138.197.196.174

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jan 15 05:51:40 tuxlinux sshd[48768]: Invalid user deborah from 138.197.196.174 port 48772 Jan 15 05:51:40 tuxlinux sshd[48768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.174 Jan 15 05:51:40 tuxlinux sshd[48768]: Invalid user deborah from 138.197.196.174 port 48772 Jan 15 05:51:40 tuxlinux sshd[48768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.174 Jan 15 05:51:40 tuxlinux sshd[48768]: Invalid user deborah from 138.197.196.174 port 48772 Jan 15 05:51:40 tuxlinux sshd[48768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.174 Jan 15 05:51:43 tuxlinux sshd[48768]: Failed password for invalid user deborah from 138.197.196.174 port 48772 ssh2 ...	2020-01-15 16:39:08

Type

Details

Datetime

attack

Jan 15 05:51:40 tuxlinux sshd[48768]: Invalid user deborah from 138.197.196.174 port 48772
Jan 15 05:51:40 tuxlinux sshd[48768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.174 
Jan 15 05:51:40 tuxlinux sshd[48768]: Invalid user deborah from 138.197.196.174 port 48772
Jan 15 05:51:40 tuxlinux sshd[48768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.174 
Jan 15 05:51:40 tuxlinux sshd[48768]: Invalid user deborah from 138.197.196.174 port 48772
Jan 15 05:51:40 tuxlinux sshd[48768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.174 
Jan 15 05:51:43 tuxlinux sshd[48768]: Failed password for invalid user deborah from 138.197.196.174 port 48772 ssh2
...

2020-01-15 16:39:08

Comments on same subnet:

