City: unknown
Region: unknown
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | firewall-block, port(s): 8396/tcp |
2020-10-13 04:09:48 |
| attackbots | $f2bV_matches |
2020-10-12 19:46:44 |
| attack | Port scan: Attack repeated for 24 hours |
2020-10-09 03:53:30 |
| attackbotsspam | Oct 8 13:27:32 ns381471 sshd[27018]: Failed password for root from 138.197.222.141 port 50782 ssh2 |
2020-10-08 20:01:39 |
| attackbots | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-10-06 07:26:49 |
| attackbotsspam | 1506/tcp 8699/tcp 16625/tcp... [2020-08-05/10-05]114pkt,39pt.(tcp) |
2020-10-05 23:42:53 |
| attack | firewall-block, port(s): 1506/tcp |
2020-10-05 15:41:44 |
| attackspam | Invalid user tom from 138.197.222.141 port 51220 |
2020-09-23 23:26:49 |
| attackbotsspam | "fail2ban match" |
2020-09-23 15:39:44 |
| attackbots | Sep 23 01:06:18 host sshd[6691]: Invalid user tom from 138.197.222.141 port 43402 ... |
2020-09-23 07:34:02 |
| attackbotsspam | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-09-13 23:32:27 |
| attackbots | Sep 12 20:45:48 auw2 sshd\[12737\]: Invalid user vsftp from 138.197.222.141 Sep 12 20:45:48 auw2 sshd\[12737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 Sep 12 20:45:49 auw2 sshd\[12737\]: Failed password for invalid user vsftp from 138.197.222.141 port 43380 ssh2 Sep 12 20:50:31 auw2 sshd\[13016\]: Invalid user sniff from 138.197.222.141 Sep 12 20:50:31 auw2 sshd\[13016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 |
2020-09-13 15:25:16 |
| attack | firewall-block, port(s): 5273/tcp |
2020-09-13 07:09:04 |
| attackbotsspam | " " |
2020-09-09 23:22:17 |
| attack | SIP/5060 Probe, BF, Hack - |
2020-09-09 17:00:06 |
| attack | $f2bV_matches |
2020-08-24 13:18:19 |
| attackspam | Aug 15 17:03:31 vpn01 sshd[12420]: Failed password for root from 138.197.222.141 port 52436 ssh2 ... |
2020-08-16 01:01:18 |
| attackspambots | Brute-force attempt banned |
2020-08-10 02:20:36 |
| attack | $f2bV_matches |
2020-07-29 07:59:06 |
| attackbots | 2020-07-23T11:07:21.259135lavrinenko.info sshd[3405]: Invalid user dj from 138.197.222.141 port 48290 2020-07-23T11:07:21.265314lavrinenko.info sshd[3405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 2020-07-23T11:07:21.259135lavrinenko.info sshd[3405]: Invalid user dj from 138.197.222.141 port 48290 2020-07-23T11:07:23.754559lavrinenko.info sshd[3405]: Failed password for invalid user dj from 138.197.222.141 port 48290 ssh2 2020-07-23T11:10:38.472836lavrinenko.info sshd[3580]: Invalid user git from 138.197.222.141 port 34208 ... |
2020-07-23 16:23:37 |
| attackbotsspam | Jul 17 17:33:57 inter-technics sshd[12761]: Invalid user smart from 138.197.222.141 port 53714 Jul 17 17:33:57 inter-technics sshd[12761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 Jul 17 17:33:57 inter-technics sshd[12761]: Invalid user smart from 138.197.222.141 port 53714 Jul 17 17:33:58 inter-technics sshd[12761]: Failed password for invalid user smart from 138.197.222.141 port 53714 ssh2 Jul 17 17:39:39 inter-technics sshd[13210]: Invalid user lode from 138.197.222.141 port 40434 ... |
2020-07-17 23:53:32 |
| attackspambots | SSH Brute-Forcing (server1) |
2020-07-07 15:03:24 |
| attackbotsspam | Jun 21 20:23:47 jumpserver sshd[166095]: Invalid user geral from 138.197.222.141 port 37920 Jun 21 20:23:48 jumpserver sshd[166095]: Failed password for invalid user geral from 138.197.222.141 port 37920 ssh2 Jun 21 20:27:48 jumpserver sshd[166153]: Invalid user mf from 138.197.222.141 port 37754 ... |
