138.197.200.54

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.200.16	attack	Sep 29 22:03:57 ns382633 sshd\[5327\]: Invalid user sybase from 138.197.200.16 port 51536 Sep 29 22:03:57 ns382633 sshd\[5327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.16 Sep 29 22:03:59 ns382633 sshd\[5327\]: Failed password for invalid user sybase from 138.197.200.16 port 51536 ssh2 Sep 29 22:08:59 ns382633 sshd\[6266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.16 user=root Sep 29 22:09:01 ns382633 sshd\[6266\]: Failed password for root from 138.197.200.16 port 55498 ssh2	2020-09-30 06:45:57
138.197.200.16	attackspambots	Sep 29 16:48:51 OPSO sshd\[3555\]: Invalid user guest from 138.197.200.16 port 45332 Sep 29 16:48:51 OPSO sshd\[3555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.16 Sep 29 16:48:53 OPSO sshd\[3555\]: Failed password for invalid user guest from 138.197.200.16 port 45332 ssh2 Sep 29 16:54:45 OPSO sshd\[4639\]: Invalid user sales from 138.197.200.16 port 60858 Sep 29 16:54:45 OPSO sshd\[4639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.16	2020-09-29 23:01:55
138.197.200.16	attackspambots	2020-09-29T09:50:20.729131lavrinenko.info sshd[1825]: Failed password for root from 138.197.200.16 port 60768 ssh2 2020-09-29T09:54:50.427492lavrinenko.info sshd[2021]: Invalid user snabuser from 138.197.200.16 port 37210 2020-09-29T09:54:50.434426lavrinenko.info sshd[2021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.16 2020-09-29T09:54:50.427492lavrinenko.info sshd[2021]: Invalid user snabuser from 138.197.200.16 port 37210 2020-09-29T09:54:52.575341lavrinenko.info sshd[2021]: Failed password for invalid user snabuser from 138.197.200.16 port 37210 ssh2 ...	2020-09-29 15:20:54
138.197.200.113	attack	138.197.200.113 - - \[21/Apr/2020:00:05:56 +0200\] "POST /wp-login.php HTTP/1.1" 200 9652 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.197.200.113 - - \[21/Apr/2020:00:05:58 +0200\] "POST /wp-login.php HTTP/1.1" 200 9521 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2020-04-21 07:43:50
138.197.200.113	attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-04-16 00:52:31
138.197.200.65	attackspam	Unauthorized connection attempt detected from IP address 138.197.200.65 to port 5900 [T]	2020-03-24 23:53:05
138.197.200.77	attackbotsspam	Aug 22 11:00:41 dallas01 sshd[27116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77 Aug 22 11:00:43 dallas01 sshd[27116]: Failed password for invalid user webpop from 138.197.200.77 port 51276 ssh2 Aug 22 11:04:54 dallas01 sshd[27678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77	2020-01-28 08:10:19
138.197.200.77	attackbots	2019-09-02 19:02:48,010 fail2ban.actions [804]: NOTICE [sshd] Ban 138.197.200.77 2019-09-02 22:07:33,199 fail2ban.actions [804]: NOTICE [sshd] Ban 138.197.200.77 2019-09-03 01:15:07,054 fail2ban.actions [804]: NOTICE [sshd] Ban 138.197.200.77 ...	2019-10-03 17:43:57
138.197.200.77	attackbots	Sep 27 15:55:30 eventyay sshd[24532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77 Sep 27 15:55:32 eventyay sshd[24532]: Failed password for invalid user ubuntu from 138.197.200.77 port 42466 ssh2 Sep 27 16:00:03 eventyay sshd[24633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77 ...	2019-09-27 22:05:15
138.197.200.77	attack	Sep 7 16:38:15 kapalua sshd\[6166\]: Invalid user ubuntu from 138.197.200.77 Sep 7 16:38:15 kapalua sshd\[6166\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77 Sep 7 16:38:17 kapalua sshd\[6166\]: Failed password for invalid user ubuntu from 138.197.200.77 port 48490 ssh2 Sep 7 16:43:01 kapalua sshd\[6705\]: Invalid user ubuntu from 138.197.200.77 Sep 7 16:43:01 kapalua sshd\[6705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77	2019-09-08 10:54:28
138.197.200.77	attackspambots	$f2bV_matches	2019-09-03 08:57:46
138.197.200.77	attackbots	Port Scan detected from 138.197.200.77 (US/United States/-). 4 hits in the last 256 seconds	2019-08-30 10:14:07
138.197.200.77	attack	Aug 13 15:31:58 server sshd\[1579\]: Invalid user iceuser from 138.197.200.77 port 59648 Aug 13 15:31:58 server sshd\[1579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77 Aug 13 15:32:00 server sshd\[1579\]: Failed password for invalid user iceuser from 138.197.200.77 port 59648 ssh2 Aug 13 15:37:01 server sshd\[23956\]: Invalid user ubnt from 138.197.200.77 port 52412 Aug 13 15:37:01 server sshd\[23956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77	2019-08-14 00:39:31
138.197.200.77	attackbots	Aug 6 13:26:04 dedicated sshd[23276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77 user=root Aug 6 13:26:06 dedicated sshd[23276]: Failed password for root from 138.197.200.77 port 38660 ssh2	2019-08-06 19:40:54
138.197.200.77	attackbotsspam	Aug 4 12:50:59 eventyay sshd[5078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77 Aug 4 12:51:01 eventyay sshd[5078]: Failed password for invalid user mediax from 138.197.200.77 port 46312 ssh2 Aug 4 12:55:22 eventyay sshd[6294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.200.77 ...	2019-08-04 21:38:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.200.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36355
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.200.54.			IN	A