IP	Type	Details	Datetime
138.197.196.221	attackbotsspam	$f2bV_matches	2020-07-04 04:59:18
138.197.196.221	attackbotsspam	Jun 26 08:17:01 roki sshd[30702]: Invalid user csgoserver from 138.197.196.221 Jun 26 08:17:01 roki sshd[30702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 Jun 26 08:17:03 roki sshd[30702]: Failed password for invalid user csgoserver from 138.197.196.221 port 37656 ssh2 Jun 26 08:23:30 roki sshd[31127]: Invalid user anselmo from 138.197.196.221 Jun 26 08:23:30 roki sshd[31127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 ...	2020-06-26 16:40:26
138.197.196.221	attackbotsspam	$f2bV_matches	2020-06-25 08:39:54
138.197.196.221	attack	Jun 21 08:28:43 pbkit sshd[155018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 Jun 21 08:28:43 pbkit sshd[155018]: Invalid user user from 138.197.196.221 port 43700 Jun 21 08:28:45 pbkit sshd[155018]: Failed password for invalid user user from 138.197.196.221 port 43700 ssh2 ...	2020-06-21 17:16:37
138.197.196.221	attackbots	SSH Invalid Login	2020-06-21 06:14:47
138.197.196.221	attackspam	Total attacks: 2	2020-06-16 23:06:12
138.197.196.208	attackbots	Jun 12 18:53:33 vps647732 sshd[7706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.208 Jun 12 18:53:36 vps647732 sshd[7706]: Failed password for invalid user angel2019 from 138.197.196.208 port 38854 ssh2 ...	2020-06-13 01:32:22
138.197.196.208	attackbots	Jun 7 08:28:05 cloud sshd[2056]: Failed password for root from 138.197.196.208 port 52264 ssh2	2020-06-07 14:44:14
138.197.196.221	attack	SSH Brute-Force Attack	2020-06-03 20:58:10
138.197.196.221	attackspambots	May 28 21:10:35 vpn01 sshd[21806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 May 28 21:10:37 vpn01 sshd[21806]: Failed password for invalid user upload from 138.197.196.221 port 55214 ssh2 ...	2020-05-29 03:55:57
138.197.196.208	attack	(sshd) Failed SSH login from 138.197.196.208 (US/United States/-): 5 in the last 3600 secs	2020-05-24 23:14:58
138.197.196.208	attackspambots	odoo8 ...	2020-05-22 08:15:58
138.197.196.221	attack	May 15 10:24:07 electroncash sshd[60452]: Invalid user teamspeak3 from 138.197.196.221 port 46732 May 15 10:24:07 electroncash sshd[60452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 May 15 10:24:07 electroncash sshd[60452]: Invalid user teamspeak3 from 138.197.196.221 port 46732 May 15 10:24:09 electroncash sshd[60452]: Failed password for invalid user teamspeak3 from 138.197.196.221 port 46732 ssh2 May 15 10:26:01 electroncash sshd[60931]: Invalid user timo from 138.197.196.221 port 50092 ...	2020-05-15 16:36:01
138.197.196.221	attackbots	prod11 ...	2020-05-14 02:16:47
138.197.196.221	attackspambots	SSH Login Bruteforce	2020-05-10 17:20:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.196.174
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4132
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.196.174.		IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011500 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 15 16:39:05 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 174.196.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 174.196.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
141.98.80.153	attackbots	Jun 2 17:12:13 mail.srvfarm.net postfix/smtpd[1287230]: warning: unknown[141.98.80.153]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 2 17:12:13 mail.srvfarm.net postfix/smtpd[1287230]: lost connection after AUTH from unknown[141.98.80.153] Jun 2 17:12:18 mail.srvfarm.net postfix/smtpd[1270863]: lost connection after AUTH from unknown[141.98.80.153] Jun 2 17:12:23 mail.srvfarm.net postfix/smtpd[1273068]: lost connection after AUTH from unknown[141.98.80.153] Jun 2 17:12:28 mail.srvfarm.net postfix/smtpd[1272715]: lost connection after AUTH from unknown[141.98.80.153]	2020-06-02 23:41:23
171.80.97.180	attackbotsspam	SASL broute force	2020-06-02 23:25:12
46.4.60.249	attackbotsspam	20 attempts against mh-misbehave-ban on pole	2020-06-02 23:33:59
211.116.234.149	attackbots	Jun 2 14:34:36 vps647732 sshd[28437]: Failed password for root from 211.116.234.149 port 51306 ssh2 ...	2020-06-02 23:48:40
121.46.26.126	attackbotsspam	prod6 ...	2020-06-02 23:28:42
