138.197.196.208

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Jun 12 18:53:33 vps647732 sshd[7706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.208 Jun 12 18:53:36 vps647732 sshd[7706]: Failed password for invalid user angel2019 from 138.197.196.208 port 38854 ssh2 ...	2020-06-13 01:32:22
attackbots	Jun 7 08:28:05 cloud sshd[2056]: Failed password for root from 138.197.196.208 port 52264 ssh2	2020-06-07 14:44:14
attack	(sshd) Failed SSH login from 138.197.196.208 (US/United States/-): 5 in the last 3600 secs	2020-05-24 23:14:58
attackspambots	odoo8 ...	2020-05-22 08:15:58

Comments on same subnet:

IP	Type	Details	Datetime
138.197.196.221	attackbotsspam	$f2bV_matches	2020-07-04 04:59:18
138.197.196.221	attackbotsspam	Jun 26 08:17:01 roki sshd[30702]: Invalid user csgoserver from 138.197.196.221 Jun 26 08:17:01 roki sshd[30702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 Jun 26 08:17:03 roki sshd[30702]: Failed password for invalid user csgoserver from 138.197.196.221 port 37656 ssh2 Jun 26 08:23:30 roki sshd[31127]: Invalid user anselmo from 138.197.196.221 Jun 26 08:23:30 roki sshd[31127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 ...	2020-06-26 16:40:26
138.197.196.221	attackbotsspam	$f2bV_matches	2020-06-25 08:39:54
138.197.196.221	attack	Jun 21 08:28:43 pbkit sshd[155018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 Jun 21 08:28:43 pbkit sshd[155018]: Invalid user user from 138.197.196.221 port 43700 Jun 21 08:28:45 pbkit sshd[155018]: Failed password for invalid user user from 138.197.196.221 port 43700 ssh2 ...	2020-06-21 17:16:37
138.197.196.221	attackbots	SSH Invalid Login	2020-06-21 06:14:47
138.197.196.221	attackspam	Total attacks: 2	2020-06-16 23:06:12
138.197.196.221	attack	SSH Brute-Force Attack	2020-06-03 20:58:10
138.197.196.221	attackspambots	May 28 21:10:35 vpn01 sshd[21806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 May 28 21:10:37 vpn01 sshd[21806]: Failed password for invalid user upload from 138.197.196.221 port 55214 ssh2 ...	2020-05-29 03:55:57
138.197.196.221	attack	May 15 10:24:07 electroncash sshd[60452]: Invalid user teamspeak3 from 138.197.196.221 port 46732 May 15 10:24:07 electroncash sshd[60452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 May 15 10:24:07 electroncash sshd[60452]: Invalid user teamspeak3 from 138.197.196.221 port 46732 May 15 10:24:09 electroncash sshd[60452]: Failed password for invalid user teamspeak3 from 138.197.196.221 port 46732 ssh2 May 15 10:26:01 electroncash sshd[60931]: Invalid user timo from 138.197.196.221 port 50092 ...	2020-05-15 16:36:01
138.197.196.221	attackbots	prod11 ...	2020-05-14 02:16:47
138.197.196.221	attackspambots	SSH Login Bruteforce	2020-05-10 17:20:02
138.197.196.221	attackbots	May 8 16:02:27 meumeu sshd[30473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 May 8 16:02:29 meumeu sshd[30473]: Failed password for invalid user janine from 138.197.196.221 port 46430 ssh2 May 8 16:06:41 meumeu sshd[31102]: Failed password for root from 138.197.196.221 port 57896 ssh2 ...	2020-05-08 23:00:12
138.197.196.196	attack	May 6 09:31:32 our-server-hostname sshd[32580]: Invalid user frappe from 138.197.196.196 May 6 09:31:32 our-server-hostname sshd[32580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.196 May 6 09:31:34 our-server-hostname sshd[32580]: Failed password for invalid user frappe from 138.197.196.196 port 49008 ssh2 May 6 09:57:51 our-server-hostname sshd[5614]: Invalid user dck from 138.197.196.196 May 6 09:57:51 our-server-hostname sshd[5614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.196 May 6 09:57:53 our-server-hostname sshd[5614]: Failed password for invalid user dck from 138.197.196.196 port 41416 ssh2 May 6 10:01:50 our-server-hostname sshd[7040]: Invalid user oracle from 138.197.196.196 May 6 10:01:50 our-server-hostname sshd[7040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.196 May 6 10:0........ -------------------------------	2020-05-07 00:39:25
138.197.196.221	attack	May 6 14:33:31 [host] sshd[31420]: Invalid user d May 6 14:33:31 [host] sshd[31420]: pam_unix(sshd: May 6 14:33:33 [host] sshd[31420]: Failed passwor	2020-05-06 23:30:48
138.197.196.221	attack	2020-05-04T15:04:30.771789randservbullet-proofcloud-66.localdomain sshd[25955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.196.221 user=root 2020-05-04T15:04:32.423927randservbullet-proofcloud-66.localdomain sshd[25955]: Failed password for root from 138.197.196.221 port 34682 ssh2 2020-05-04T15:09:14.134704randservbullet-proofcloud-66.localdomain sshd[25982]: Invalid user ubuntu from 138.197.196.221 port 55802 ...	2020-05-05 02:59:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.196.208
