138.197.199.249

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 22 09:22:28 dallas01 sshd[22802]: Failed password for backup from 138.197.199.249 port 37951 ssh2 Nov 22 09:28:31 dallas01 sshd[23802]: Failed password for root from 138.197.199.249 port 55944 ssh2	2020-01-28 09:10:32
attack	Nov 25 07:39:41 ny01 sshd[25197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 25 07:39:43 ny01 sshd[25197]: Failed password for invalid user simon from 138.197.199.249 port 44820 ssh2 Nov 25 07:42:52 ny01 sshd[25490]: Failed password for root from 138.197.199.249 port 34081 ssh2	2019-11-25 20:46:22
attack	Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249 Nov 16 08:27:23 ncomp sshd[1976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 16 08:27:23 ncomp sshd[1976]: Invalid user home from 138.197.199.249 Nov 16 08:27:25 ncomp sshd[1976]: Failed password for invalid user home from 138.197.199.249 port 59156 ssh2	2019-11-16 16:17:14
attack	Nov 15 15:42:42 meumeu sshd[10060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 15 15:42:45 meumeu sshd[10060]: Failed password for invalid user thorsteinsen from 138.197.199.249 port 48292 ssh2 Nov 15 15:45:58 meumeu sshd[10479]: Failed password for root from 138.197.199.249 port 37908 ssh2 ...	2019-11-15 22:49:04
attackbots	Nov 14 13:39:02 sachi sshd\[14303\]: Invalid user abcdefghijklmno from 138.197.199.249 Nov 14 13:39:02 sachi sshd\[14303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 14 13:39:04 sachi sshd\[14303\]: Failed password for invalid user abcdefghijklmno from 138.197.199.249 port 58829 ssh2 Nov 14 13:42:27 sachi sshd\[14661\]: Invalid user hege from 138.197.199.249 Nov 14 13:42:27 sachi sshd\[14661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-11-15 07:50:50
attackbots	Nov 14 00:20:41 wbs sshd\[17952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=backup Nov 14 00:20:43 wbs sshd\[17952\]: Failed password for backup from 138.197.199.249 port 33559 ssh2 Nov 14 00:23:50 wbs sshd\[18210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Nov 14 00:23:53 wbs sshd\[18210\]: Failed password for root from 138.197.199.249 port 51354 ssh2 Nov 14 00:27:05 wbs sshd\[18482\]: Invalid user michalsen from 138.197.199.249 Nov 14 00:27:05 wbs sshd\[18482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-11-14 18:34:08
attack	k+ssh-bruteforce	2019-11-09 16:59:30
attackspambots	Nov 7 14:49:17 mail sshd\[10002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root ...	2019-11-08 06:35:12
attackbotsspam	Nov 5 13:36:53 ws19vmsma01 sshd[77290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 5 13:36:54 ws19vmsma01 sshd[77290]: Failed password for invalid user mainastcheck from 138.197.199.249 port 53497 ssh2 ...	2019-11-06 02:59:29
attack	Nov 4 06:38:41 ip-172-31-1-72 sshd\[16809\]: Invalid user prasobsub from 138.197.199.249 Nov 4 06:38:41 ip-172-31-1-72 sshd\[16809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Nov 4 06:38:43 ip-172-31-1-72 sshd\[16809\]: Failed password for invalid user prasobsub from 138.197.199.249 port 54096 ssh2 Nov 4 06:42:02 ip-172-31-1-72 sshd\[16956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Nov 4 06:42:04 ip-172-31-1-72 sshd\[16956\]: Failed password for root from 138.197.199.249 port 44557 ssh2	2019-11-04 15:05:57
attackbots	2019-11-02T14:46:59.565135abusebot-3.cloudsearch.cf sshd\[14004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root	2019-11-03 01:56:50
attackbots	Automatic report - Banned IP Access	2019-10-25 21:22:18
attackbots	$f2bV_matches	2019-10-14 12:43:06
attackbotsspam	Sep 27 00:14:42 plusreed sshd[20679]: Invalid user nscd from 138.197.199.249 ...	2019-09-27 12:28:13
attackspam	Sep 26 21:08:20 plusreed sshd[11049]: Invalid user simulation from 138.197.199.249 ...	2019-09-27 09:26:11
attack	Sep 23 18:48:41 saschabauer sshd[18379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 23 18:48:43 saschabauer sshd[18379]: Failed password for invalid user m from 138.197.199.249 port 37275 ssh2	2019-09-24 00:50:48
attack	Sep 12 18:00:55 localhost sshd\[5514\]: Invalid user qwe123 from 138.197.199.249 port 43757 Sep 12 18:00:55 localhost sshd\[5514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 12 18:00:56 localhost sshd\[5514\]: Failed password for invalid user qwe123 from 138.197.199.249 port 43757 ssh2	2019-09-13 00:23:52
