JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.197.135.206

138.197.135.206 was found in our database!

This IP was reported 118 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.197.135.206

Whois 138.197.135.206

IP Abuse Reports for 138.197.135.206:

This IP address has been reported a total of 118 times from 38 distinct sources. 138.197.135.206 was first reported on April 17th 2023, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 Threat.live	2026-03-11 11:35:05 (3 months ago)	Brute Force, tcp/22	Brute-Force
Anonymous	2026-03-11 11:31:59 (3 months ago)	2026-03-11T11:30:13.605088+00:00 web01.mdo-cloud.net sshd[558683]: Failed password for root from 138 ... show more 2026-03-11T11:30:13.605088+00:00 web01.mdo-cloud.net sshd[558683]: Failed password for root from 138.197.135.206 port 40408 ssh2 2026-03-11T11:31:06.396937+00:00 web01.mdo-cloud.net sshd[558688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.135.206 user=root 2026-03-11T11:31:08.162772+00:00 web01.mdo-cloud.net sshd[558688]: Failed password for root from 138.197.135.206 port 60926 ssh2 2026-03-11T11:31:56.796875+00:00 web01.mdo-cloud.net sshd[558714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.135.206 user=root 2026-03-11T11:31:58.428729+00:00 web01.mdo-cloud.net sshd[558714]: Failed password for root from 138.197.135.206 port 36230 ssh2 ... show less	Brute-Force SSH Web App Attack FTP Brute-Force Port Scan Hacking
🇦🇺 Epic29	2026-03-11 11:31:38 (3 months ago)	2026-03-11T22:27:47.683715+11:00 sleep-salami sshd[42239]: Connection closed by authenticating user ... show more 2026-03-11T22:27:47.683715+11:00 sleep-salami sshd[42239]: Connection closed by authenticating user root 138.197.135.206 port 46782 [preauth] 2026-03-11T22:28:52.825555+11:00 sleep-salami sshd[42246]: Connection closed by authenticating user root 138.197.135.206 port 41506 [preauth] 2026-03-11T22:29:46.898950+11:00 sleep-salami sshd[42254]: Connection closed by authenticating user root 138.197.135.206 port 40200 [preauth] 2026-03-11T22:30:46.233020+11:00 sleep-salami sshd[42276]: Connection closed by authenticating user root 138.197.135.206 port 36336 [preauth] 2026-03-11T22:31:37.546481+11:00 sleep-salami sshd[42284]: Connection closed by authenticating user root 138.197.135.206 port 48116 [preauth] ... show less	Brute-Force SSH
🇦🇺 GE	2026-03-11 11:31:25 (3 months ago)	2026-03-11T22:30:31.024149+11:00 smtp.geddy.au sshd-session[317139]: pam_unix(sshd:auth): authentica ... show more 2026-03-11T22:30:31.024149+11:00 smtp.geddy.au sshd-session[317139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.135.206 user=root 2026-03-11T22:30:33.024989+11:00 smtp.geddy.au sshd-session[317139]: Failed password for root from 138.197.135.206 port 54180 ssh2 2026-03-11T22:31:23.002448+11:00 smtp.geddy.au sshd-session[317142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.135.206 user=root 2026-03-11T22:31:24.572397+11:00 smtp.geddy.au sshd-session[317142]: Failed password for root from 138.197.135.206 port 33582 ssh2 ... show less	SSH
🇸🇬 itachi1706	2026-03-11 11:30:20 (3 months ago)	2026-03-11T11:28:15.038158+00:00 sg-jumphost-server sshd[2345432]: Connection closed by authenticati ... show more 2026-03-11T11:28:15.038158+00:00 sg-jumphost-server sshd[2345432]: Connection closed by authenticating user root 138.197.135.206 port 37470 [preauth] 2026-03-11T11:29:20.548258+00:00 sg-jumphost-server sshd[2345468]: Connection closed by authenticating user root 138.197.135.206 port 55382 [preauth] 2026-03-11T11:30:19.696974+00:00 sg-jumphost-server sshd[2345492]: Connection closed by authenticating user root 138.197.135.206 port 39464 [preauth] ... show less	Brute-Force SSH
🇦🇺 smfhelper.org	2026-03-11 11:29:51 (3 months ago)	(sshd) Failed SSH login from 138.197.135.206 (CA/Canada/-): 5 in the last 3600 secs; Ports: ; Direc ... show more (sshd) Failed SSH login from 138.197.135.206 (CA/Canada/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_SSHD; Logs: 2026-03-11T22:27:47.334339+11:00 arcade-james sshd-session[255929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.135.206 user=root 2026-03-11T22:27:49.686030+11:00 arcade-james sshd-session[255929]: Failed password for invalid user root from 138.197.135.206 port 45738 ssh2 2026-03-11T22:28:52.118976+11:00 arcade-james sshd-session[255939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.135.206 user=root 2026-03-11T22:28:54.280444+11:00 arcade-james sshd-session[255939]: Failed password for invalid user root from 138.197.135.206 port 41482 ssh2 2026-03-11T22:29:46.285296+11:00 arcade-james sshd-session[255950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.135.206 user=root show less	Port Scan
🇮🇳 reporter_anon	2026-03-11 11:28:16 (3 months ago)	Connection closed by authenticating user root 138.197.135.206 port 34258 [preauth]	Brute-Force SSH
🇹🇼 kk_it_man	2026-03-11 11:23:02 (3 months ago)	ET SCAN Potential SSH Scan	Port Scan
🇺🇸 RAP	2026-03-11 05:01:07 (3 months ago)	2026-03-11 05:01:07 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-03-10 12:59:07 (3 months ago)	Honeypot hit: HTTP/1.1 request on 1912 GET / User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKi ... show more Honeypot hit: HTTP/1.1 request on 1912 GET / User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate; 1912 [2] TCP show less	Web App Attack
🇳🇱 EGP Abuse Dept	2026-03-10 12:34:48 (3 months ago)	Unauthorized connection to MySQL port 3306	Port Scan Hacking
🇳🇱 homeshowdomain.nl	2025-12-27 22:59:15 (6 months ago)	Auto-ban: 20 malicious requests on 2025-12-26 (e.g., env/backup probes, brute-force, or error bursts ... show more Auto-ban: 20 malicious requests on 2025-12-26 (e.g., env/backup probes, brute-force, or error bursts). show less	Hacking Web App Attack SSH
Anonymous	2025-12-26 12:04:22 (6 months ago)	(wordpress) Failed wordpress login from 138.197.135.206 (CA/Canada/-)	Brute-Force
🇩🇪 LRob.fr	2025-12-26 10:02:58 (6 months ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇧🇪 cmbplf	2025-12-26 09:24:26 (6 months ago)	2.218 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot

Showing 1 to 15 of 118 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.203.245.49

🇸🇬 159.138.92.62

🇿🇦 105.184.173.111

🇭🇰 103.14.33.174

🇺🇸 66.132.195.44

🇺🇸 66.132.186.238

🇱🇹 62.60.130.219

🇨🇳 61.151.249.194

🇬🇧 45.74.0.84

🇧🇪 194.32.155.45

🇺🇸 172.253.251.119

🇫🇷 167.86.76.145

🇫🇷 161.97.66.201

🇺🇸 154.92.22.13

🇧🇩 103.61.240.29

🇫🇷 92.222.104.215

🇩🇪 68.183.78.6

🇺🇸 66.132.195.16

🇺🇸 66.132.172.183

🇺🇸 65.49.1.235