138.197.189.138

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 138.197.189.138 to port 2220 [J]	2020-02-02 22:10:29
attackspam	Jan 26 19:39:24 php1 sshd\[25713\]: Invalid user boda from 138.197.189.138 Jan 26 19:39:24 php1 sshd\[25713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 Jan 26 19:39:26 php1 sshd\[25713\]: Failed password for invalid user boda from 138.197.189.138 port 55906 ssh2 Jan 26 19:42:27 php1 sshd\[26133\]: Invalid user web11 from 138.197.189.138 Jan 26 19:42:27 php1 sshd\[26133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138	2020-01-27 13:46:59
attackspam	Unauthorized connection attempt detected from IP address 138.197.189.138 to port 2220 [J]	2020-01-19 04:56:12
attackspam	Invalid user ubuntu from 138.197.189.138 port 47136	2020-01-14 02:03:46
attackspambots	Nov 4 12:24:38 plusreed sshd[26660]: Invalid user mbett from 138.197.189.138 ...	2019-11-05 02:08:16
attack	Nov 3 11:38:25 Tower sshd[25776]: Connection from 138.197.189.138 port 54714 on 192.168.10.220 port 22 Nov 3 11:38:26 Tower sshd[25776]: Invalid user topic from 138.197.189.138 port 54714 Nov 3 11:38:26 Tower sshd[25776]: error: Could not get shadow information for NOUSER Nov 3 11:38:26 Tower sshd[25776]: Failed password for invalid user topic from 138.197.189.138 port 54714 ssh2 Nov 3 11:38:26 Tower sshd[25776]: Received disconnect from 138.197.189.138 port 54714:11: Bye Bye [preauth] Nov 3 11:38:26 Tower sshd[25776]: Disconnected from invalid user topic 138.197.189.138 port 54714 [preauth]	2019-11-04 03:33:54
attack	Oct 28 08:15:03 bouncer sshd\[6830\]: Invalid user ttf from 138.197.189.138 port 60362 Oct 28 08:15:03 bouncer sshd\[6830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 Oct 28 08:15:05 bouncer sshd\[6830\]: Failed password for invalid user ttf from 138.197.189.138 port 60362 ssh2 ...	2019-10-28 15:36:07
attackspambots	Oct 26 05:32:38 ovpn sshd\[14441\]: Invalid user bmedina from 138.197.189.138 Oct 26 05:32:38 ovpn sshd\[14441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 Oct 26 05:32:40 ovpn sshd\[14441\]: Failed password for invalid user bmedina from 138.197.189.138 port 44978 ssh2 Oct 26 05:50:13 ovpn sshd\[17866\]: Invalid user eliott from 138.197.189.138 Oct 26 05:50:13 ovpn sshd\[17866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138	2019-10-26 14:53:19
attackspambots	Oct 16 22:25:49 mail sshd[30122]: Failed password for root from 138.197.189.138 port 39154 ssh2 Oct 16 22:29:12 mail sshd[32148]: Failed password for root from 138.197.189.138 port 50026 ssh2	2019-10-22 02:03:12
attackspam	2019-10-21T03:49:50.640747abusebot-5.cloudsearch.cf sshd\[30781\]: Invalid user Yfnfif from 138.197.189.138 port 35480	2019-10-21 16:02:08
attackbots	2019-10-18T03:45:46.341098hub.schaetter.us sshd\[7508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 user=root 2019-10-18T03:45:48.474564hub.schaetter.us sshd\[7508\]: Failed password for root from 138.197.189.138 port 41888 ssh2 2019-10-18T03:48:49.202979hub.schaetter.us sshd\[7525\]: Invalid user armand from 138.197.189.138 port 49366 2019-10-18T03:48:49.212702hub.schaetter.us sshd\[7525\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 2019-10-18T03:48:50.799415hub.schaetter.us sshd\[7525\]: Failed password for invalid user armand from 138.197.189.138 port 49366 ssh2 ...	2019-10-18 16:54:02
attackspambots	Oct 14 14:43:59 fv15 sshd[12792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 user=r.r Oct 14 14:44:01 fv15 sshd[12792]: Failed password for r.r from 138.197.189.138 port 55344 ssh2 Oct 14 14:44:01 fv15 sshd[12792]: Received disconnect from 138.197.189.138: 11: Bye Bye [preauth] Oct 14 14:49:54 fv15 sshd[4094]: Failed password for invalid user fwong from 138.197.189.138 port 52014 ssh2 Oct 14 14:49:54 fv15 sshd[4094]: Received disconnect from 138.197.189.138: 11: Bye Bye [preauth] Oct 14 14:53:46 fv15 sshd[8443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 user=r.r Oct 14 14:53:48 fv15 sshd[8443]: Failed password for r.r from 138.197.189.138 port 36594 ssh2 Oct 14 14:53:48 fv15 sshd[8443]: Received disconnect from 138.197.189.138: 11: Bye Bye [preauth] Oct 14 14:57:38 fv15 sshd[11034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=........ -------------------------------	2019-10-15 15:03:17
