138.197.195.52

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 9 05:49:24 piServer sshd[19660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Jul 9 05:49:26 piServer sshd[19660]: Failed password for invalid user yoshinobu from 138.197.195.52 port 43386 ssh2 Jul 9 05:58:15 piServer sshd[20823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 ...	2020-07-09 12:15:52
attack	$f2bV_matches	2020-07-04 05:00:47
attackbots	Jun 30 05:07:10 askasleikir sshd[7781]: Failed password for invalid user ftptest from 138.197.195.52 port 49470 ssh2	2020-06-30 19:08:58
attackspam	Jun 26 13:29:29 web-main sshd[20518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Jun 26 13:29:29 web-main sshd[20518]: Invalid user tuan from 138.197.195.52 port 46136 Jun 26 13:29:31 web-main sshd[20518]: Failed password for invalid user tuan from 138.197.195.52 port 46136 ssh2	2020-06-26 21:06:52
attackspam	Jun 24 09:21:53 gw1 sshd[8753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Jun 24 09:21:56 gw1 sshd[8753]: Failed password for invalid user mali from 138.197.195.52 port 60592 ssh2 ...	2020-06-24 15:05:42
attack	Jun 23 07:36:06 eventyay sshd[19520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Jun 23 07:36:08 eventyay sshd[19520]: Failed password for invalid user xixi from 138.197.195.52 port 52070 ssh2 Jun 23 07:39:50 eventyay sshd[19614]: Failed password for root from 138.197.195.52 port 52026 ssh2 ...	2020-06-23 16:49:23
attackspam	2020-06-21T15:28:14.480154mail.csmailer.org sshd[22388]: Invalid user ubuntu from 138.197.195.52 port 38950 2020-06-21T15:28:14.486913mail.csmailer.org sshd[22388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 2020-06-21T15:28:14.480154mail.csmailer.org sshd[22388]: Invalid user ubuntu from 138.197.195.52 port 38950 2020-06-21T15:28:16.628849mail.csmailer.org sshd[22388]: Failed password for invalid user ubuntu from 138.197.195.52 port 38950 ssh2 2020-06-21T15:31:37.623975mail.csmailer.org sshd[22891]: Invalid user xq from 138.197.195.52 port 55736 ...	2020-06-22 00:14:51
attack	Jun 12 07:37:38 pornomens sshd\[4560\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 user=root Jun 12 07:37:39 pornomens sshd\[4560\]: Failed password for root from 138.197.195.52 port 50806 ssh2 Jun 12 07:41:34 pornomens sshd\[4619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 user=root ...	2020-06-12 14:08:01
attackspam	$f2bV_matches	2020-06-11 19:22:49
attackspam	Jun 10 20:19:37 pkdns2 sshd\[36329\]: Invalid user webmaster from 138.197.195.52Jun 10 20:19:38 pkdns2 sshd\[36329\]: Failed password for invalid user webmaster from 138.197.195.52 port 52896 ssh2Jun 10 20:23:27 pkdns2 sshd\[36503\]: Invalid user oji from 138.197.195.52Jun 10 20:23:28 pkdns2 sshd\[36503\]: Failed password for invalid user oji from 138.197.195.52 port 54066 ssh2Jun 10 20:27:27 pkdns2 sshd\[36669\]: Invalid user lijin from 138.197.195.52Jun 10 20:27:29 pkdns2 sshd\[36669\]: Failed password for invalid user lijin from 138.197.195.52 port 55238 ssh2 ...	2020-06-11 01:31:44
attack	$f2bV_matches	2020-06-05 01:44:06
attackspam	May 30 04:17:20 game-panel sshd[29974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 May 30 04:17:22 game-panel sshd[29974]: Failed password for invalid user guest01 from 138.197.195.52 port 52468 ssh2 May 30 04:21:19 game-panel sshd[30123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52	2020-05-30 12:26:06
