138.197.202.133

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2019-08-23 14:08:20,858 fail2ban.actions [878]: NOTICE [sshd] Ban 138.197.202.133 2019-08-23 17:14:07,357 fail2ban.actions [878]: NOTICE [sshd] Ban 138.197.202.133 2019-08-23 20:21:09,409 fail2ban.actions [878]: NOTICE [sshd] Ban 138.197.202.133 ...	2019-10-03 17:40:21
attack	Sep 2 04:57:44 plusreed sshd[14506]: Invalid user mahendra from 138.197.202.133 ...	2019-09-02 17:11:55
attack	Automated report - ssh fail2ban: Aug 28 07:31:40 authentication failure Aug 28 07:31:43 wrong password, user=zxcloudsetup, port=38584, ssh2 Aug 28 07:36:02 authentication failure	2019-08-28 13:51:02
attack	Aug 15 02:57:38 dedicated sshd[3496]: Invalid user laci from 138.197.202.133 port 59440	2019-08-15 08:59:29
attack	Aug 9 20:59:08 h2177944 sshd\[2157\]: Invalid user sims from 138.197.202.133 port 48822 Aug 9 20:59:08 h2177944 sshd\[2157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.133 Aug 9 20:59:10 h2177944 sshd\[2157\]: Failed password for invalid user sims from 138.197.202.133 port 48822 ssh2 Aug 9 21:03:33 h2177944 sshd\[2728\]: Invalid user nd from 138.197.202.133 port 43176 ...	2019-08-10 03:08:57
attackspam	SSH Brute Force, server-1 sshd[9246]: Failed password for invalid user sftp from 138.197.202.133 port 35184 ssh2	2019-08-06 13:08:19
attackbotsspam	Automatic report - Banned IP Access	2019-08-05 05:35:08
attackbotsspam	Aug 3 21:36:14 intra sshd\[65159\]: Invalid user la from 138.197.202.133Aug 3 21:36:16 intra sshd\[65159\]: Failed password for invalid user la from 138.197.202.133 port 51926 ssh2Aug 3 21:40:48 intra sshd\[65238\]: Invalid user atkchance from 138.197.202.133Aug 3 21:40:50 intra sshd\[65238\]: Failed password for invalid user atkchance from 138.197.202.133 port 47708 ssh2Aug 3 21:45:21 intra sshd\[65278\]: Invalid user admin from 138.197.202.133Aug 3 21:45:24 intra sshd\[65278\]: Failed password for invalid user admin from 138.197.202.133 port 43714 ssh2 ...	2019-08-04 03:05:29
attackspambots	Aug 1 02:50:15 vtv3 sshd\[25755\]: Invalid user paintball from 138.197.202.133 port 56530 Aug 1 02:50:15 vtv3 sshd\[25755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.133 Aug 1 02:50:17 vtv3 sshd\[25755\]: Failed password for invalid user paintball from 138.197.202.133 port 56530 ssh2 Aug 1 02:55:32 vtv3 sshd\[28225\]: Invalid user workflow from 138.197.202.133 port 51298 Aug 1 02:55:32 vtv3 sshd\[28225\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.133 Aug 1 03:05:39 vtv3 sshd\[607\]: Invalid user download from 138.197.202.133 port 40630 Aug 1 03:05:39 vtv3 sshd\[607\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.133 Aug 1 03:05:41 vtv3 sshd\[607\]: Failed password for invalid user download from 138.197.202.133 port 40630 ssh2 Aug 1 03:10:46 vtv3 sshd\[3105\]: Invalid user i-heart from 138.197.202.133 port 35446 Aug 1 03:1	2019-08-01 12:35:53
attackbotsspam	Invalid user dwh from 138.197.202.133 port 36732 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.133 Failed password for invalid user dwh from 138.197.202.133 port 36732 ssh2 Invalid user techuser from 138.197.202.133 port 59426 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.133	2019-08-01 07:14:36

Comments on same subnet:

IP	Type	Details	Datetime
138.197.202.197	attackbotsspam	Automatic report - Banned IP Access	2020-07-13 12:46:52
138.197.202.164	attackspambots	$f2bV_matches	2020-06-22 00:51:30
138.197.202.164	attack	Jun 8 05:53:17 vps647732 sshd[17563]: Failed password for root from 138.197.202.164 port 41428 ssh2 ...	2020-06-08 12:09:08
138.197.202.164	attack	(sshd) Failed SSH login from 138.197.202.164 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 31 16:53:14 amsweb01 sshd[11344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 user=root May 31 16:53:15 amsweb01 sshd[11344]: Failed password for root from 138.197.202.164 port 44018 ssh2 May 31 17:03:46 amsweb01 sshd[12174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 user=root May 31 17:03:48 amsweb01 sshd[12174]: Failed password for root from 138.197.202.164 port 37596 ssh2 May 31 17:07:16 amsweb01 sshd[12638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 user=root	2020-06-01 02:40:57
138.197.202.164	attackspam	May 22 10:15:26 ns382633 sshd\[22258\]: Invalid user yxt from 138.197.202.164 port 35924 May 22 10:15:26 ns382633 sshd\[22258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 May 22 10:15:28 ns382633 sshd\[22258\]: Failed password for invalid user yxt from 138.197.202.164 port 35924 ssh2 May 22 10:18:52 ns382633 sshd\[22504\]: Invalid user tvx from 138.197.202.164 port 60106 May 22 10:18:52 ns382633 sshd\[22504\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164	2020-05-22 18:39:34
138.197.202.164	attack	May 9 17:37:31 ny01 sshd[15622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 May 9 17:37:33 ny01 sshd[15622]: Failed password for invalid user hts from 138.197.202.164 port 52050 ssh2 May 9 17:40:30 ny01 sshd[16043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164	2020-05-10 05:52:04
138.197.202.164	attackbotsspam	Apr 22 18:46:24 [host] sshd[28663]: Invalid user c Apr 22 18:46:24 [host] sshd[28663]: pam_unix(sshd: Apr 22 18:46:25 [host] sshd[28663]: Failed passwor	2020-04-23 01:07:12
138.197.202.197	attack	Automatic report - Banned IP Access	2020-04-17 23:08:15
138.197.202.164	attackbotsspam	Apr 14 09:01:24 sshgateway sshd\[19167\]: Invalid user vps from 138.197.202.164 Apr 14 09:01:24 sshgateway sshd\[19167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 Apr 14 09:01:26 sshgateway sshd\[19167\]: Failed password for invalid user vps from 138.197.202.164 port 40082 ssh2	2020-04-14 17:28:02
138.197.202.164	attack	Apr 10 10:21:19 h1745522 sshd[22300]: Invalid user network from 138.197.202.164 port 48726 Apr 10 10:21:19 h1745522 sshd[22300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 Apr 10 10:21:19 h1745522 sshd[22300]: Invalid user network from 138.197.202.164 port 48726 Apr 10 10:21:21 h1745522 sshd[22300]: Failed password for invalid user network from 138.197.202.164 port 48726 ssh2 Apr 10 10:24:49 h1745522 sshd[22367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 user=root Apr 10 10:24:51 h1745522 sshd[22367]: Failed password for root from 138.197.202.164 port 57884 ssh2 Apr 10 10:28:25 h1745522 sshd[22469]: Invalid user noc from 138.197.202.164 port 38810 Apr 10 10:28:25 h1745522 sshd[22469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 Apr 10 10:28:25 h1745522 sshd[22469]: Invalid user noc from 138.197.202.164 po ...	2020-04-10 16:49:18
138.197.202.164	attackspam	Apr 3 21:34:33 icinga sshd[54609]: Failed password for root from 138.197.202.164 port 43734 ssh2 Apr 3 21:41:23 icinga sshd[64941]: Failed password for sync from 138.197.202.164 port 39344 ssh2 ...	2020-04-04 05:41:51
138.197.202.164	attackspambots	Apr 3 05:51:00 srv01 sshd[13079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 user=root Apr 3 05:51:02 srv01 sshd[13079]: Failed password for root from 138.197.202.164 port 42234 ssh2 Apr 3 05:53:00 srv01 sshd[13165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 user=root Apr 3 05:53:02 srv01 sshd[13165]: Failed password for root from 138.197.202.164 port 46388 ssh2 Apr 3 05:54:52 srv01 sshd[13246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 user=root Apr 3 05:54:53 srv01 sshd[13246]: Failed password for root from 138.197.202.164 port 50542 ssh2 ...	2020-04-03 13:55:51
138.197.202.164	attack	Mar 26 22:42:00 vps647732 sshd[21908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 Mar 26 22:42:02 vps647732 sshd[21908]: Failed password for invalid user picture from 138.197.202.164 port 57284 ssh2 ...	2020-03-27 05:55:53
138.197.202.164	attack	Invalid user sundapeng from 138.197.202.164 port 40492	2020-03-22 00:25:21
138.197.202.164	attackspambots	Mar 19 19:19:54 serwer sshd\[4142\]: Invalid user jboss from 138.197.202.164 port 57568 Mar 19 19:19:54 serwer sshd\[4142\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.202.164 Mar 19 19:19:56 serwer sshd\[4142\]: Failed password for invalid user jboss from 138.197.202.164 port 57568 ssh2 ...	2020-03-20 02:37:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.202.133
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13759