49.234.89.101	attackbotsspam	Lines containing failures of 49.234.89.101 Jun 2 07:01:39 neweola sshd[19700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.89.101 user=r.r Jun 2 07:01:40 neweola sshd[19700]: Failed password for r.r from 49.234.89.101 port 45222 ssh2 Jun 2 07:01:41 neweola sshd[19700]: Received disconnect from 49.234.89.101 port 45222:11: Bye Bye [preauth] Jun 2 07:01:41 neweola sshd[19700]: Disconnected from authenticating user r.r 49.234.89.101 port 45222 [preauth] Jun 2 07:16:53 neweola sshd[20342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.89.101 user=r.r Jun 2 07:16:54 neweola sshd[20342]: Failed password for r.r from 49.234.89.101 port 43158 ssh2 Jun 2 07:16:55 neweola sshd[20342]: Received disconnect from 49.234.89.101 port 43158:11: Bye Bye [preauth] Jun 2 07:16:55 neweola sshd[20342]: Disconnected from authenticating user r.r 49.234.89.101 port 43158 [preauth] Jun 2........ ------------------------------	2020-06-02 23:51:41
121.34.155.0	attackbotsspam	Jun 2 15:44:44 eventyay sshd[11898]: Failed password for root from 121.34.155.0 port 39950 ssh2 Jun 2 15:48:06 eventyay sshd[11968]: Failed password for root from 121.34.155.0 port 39823 ssh2 ...	2020-06-02 23:21:13
60.161.24.94	attackbotsspam	Jun 2 13:48:30 estefan sshd[12174]: reveeclipse mapping checking getaddrinfo for 94.24.161.60.broad.hh.yn.dynamic.163data.com.cn [60.161.24.94] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 2 13:48:30 estefan sshd[12174]: Invalid user pi from 60.161.24.94 Jun 2 13:48:31 estefan sshd[12174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.161.24.94 Jun 2 13:48:31 estefan sshd[12175]: reveeclipse mapping checking getaddrinfo for 94.24.161.60.broad.hh.yn.dynamic.163data.com.cn [60.161.24.94] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 2 13:48:31 estefan sshd[12175]: Invalid user pi from 60.161.24.94 Jun 2 13:48:31 estefan sshd[12175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.161.24.94 Jun 2 13:48:33 estefan sshd[12174]: Failed password for invalid user pi from 60.161.24.94 port 53554 ssh2 Jun 2 13:48:33 estefan sshd[12176]: Connection closed by 60.161.24.94 Jun 2 13:48:34 estefan ........ -------------------------------	2020-06-03 00:01:03
198.96.155.3	attackbots	prod6 ...	2020-06-02 23:26:23
71.58.90.64	attackbots	SSH Brute Force	2020-06-02 23:15:29
71.95.244.2	attack	Jun 2 17:03:12 ns382633 sshd\[14167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.95.244.2 user=root Jun 2 17:03:14 ns382633 sshd\[14167\]: Failed password for root from 71.95.244.2 port 34014 ssh2 Jun 2 17:07:55 ns382633 sshd\[15175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.95.244.2 user=root Jun 2 17:07:56 ns382633 sshd\[15175\]: Failed password for root from 71.95.244.2 port 43824 ssh2 Jun 2 17:10:44 ns382633 sshd\[15967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.95.244.2 user=root	2020-06-02 23:24:52
203.185.61.137	attack	SSH Brute-Forcing (server2)	2020-06-02 23:57:28
222.186.175.215	attackspambots	Jun 2 16:14:09 combo sshd[25071]: Failed password for root from 222.186.175.215 port 5500 ssh2 Jun 2 16:14:13 combo sshd[25071]: Failed password for root from 222.186.175.215 port 5500 ssh2 Jun 2 16:14:18 combo sshd[25071]: Failed password for root from 222.186.175.215 port 5500 ssh2 ...	2020-06-02 23:16:22
208.115.109.144	attackspambots	20 attempts against mh_ha-misbehave-ban on oak	2020-06-02 23:44:40
91.238.103.49	attack	Jun 2 07:31:45 mxgate1 sshd[22710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.238.103.49 user=r.r Jun 2 07:31:47 mxgate1 sshd[22710]: Failed password for r.r from 91.238.103.49 port 44256 ssh2 Jun 2 07:31:47 mxgate1 sshd[22710]: Received disconnect from 91.238.103.49 port 44256:11: Bye Bye [preauth] Jun 2 07:31:47 mxgate1 sshd[22710]: Disconnected from 91.238.103.49 port 44256 [preauth] Jun 2 07:46:06 mxgate1 sshd[23214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.238.103.49 user=r.r Jun 2 07:46:08 mxgate1 sshd[23214]: Failed password for r.r from 91.238.103.49 port 53900 ssh2 Jun 2 07:46:08 mxgate1 sshd[23214]: Received disconnect from 91.238.103.49 port 53900:11: Bye Bye [preauth] Jun 2 07:46:08 mxgate1 sshd[23214]: Disconnected from 91.238.103.49 port 53900 [preauth] Jun 2 07:49:41 mxgate1 sshd[23263]: pam_unix(sshd:auth): authentication failure; logname= uid=0........ -------------------------------	2020-06-02 23:21:35

Recently Reported IPs

180.38.6.112	18.213.238.189	110.136.28.199	80.17.163.171
113.173.49.109	211.9.230.151	173.249.32.85	88.227.105.247
66.212.25.186	45.143.220.125	52.187.45.234	14.177.234.250
120.236.118.99	139.194.140.203	110.77.200.18	184.185.2.93
3.8.233.255	187.151.240.170	200.123.11.242	103.94.129.17