138.197.164.222

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Sep 1 20:52:06 haigwepa sshd[6508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Sep 1 20:52:09 haigwepa sshd[6508]: Failed password for invalid user deploy from 138.197.164.222 port 59404 ssh2 ...	2020-09-02 04:58:41
attackspam	Aug 13 07:50:06 rancher-0 sshd[1036529]: Invalid user sa12345! from 138.197.164.222 port 40368 ...	2020-08-13 19:09:25
attackbotsspam	Aug 7 11:37:38 hosting sshd[15877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 user=root Aug 7 11:37:40 hosting sshd[15877]: Failed password for root from 138.197.164.222 port 60278 ssh2 Aug 7 11:41:06 hosting sshd[16265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 user=root Aug 7 11:41:08 hosting sshd[16265]: Failed password for root from 138.197.164.222 port 36376 ssh2 Aug 7 11:43:49 hosting sshd[16410]: Invalid user com from 138.197.164.222 port 35670 ...	2020-08-07 17:20:52
attackspambots	Brute-force attempt banned	2020-07-23 05:20:48
attack	DATE:2020-07-10 18:04:36, IP:138.197.164.222, PORT:ssh SSH brute force auth (docker-dc)	2020-07-11 04:56:23
attack	2020-07-09T22:16:03.593957vps751288.ovh.net sshd\[14955\]: Invalid user user from 138.197.164.222 port 43964 2020-07-09T22:16:03.604467vps751288.ovh.net sshd\[14955\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 2020-07-09T22:16:05.684388vps751288.ovh.net sshd\[14955\]: Failed password for invalid user user from 138.197.164.222 port 43964 ssh2 2020-07-09T22:19:52.325208vps751288.ovh.net sshd\[14967\]: Invalid user jifeidata from 138.197.164.222 port 54970 2020-07-09T22:19:52.334088vps751288.ovh.net sshd\[14967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222	2020-07-10 06:19:32
attackbots	2020-06-13T04:07:24.333931abusebot-5.cloudsearch.cf sshd[12709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 user=root 2020-06-13T04:07:26.425347abusebot-5.cloudsearch.cf sshd[12709]: Failed password for root from 138.197.164.222 port 52894 ssh2 2020-06-13T04:11:02.484349abusebot-5.cloudsearch.cf sshd[12816]: Invalid user sshvpn from 138.197.164.222 port 53948 2020-06-13T04:11:02.489464abusebot-5.cloudsearch.cf sshd[12816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 2020-06-13T04:11:02.484349abusebot-5.cloudsearch.cf sshd[12816]: Invalid user sshvpn from 138.197.164.222 port 53948 2020-06-13T04:11:04.510258abusebot-5.cloudsearch.cf sshd[12816]: Failed password for invalid user sshvpn from 138.197.164.222 port 53948 ssh2 2020-06-13T04:12:41.102425abusebot-5.cloudsearch.cf sshd[12869]: Invalid user test from 138.197.164.222 port 43502 ...	2020-06-13 13:26:45
attackspam	k+ssh-bruteforce	2020-06-08 23:51:05
attackbots	$f2bV_matches	2020-06-06 16:31:46
attack	2020-06-05T14:00:27.802906 sshd[5902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 2020-06-05T14:00:27.788830 sshd[5902]: Invalid user 0\r from 138.197.164.222 port 58198 2020-06-05T14:00:30.000515 sshd[5902]: Failed password for invalid user 0\r from 138.197.164.222 port 58198 ssh2 2020-06-05T16:02:36.043820 sshd[8356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 user=root 2020-06-05T16:02:38.050075 sshd[8356]: Failed password for root from 138.197.164.222 port 55010 ssh2 ...	2020-06-05 23:57:39
attackspam	Jun 3 17:26:34 OPSO sshd\[31478\]: Invalid user levko\\r from 138.197.164.222 port 42480 Jun 3 17:26:34 OPSO sshd\[31478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Jun 3 17:26:36 OPSO sshd\[31478\]: Failed password for invalid user levko\\r from 138.197.164.222 port 42480 ssh2 Jun 3 17:31:13 OPSO sshd\[32265\]: Invalid user Qwer!@\#\$%\^\\r from 138.197.164.222 port 57500 Jun 3 17:31:13 OPSO sshd\[32265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222	2020-06-04 03:48:00
attack	Invalid user imp from 138.197.164.222 port 52354	2020-05-22 04:00:19
attackspam	$f2bV_matches	2020-05-04 15:55:12