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4013
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.196.208.		IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052102 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 22 08:15:54 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 208.196.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 208.196.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
173.208.211.202	attack	RDPBruteCAu24	2020-03-29 07:17:17
157.245.104.96	attackspam	Mar 29 00:59:30 server2 sshd\[13333\]: Invalid user www from 157.245.104.96 Mar 29 00:59:33 server2 sshd\[13335\]: Invalid user ubuntu from 157.245.104.96 Mar 29 00:59:37 server2 sshd\[13337\]: Invalid user ansible from 157.245.104.96 Mar 29 00:59:38 server2 sshd\[13339\]: Invalid user oracle from 157.245.104.96 Mar 29 00:59:40 server2 sshd\[13341\]: Invalid user user from 157.245.104.96 Mar 29 00:59:43 server2 sshd\[13343\]: Invalid user test from 157.245.104.96	2020-03-29 07:07:46
188.142.241.175	attackbots	Invalid user kbb from 188.142.241.175 port 39685	2020-03-29 07:30:09
118.174.45.29	attack	Invalid user xrt from 118.174.45.29 port 59796	2020-03-29 07:15:36
128.199.133.201	attackbots	Mar 28 12:10:31: Invalid user mul from 128.199.133.201 port 49573	2020-03-29 07:33:59
139.59.7.251	attackspam	29156/tcp 14897/tcp 28598/tcp... [2020-03-21/28]25pkt,9pt.(tcp)	2020-03-29 07:31:32
182.148.178.175	attackbotsspam	Mar 28 08:34:00 smtp-mx sshd[11775]: Invalid user keu from 182.148.178.175 Mar 28 08:34:00 smtp-mx sshd[11775]: Failed password for invalid user keu from 182.148.178.175 port 44754 ssh2 Mar 28 08:36:04 smtp-mx sshd[17046]: Invalid user zdx from 182.148.178.175 Mar 28 08:36:04 smtp-mx sshd[17046]: Failed password for invalid user zdx from 182.148.178.175 port 34370 ssh2 Mar 28 08:36:52 smtp-mx sshd[18834]: Invalid user uvh from 182.148.178.175 Mar 28 08:36:52 smtp-mx sshd[18834]: Failed password for invalid user uvh from 182.148.178.175 port 41092 ssh2 Mar 28 08:37:29 smtp-mx sshd[20668]: Invalid user xuj from 182.148.178.175 Mar 28 08:37:29 smtp-mx sshd[20668]: Failed password for invalid user xuj from 182.148.178.175 port 47814 ssh2 Mar 28 08:38:06 smtp-mx sshd[22309]: Invalid user sdy from 182.148.178.175 Mar 28 08:38:06 smtp-mx sshd[22309]: Failed password for invalid user sdy from 182.148.178.175 port 54536 ssh2 Mar 28 08:38:48 smtp-mx sshd[23911]: Invalid user dvl f........ ------------------------------	2020-03-29 07:06:52
106.13.114.228	attack	Mar 29 01:20:39 hosting sshd[22175]: Invalid user yxg from 106.13.114.228 port 50714 ...	2020-03-29 07:22:31
46.38.145.6	attackbotsspam	2020-03-29 00:00:53 -> 2020-03-29 00:00:53 : [46.38.145.6]:54804 connection denied (globally) - 1 login attempts	2020-03-29 07:05:25
200.69.250.253	attackspambots	Invalid user cacti from 200.69.250.253 port 52071	2020-03-29 07:30:43
139.213.220.70	attackbots	Mar 28 22:35:57 haigwepa sshd[18204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.213.220.70 Mar 28 22:35:59 haigwepa sshd[18204]: Failed password for invalid user licm from 139.213.220.70 port 1144 ssh2 ...	2020-03-29 07:08:01
122.116.78.25	attack	81/tcp 23/tcp... [2020-02-26/03-28]10pkt,2pt.(tcp)	2020-03-29 07:26:27
222.186.15.91	attack	Mar 29 04:05:35 gw1 sshd[15940]: Failed password for root from 222.186.15.91 port 42291 ssh2 Mar 29 04:05:37 gw1 sshd[15940]: Failed password for root from 222.186.15.91 port 42291 ssh2 ...	2020-03-29 07:12:23
31.184.199.114	attack	(sshd) Failed SSH login from 31.184.199.114 (RU/Russia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 28 23:50:12 ubnt-55d23 sshd[25122]: Invalid user 22 from 31.184.199.114 port 26824 Mar 28 23:50:15 ubnt-55d23 sshd[25122]: Failed password for invalid user 22 from 31.184.199.114 port 26824 ssh2	2020-03-29 06:59:54
170.249.32.172	attackspambots	Invalid user orgiast from 170.249.32.172 port 38377	2020-03-29 07:28:52

Recently Reported IPs

63.32.48.84	186.183.233.161	183.230.122.180	179.241.27.46
186.59.252.72	100.148.246.45	173.215.49.220	202.235.171.42
160.19.221.51	118.69.40.251	5.158.252.152	74.67.59.91
154.103.184.70	210.137.92.68	118.112.123.67	49.235.207.154
73.14.55.132	60.115.119.127	112.70.18.23	68.153.1.129