attackbotsspam	2019-10-14T11:55:40.918545abusebot-7.cloudsearch.cf sshd\[24514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 user=root	2019-10-14 20:26:57
attack	Oct 10 13:38:38 friendsofhawaii sshd\[32241\]: Invalid user P@\$\$w0rd2017 from 138.197.189.138 Oct 10 13:38:38 friendsofhawaii sshd\[32241\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 Oct 10 13:38:40 friendsofhawaii sshd\[32241\]: Failed password for invalid user P@\$\$w0rd2017 from 138.197.189.138 port 49824 ssh2 Oct 10 13:42:37 friendsofhawaii sshd\[32705\]: Invalid user P@\$\$w0rd2017 from 138.197.189.138 Oct 10 13:42:37 friendsofhawaii sshd\[32705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138	2019-10-11 08:10:49
attackbotsspam	Oct 9 19:55:06 wbs sshd\[32093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 user=root Oct 9 19:55:08 wbs sshd\[32093\]: Failed password for root from 138.197.189.138 port 43876 ssh2 Oct 9 19:58:51 wbs sshd\[32391\]: Invalid user 123 from 138.197.189.138 Oct 9 19:58:51 wbs sshd\[32391\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 Oct 9 19:58:53 wbs sshd\[32391\]: Failed password for invalid user 123 from 138.197.189.138 port 55134 ssh2	2019-10-10 14:01:17
attackspambots	Lines containing failures of 138.197.189.138 Oct 6 01:47:03 hwd04 sshd[5653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 user=r.r Oct 6 01:47:05 hwd04 sshd[5653]: Failed password for r.r from 138.197.189.138 port 55968 ssh2 Oct 6 01:47:05 hwd04 sshd[5653]: Received disconnect from 138.197.189.138 port 55968:11: Bye Bye [preauth] Oct 6 01:47:05 hwd04 sshd[5653]: Disconnected from authenticating user r.r 138.197.189.138 port 55968 [preauth] Oct 6 01:50:55 hwd04 sshd[5822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.138 user=r.r Oct 6 01:50:57 hwd04 sshd[5822]: Failed password for r.r from 138.197.189.138 port 42680 ssh2 Oct 6 01:50:57 hwd04 sshd[5822]: Received disconnect from 138.197.189.138 port 42680:11: Bye Bye [preauth] Oct 6 01:50:57 hwd04 sshd[5822]: Disconnected from authenticating user r.r 138.197.189.138 port 42680 [preauth] Oct 6 02:51........ ------------------------------	2019-10-07 15:47:57

Comments on same subnet:

IP	Type	Details	Datetime
138.197.189.231	attackbotsspam	Port Scan detected from 138.197.189.231 (DE/Germany/Hesse/Frankfurt am Main/-). 4 hits in the last 235 seconds	2020-10-08 05:34:44
138.197.189.231	attack	TCP (SYN) 138.197.189.231:48110 -> port 5900, len 48	2020-10-07 13:47:56
138.197.189.136	attackbotsspam	Sep 27 22:43:11 buvik sshd[2511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136 Sep 27 22:43:13 buvik sshd[2511]: Failed password for invalid user debian from 138.197.189.136 port 53246 ssh2 Sep 27 22:46:26 buvik sshd[3013]: Invalid user james from 138.197.189.136 ...	2020-09-28 04:52:59
138.197.189.136	attack	Sep 27 12:07:09 buvik sshd[8860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136 Sep 27 12:07:12 buvik sshd[8860]: Failed password for invalid user testuser1 from 138.197.189.136 port 48080 ssh2 Sep 27 12:08:02 buvik sshd[8978]: Invalid user kk from 138.197.189.136 ...	2020-09-27 21:10:17
138.197.189.136	attack	Invalid user sinusbot from 138.197.189.136 port 57742	2020-09-05 21:12:50