attackbotsspam	May 13 14:50:50 legacy sshd[3664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 May 13 14:50:51 legacy sshd[3664]: Failed password for invalid user pete from 138.197.195.52 port 59886 ssh2 May 13 14:55:13 legacy sshd[3866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 ...	2020-05-13 21:50:21
attackspambots	Invalid user yamada from 138.197.195.52 port 53684	2020-04-26 13:06:52
attackbots	Apr 22 07:23:11 cloud sshd[22228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Apr 22 07:23:14 cloud sshd[22228]: Failed password for invalid user ct from 138.197.195.52 port 48852 ssh2	2020-04-22 13:37:08
attackbotsspam	Invalid user sheller from 138.197.195.52 port 36050	2020-04-18 07:57:09
attackbots	Invalid user bdos from 138.197.195.52 port 36028	2020-04-10 17:42:36
attackspambots	Apr 7 01:42:06 markkoudstaal sshd[10226]: Failed password for root from 138.197.195.52 port 42632 ssh2 Apr 7 01:46:47 markkoudstaal sshd[10847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Apr 7 01:46:49 markkoudstaal sshd[10847]: Failed password for invalid user postgres from 138.197.195.52 port 54914 ssh2	2020-04-07 09:33:21
attack	Apr 2 00:18:22 jane sshd[30198]: Failed password for root from 138.197.195.52 port 55040 ssh2 ...	2020-04-02 06:33:51
attackspam	Mar 31 17:11:09 ovpn sshd\[6390\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 user=root Mar 31 17:11:10 ovpn sshd\[6390\]: Failed password for root from 138.197.195.52 port 38402 ssh2 Mar 31 17:18:33 ovpn sshd\[8060\]: Invalid user zhuowan from 138.197.195.52 Mar 31 17:18:33 ovpn sshd\[8060\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Mar 31 17:18:36 ovpn sshd\[8060\]: Failed password for invalid user zhuowan from 138.197.195.52 port 50192 ssh2	2020-03-31 23:59:01
attackspambots	2020-03-29T05:50:28.387882librenms sshd[4520]: Invalid user vj from 138.197.195.52 port 48552 2020-03-29T05:50:30.313710librenms sshd[4520]: Failed password for invalid user vj from 138.197.195.52 port 48552 ssh2 2020-03-29T05:57:29.167896librenms sshd[5036]: Invalid user jyc from 138.197.195.52 port 33264 ...	2020-03-29 16:19:00
attackbots	$f2bV_matches	2020-03-22 13:32:49
attackspam	Mar 14 05:21:27 ewelt sshd[29817]: Invalid user developer from 138.197.195.52 port 58948 Mar 14 05:21:27 ewelt sshd[29817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Mar 14 05:21:27 ewelt sshd[29817]: Invalid user developer from 138.197.195.52 port 58948 Mar 14 05:21:29 ewelt sshd[29817]: Failed password for invalid user developer from 138.197.195.52 port 58948 ssh2 ...	2020-03-14 12:39:35
attackbots	$f2bV_matches	2020-02-24 00:28:46
attackspambots	$f2bV_matches	2020-02-17 14:55:46
attackspam	Automatic report - Banned IP Access	2020-02-16 03:07:01
attackspam	Feb 6 02:14:49 pornomens sshd\[12507\]: Invalid user dnd from 138.197.195.52 port 57526 Feb 6 02:14:49 pornomens sshd\[12507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Feb 6 02:14:50 pornomens sshd\[12507\]: Failed password for invalid user dnd from 138.197.195.52 port 57526 ssh2 ...	2020-02-06 10:19:03
attackbotsspam	Feb 3 01:50:59 ws24vmsma01 sshd[199298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.52 Feb 3 01:51:01 ws24vmsma01 sshd[199298]: Failed password for invalid user henry from 138.197.195.52 port 44640 ssh2 ...	2020-02-03 16:18:24
attack	Unauthorized connection attempt detected from IP address 138.197.195.52 to port 2220 [J]	2020-02-02 03:06:56
attackbots	Unauthorized connection attempt detected from IP address 138.197.195.52 to port 2220 [J]	2020-01-23 10:48:04