;; AUTHORITY SECTION:
.			372	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091502 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 16 06:08:08 CST 2022
;; MSG SIZE  rcvd: 107

Host info

54.200.197.138.in-addr.arpa domain name pointer prod-jerry-se-scanners-do-sfo2-41.do.binaryedge.ninja.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.200.197.138.in-addr.arpa	name = prod-jerry-se-scanners-do-sfo2-41.do.binaryedge.ninja.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.30.209	attackspam	2020-03-01T07:13:30.574236scmdmz1 sshd[18900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root 2020-03-01T07:13:32.631742scmdmz1 sshd[18900]: Failed password for root from 222.186.30.209 port 43960 ssh2 2020-03-01T07:13:34.525692scmdmz1 sshd[18900]: Failed password for root from 222.186.30.209 port 43960 ssh2 2020-03-01T07:13:30.574236scmdmz1 sshd[18900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root 2020-03-01T07:13:32.631742scmdmz1 sshd[18900]: Failed password for root from 222.186.30.209 port 43960 ssh2 2020-03-01T07:13:34.525692scmdmz1 sshd[18900]: Failed password for root from 222.186.30.209 port 43960 ssh2 2020-03-01T07:13:30.574236scmdmz1 sshd[18900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root 2020-03-01T07:13:32.631742scmdmz1 sshd[18900]: Failed password for root from 222.186.30.209 port 43960 ssh2 2	2020-03-01 14:13:49
172.245.109.234	attackspam	Mar 1 06:37:19 debian-2gb-nbg1-2 kernel: \[5300226.213434\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=172.245.109.234 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=30825 PROTO=TCP SPT=57824 DPT=24000 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-01 13:43:50
195.9.225.238	attackspambots	Mar 1 00:54:25 plusreed sshd[3500]: Invalid user ankur from 195.9.225.238 ...	2020-03-01 13:58:01
103.30.115.1	attackspambots	Invalid user work from 103.30.115.1 port 29193	2020-03-01 14:01:06
185.216.140.252	attackspam	Mar 1 06:13:28 debian-2gb-nbg1-2 kernel: \[5298795.493172\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.216.140.252 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=49361 PROTO=TCP SPT=58515 DPT=9003 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-01 14:12:28
54.39.22.191	attackspambots	Mar 1 06:25:01 localhost sshd\[23122\]: Invalid user paul from 54.39.22.191 port 45990 Mar 1 06:25:01 localhost sshd\[23122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.22.191 Mar 1 06:25:03 localhost sshd\[23122\]: Failed password for invalid user paul from 54.39.22.191 port 45990 ssh2	2020-03-01 13:40:19
177.126.137.149	attackbotsspam	Unauthorized connection attempt detected from IP address 177.126.137.149 to port 23 [J]	2020-03-01 13:53:55