attackspam	Sep 8 09:55:31 aiointranet sshd\[25030\]: Invalid user vagrant from 138.197.199.249 Sep 8 09:55:31 aiointranet sshd\[25030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 8 09:55:33 aiointranet sshd\[25030\]: Failed password for invalid user vagrant from 138.197.199.249 port 58486 ssh2 Sep 8 09:59:31 aiointranet sshd\[25342\]: Invalid user vbox@123 from 138.197.199.249 Sep 8 09:59:31 aiointranet sshd\[25342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-09-09 08:57:35
attackspam	Sep 8 05:54:22 aiointranet sshd\[2428\]: Invalid user sinusbot from 138.197.199.249 Sep 8 05:54:22 aiointranet sshd\[2428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Sep 8 05:54:24 aiointranet sshd\[2428\]: Failed password for invalid user sinusbot from 138.197.199.249 port 52813 ssh2 Sep 8 05:58:27 aiointranet sshd\[2746\]: Invalid user uftp from 138.197.199.249 Sep 8 05:58:27 aiointranet sshd\[2746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-09-09 00:06:54
attack	Aug 31 05:57:26 hb sshd\[16110\]: Invalid user testuser from 138.197.199.249 Aug 31 05:57:26 hb sshd\[16110\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Aug 31 05:57:28 hb sshd\[16110\]: Failed password for invalid user testuser from 138.197.199.249 port 41469 ssh2 Aug 31 06:01:55 hb sshd\[16531\]: Invalid user postgres from 138.197.199.249 Aug 31 06:01:55 hb sshd\[16531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-08-31 14:09:09
attackbotsspam	Aug 19 11:00:17 cp sshd[12703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249	2019-08-19 17:19:50
attackspambots	2019-08-14T08:29:55.999823lon01.zurich-datacenter.net sshd\[8809\]: Invalid user movie from 138.197.199.249 port 57964 2019-08-14T08:29:56.008167lon01.zurich-datacenter.net sshd\[8809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 2019-08-14T08:29:57.717964lon01.zurich-datacenter.net sshd\[8809\]: Failed password for invalid user movie from 138.197.199.249 port 57964 ssh2 2019-08-14T08:35:00.506107lon01.zurich-datacenter.net sshd\[8905\]: Invalid user oracle from 138.197.199.249 port 53959 2019-08-14T08:35:00.517315lon01.zurich-datacenter.net sshd\[8905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 ...	2019-08-14 14:57:08
attackspambots	Brute force SMTP login attempted. ...	2019-08-10 03:10:11
attackspambots	Feb 28 04:46:24 motanud sshd\[2029\]: Invalid user rs from 138.197.199.249 port 36368 Feb 28 04:46:24 motanud sshd\[2029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Feb 28 04:46:25 motanud sshd\[2029\]: Failed password for invalid user rs from 138.197.199.249 port 36368 ssh2	2019-08-06 18:35:20
attackspam	Aug 2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Invalid user nexus from 138.197.199.249 Aug 2 15:11:39 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Aug 2 15:11:40 vibhu-HP-Z238-Microtower-Workstation sshd\[15983\]: Failed password for invalid user nexus from 138.197.199.249 port 39281 ssh2 Aug 2 15:16:13 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 user=root Aug 2 15:16:15 vibhu-HP-Z238-Microtower-Workstation sshd\[16130\]: Failed password for root from 138.197.199.249 port 36950 ssh2 ...	2019-08-02 17:46:40
attackbots	Jul 28 14:30:35 icinga sshd[32230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Jul 28 14:30:37 icinga sshd[32230]: Failed password for invalid user server2007 from 138.197.199.249 port 37472 ssh2 ...	2019-07-28 21:03:15
attackbots	Jul 13 18:19:06 dedicated sshd[4381]: Invalid user admin from 138.197.199.249 port 44759	2019-07-14 00:19:23
attackbots	2019-07-07T06:52:15.3269211240 sshd\[17224\]: Invalid user conf from 138.197.199.249 port 50957 2019-07-07T06:52:15.3317751240 sshd\[17224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 2019-07-07T06:52:16.9193911240 sshd\[17224\]: Failed password for invalid user conf from 138.197.199.249 port 50957 ssh2 ...	2019-07-07 13:38:41
attack	Jul 2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249 Jul 2 17:20:55 srv206 sshd[23863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.199.249 Jul 2 17:20:55 srv206 sshd[23863]: Invalid user ckodhek from 138.197.199.249 Jul 2 17:20:57 srv206 sshd[23863]: Failed password for invalid user ckodhek from 138.197.199.249 port 55190 ssh2 ...	2019-07-02 23:54:21