2020-06-22 04:36:04 |
| attack | 2020-06-15T04:03:24.392636abusebot-4.cloudsearch.cf sshd[8599]: Invalid user bot from 138.197.222.141 port 36000 2020-06-15T04:03:24.401023abusebot-4.cloudsearch.cf sshd[8599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 2020-06-15T04:03:24.392636abusebot-4.cloudsearch.cf sshd[8599]: Invalid user bot from 138.197.222.141 port 36000 2020-06-15T04:03:26.641821abusebot-4.cloudsearch.cf sshd[8599]: Failed password for invalid user bot from 138.197.222.141 port 36000 ssh2 2020-06-15T04:07:23.474332abusebot-4.cloudsearch.cf sshd[8796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 user=root 2020-06-15T04:07:25.524771abusebot-4.cloudsearch.cf sshd[8796]: Failed password for root from 138.197.222.141 port 36394 ssh2 2020-06-15T04:11:17.904630abusebot-4.cloudsearch.cf sshd[8988]: Invalid user ade from 138.197.222.141 port 36792 ... |
2020-06-15 12:24:27 |
| attack | sshd |
2020-06-15 06:27:03 |
| attack | 'Fail2Ban' |
2020-06-06 11:29:26 |
| attack | ssh brute force |
2020-05-15 14:26:53 |
| attackbotsspam | May 11 06:35:06 vps687878 sshd\[15748\]: Failed password for invalid user student from 138.197.222.141 port 49410 ssh2 May 11 06:38:37 vps687878 sshd\[16013\]: Invalid user postgres from 138.197.222.141 port 49186 May 11 06:38:37 vps687878 sshd\[16013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 May 11 06:38:40 vps687878 sshd\[16013\]: Failed password for invalid user postgres from 138.197.222.141 port 49186 ssh2 May 11 06:42:17 vps687878 sshd\[16496\]: Invalid user mailtest1 from 138.197.222.141 port 48960 May 11 06:42:17 vps687878 sshd\[16496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 ... |
2020-05-11 12:45:12 |
| attackbots | SSH invalid-user multiple login try |
2020-04-27 23:50:29 |
| attackspam | Apr 26 17:36:22 odroid64 sshd\[31236\]: Invalid user maxreg from 138.197.222.141 Apr 26 17:36:22 odroid64 sshd\[31236\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 ... |
2020-04-27 03:08:20 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.197.222.97 | attack | 2020-10-12T16:00:26.682148morrigan.ad5gb.com sshd[719623]: Failed password for invalid user wangyi from 138.197.222.97 port 54454 ssh2 |
2020-10-14 04:45:32 |
| 138.197.222.97 | attackbots |
|
2020-10-13 20:15:35 |
| 138.197.222.97 | attackbotsspam | firewall-block, port(s): 27139/tcp |
2020-09-27 03:37:52 |
| 138.197.222.97 | attack | TCP port : 6273 |
2020-09-26 19:36:39 |
| 138.197.222.97 | attackbotsspam | firewall-block, port(s): 20206/tcp |
2020-09-04 02:50:51 |
| 138.197.222.97 | attack | TCP port : 12492 |
2020-09-03 18:20:52 |
| 138.197.222.97 | attack | Aug 28 06:53:13 rancher-0 sshd[1314581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.97 user=root Aug 28 06:53:15 rancher-0 sshd[1314581]: Failed password for root from 138.197.222.97 port 56038 ssh2 ... |
2020-08-28 16:08:29 |
| 138.197.222.97 | attackbots | SSH |
2020-08-18 15:53:25 |
| 138.197.222.2 | attackspam | Invalid user test1 from 138.197.222.2 port 39364 |
2020-04-18 07:18:16 |
| 138.197.222.78 | attackbots | Invalid user doug from 138.197.222.78 port 46328 |
2019-10-25 03:19:22 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.222.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34346
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.222.141. IN A
