138.197.69.159

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Fail2Ban Ban Triggered	2019-12-25 16:27:26

Comments on same subnet:

IP	Type	Details	Datetime
138.197.69.184	attack	2020-10-01T21:35:45.595135mail.standpoint.com.ua sshd[21869]: Invalid user matt from 138.197.69.184 port 47880 2020-10-01T21:35:45.597874mail.standpoint.com.ua sshd[21869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 2020-10-01T21:35:45.595135mail.standpoint.com.ua sshd[21869]: Invalid user matt from 138.197.69.184 port 47880 2020-10-01T21:35:48.254299mail.standpoint.com.ua sshd[21869]: Failed password for invalid user matt from 138.197.69.184 port 47880 ssh2 2020-10-01T21:39:43.095175mail.standpoint.com.ua sshd[22484]: Invalid user sammy from 138.197.69.184 port 57634 ...	2020-10-02 02:56:50
138.197.69.184	attackspambots	2020-10-01T14:00:57.554853lavrinenko.info sshd[32512]: Failed password for invalid user tomcat9 from 138.197.69.184 port 38814 ssh2 2020-10-01T14:04:30.945779lavrinenko.info sshd[32693]: Invalid user copy from 138.197.69.184 port 46914 2020-10-01T14:04:30.956430lavrinenko.info sshd[32693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 2020-10-01T14:04:30.945779lavrinenko.info sshd[32693]: Invalid user copy from 138.197.69.184 port 46914 2020-10-01T14:04:33.018700lavrinenko.info sshd[32693]: Failed password for invalid user copy from 138.197.69.184 port 46914 ssh2 ...	2020-10-01 19:08:40
138.197.69.184	attackbotsspam	Sep 15 09:53:24 mellenthin sshd[28685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=root Sep 15 09:53:25 mellenthin sshd[28685]: Failed password for invalid user root from 138.197.69.184 port 50720 ssh2	2020-09-16 00:16:06
138.197.69.184	attack	Sep 15 09:53:24 mellenthin sshd[28685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=root Sep 15 09:53:25 mellenthin sshd[28685]: Failed password for invalid user root from 138.197.69.184 port 50720 ssh2	2020-09-15 16:09:01
138.197.69.184	attackbotsspam	Sep 15 01:59:11 OPSO sshd\[16431\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=root Sep 15 01:59:12 OPSO sshd\[16431\]: Failed password for root from 138.197.69.184 port 37006 ssh2 Sep 15 02:03:21 OPSO sshd\[17908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=root Sep 15 02:03:23 OPSO sshd\[17908\]: Failed password for root from 138.197.69.184 port 48544 ssh2 Sep 15 02:07:23 OPSO sshd\[19167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=root	2020-09-15 08:14:52
138.197.69.184	attackbots	Aug 29 05:31:20 dhoomketu sshd[2733183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 Aug 29 05:31:20 dhoomketu sshd[2733183]: Invalid user admin123 from 138.197.69.184 port 48770 Aug 29 05:31:22 dhoomketu sshd[2733183]: Failed password for invalid user admin123 from 138.197.69.184 port 48770 ssh2 Aug 29 05:34:57 dhoomketu sshd[2733214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=root Aug 29 05:34:59 dhoomketu sshd[2733214]: Failed password for root from 138.197.69.184 port 55182 ssh2 ...	2020-08-29 08:18:27
138.197.69.184	attackbots	Invalid user rootftp from 138.197.69.184 port 42986	2020-08-24 18:00:40
138.197.69.184	attackbotsspam	Aug 23 17:31:05 ws24vmsma01 sshd[29292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 Aug 23 17:31:07 ws24vmsma01 sshd[29292]: Failed password for invalid user lym from 138.197.69.184 port 52650 ssh2 ...	2020-08-24 09:23:10
138.197.69.184	attackbots	Jul 29 16:56:20 ny01 sshd[22458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 Jul 29 16:56:21 ny01 sshd[22458]: Failed password for invalid user yangguilin from 138.197.69.184 port 37502 ssh2 Jul 29 17:00:20 ny01 sshd[23072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184	2020-07-30 05:01:09
138.197.69.184	attackbotsspam	2020-07-24T05:20:40+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-07-24 13:53:11
138.197.69.184	attackspam	2020-07-20T06:32:15.134890billing sshd[16086]: Invalid user coin from 138.197.69.184 port 40848 2020-07-20T06:32:17.337909billing sshd[16086]: Failed password for invalid user coin from 138.197.69.184 port 40848 ssh2 2020-07-20T06:37:05.690375billing sshd[22144]: Invalid user nagios from 138.197.69.184 port 55222 ...	2020-07-20 08:01:36
138.197.69.184	attackbots	Jul 8 20:00:00 rush sshd[18891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 Jul 8 20:00:03 rush sshd[18891]: Failed password for invalid user adi from 138.197.69.184 port 40096 ssh2 Jul 8 20:03:10 rush sshd[19010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 ...	2020-07-09 04:06:42
138.197.69.184	attackbotsspam	Jul 7 13:59:29 buvik sshd[13448]: Failed password for invalid user 0 from 138.197.69.184 port 45584 ssh2 Jul 7 14:01:28 buvik sshd[14219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=backup Jul 7 14:01:30 buvik sshd[14219]: Failed password for backup from 138.197.69.184 port 51522 ssh2 ...	2020-07-07 22:10:49
138.197.69.184	attack	$f2bV_matches	2020-07-06 15:31:34
138.197.69.184	attack	Jul 4 14:02:52 Ubuntu-1404-trusty-64-minimal sshd\[32113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=root Jul 4 14:02:54 Ubuntu-1404-trusty-64-minimal sshd\[32113\]: Failed password for root from 138.197.69.184 port 50398 ssh2 Jul 4 14:10:11 Ubuntu-1404-trusty-64-minimal sshd\[4749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184 user=root Jul 4 14:10:13 Ubuntu-1404-trusty-64-minimal sshd\[4749\]: Failed password for root from 138.197.69.184 port 57196 ssh2 Jul 4 14:13:46 Ubuntu-1404-trusty-64-minimal sshd\[5882\]: Invalid user admin1 from 138.197.69.184 Jul 4 14:13:46 Ubuntu-1404-trusty-64-minimal sshd\[5882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.69.184	2020-07-04 21:04:05

