138.197.180.16

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	" "	2019-09-01 20:11:06
attack	Sep 1 04:24:58 root sshd[25098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 Sep 1 04:25:00 root sshd[25098]: Failed password for invalid user test from 138.197.180.16 port 39254 ssh2 Sep 1 04:30:37 root sshd[25161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 ...	2019-09-01 10:39:09
attack	Aug 31 15:26:24 debian sshd[24664]: Unable to negotiate with 138.197.180.16 port 54130: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Aug 31 15:32:04 debian sshd[24847]: Unable to negotiate with 138.197.180.16 port 41198: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ...	2019-09-01 04:03:14
attack	Invalid user test from 138.197.180.16 port 33120	2019-08-30 17:02:34
attackbotsspam	Aug 29 23:36:13 MK-Soft-VM5 sshd\[32477\]: Invalid user test from 138.197.180.16 port 58950 Aug 29 23:36:13 MK-Soft-VM5 sshd\[32477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 Aug 29 23:36:15 MK-Soft-VM5 sshd\[32477\]: Failed password for invalid user test from 138.197.180.16 port 58950 ssh2 ...	2019-08-30 07:55:28
attackspambots	Aug 29 06:16:37 server1 sshd\[23371\]: Invalid user test from 138.197.180.16 Aug 29 06:16:37 server1 sshd\[23371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 Aug 29 06:16:38 server1 sshd\[23371\]: Failed password for invalid user test from 138.197.180.16 port 36766 ssh2 Aug 29 06:17:37 server1 sshd\[23626\]: Invalid user admin from 138.197.180.16 Aug 29 06:17:37 server1 sshd\[23626\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 ...	2019-08-29 20:56:34
attack	Aug 26 17:54:52 MK-Soft-VM6 sshd\[20797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 user=root Aug 26 17:54:53 MK-Soft-VM6 sshd\[20797\]: Failed password for root from 138.197.180.16 port 57208 ssh2 Aug 26 18:00:22 MK-Soft-VM6 sshd\[20815\]: Invalid user nancy from 138.197.180.16 port 44274 ...	2019-08-27 02:46:34
attackbots	2019-08-21 UTC: 6x - jaxson(2x),test(2x),testuser(2x)	2019-08-22 08:53:14
attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 03:15:23
attackbotsspam	Jul 30 08:49:39 cac1d2 sshd\[14050\]: Invalid user support from 138.197.180.16 port 56574 Jul 30 08:49:39 cac1d2 sshd\[14050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 Jul 30 08:49:41 cac1d2 sshd\[14050\]: Failed password for invalid user support from 138.197.180.16 port 56574 ssh2 ...	2019-07-31 00:43:10
attack	Invalid user test9 from 138.197.180.16 port 47536	2019-07-28 08:13:24
attackbots	Invalid user test9 from 138.197.180.16 port 47536	2019-07-24 17:36:57

Comments on same subnet:

IP	Type	Details	Datetime
138.197.180.102	attackspam	Failed password for invalid user test from 138.197.180.102 port 41436 ssh2	2020-09-27 03:33:16
138.197.180.102	attackspambots	Invalid user hadoop from 138.197.180.102 port 44358	2020-09-26 19:31:37
138.197.180.102	attackbots	(sshd) Failed SSH login from 138.197.180.102 (DE/Germany/-): 5 in the last 3600 secs	2020-09-24 02:29:47
138.197.180.102	attackspam	2020-09-23T02:33:48.923517sorsha.thespaminator.com sshd[31831]: Invalid user rustserver from 138.197.180.102 port 40132 2020-09-23T02:33:50.524974sorsha.thespaminator.com sshd[31831]: Failed password for invalid user rustserver from 138.197.180.102 port 40132 ssh2 ...	2020-09-23 18:38:31
138.197.180.29	attackbotsspam	Sep 11 22:47:49 web1 sshd[28980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.29 user=root Sep 11 22:47:51 web1 sshd[28980]: Failed password for root from 138.197.180.29 port 44968 ssh2 Sep 11 22:58:12 web1 sshd[770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.29 user=root Sep 11 22:58:14 web1 sshd[770]: Failed password for root from 138.197.180.29 port 46198 ssh2 Sep 11 23:02:58 web1 sshd[2781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.29 user=root Sep 11 23:03:00 web1 sshd[2781]: Failed password for root from 138.197.180.29 port 53050 ssh2 Sep 11 23:07:28 web1 sshd[4576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.29 user=root Sep 11 23:07:30 web1 sshd[4576]: Failed password for root from 138.197.180.29 port 59878 ssh2 Sep 11 23:11:43 web1 sshd[6482]: pam ...	2020-09-11 23:22:49
138.197.180.29	attack	2020-09-11T08:28:33.969447mail.broermann.family sshd[6874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.29 2020-09-11T08:28:33.964753mail.broermann.family sshd[6874]: Invalid user fabian from 138.197.180.29 port 47364 2020-09-11T08:28:36.406718mail.broermann.family sshd[6874]: Failed password for invalid user fabian from 138.197.180.29 port 47364 ssh2 2020-09-11T08:33:35.870074mail.broermann.family sshd[7062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.29 user=root 2020-09-11T08:33:38.101424mail.broermann.family sshd[7062]: Failed password for root from 138.197.180.29 port 60054 ssh2 ...	2020-09-11 15:26:12
138.197.180.29	attack	Sep 10 12:55:34 mail sshd\[63192\]: Invalid user admin from 138.197.180.29 Sep 10 12:55:34 mail sshd\[63192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.29 ...	2020-09-11 07:37:03
138.197.180.29	attack	Sep 10 12:55:34 mail sshd\[63192\]: Invalid user admin from 138.197.180.29 Sep 10 12:55:34 mail sshd\[63192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.29 ...	2020-09-11 03:33:03
138.197.180.29	attackbots	...	2020-09-10 19:03:46
138.197.180.102	attack	Aug 29 11:52:55 sshgateway sshd\[13051\]: Invalid user kafka from 138.197.180.102 Aug 29 11:52:55 sshgateway sshd\[13051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.102 Aug 29 11:52:57 sshgateway sshd\[13051\]: Failed password for invalid user kafka from 138.197.180.102 port 53122 ssh2	2020-08-29 19:55:21
138.197.180.102	attackbotsspam	2020-08-28T17:52:28.682086paragon sshd[607007]: Failed password for root from 138.197.180.102 port 55516 ssh2 2020-08-28T17:56:06.842772paragon sshd[607308]: Invalid user wangjixin from 138.197.180.102 port 39144 2020-08-28T17:56:06.845376paragon sshd[607308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.102 2020-08-28T17:56:06.842772paragon sshd[607308]: Invalid user wangjixin from 138.197.180.102 port 39144 2020-08-28T17:56:08.720729paragon sshd[607308]: Failed password for invalid user wangjixin from 138.197.180.102 port 39144 ssh2 ...	2020-08-28 22:10:43
138.197.180.29	attack	k+ssh-bruteforce	2020-08-26 01:06:39
138.197.180.29	attackspambots	Invalid user vitalina from 138.197.180.29 port 37414	2020-08-25 14:57:02
138.197.180.102	attackbotsspam	detected by Fail2Ban	2020-08-16 23:59:12
138.197.180.29	attackspam	Aug 16 05:54:14 db sshd[21161]: User root from 138.197.180.29 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 15:10:28

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.180.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59024
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.180.16.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon May 06 03:51:01 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 16.180.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 16.180.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
83.150.212.160	attackbotsspam	02.09.2020 04:39:10 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2020-09-02 14:17:18
41.35.254.211	attackspam	Unauthorized connection attempt from IP address 41.35.254.211 on Port 445(SMB)	2020-09-02 14:16:26
68.183.117.247	attack	Sep 2 08:24:18 melroy-server sshd[27969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.117.247 Sep 2 08:24:20 melroy-server sshd[27969]: Failed password for invalid user hqy from 68.183.117.247 port 41916 ssh2 ...	2020-09-02 14:30:31
76.20.77.242	attackbots	Attempted connection to port 15765.	2020-09-02 14:42:13
190.186.64.77	attackspambots	Unauthorized connection attempt from IP address 190.186.64.77 on Port 445(SMB)	2020-09-02 14:20:31
1.52.68.195	attackspam	Attempted connection to port 445.	2020-09-02 14:51:34
105.112.115.29	attackspambots	Unauthorized connection attempt from IP address 105.112.115.29 on Port 445(SMB)	2020-09-02 14:21:11
200.60.21.26	attackbots	Unauthorized connection attempt from IP address 200.60.21.26 on Port 445(SMB)	2020-09-02 14:48:04
217.160.0.25	attackspambots	Attempted connection to port 49380.	2020-09-02 14:44:16
218.60.41.136	attackbotsspam	Sep 2 06:08:21 vm1 sshd[15151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.60.41.136 Sep 2 06:08:23 vm1 sshd[15151]: Failed password for invalid user cx from 218.60.41.136 port 53582 ssh2 ...	2020-09-02 14:29:12
180.168.36.2	attackbots	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.36.2 Failed password for invalid user amministratore from 180.168.36.2 port 38294 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.36.2	2020-09-02 14:14:23
189.174.79.239	attackbotsspam	Automatic report - Port Scan Attack	2020-09-02 14:35:17
185.59.44.23	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-02 14:52:11
201.236.182.92	attackbots	Invalid user kin from 201.236.182.92 port 43778	2020-09-02 14:51:50
222.186.30.35	attackspambots	Sep 2 08:43:22 vps647732 sshd[20340]: Failed password for root from 222.186.30.35 port 21008 ssh2 ...	2020-09-02 14:49:01

Recently Reported IPs

222.240.1.0	91.117.191.230	176.31.105.14	6.224.119.165
3.54.165.141	25.195.117.200	178.33.185.70	129.211.24.70
24.63.93.130	40.124.4.131	41.35.70.49	205.90.159.176
204.188.126.211	111.184.245.170	132.248.102.42	193.109.225.250
179.85.5.101	104.248.45.204	109.200.157.134	54.37.74.171