Comments on same subnet:

IP	Type	Details	Datetime
138.197.195.215	attackbots	Scanned 3 times in the last 24 hours on port 22	2020-09-14 14:26:50
138.197.195.215	attackspambots	Sep 13 19:05:43 ip-172-31-16-56 sshd\[12361\]: Failed password for root from 138.197.195.215 port 58036 ssh2\ Sep 13 19:08:11 ip-172-31-16-56 sshd\[12396\]: Failed password for root from 138.197.195.215 port 60512 ssh2\ Sep 13 19:10:36 ip-172-31-16-56 sshd\[12512\]: Failed password for root from 138.197.195.215 port 34756 ssh2\ Sep 13 19:13:01 ip-172-31-16-56 sshd\[12540\]: Failed password for root from 138.197.195.215 port 37232 ssh2\ Sep 13 19:15:22 ip-172-31-16-56 sshd\[12572\]: Invalid user estape from 138.197.195.215\	2020-09-14 06:23:41
138.197.195.215	attackspambots	Sep 5 15:58:14 XXX sshd[17105]: Invalid user mn from 138.197.195.215 port 45816	2020-09-06 01:38:48
138.197.195.215	attack	SSH Invalid Login	2020-09-05 17:11:36
138.197.195.193	attackbotsspam	TCP (SYN) 138.197.195.193:61953 -> port 88, len 44	2020-08-28 17:12:34
138.197.195.215	attackspam	Aug 20 11:52:30 abendstille sshd\[26787\]: Invalid user lazare from 138.197.195.215 Aug 20 11:52:30 abendstille sshd\[26787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.215 Aug 20 11:52:32 abendstille sshd\[26787\]: Failed password for invalid user lazare from 138.197.195.215 port 50270 ssh2 Aug 20 11:55:41 abendstille sshd\[30374\]: Invalid user factorio from 138.197.195.215 Aug 20 11:55:41 abendstille sshd\[30374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.195.215 ...	2020-08-20 18:07:56
138.197.195.174	attack	Brute force SMTP login attempted. ...	2019-08-10 03:12:56

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.195.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37954
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.195.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 18:42:12 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 52.195.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.195.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.182.129.172	attackspam	Apr 5 17:28:05 host5 sshd[915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-195-182-129-172.clients.cmk.ru user=root Apr 5 17:28:07 host5 sshd[915]: Failed password for root from 195.182.129.172 port 53084 ssh2 ...	2020-04-06 03:53:20
184.105.139.115	attackspambots	9200/tcp 4786/tcp 1883/tcp... [2020-02-11/04-05]16pkt,9pt.(tcp),1pt.(udp)	2020-04-06 03:59:35
109.116.41.170	attack	(sshd) Failed SSH login from 109.116.41.170 (IT/Italy/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 5 19:53:09 amsweb01 sshd[10863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.41.170 user=root Apr 5 19:53:11 amsweb01 sshd[10863]: Failed password for root from 109.116.41.170 port 40792 ssh2 Apr 5 20:03:50 amsweb01 sshd[12566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.41.170 user=root Apr 5 20:03:52 amsweb01 sshd[12566]: Failed password for root from 109.116.41.170 port 38440 ssh2 Apr 5 20:09:39 amsweb01 sshd[13651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.41.170 user=root	2020-04-06 03:52:00
83.134.192.199	attack	SSH login attempts brute force.	2020-04-06 03:45:07