attackspambots	Apr 19 16:47:55 server sshd[2222]: Failed password for invalid user xb from 138.197.164.222 port 34574 ssh2 Apr 19 16:52:26 server sshd[3010]: Failed password for root from 138.197.164.222 port 48658 ssh2 Apr 19 16:54:12 server sshd[3408]: Failed password for root from 138.197.164.222 port 37916 ssh2	2020-04-20 02:25:01
attackspam	Apr 11 05:48:29 ourumov-web sshd\[19334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 user=root Apr 11 05:48:31 ourumov-web sshd\[19334\]: Failed password for root from 138.197.164.222 port 45958 ssh2 Apr 11 05:56:28 ourumov-web sshd\[19823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 user=root ...	2020-04-11 12:08:02
attackbotsspam	invalid login attempt (Soporte)	2020-04-10 18:05:31
attack	2020-04-07T04:06:57.851286shield sshd\[21217\]: Invalid user postgres from 138.197.164.222 port 59012 2020-04-07T04:06:57.854616shield sshd\[21217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 2020-04-07T04:06:59.486370shield sshd\[21217\]: Failed password for invalid user postgres from 138.197.164.222 port 59012 ssh2 2020-04-07T04:11:58.034483shield sshd\[22589\]: Invalid user admin4 from 138.197.164.222 port 54220 2020-04-07T04:11:58.037761shield sshd\[22589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222	2020-04-07 12:21:16
attackbots	Invalid user yej from 138.197.164.222 port 57770	2020-03-30 09:34:09
attack	$f2bV_matches	2020-03-20 09:49:18
attackspambots	Port Scan detected from 138.197.164.222 (CA/Canada/-). 4 hits in the last 35 seconds	2020-03-07 19:58:23
attack	Feb 28 06:06:54 hcbbdb sshd\[22466\]: Invalid user debian from 138.197.164.222 Feb 28 06:06:54 hcbbdb sshd\[22466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Feb 28 06:06:55 hcbbdb sshd\[22466\]: Failed password for invalid user debian from 138.197.164.222 port 36032 ssh2 Feb 28 06:08:35 hcbbdb sshd\[22636\]: Invalid user tecmint from 138.197.164.222 Feb 28 06:08:35 hcbbdb sshd\[22636\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222	2020-02-28 17:53:53
attackspambots	Feb 20 12:30:55 vps46666688 sshd[16404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Feb 20 12:30:57 vps46666688 sshd[16404]: Failed password for invalid user ubuntu from 138.197.164.222 port 58924 ssh2 ...	2020-02-21 00:24:47
attackbotsspam	Feb 10 06:29:19 icinga sshd[36137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Feb 10 06:29:21 icinga sshd[36137]: Failed password for invalid user lbv from 138.197.164.222 port 42868 ssh2 Feb 10 06:33:07 icinga sshd[40113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 ...	2020-02-10 14:34:23
attackspam	Feb 9 02:35:34 plusreed sshd[32341]: Invalid user fhu from 138.197.164.222 ...	2020-02-09 15:42:45
attack	Unauthorized connection attempt detected from IP address 138.197.164.222 to port 2220 [J]	2020-01-29 01:50:38
attack	Unauthorized connection attempt detected from IP address 138.197.164.222 to port 2220 [J]	2020-01-26 18:58:16
attack	Lines containing failures of 138.197.164.222 Jan 7 12:05:33 kmh-vmh-001-fsn07 sshd[12980]: Invalid user ziyad from 138.197.164.222 port 49940 Jan 7 12:05:33 kmh-vmh-001-fsn07 sshd[12980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Jan 7 12:05:35 kmh-vmh-001-fsn07 sshd[12980]: Failed password for invalid user ziyad from 138.197.164.222 port 49940 ssh2 Jan 7 12:05:36 kmh-vmh-001-fsn07 sshd[12980]: Received disconnect from 138.197.164.222 port 49940:11: Bye Bye [preauth] Jan 7 12:05:36 kmh-vmh-001-fsn07 sshd[12980]: Disconnected from invalid user ziyad 138.197.164.222 port 49940 [preauth] Jan 7 12:18:14 kmh-vmh-001-fsn07 sshd[15297]: Invalid user stevo from 138.197.164.222 port 47120 Jan 7 12:18:14 kmh-vmh-001-fsn07 sshd[15297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.164.222 Jan 7 12:18:16 kmh-vmh-001-fsn07 sshd[15297]: Failed password for invalid ........ ------------------------------	2020-01-07 21:30:21

