2020-08-26 23:59:39
138.197.152.148	attack	SIP/5060 Probe, BF, Hack -	2020-08-21 16:54:01
138.197.152.148	attackspambots	Attempted to establish connection to non opened port 11055	2020-08-08 21:57:20
138.197.152.148	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-08-06 07:22:45
138.197.152.148	attackspam	TCP (SYN) 138.197.152.148:54324 -> port 29435, len 44	2020-07-27 01:33:47

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.152.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59392
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.152.113.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 13:53:35 +08 2019
;; MSG SIZE  rcvd: 119

Host info

Host 113.152.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 113.152.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.90.85.225	attackspambots	scan z	2019-10-08 21:17:25
51.38.113.45	attackspambots	Oct 8 02:52:37 hpm sshd\[9763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.ip-51-38-113.eu user=root Oct 8 02:52:39 hpm sshd\[9763\]: Failed password for root from 51.38.113.45 port 32878 ssh2 Oct 8 02:56:59 hpm sshd\[10090\]: Invalid user 123 from 51.38.113.45 Oct 8 02:56:59 hpm sshd\[10090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.ip-51-38-113.eu Oct 8 02:57:01 hpm sshd\[10090\]: Failed password for invalid user 123 from 51.38.113.45 port 44096 ssh2	2019-10-08 21:00:49
198.228.145.150	attack	Oct 8 15:02:00 ns41 sshd[31277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.228.145.150	2019-10-08 21:15:48
14.248.99.237	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 12:55:24.	2019-10-08 21:36:37
92.154.51.236	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 12:55:28.	2019-10-08 21:27:11
192.161.160.85	attackbotsspam	Unauthorized access detected from banned ip	2019-10-08 21:24:43
147.135.163.102	attackbots	Oct 8 14:43:46 SilenceServices sshd[19824]: Failed password for root from 147.135.163.102 port 43984 ssh2 Oct 8 14:48:34 SilenceServices sshd[21097]: Failed password for root from 147.135.163.102 port 56750 ssh2	2019-10-08 21:15:01
89.24.97.2	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 12:55:27.	2019-10-08 21:27:44
178.128.183.90	attackbots	Oct 8 12:59:17 ip-172-31-62-245 sshd\[8844\]: Invalid user Story2017 from 178.128.183.90\ Oct 8 12:59:19 ip-172-31-62-245 sshd\[8844\]: Failed password for invalid user Story2017 from 178.128.183.90 port 35490 ssh2\ Oct 8 13:03:31 ip-172-31-62-245 sshd\[8876\]: Invalid user 4%6rTyfGhvBn from 178.128.183.90\ Oct 8 13:03:33 ip-172-31-62-245 sshd\[8876\]: Failed password for invalid user 4%6rTyfGhvBn from 178.128.183.90 port 47290 ssh2\ Oct 8 13:07:45 ip-172-31-62-245 sshd\[8911\]: Invalid user Gas123 from 178.128.183.90\	2019-10-08 21:09:11
51.77.140.244	attackbots	Oct 8 15:25:39 vps647732 sshd[9476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.244 Oct 8 15:25:40 vps647732 sshd[9476]: Failed password for invalid user Gustavo123 from 51.77.140.244 port 58778 ssh2 ...	2019-10-08 21:41:56
104.248.81.104	attackbots	10/08/2019-15:09:44.064972 104.248.81.104 Protocol: 6 ET CHAT IRC PING command	2019-10-08 21:22:16
5.152.207.195	attackspambots	SMB Server BruteForce Attack	2019-10-08 21:15:35
79.126.59.167	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 12:55:27.	2019-10-08 21:28:48
217.219.35.3	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 12:55:25.	2019-10-08 21:31:02
171.221.230.220	attackspambots	Oct 8 15:39:35 mout sshd[21706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.221.230.220 user=root Oct 8 15:39:37 mout sshd[21706]: Failed password for root from 171.221.230.220 port 5555 ssh2	2019-10-08 21:42:54

Recently Reported IPs

117.218.54.161	106.13.93.109	104.248.24.192	104.236.31.227
101.68.81.66	66.249.83.206	85.95.153.155	81.174.173.6
80.227.12.38	78.94.145.110	77.28.102.7	62.117.12.71
51.255.162.65	2.135.218.242	203.213.67.30	189.254.33.157
185.176.27.242	180.151.8.180	179.184.217.83	150.161.8.120