107.170.76.170	attackspambots	(sshd) Failed SSH login from 107.170.76.170 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 5 14:15:51 elude sshd[9170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.76.170 user=root Apr 5 14:15:53 elude sshd[9170]: Failed password for root from 107.170.76.170 port 51705 ssh2 Apr 5 14:30:33 elude sshd[11331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.76.170 user=root Apr 5 14:30:34 elude sshd[11331]: Failed password for root from 107.170.76.170 port 55164 ssh2 Apr 5 14:38:49 elude sshd[12551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.76.170 user=root	2020-04-06 03:46:35
211.234.119.189	attack	Apr 6 00:07:30 gw1 sshd[19254]: Failed password for root from 211.234.119.189 port 55802 ssh2 ...	2020-04-06 03:38:20
109.12.217.42	attackspam	$f2bV_matches	2020-04-06 03:37:29
69.94.131.54	attack	2020-04-05 H=$stop.gpslens.co$ \[69.94.131.54\] F=\ rejected RCPT \: Mail not accepted. 69.94.131.54 is listed at a DNSBL. 2020-04-05 H=$stop.gpslens.co$ \[69.94.131.54\] F=\ rejected RCPT \<REMOVED@REMOVED.de\>: Mail not accepted. 69.94.131.54 is listed at a DNSBL. 2020-04-05 H=$stop.gpslens.co$ \[69.94.131.54\] F=\ rejected RCPT \: Mail not accepted. 69.94.131.54 is listed at a DNSBL.	2020-04-06 03:56:49
201.235.99.158	attackspambots	Brute force attempt	2020-04-06 04:03:31
36.104.112.87	attackspam	xmlrpc attack	2020-04-06 03:39:03
141.98.81.206	attack	2020-04-05T19:46:40.612985abusebot-5.cloudsearch.cf sshd[17362]: Invalid user admin from 141.98.81.206 port 33127 2020-04-05T19:46:40.618047abusebot-5.cloudsearch.cf sshd[17362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.206 2020-04-05T19:46:40.612985abusebot-5.cloudsearch.cf sshd[17362]: Invalid user admin from 141.98.81.206 port 33127 2020-04-05T19:46:42.891198abusebot-5.cloudsearch.cf sshd[17362]: Failed password for invalid user admin from 141.98.81.206 port 33127 ssh2 2020-04-05T19:47:19.413278abusebot-5.cloudsearch.cf sshd[17424]: Invalid user admin from 141.98.81.206 port 37709 2020-04-05T19:47:19.418496abusebot-5.cloudsearch.cf sshd[17424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.206 2020-04-05T19:47:19.413278abusebot-5.cloudsearch.cf sshd[17424]: Invalid user admin from 141.98.81.206 port 37709 2020-04-05T19:47:21.380297abusebot-5.cloudsearch.cf sshd[17424]: Failed ...	2020-04-06 03:55:11
192.241.239.189	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-06 04:05:25
162.243.128.92	attackspam	" "	2020-04-06 03:54:18
93.171.5.244	attack	2020-04-05T21:45:18.450278vps773228.ovh.net sshd[28651]: Failed password for root from 93.171.5.244 port 55855 ssh2 2020-04-05T21:48:50.579706vps773228.ovh.net sshd[29985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.171.5.244 user=root 2020-04-05T21:48:52.366378vps773228.ovh.net sshd[29985]: Failed password for root from 93.171.5.244 port 60562 ssh2 2020-04-05T21:52:24.303699vps773228.ovh.net sshd[31400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.171.5.244 user=root 2020-04-05T21:52:26.135458vps773228.ovh.net sshd[31400]: Failed password for root from 93.171.5.244 port 37033 ssh2 ...	2020-04-06 04:07:03
221.158.165.94	attackbots	Apr 5 21:30:39 meumeu sshd[8694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.158.165.94 Apr 5 21:30:41 meumeu sshd[8694]: Failed password for invalid user sybase from 221.158.165.94 port 37462 ssh2 Apr 5 21:32:49 meumeu sshd[8902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.158.165.94 ...	2020-04-06 03:47:56

Recently Reported IPs

61.145.49.74	196.23.22.26	185.222.202.133	193.188.22.12
52.166.56.37	181.62.251.229	23.89.71.110	138.197.140.194
213.150.207.97	212.64.109.244	104.236.0.206	81.66.89.42
137.74.32.77	106.13.62.26	188.213.181.179	103.69.20.35
135.23.45.214	129.28.53.159	167.89.7.92	119.29.67.90