138.197.179.94

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	138.197.179.94 - - [01/Oct/2020:21:12:32 +0100] "POST /wp-login.php HTTP/1.1" 200 2861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.179.94 - - [01/Oct/2020:21:12:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.179.94 - - [01/Oct/2020:21:12:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 07:24:11
attackbots	138.197.179.94 - - [01/Oct/2020:16:41:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2252 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.179.94 - - [01/Oct/2020:16:41:42 +0100] "POST /wp-login.php HTTP/1.1" 200 2231 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.179.94 - - [01/Oct/2020:16:41:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2230 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 23:56:36
attackspambots	2020/09/27 14:34:16 [error] 13560#13560: *51400 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 138.197.179.94, server: , request: "GET /wp-login.php HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm/php-fdf1d4a0-1ee6-4ddf-8a4a-bf7184d3fc60.sock:", host: "mail.rakkor.uk"	2020-10-01 16:02:35
attackspambots	138.197.179.94 - - [31/Aug/2020:22:07:16 +0100] "POST /wp-login.php HTTP/1.1" 200 2369 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.179.94 - - [31/Aug/2020:22:07:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2388 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.179.94 - - [31/Aug/2020:22:07:27 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 09:13:50
attackspambots	Automatic report - Banned IP Access	2020-07-18 14:10:38
attack	Automatic report - XMLRPC Attack	2020-06-19 12:32:36
attack	138.197.179.94 - - \[18/Jun/2020:22:58:26 +0200\] "POST /wp-login.php HTTP/1.0" 200 6388 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.197.179.94 - - \[18/Jun/2020:22:58:28 +0200\] "POST /wp-login.php HTTP/1.0" 200 6208 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.197.179.94 - - \[18/Jun/2020:22:58:29 +0200\] "POST /wp-login.php HTTP/1.0" 200 6216 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-06-19 07:09:58

Comments on same subnet:

IP	Type	Details	Datetime
138.197.179.111	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-26 00:29:42
138.197.179.111	attackbotsspam	2020-07-16T05:04:12.1829371495-001 sshd[18607]: Invalid user lina from 138.197.179.111 port 45530 2020-07-16T05:04:14.1067931495-001 sshd[18607]: Failed password for invalid user lina from 138.197.179.111 port 45530 ssh2 2020-07-16T05:08:08.6610801495-001 sshd[18843]: Invalid user dados from 138.197.179.111 port 59286 2020-07-16T05:08:08.6641171495-001 sshd[18843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 2020-07-16T05:08:08.6610801495-001 sshd[18843]: Invalid user dados from 138.197.179.111 port 59286 2020-07-16T05:08:10.6498471495-001 sshd[18843]: Failed password for invalid user dados from 138.197.179.111 port 59286 ssh2 ...	2020-07-16 18:29:20
138.197.179.111	attack	Jul 5 01:19:49 ns381471 sshd[27210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 Jul 5 01:19:51 ns381471 sshd[27210]: Failed password for invalid user jtd from 138.197.179.111 port 33250 ssh2	2020-07-05 07:47:46
138.197.179.111	attack	$f2bV_matches	2020-07-04 05:08:51
138.197.179.111	attack	sshd	2020-06-13 22:24:13
138.197.179.111	attack	2020-06-12T01:35:07.169173afi-git.jinr.ru sshd[32298]: Failed password for invalid user csgoserver from 138.197.179.111 port 36452 ssh2 2020-06-12T01:38:07.128304afi-git.jinr.ru sshd[583]: Invalid user xylin from 138.197.179.111 port 37242 2020-06-12T01:38:07.131544afi-git.jinr.ru sshd[583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 2020-06-12T01:38:07.128304afi-git.jinr.ru sshd[583]: Invalid user xylin from 138.197.179.111 port 37242 2020-06-12T01:38:08.714224afi-git.jinr.ru sshd[583]: Failed password for invalid user xylin from 138.197.179.111 port 37242 ssh2 ...	2020-06-12 07:36:14
138.197.179.111	attackbots	2020-06-04T23:37:29.873965ns386461 sshd\[20732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 user=root 2020-06-04T23:37:31.516339ns386461 sshd\[20732\]: Failed password for root from 138.197.179.111 port 45424 ssh2 2020-06-04T23:43:10.633907ns386461 sshd\[26448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 user=root 2020-06-04T23:43:12.757575ns386461 sshd\[26448\]: Failed password for root from 138.197.179.111 port 41376 ssh2 2020-06-04T23:46:57.408663ns386461 sshd\[29917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 user=root ...	2020-06-05 07:12:50
138.197.179.111	attack	$f2bV_matches	2020-05-31 01:06:40
138.197.179.111	attack	May 28 15:56:36 ns382633 sshd\[11567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 user=root May 28 15:56:39 ns382633 sshd\[11567\]: Failed password for root from 138.197.179.111 port 60810 ssh2 May 28 16:12:55 ns382633 sshd\[14525\]: Invalid user gfhjkm from 138.197.179.111 port 60658 May 28 16:12:55 ns382633 sshd\[14525\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 May 28 16:12:57 ns382633 sshd\[14525\]: Failed password for invalid user gfhjkm from 138.197.179.111 port 60658 ssh2	2020-05-29 00:26:22
138.197.179.111	attackbotsspam	Invalid user fahmed from 138.197.179.111 port 33484	2020-05-26 21:20:47
138.197.179.111	attack	May 15 21:44:28 electroncash sshd[63238]: Invalid user tunnel from 138.197.179.111 port 55686 May 15 21:44:28 electroncash sshd[63238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 May 15 21:44:28 electroncash sshd[63238]: Invalid user tunnel from 138.197.179.111 port 55686 May 15 21:44:30 electroncash sshd[63238]: Failed password for invalid user tunnel from 138.197.179.111 port 55686 ssh2 May 15 21:47:47 electroncash sshd[64134]: Invalid user subrat from 138.197.179.111 port 34542 ...	2020-05-16 04:00:24
138.197.179.111	attackspambots	$f2bV_matches	2020-05-10 23:36:44
138.197.179.111	attackspam	2020-05-04T18:42:02.2017951495-001 sshd[52030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 2020-05-04T18:42:02.1933101495-001 sshd[52030]: Invalid user btm from 138.197.179.111 port 36734 2020-05-04T18:42:03.8705881495-001 sshd[52030]: Failed password for invalid user btm from 138.197.179.111 port 36734 ssh2 2020-05-04T18:45:54.2435191495-001 sshd[52246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 user=root 2020-05-04T18:45:56.4289721495-001 sshd[52246]: Failed password for root from 138.197.179.111 port 45740 ssh2 2020-05-04T18:49:25.5510541495-001 sshd[52426]: Invalid user natasa from 138.197.179.111 port 54748 ...	2020-05-05 07:39:18
138.197.179.111	attackbotsspam	May 4 15:21:13 PorscheCustomer sshd[22057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 May 4 15:21:15 PorscheCustomer sshd[22057]: Failed password for invalid user demo from 138.197.179.111 port 41816 ssh2 May 4 15:25:09 PorscheCustomer sshd[22105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 ...	2020-05-05 00:21:36
138.197.179.111	attack	$f2bV_matches	2020-04-22 04:50:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.179.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4258
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.179.94.			IN	A