138.197.189.136	attackbotsspam	Sep 5 06:21:39 rotator sshd\[17854\]: Invalid user administrador from 138.197.189.136Sep 5 06:21:40 rotator sshd\[17854\]: Failed password for invalid user administrador from 138.197.189.136 port 58512 ssh2Sep 5 06:25:18 rotator sshd\[18687\]: Invalid user bsnl from 138.197.189.136Sep 5 06:25:20 rotator sshd\[18687\]: Failed password for invalid user bsnl from 138.197.189.136 port 37018 ssh2Sep 5 06:28:48 rotator sshd\[18797\]: Invalid user werner from 138.197.189.136Sep 5 06:28:50 rotator sshd\[18797\]: Failed password for invalid user werner from 138.197.189.136 port 43756 ssh2 ...	2020-09-05 12:48:11
138.197.189.136	attackspam	2020-09-04T17:03:26.5727331495-001 sshd[3989]: Invalid user atul from 138.197.189.136 port 40978 2020-09-04T17:03:28.5490121495-001 sshd[3989]: Failed password for invalid user atul from 138.197.189.136 port 40978 ssh2 2020-09-04T17:06:28.5400741495-001 sshd[4094]: Invalid user test from 138.197.189.136 port 45722 2020-09-04T17:06:28.5434111495-001 sshd[4094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136 2020-09-04T17:06:28.5400741495-001 sshd[4094]: Invalid user test from 138.197.189.136 port 45722 2020-09-04T17:06:30.1698341495-001 sshd[4094]: Failed password for invalid user test from 138.197.189.136 port 45722 ssh2 ...	2020-09-05 05:36:29
138.197.189.136	attackspambots	detected by Fail2Ban	2020-08-16 21:57:07
138.197.189.136	attackbots	Aug 8 09:07:02 v22019038103785759 sshd\[22732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136 user=root Aug 8 09:07:04 v22019038103785759 sshd\[22732\]: Failed password for root from 138.197.189.136 port 34692 ssh2 Aug 8 09:10:43 v22019038103785759 sshd\[22875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136 user=root Aug 8 09:10:46 v22019038103785759 sshd\[22875\]: Failed password for root from 138.197.189.136 port 45512 ssh2 Aug 8 09:14:09 v22019038103785759 sshd\[23016\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136 user=root ...	2020-08-08 16:41:21
138.197.189.136	attack	Jul 31 07:01:19 hidden sshd[29409]: Failed password for hidden from 138.197.189.136 port 46234 ssh2 Jul 31 07:05:05 hidden sshd[30006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136 user=root Jul 31 07:05:07 hidden sshd[30006]: Failed password for hidden from 138.197.189.136 port 56882 ssh2	2020-07-31 13:43:36
138.197.189.136	attackspambots	2020-07-29T10:28:50.611574shield sshd\[25847\]: Invalid user ncs from 138.197.189.136 port 37896 2020-07-29T10:28:50.620847shield sshd\[25847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136 2020-07-29T10:28:52.463201shield sshd\[25847\]: Failed password for invalid user ncs from 138.197.189.136 port 37896 ssh2 2020-07-29T10:33:01.963503shield sshd\[26213\]: Invalid user wjzhong from 138.197.189.136 port 50670 2020-07-29T10:33:01.973000shield sshd\[26213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.189.136	2020-07-29 18:46:22
138.197.189.136	attack	Jul 24 14:51:11 XXX sshd[11359]: Invalid user git from 138.197.189.136 port 35436	2020-07-25 00:05:13
138.197.189.136	attackspambots	Jul 12 15:07:06 server sshd[28030]: Failed password for invalid user test from 138.197.189.136 port 37022 ssh2 Jul 12 15:10:06 server sshd[30863]: Failed password for invalid user hst from 138.197.189.136 port 33448 ssh2 Jul 12 15:13:03 server sshd[1239]: Failed password for invalid user wangjiaqi from 138.197.189.136 port 58096 ssh2	2020-07-12 21:20:06
138.197.189.136	attackspam	SSH Invalid Login	2020-07-11 06:34:46
138.197.189.136	attackbotsspam	Jul 3 20:57:11 django-0 sshd[10529]: Invalid user abcdef from 138.197.189.136 ...	2020-07-04 05:04:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.189.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50842
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.189.138.		IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100700 1800 900 604800 86400