;; AUTHORITY SECTION:
. 577 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019110400 1800 900 604800 86400
;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 19:50:40 CST 2019
;; MSG SIZE rcvd: 119Host 141.222.197.138.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 141.222.197.138.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 212.26.249.233 | attackspam | 445/tcp [2019-06-22]1pkt |
2019-06-23 03:00:10 |
| 77.247.110.100 | attack | Port scan attempt detected by AWS-CCS, CTS, India |
2019-06-23 03:32:29 |
| 185.216.140.27 | attackbots | proto=tcp . spt=28841 . dpt=3389 . src=185.216.140.27 . dst=xx.xx.4.1 . (listed on Alienvault Jun 22) (659) |
2019-06-23 02:57:32 |
| 189.91.3.8 | attackbotsspam | failed_logins |
2019-06-23 03:38:59 |
| 163.47.21.62 | attackbots | 445/tcp [2019-06-22]1pkt |
2019-06-23 02:57:12 |
| 170.244.14.98 | attackbots | failed_logins |
2019-06-23 03:47:48 |
| 91.65.119.90 | attack | C1,WP GET /wp-login.php |
2019-06-23 03:06:59 |
| 192.227.191.181 | attackbotsspam | NAME : CC-192-227-206-64-26 CIDR : 192.227.206.64/26 | STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack USA - New York - block certain countries :) IP: 192.227.191.181 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl |
2019-06-23 03:36:58 |
| 209.97.142.250 | attackspambots | $f2bV_matches |
2019-06-23 03:10:12 |
| 156.212.241.204 | attackbotsspam | Jun 22 10:40:53 localhost kernel: [12458646.452857] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=156.212.241.204 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=53882 PROTO=UDP SPT=1025 DPT=111 LEN=48 Jun 22 10:40:53 localhost kernel: [12458646.459197] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=156.212.241.204 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=20288 PROTO=UDP SPT=1025 DPT=111 LEN=48 Jun 22 10:40:53 localhost kernel: [12458646.465448] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=156.212.241.204 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=14112 PROTO=UDP SPT=1025 DPT=111 LEN=48 |
2019-06-23 02:57:49 |
| 118.24.96.173 | attackspambots | Jun 22 16:39:48 ArkNodeAT sshd\[20871\]: Invalid user www from 118.24.96.173 Jun 22 16:39:48 ArkNodeAT sshd\[20871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.96.173 Jun 22 16:39:50 ArkNodeAT sshd\[20871\]: Failed password for invalid user www from 118.24.96.173 port 37742 ssh2 |
2019-06-23 03:36:32 |
| 188.166.119.195 | attackspam | Portscan or hack attempt detected by psad/fwsnort |
2019-06-23 03:20:48 |
| 141.98.80.54 | attackbots | Jun 22 21:17:01 mail postfix/smtpd[22544]: warning: unknown[141.98.80.54]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 22 21:17:12 mail postfix/smtpd[22544]: warning: unknown[141.98.80.54]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 22 21:24:31 mail postfix/smtpd[22559]: warning: unknown[141.98.80.54]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-06-23 03:46:13 |
| 157.230.129.73 | attackspambots | Jun 22 16:39:41 nextcloud sshd\[22182\]: Invalid user guest from 157.230.129.73 Jun 22 16:39:41 nextcloud sshd\[22182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.129.73 Jun 22 16:39:44 nextcloud sshd\[22182\]: Failed password for invalid user guest from 157.230.129.73 port 47114 ssh2 ... |
2019-06-23 03:37:54 |
| 80.48.189.157 | attack | port scan and connect, tcp 23 (telnet) |
2019-06-23 03:34:19 |