;; AUTHORITY SECTION:
.			454	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061801 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 19 07:09:47 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 94.179.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.179.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.110	attackbotsspam	Jul 5 05:55:28 vps sshd[247481]: Failed password for root from 49.88.112.110 port 29309 ssh2 Jul 5 05:55:31 vps sshd[247481]: Failed password for root from 49.88.112.110 port 29309 ssh2 Jul 5 05:56:27 vps sshd[252212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.110 user=root Jul 5 05:56:29 vps sshd[252212]: Failed password for root from 49.88.112.110 port 10953 ssh2 Jul 5 05:56:32 vps sshd[252212]: Failed password for root from 49.88.112.110 port 10953 ssh2 ...	2020-07-05 12:08:08
223.171.46.146	attackbotsspam	Jul 5 05:56:40 lnxded63 sshd[24648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.171.46.146	2020-07-05 12:02:16
177.132.114.250	attack	Jul 5 05:56:29 mout sshd[9689]: Invalid user ncs from 177.132.114.250 port 39800	2020-07-05 12:14:10
120.53.102.28	attack	IDS multiserver	2020-07-05 12:07:14
176.56.62.144	attackbotsspam	176.56.62.144 - - [05/Jul/2020:05:56:03 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.56.62.144 - - [05/Jul/2020:05:56:05 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.56.62.144 - - [05/Jul/2020:05:56:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-05 12:34:01
150.129.8.7	attack	port scan and connect, tcp 143 (imap)	2020-07-05 12:10:25
77.42.87.121	attackbots	Automatic report - Port Scan Attack	2020-07-05 12:42:51
52.183.62.45	attackspambots	SSH Brute Force	2020-07-05 12:20:28
222.186.180.147	attackbotsspam	Jul 4 18:10:49 tdfoods sshd\[17844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Jul 4 18:10:52 tdfoods sshd\[17844\]: Failed password for root from 222.186.180.147 port 9626 ssh2 Jul 4 18:10:54 tdfoods sshd\[17844\]: Failed password for root from 222.186.180.147 port 9626 ssh2 Jul 4 18:10:57 tdfoods sshd\[17844\]: Failed password for root from 222.186.180.147 port 9626 ssh2 Jul 4 18:11:00 tdfoods sshd\[17844\]: Failed password for root from 222.186.180.147 port 9626 ssh2	2020-07-05 12:19:25
187.174.219.142	attackspambots	Jul 4 18:05:19 kapalua sshd\[4236\]: Invalid user teamspeak from 187.174.219.142 Jul 4 18:05:19 kapalua sshd\[4236\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.219.142 Jul 4 18:05:21 kapalua sshd\[4236\]: Failed password for invalid user teamspeak from 187.174.219.142 port 45454 ssh2 Jul 4 18:10:29 kapalua sshd\[4759\]: Invalid user es from 187.174.219.142 Jul 4 18:10:29 kapalua sshd\[4759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.219.142	2020-07-05 12:21:12
218.92.0.192	attack	07/05/2020-00:05:44.631513 218.92.0.192 Protocol: 6 ET SCAN Potential SSH Scan	2020-07-05 12:05:50
216.104.200.22	attackbots	Jul 5 05:47:40 ns382633 sshd\[29642\]: Invalid user rita from 216.104.200.22 port 42232 Jul 5 05:47:40 ns382633 sshd\[29642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.104.200.22 Jul 5 05:47:42 ns382633 sshd\[29642\]: Failed password for invalid user rita from 216.104.200.22 port 42232 ssh2 Jul 5 05:56:03 ns382633 sshd\[31226\]: Invalid user memory from 216.104.200.22 port 45772 Jul 5 05:56:03 ns382633 sshd\[31226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.104.200.22	2020-07-05 12:37:35
222.186.180.6	attack	Jul 5 00:35:09 NPSTNNYC01T sshd[14468]: Failed password for root from 222.186.180.6 port 49366 ssh2 Jul 5 00:35:12 NPSTNNYC01T sshd[14468]: Failed password for root from 222.186.180.6 port 49366 ssh2 Jul 5 00:35:16 NPSTNNYC01T sshd[14468]: Failed password for root from 222.186.180.6 port 49366 ssh2 Jul 5 00:35:19 NPSTNNYC01T sshd[14468]: Failed password for root from 222.186.180.6 port 49366 ssh2 ...	2020-07-05 12:35:47
175.141.61.138	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-05 12:25:17
68.183.82.166	attackbots	Jul 5 13:33:42 web1 sshd[10882]: Invalid user user15 from 68.183.82.166 port 47846 Jul 5 13:33:42 web1 sshd[10882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.82.166 Jul 5 13:33:42 web1 sshd[10882]: Invalid user user15 from 68.183.82.166 port 47846 Jul 5 13:33:43 web1 sshd[10882]: Failed password for invalid user user15 from 68.183.82.166 port 47846 ssh2 Jul 5 13:51:53 web1 sshd[15302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.82.166 user=root Jul 5 13:51:55 web1 sshd[15302]: Failed password for root from 68.183.82.166 port 45420 ssh2 Jul 5 13:56:31 web1 sshd[16493]: Invalid user sys from 68.183.82.166 port 44508 Jul 5 13:56:31 web1 sshd[16493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.82.166 Jul 5 13:56:31 web1 sshd[16493]: Invalid user sys from 68.183.82.166 port 44508 Jul 5 13:56:33 web1 sshd[16493]: Failed passwor ...	2020-07-05 12:07:42

Recently Reported IPs

114.64.97.152	168.121.51.85	187.69.3.55	90.66.155.18
119.115.154.112	72.185.250.17	71.83.184.164	193.239.104.168
137.97.182.20	206.210.146.47	201.11.20.87	5.248.254.199
163.44.54.37	136.243.102.233	109.181.86.121	147.253.144.202
105.71.22.144	24.71.169.199	14.153.217.16	195.133.32.98