213.186.33.40	spam	MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord, en TOTALE INFRACTION avec les Législations Européennes comme Française sur la RGPD, donc à condamner à 750 € par pourriel émis ! christophe@transletter.eu MICCICHE Christophe Léonard Michel (COUDOUX - 13111) 512 509 597 puis 831 288 469 - SAS https://www.interppro.net interppro.net => Network Solutions, LLC => web.com => 23.236.62.147 https://www.mywot.com/scorecard/interppro.net https://www.mywot.com/scorecard/web.com https://en.asytech.cn/check-ip/23.236.62.147 https://www.infogreffe.fr/entreprise-societe/831288469-interppro-130417B008730000.html transletter.eu => 188.165.53.185 188.165.53.185 => OVH https://www.mywot.com/scorecard/transletter.eu https://www.mywot.com/scorecard/ovh.com https://en.asytech.cn/check-ip/188.165.53.185 Message-ID: <15f55a827779eb9c458f92891af92f81@transletter.eu> From: Cliquez ICI pour vous désabonner cmati.com => 213.186.33.40 213.186.33.40 => OVH https://www.mywot.com/scorecard/cmati.com https://www.mywot.com/scorecard/ovh.com https://en.asytech.cn/check-ip/213.186.33.40	2020-03-01 13:46:35
178.156.202.137	attack	Unauthorized connection attempt detected from IP address 178.156.202.137 to port 22 [J]	2020-03-01 14:09:28
123.28.3.192	attackspambots	Mar 1 05:58:01 debian-2gb-nbg1-2 kernel: \[5297867.983636\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=123.28.3.192 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=57110 PROTO=TCP SPT=54262 DPT=23 WINDOW=15421 RES=0x00 SYN URGP=0	2020-03-01 14:12:07
173.90.103.249	attackbotsspam	Honeypot attack, port: 81, PTR: cpe-173-90-103-249.neo.res.rr.com.	2020-03-01 14:12:57
222.186.180.147	attack	Mar 1 06:31:01 SilenceServices sshd[15346]: Failed password for root from 222.186.180.147 port 39284 ssh2 Mar 1 06:31:15 SilenceServices sshd[15346]: error: maximum authentication attempts exceeded for root from 222.186.180.147 port 39284 ssh2 [preauth] Mar 1 06:31:25 SilenceServices sshd[15602]: Failed password for root from 222.186.180.147 port 34372 ssh2	2020-03-01 13:35:49
122.103.201.188	attackbotsspam	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-01 13:53:09
200.219.254.53	attackbotsspam	Honeypot attack, port: 445, PTR: static.200.219.254.53.datacenter1.com.br.	2020-03-01 14:14:55
68.183.169.251	attack	Mar 1 06:19:38 vps647732 sshd[28616]: Failed password for root from 68.183.169.251 port 37258 ssh2 ...	2020-03-01 13:36:48

Recently Reported IPs

50.219.7.193	95.164.232.209	68.183.134.85	172.104.224.222
161.97.80.174	157.245.205.231	43.205.23.127	217.25.30.200
175.178.236.5	198.235.24.54	103.159.85.225	2.55.110.204
124.239.144.200	101.183.25.50	113.26.122.255	167.172.108.29
77.42.226.72	192.3.233.206	192.241.204.141	103.4.66.130