Comments on same subnet:

IP	Type	Details	Datetime
138.197.164.88	attackbotsspam	Invalid user jhon from 138.197.164.88 port 33634	2019-12-21 16:56:21
138.197.164.88	attackspambots	Dec 17 10:08:57 plusreed sshd[28323]: Invalid user admin from 138.197.164.88 ...	2019-12-17 23:25:38
138.197.164.53	attackbots	Oct 28 23:27:16 server2 sshd\[9245\]: User root from 138.197.164.53 not allowed because not listed in AllowUsers Oct 28 23:27:17 server2 sshd\[9247\]: Invalid user admin from 138.197.164.53 Oct 28 23:27:17 server2 sshd\[9250\]: Invalid user admin from 138.197.164.53 Oct 28 23:27:18 server2 sshd\[9252\]: Invalid user user from 138.197.164.53 Oct 28 23:27:19 server2 sshd\[9254\]: Invalid user ubnt from 138.197.164.53 Oct 28 23:27:20 server2 sshd\[9256\]: Invalid user admin from 138.197.164.53	2019-10-29 05:43:47

Type

Details

Datetime

138.197.164.88

attackbotsspam

Invalid user jhon from 138.197.164.88 port 33634

2019-12-21 16:56:21

138.197.164.88

attackspambots

Dec 17 10:08:57 plusreed sshd[28323]: Invalid user admin from 138.197.164.88
...

2019-12-17 23:25:38

138.197.164.53

attackbots

Oct 28 23:27:16 server2 sshd\[9245\]: User root from 138.197.164.53 not allowed because not listed in AllowUsers
Oct 28 23:27:17 server2 sshd\[9247\]: Invalid user admin from 138.197.164.53
Oct 28 23:27:17 server2 sshd\[9250\]: Invalid user admin from 138.197.164.53
Oct 28 23:27:18 server2 sshd\[9252\]: Invalid user user from 138.197.164.53
Oct 28 23:27:19 server2 sshd\[9254\]: Invalid user ubnt from 138.197.164.53
Oct 28 23:27:20 server2 sshd\[9256\]: Invalid user admin from 138.197.164.53

2019-10-29 05:43:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.164.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17313
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.164.222.		IN	A

;; AUTHORITY SECTION:
.			419	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010700 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 07 21:30:17 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 222.164.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 222.164.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
31.134.209.80	attackbotsspam	TCP (SYN) 31.134.209.80:52523 -> port 15876, len 44	2020-06-06 08:11:47
92.119.160.145	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 14389 proto: TCP cat: Misc Attack	2020-06-06 08:31:08
89.248.172.85	attackspambots	TCP (SYN) 89.248.172.85:47524 -> port 1414, len 44	2020-06-06 08:33:42
195.54.161.41	attack	Jun 6 02:48:00 debian kernel: [303441.491976] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=195.54.161.41 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=55698 PROTO=TCP SPT=59422 DPT=4573 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-06 08:17:45
91.241.19.135	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 5900 proto: TCP cat: Misc Attack	2020-06-06 08:01:31
195.54.166.43	attackbotsspam	SmallBizIT.US 8 packets to tcp(13480,23094,29265,30167,36126,53325,57705,61858)	2020-06-06 08:16:47
92.118.161.29	attackbots	Jun 6 00:06:25 debian kernel: [293747.084437] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=92.118.161.29 DST=89.252.131.35 LEN=44 TOS=0x00 PREC=0x00 TTL=240 ID=54321 PROTO=TCP SPT=59170 DPT=1024 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-06 08:31:55
200.188.19.33	attackbots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-06 08:16:03
104.206.128.14	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-06 08:29:06
27.214.41.164	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 13 - port: 23 proto: TCP cat: Misc Attack	2020-06-06 08:12:13
185.156.73.50	attackbotsspam	06/05/2020-19:51:59.696058 185.156.73.50 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-06 08:21:52
185.53.88.182	attackspam	Scanned 1 times in the last 24 hours on port 5060	2020-06-06 08:23:14
92.118.160.57	attackspambots	TCP (SYN) 92.118.160.57:54215 -> port 11211, len 44	2020-06-06 07:59:39
92.63.197.55	attackbots	TCP (SYN) 92.63.197.55:45480 -> port 19888, len 44	2020-06-06 08:00:42
36.239.58.38	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 19 - port: 23 proto: TCP cat: Misc Attack	2020-06-06 08:10:56

Recently Reported IPs

58.246.115.28	9.75.4.176	20.207.13.24	182.74.150.162
213.74.44.214	182.72.66.134	80.43.44.68	14.228.253.138
160.54.85.172	13.2.13.67	85.138.116.49	87.63.111.185
220.108.25.35	41.218.217.185	222.173.241.10	118.18.176.249
140.143.199.169	188.28.174.23	140.144.51.137	74.32.30.202