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.69.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52056
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.69.159.			IN	A

;; AUTHORITY SECTION:
.			357	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122500 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 16:27:21 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 159.69.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.69.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.29.3.45	attackspam	Jun 25 12:01:32 itv-usvr-02 sshd[7142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.3.45 user=root Jun 25 12:01:34 itv-usvr-02 sshd[7142]: Failed password for root from 119.29.3.45 port 56235 ssh2 Jun 25 12:04:23 itv-usvr-02 sshd[7216]: Invalid user FB from 119.29.3.45 port 45329 Jun 25 12:04:23 itv-usvr-02 sshd[7216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.3.45 Jun 25 12:04:23 itv-usvr-02 sshd[7216]: Invalid user FB from 119.29.3.45 port 45329 Jun 25 12:04:25 itv-usvr-02 sshd[7216]: Failed password for invalid user FB from 119.29.3.45 port 45329 ssh2	2020-06-25 14:15:40
122.35.120.59	attackbotsspam	Failed password for invalid user cloud from 122.35.120.59 port 36312 ssh2	2020-06-25 14:22:37
117.102.69.98	attackbotsspam	Attempts against non-existent wp-login	2020-06-25 14:30:50
117.6.194.248	attackbotsspam	117.6.194.248 - - \[25/Jun/2020:05:54:56 +0200\] "POST /wp-login.php HTTP/1.0" 200 5508 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 117.6.194.248 - - \[25/Jun/2020:05:55:01 +0200\] "POST /wp-login.php HTTP/1.0" 200 5345 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 117.6.194.248 - - \[25/Jun/2020:05:55:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 5385 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-06-25 13:52:18
52.237.220.70	attackbots	SSH invalid-user multiple login try	2020-06-25 13:51:30
58.252.8.115	attack	DATE:2020-06-25 07:54:42, IP:58.252.8.115, PORT:ssh SSH brute force auth (docker-dc)	2020-06-25 14:27:58
187.85.159.147	attackspam	Automatic report - Port Scan Attack	2020-06-25 14:21:04
185.63.253.157	attackbots	Jun 25 08:16:25 ncomp sshd[28187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.63.253.157 user=root Jun 25 08:16:27 ncomp sshd[28187]: Failed password for root from 185.63.253.157 port 34802 ssh2 Jun 25 08:16:35 ncomp sshd[28190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.63.253.157 user=root Jun 25 08:16:37 ncomp sshd[28190]: Failed password for root from 185.63.253.157 port 50956 ssh2	2020-06-25 14:33:59
120.92.94.94	attack	Jun 25 06:45:25 localhost sshd\[6295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.94.94 user=root Jun 25 06:45:27 localhost sshd\[6295\]: Failed password for root from 120.92.94.94 port 20156 ssh2 Jun 25 06:47:08 localhost sshd\[6343\]: Invalid user wmf from 120.92.94.94 Jun 25 06:47:08 localhost sshd\[6343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.94.94 Jun 25 06:47:09 localhost sshd\[6343\]: Failed password for invalid user wmf from 120.92.94.94 port 34780 ssh2 ...	2020-06-25 14:20:04
106.12.206.3	attackbotsspam	Invalid user jenkins from 106.12.206.3 port 53146	2020-06-25 13:46:27