;; Query time: 455 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 07 15:47:53 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 138.189.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.189.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.253.210.100	attackspam	Mar 26 13:20:59 icinga sshd[47964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.253.210.100 Mar 26 13:21:01 icinga sshd[47964]: Failed password for invalid user ql from 116.253.210.100 port 10881 ssh2 Mar 26 13:25:38 icinga sshd[55016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.253.210.100 ...	2020-03-26 21:14:00
149.202.48.58	attack	Automatically reported by fail2ban report script (mx1)	2020-03-26 21:43:06
41.45.140.231	attackbots	2020-03-26T08:25:30.460753mail.thespaminator.com sshd[4616]: Invalid user admin from 41.45.140.231 port 57760 2020-03-26T08:25:32.065758mail.thespaminator.com sshd[4616]: Failed password for invalid user admin from 41.45.140.231 port 57760 ssh2 ...	2020-03-26 21:23:43
190.237.172.208	attackspambots	Brute force attempt	2020-03-26 21:43:43
115.159.237.33	attackbots	ICMP MH Probe, Scan /Distributed -	2020-03-26 21:06:15
139.59.18.215	attack	Mar 26 15:08:43 pkdns2 sshd\[63166\]: Invalid user tasia from 139.59.18.215Mar 26 15:08:45 pkdns2 sshd\[63166\]: Failed password for invalid user tasia from 139.59.18.215 port 44902 ssh2Mar 26 15:12:54 pkdns2 sshd\[63363\]: Invalid user thad from 139.59.18.215Mar 26 15:12:56 pkdns2 sshd\[63363\]: Failed password for invalid user thad from 139.59.18.215 port 60166 ssh2Mar 26 15:17:12 pkdns2 sshd\[63586\]: Invalid user chench from 139.59.18.215Mar 26 15:17:14 pkdns2 sshd\[63586\]: Failed password for invalid user chench from 139.59.18.215 port 47206 ssh2 ...	2020-03-26 21:29:39
89.238.154.24	attackbots	(From cissexsens@yahoo.fr) How tо Earn frоm Mobilе Phоne in 2020 \| Еаrn Monеy Оnline $8315 рer wеek: http://xnarvfyom.bengalinewsline.com/bacf	2020-03-26 21:24:10
198.23.148.137	attack	Mar 26 13:55:52 OPSO sshd\[26566\]: Invalid user winnie from 198.23.148.137 port 51792 Mar 26 13:55:52 OPSO sshd\[26566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.148.137 Mar 26 13:55:54 OPSO sshd\[26566\]: Failed password for invalid user winnie from 198.23.148.137 port 51792 ssh2 Mar 26 14:00:18 OPSO sshd\[27277\]: Invalid user cr from 198.23.148.137 port 37486 Mar 26 14:00:18 OPSO sshd\[27277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.148.137	2020-03-26 21:05:22
46.233.243.191	attackspambots	1585225515 - 03/26/2020 13:25:15 Host: 46.233.243.191/46.233.243.191 Port: 445 TCP Blocked	2020-03-26 21:42:17
111.229.246.61	attackbots	Mar 26 08:04:04 s158375 sshd[7315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.246.61	2020-03-26 21:31:23
49.88.112.69	attackspam	Mar 26 14:10:47 server sshd[8111]: Failed password for root from 49.88.112.69 port 45550 ssh2 Mar 26 14:10:50 server sshd[8111]: Failed password for root from 49.88.112.69 port 45550 ssh2 Mar 26 14:10:53 server sshd[8111]: Failed password for root from 49.88.112.69 port 45550 ssh2	2020-03-26 21:18:36
152.136.76.230	attackbots	Mar 26 14:09:17 legacy sshd[9443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.76.230 Mar 26 14:09:20 legacy sshd[9443]: Failed password for invalid user sftp from 152.136.76.230 port 33490 ssh2 Mar 26 14:13:24 legacy sshd[9542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.76.230 ...	2020-03-26 21:20:02
89.248.171.176	attackbots	Automatic report - Banned IP Access	2020-03-26 21:13:11
41.222.249.236	attackbotsspam	Invalid user deanne from 41.222.249.236 port 44182	2020-03-26 21:24:33
110.53.234.98	attackbots	ICMP MH Probe, Scan /Distributed -	2020-03-26 21:41:47

Recently Reported IPs

175.139.172.251	208.80.194.27	78.192.104.95	209.126.103.235
93.179.89.108	45.122.221.111	181.120.254.64	132.148.42.109
102.165.35.137	77.40.27.126	46.254.24.52	125.212.201.8
61.89.75.176	23.239.119.98	178.128.90.40	156.199.37.0
181.164.33.48	170.106.7.216	121.143.171.119	218.148.62.44