138.201.245.204

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.201.245.106	attackbotsspam	2020-10-08T04:27:49.006296hostname sshd[59806]: Failed password for root from 138.201.245.106 port 35910 ssh2 ...	2020-10-09 03:33:42
138.201.245.106	attack	Oct 7 20:13:13 pl3server sshd[9540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.201.245.106 user=r.r Oct 7 20:13:15 pl3server sshd[9540]: Failed password for r.r from 138.201.245.106 port 53814 ssh2 Oct 7 20:13:15 pl3server sshd[9540]: Received disconnect from 138.201.245.106 port 53814:11: Bye Bye [preauth] Oct 7 20:13:15 pl3server sshd[9540]: Disconnected from 138.201.245.106 port 53814 [preauth] Oct 7 20:29:03 pl3server sshd[15871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.201.245.106 user=r.r Oct 7 20:29:05 pl3server sshd[15871]: Failed password for r.r from 138.201.245.106 port 50608 ssh2 Oct 7 20:29:06 pl3server sshd[15871]: Received disconnect from 138.201.245.106 port 50608:11: Bye Bye [preauth] Oct 7 20:29:06 pl3server sshd[15871]: Disconnected from 138.201.245.106 port 50608 [preauth] Oct 7 20:32:27 pl3server sshd[17292]: pam_unix(sshd:auth): authenti........ -------------------------------	2020-10-08 19:39:10

Type

Details

Datetime

138.201.245.106

attackbotsspam

2020-10-08T04:27:49.006296hostname sshd[59806]: Failed password for root from 138.201.245.106 port 35910 ssh2
...

2020-10-09 03:33:42

138.201.245.106

attack

Oct  7 20:13:13 pl3server sshd[9540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.201.245.106  user=r.r
Oct  7 20:13:15 pl3server sshd[9540]: Failed password for r.r from 138.201.245.106 port 53814 ssh2
Oct  7 20:13:15 pl3server sshd[9540]: Received disconnect from 138.201.245.106 port 53814:11: Bye Bye [preauth]
Oct  7 20:13:15 pl3server sshd[9540]: Disconnected from 138.201.245.106 port 53814 [preauth]
Oct  7 20:29:03 pl3server sshd[15871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.201.245.106  user=r.r
Oct  7 20:29:05 pl3server sshd[15871]: Failed password for r.r from 138.201.245.106 port 50608 ssh2
Oct  7 20:29:06 pl3server sshd[15871]: Received disconnect from 138.201.245.106 port 50608:11: Bye Bye [preauth]
Oct  7 20:29:06 pl3server sshd[15871]: Disconnected from 138.201.245.106 port 50608 [preauth]
Oct  7 20:32:27 pl3server sshd[17292]: pam_unix(sshd:auth): authenti........
-------------------------------

2020-10-08 19:39:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.201.245.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27134
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.201.245.204.		IN	A

;; AUTHORITY SECTION:
.			260	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022010800 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 08 17:54:20 CST 2022
;; MSG SIZE  rcvd: 108

Host info

204.245.201.138.in-addr.arpa domain name pointer static.204.245.201.138.clients.your-server.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
204.245.201.138.in-addr.arpa	name = static.204.245.201.138.clients.your-server.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.240.100.80	attack	NAME : NETPAK CIDR : 91.240.100.0/23 DDoS attack Poland - block certain countries :) IP: 91.240.100.80 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-22 08:26:48
86.2.126.27	attackspambots	Bad Request: "GET / HTTP/1.1"	2019-06-22 09:01:46
35.187.13.72	attackspam	Bad Bot Bad Request: "GET / HTTP/1.1" Agent: "Mozilla/5.0 zgrab/0.x"	2019-06-22 08:30:34
177.10.30.139	attackspam	Request: "GET / HTTP/1.1"	2019-06-22 08:23:54
152.245.81.96	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-22 09:03:58
189.112.183.125	attack	445/tcp [2019-06-21]1pkt	2019-06-22 08:31:08
175.0.239.249	attack	23/tcp [2019-06-21]1pkt	2019-06-22 08:49:51
185.156.177.20	attackspambots	Bad Request: "\x03\x00\x00/\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr" Bad Request: "\x03\x00\x00/\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr" Bad Request: "\x03\x00\x00/\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr" Bad Request: "\x03\x00\x00/\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr"	2019-06-22 09:09:53
134.119.219.93	attackspam	Unauthorized access detected from banned ip	2019-06-22 09:04:20
71.6.202.198	attackspam	Request: "GET /ccvv HTTP/1.1"	2019-06-22 08:54:20
185.15.196.169	attack	Probing for vulnerable PHP code /n2n7yabq.php	2019-06-22 08:45:01
103.209.176.198	attack	Request: "GET / HTTP/1.1"	2019-06-22 08:26:29
123.54.233.203	attackspambots	Jun 21 15:37:30 mailman postfix/smtpd[23168]: warning: unknown[123.54.233.203]: SASL LOGIN authentication failed: authentication failure	2019-06-22 08:55:19
106.12.128.24	attack	Invalid user evan from 106.12.128.24 port 50210	2019-06-22 08:42:52
80.1.15.172	attack	NAME : UK-NTLI-20010425 CIDR : 80.1.15.172/13 DDoS attack United Kingdom - block certain countries :) IP: 80.1.15.172 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-22 08:36:53

Recently Reported IPs

75.183.2.133	82.85.172.1	159.121.164.103	77.228.73.99
7.61.12.128	77.27.74.239	77.40.23.106	78.38.241.99
31.41.35.80	63.173.127.54	79.5.214.135	43.57.184.1
118.71.224.128	201.132.79.23	120.249.65.163	165.16.61.82
196.15.244.223	81.59.44.202	236.191.49.151	228.137.239.136