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.202.133.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 01 07:14:30 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 133.202.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 133.202.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.141.62.184	attackbots	$f2bV_matches	2019-12-18 08:48:43
162.243.61.72	attack	Dec 18 00:44:08 vtv3 sshd[8063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.61.72 Dec 18 00:44:10 vtv3 sshd[8063]: Failed password for invalid user masriah from 162.243.61.72 port 48824 ssh2 Dec 18 00:50:27 vtv3 sshd[11312]: Failed password for daemon from 162.243.61.72 port 58390 ssh2 Dec 18 01:02:16 vtv3 sshd[16679]: Failed password for root from 162.243.61.72 port 49112 ssh2 Dec 18 01:07:59 vtv3 sshd[19381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.61.72 Dec 18 01:08:01 vtv3 sshd[19381]: Failed password for invalid user criminal from 162.243.61.72 port 58942 ssh2 Dec 18 01:19:14 vtv3 sshd[24669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.61.72 Dec 18 01:19:16 vtv3 sshd[24669]: Failed password for invalid user aleinstein from 162.243.61.72 port 50260 ssh2 Dec 18 01:24:56 vtv3 sshd[27444]: Failed password for root from 162.243.61.72 port 59688 ss	2019-12-18 09:11:57
190.117.151.78	attackspam	Dec 17 14:30:28 php1 sshd\[16592\]: Invalid user exile from 190.117.151.78 Dec 17 14:30:28 php1 sshd\[16592\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.117.151.78 Dec 17 14:30:30 php1 sshd\[16592\]: Failed password for invalid user exile from 190.117.151.78 port 55810 ssh2 Dec 17 14:36:52 php1 sshd\[17440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.117.151.78 user=root Dec 17 14:36:54 php1 sshd\[17440\]: Failed password for root from 190.117.151.78 port 34764 ssh2	2019-12-18 08:52:16
159.203.201.112	attackbotsspam	Port Scan detected from 159.203.201.112 (US/United States/zg-0911a-155.stretchoid.com). 4 hits in the last 176 seconds	2019-12-18 09:00:51
162.243.58.222	attackbots	Dec 18 01:50:53 cvbnet sshd[29966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.58.222 Dec 18 01:50:55 cvbnet sshd[29966]: Failed password for invalid user info from 162.243.58.222 port 41788 ssh2 ...	2019-12-18 08:55:36
40.92.66.13	attackbots	Dec 18 03:20:04 debian-2gb-vpn-nbg1-1 kernel: [1006770.442362] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.66.13 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=40090 DF PROTO=TCP SPT=59141 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 08:33:09
152.136.95.118	attackspam	Dec 18 01:22:31 * sshd[12762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.95.118 Dec 18 01:22:33 * sshd[12762]: Failed password for invalid user heer from 152.136.95.118 port 47876 ssh2	2019-12-18 09:03:10
42.118.242.189	attackbots	Dec 17 14:15:20 web1 sshd\[18650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.242.189 user=root Dec 17 14:15:22 web1 sshd\[18650\]: Failed password for root from 42.118.242.189 port 59372 ssh2 Dec 17 14:21:52 web1 sshd\[19345\]: Invalid user buexec from 42.118.242.189 Dec 17 14:21:52 web1 sshd\[19345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.242.189 Dec 17 14:21:53 web1 sshd\[19345\]: Failed password for invalid user buexec from 42.118.242.189 port 40238 ssh2	2019-12-18 08:38:46
103.98.176.248	attack	$f2bV_matches	2019-12-18 09:08:46
49.234.196.38	attackspam	Dec 17 19:48:28 linuxvps sshd\[18189\]: Invalid user fredy from 49.234.196.38 Dec 17 19:48:28 linuxvps sshd\[18189\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.196.38 Dec 17 19:48:30 linuxvps sshd\[18189\]: Failed password for invalid user fredy from 49.234.196.38 port 60410 ssh2 Dec 17 19:54:27 linuxvps sshd\[21843\]: Invalid user ismael from 49.234.196.38 Dec 17 19:54:27 linuxvps sshd\[21843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.196.38	2019-12-18 09:05:00
128.199.133.128	attackbotsspam	Brute-force attempt banned	2019-12-18 09:15:42
187.74.210.118	attack	Dec 18 01:55:46 [host] sshd[15122]: Invalid user singrod from 187.74.210.118 Dec 18 01:55:46 [host] sshd[15122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.74.210.118 Dec 18 01:55:48 [host] sshd[15122]: Failed password for invalid user singrod from 187.74.210.118 port 42454 ssh2	2019-12-18 09:00:09
5.104.38.89	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 17-12-2019 22:25:09.	2019-12-18 08:51:39
112.85.42.171	attack	SSH-bruteforce attempts	2019-12-18 08:40:27
40.92.69.28	attackspam	Dec 18 01:25:06 debian-2gb-vpn-nbg1-1 kernel: [999872.560721] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.69.28 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=45751 DF PROTO=TCP SPT=3079 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 08:57:28

Recently Reported IPs

117.4.92.108	150.242.110.5	185.131.220.30	180.126.239.84
186.250.114.52	68.183.80.165	23.243.91.180	121.100.28.199
246.242.18.32	222.186.138.68	168.228.150.219	177.52.249.151
76.72.8.136	95.217.144.172	104.40.240.94	60.170.245.153
61.228.177.5	164.77.188.109	144.217.166.19	198.245.49.73