120.26.142.228	attackbotsspam	Jun 24 22:52:48 server1 sshd\[602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.26.142.228 user=root Jun 24 22:52:49 server1 sshd\[602\]: Failed password for root from 120.26.142.228 port 44182 ssh2 Jun 24 22:53:46 server1 sshd\[1240\]: Invalid user administrator from 120.26.142.228 Jun 24 22:53:46 server1 sshd\[1240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.26.142.228 Jun 24 22:53:47 server1 sshd\[1240\]: Failed password for invalid user administrator from 120.26.142.228 port 54156 ssh2 ...	2020-06-25 14:17:05
104.42.44.206	attack	Lines containing failures of 104.42.44.206 Jun 24 23:45:32 shared11 sshd[17243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.44.206 user=r.r Jun 24 23:45:32 shared11 sshd[17245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.44.206 user=r.r Jun 24 23:45:34 shared11 sshd[17243]: Failed password for r.r from 104.42.44.206 port 11403 ssh2 Jun 24 23:45:34 shared11 sshd[17243]: Received disconnect from 104.42.44.206 port 11403:11: Client disconnecting normally [preauth] Jun 24 23:45:34 shared11 sshd[17243]: Disconnected from authenticating user r.r 104.42.44.206 port 11403 [preauth] Jun 24 23:45:34 shared11 sshd[17245]: Failed password for r.r from 104.42.44.206 port 11487 ssh2 Jun 24 23:45:34 shared11 sshd[17245]: Received disconnect from 104.42.44.206 port 11487:11: Client disconnecting normally [preauth] Jun 24 23:45:34 shared11 sshd[17245]: Disconnected from authenticatin........ ------------------------------	2020-06-25 13:54:26
180.76.176.126	attack	Jun 25 06:51:34 santamaria sshd\[8736\]: Invalid user avendoria from 180.76.176.126 Jun 25 06:51:34 santamaria sshd\[8736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.176.126 Jun 25 06:51:36 santamaria sshd\[8736\]: Failed password for invalid user avendoria from 180.76.176.126 port 35204 ssh2 ...	2020-06-25 14:36:22
168.63.245.27	attack	Jun 24 18:25:19 Ubuntu-1404-trusty-64-minimal sshd\[7786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.63.245.27 user=root Jun 24 18:25:21 Ubuntu-1404-trusty-64-minimal sshd\[7786\]: Failed password for root from 168.63.245.27 port 47624 ssh2 Jun 25 05:51:57 Ubuntu-1404-trusty-64-minimal sshd\[8332\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.63.245.27 user=root Jun 25 05:51:59 Ubuntu-1404-trusty-64-minimal sshd\[8332\]: Failed password for root from 168.63.245.27 port 7014 ssh2 Jun 25 06:44:57 Ubuntu-1404-trusty-64-minimal sshd\[5865\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.63.245.27 user=root	2020-06-25 14:27:00
61.160.96.90	attack	Jun 25 07:51:16 nextcloud sshd\[9711\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90 user=root Jun 25 07:51:18 nextcloud sshd\[9711\]: Failed password for root from 61.160.96.90 port 6114 ssh2 Jun 25 07:54:10 nextcloud sshd\[13149\]: Invalid user hanson from 61.160.96.90 Jun 25 07:54:10 nextcloud sshd\[13149\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90	2020-06-25 14:35:31

Recently Reported IPs

56.103.214.68	83.97.20.187	35.206.157.68	190.186.64.8
17.74.231.248	36.92.100.109	90.185.10.156	130.241.87.61
49.37.131.237	55.172.212.2	169.227.239.230	237.169.83.49
207.119.182.244	141.165.213.93	186.185.254.82	109.115.127.230
115.151.54.173	14.248.84.183	27.78.117.148	193.242.149.219