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.199.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61778
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.199.249.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 05:20:48 +08 2019
;; MSG SIZE  rcvd: 119

Host info

249.199.197.138.in-addr.arpa domain name pointer 185439.cloudwaysapps.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
249.199.197.138.in-addr.arpa	name = 185439.cloudwaysapps.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
206.189.88.253	attack	Sep 12 22:46:09 localhost sshd\[29073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.88.253 user=root Sep 12 22:46:11 localhost sshd\[29073\]: Failed password for root from 206.189.88.253 port 55004 ssh2 Sep 12 22:50:56 localhost sshd\[29298\]: Invalid user telecomadmin from 206.189.88.253 Sep 12 22:50:56 localhost sshd\[29298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.88.253 Sep 12 22:50:59 localhost sshd\[29298\]: Failed password for invalid user telecomadmin from 206.189.88.253 port 40316 ssh2 ...	2020-09-13 04:51:56
128.199.240.146	attackbots	Sep 12 19:43:04 ncomp sshd[17043]: Invalid user warlock from 128.199.240.146 port 47924 Sep 12 19:43:04 ncomp sshd[17043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.240.146 Sep 12 19:43:04 ncomp sshd[17043]: Invalid user warlock from 128.199.240.146 port 47924 Sep 12 19:43:06 ncomp sshd[17043]: Failed password for invalid user warlock from 128.199.240.146 port 47924 ssh2	2020-09-13 05:14:34
187.188.240.7	attack	Sep 12 22:52:05 ns381471 sshd[4961]: Failed password for root from 187.188.240.7 port 51886 ssh2	2020-09-13 05:07:09
170.233.30.33	attackspambots	Sep 12 18:58:51 ns381471 sshd[3600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.233.30.33 Sep 12 18:58:52 ns381471 sshd[3600]: Failed password for invalid user guest from 170.233.30.33 port 54704 ssh2	2020-09-13 05:10:09
159.89.99.68	attackbotsspam	Automatic report - Banned IP Access	2020-09-13 04:55:48
115.148.72.248	attackbotsspam	Brute forcing email accounts	2020-09-13 04:58:10
167.172.98.89	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-12T20:25:28Z and 2020-09-12T20:37:26Z	2020-09-13 04:57:51
211.159.172.184	attack	20 attempts against mh-ssh on ice	2020-09-13 04:56:52
107.173.202.200	attack	(From angelkatheyhi3@yahoo.com) Hi, We'd like to introduce to you our video creation service which we feel may be beneficial for you and your site trainorfamilychiropractic.com. Check out a few of our existing videos here: https://www.youtube.com/watch?v=y3nEeQoTtOE https://www.youtube.com/watch?v=TaMaDwX7tBU https://www.youtube.com/watch?v=1jT6ve94xig All of our videos are in a similar format as the above examples and we have voice over artists with US/UK/Australian accents. - We can convert one of your online articles or blog posts into video format, as many people prefer to watch a video as opposed to reading a page or document. - We can explain your business, service or product. - We can also educate people - these videos are great at educating the viewer on something such as the facts or history of a subject. - They can be used for Social Media advertising, such as Facebook Ads. Our prices are as follows depending on video length: 0-1 minutes = $159 1-2 minutes = $269 2-3 minutes	2020-09-13 05:24:54
94.183.199.36	attack	Icarus honeypot on github	2020-09-13 04:51:07
79.188.68.89	attackbotsspam	fail2ban	2020-09-13 05:25:22
111.47.18.22	attackspam	Sep 12 20:55:59 buvik sshd[32529]: Failed password for root from 111.47.18.22 port 2158 ssh2 Sep 12 21:01:55 buvik sshd[1347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.47.18.22 user=root Sep 12 21:01:57 buvik sshd[1347]: Failed password for root from 111.47.18.22 port 2160 ssh2 ...	2020-09-13 04:53:05
77.27.168.117	attackbots	2020-09-12T21:21[Censored Hostname] sshd[38271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.168.27.77.dynamic.reverse-mundo-r.com user=root 2020-09-12T21:21[Censored Hostname] sshd[38271]: Failed password for root from 77.27.168.117 port 50542 ssh2 2020-09-12T21:25[Censored Hostname] sshd[38284]: Invalid user test from 77.27.168.117 port 56604[...]	2020-09-13 05:14:57
185.247.224.65	attackspam	Sep 12 19:07:53 vlre-nyc-1 sshd\[15246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.247.224.65 user=root Sep 12 19:07:55 vlre-nyc-1 sshd\[15246\]: Failed password for root from 185.247.224.65 port 60650 ssh2 Sep 12 19:07:58 vlre-nyc-1 sshd\[15246\]: Failed password for root from 185.247.224.65 port 60650 ssh2 Sep 12 19:08:00 vlre-nyc-1 sshd\[15246\]: Failed password for root from 185.247.224.65 port 60650 ssh2 Sep 12 19:08:02 vlre-nyc-1 sshd\[15246\]: Failed password for root from 185.247.224.65 port 60650 ssh2 ...	2020-09-13 04:57:31
105.104.63.184	attackspambots	Wordpress attack	2020-09-13 05:23:36

Recently Reported IPs

151.49.43.200	51.38.185.238	190.173.142.95	193.188.23.23
45.227.255.214	220.194.70.25	159.65.42.207	38.89.142.34
125.165.187.65	123.206.128.231	185.120.79.2	103.66.79.173
118.24.255.191	38.128.66.158	54.38.47.28	118.25.76.244
124.173.71.245	188.0.133.20	192.0.215.179	216.244.82.50