JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.197.171.221

138.197.171.221 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 33%: ?

33%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.197.171.221

Whois 138.197.171.221

IP Abuse Reports for 138.197.171.221:

This IP address has been reported a total of 49 times from 46 distinct sources. 138.197.171.221 was first reported on May 24th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 venus.launch.bz	2026-06-10 05:55:00 (1 week ago)	(wpscan) WordPress probe detected from 138.197.171.221 (CA/Canada/-)	Hacking
🇺🇸 xmission.com	2026-06-09 15:23:22 (1 week ago)	Blocked by UFW (TCP on 8882) Source port: 61015 TTL: 241 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 8882) Source port: 61015 TTL: 241 Packet length: 44 TOS: 0x08 This report (for 138.197.171.221) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-09 15:16:03 (1 week ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-17)	Hacking Bad Web Bot
Anonymous	2026-06-09 14:39:49 (1 week ago)	2026-06-09T15:39:49.099095+01:00 vps kernel: [42756150.472245] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-09T15:39:49.099095+01:00 vps kernel: [42756150.472245] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=138.197.171.221 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=235 ID=8924 PROTO=TCP SPT=61002 DPT=1244 WINDOW=1025 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇦🇺 PetePK	2026-04-30 15:29:02 (1 month ago)	Probed 1 time(s): TCP/5918	Port Scan
🇺🇸 MPL	2026-04-30 03:47:01 (1 month ago)	tcp/8181	Port Scan
🇸🇬 celestialcity	2026-04-28 01:21:01 (1 month ago)	Blocked by UFW on celestialcityas [6939/tcp] \| SPT: 61014 \| TTL: 232 \| LEN: 44 \| TOS: 0x08 • Reporte ... show more Blocked by UFW on celestialcityas [6939/tcp] \| SPT: 61014 \| TTL: 232 \| LEN: 44 \| TOS: 0x08 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 masterguru	2026-04-27 13:47:41 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 138.197.171.221 (CA/Canada/-): 2 in t ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 138.197.171.221 (CA/Canada/-): 2 in the last 3600 secs (0-193) show less	Hacking
🇧🇾 StatsMe	2026-03-11 21:12:58 (3 months ago)	2026-03-11T00:30:17.459327+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇹🇷 rtbh.com.tr	2026-03-11 20:12:00 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 tecnicorioja	2026-03-10 23:01:14 (3 months ago)	Failed password for root Mar 10 21:47:51 port 60122	Brute-Force SSH
🇦🇺 Epic29	2026-03-10 21:42:27 (3 months ago)	2026-03-11T08:38:19.483333+11:00 sleep-salami sshd[36570]: Connection closed by authenticating user ... show more 2026-03-11T08:38:19.483333+11:00 sleep-salami sshd[36570]: Connection closed by authenticating user root 138.197.171.221 port 44752 [preauth] 2026-03-11T08:39:25.908275+11:00 sleep-salami sshd[36582]: Connection closed by authenticating user root 138.197.171.221 port 39692 [preauth] 2026-03-11T08:40:29.603575+11:00 sleep-salami sshd[36594]: Connection closed by authenticating user root 138.197.171.221 port 52280 [preauth] 2026-03-11T08:41:31.123723+11:00 sleep-salami sshd[36608]: Connection closed by authenticating user root 138.197.171.221 port 60130 [preauth] 2026-03-11T08:42:26.516016+11:00 sleep-salami sshd[36614]: Connection closed by authenticating user root 138.197.171.221 port 46426 [preauth] ... show less	Brute-Force SSH
Anonymous	2026-03-10 21:42:05 (3 months ago)	Mar 10 17:40:01 newyork sshd[1465576]: Failed password for root from 138.197.171.221 port 43238 ssh2 ... show more Mar 10 17:40:01 newyork sshd[1465576]: Failed password for root from 138.197.171.221 port 43238 ssh2 Mar 10 17:41:07 newyork sshd[1465592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.171.221 user=root Mar 10 17:41:09 newyork sshd[1465592]: Failed password for root from 138.197.171.221 port 51718 ssh2 Mar 10 17:42:03 newyork sshd[1465601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.171.221 user=root Mar 10 17:42:04 newyork sshd[1465601]: Failed password for root from 138.197.171.221 port 37496 ssh2 ... show less	Brute-Force SSH
🇯🇵 henda	2026-03-10 21:40:41 (3 months ago)	2026-03-11T06:39:33.970710+09:00 * sshd-session[2357959]: Failed password for root from 138.197.1 ... show more 2026-03-11T06:39:33.970710+09:00 * sshd-session[2357959]: Failed password for root from 138.197.171.221 port 57890 ssh2 2026-03-11T06:40:37.868278+09:00 * sshd-session[2358227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.171.221 user=root 2026-03-11T06:40:40.251632+09:00 * sshd-session[2358227]: Failed password for root from 138.197.171.221 port 60072 ssh2 show less	Brute-Force SSH
🇧🇾 s_petryc	2026-03-10 21:40:19 (3 months ago)	2026-03-11T00:39:15.893099tim.mtkrbti.by sshd[26787]: Failed password for root from 138.197.171.221 ... show more 2026-03-11T00:39:15.893099tim.mtkrbti.by sshd[26787]: Failed password for root from 138.197.171.221 port 50112 ssh2 2026-03-11T00:40:17.012208tim.mtkrbti.by sshd[26806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.171.221 user=root 2026-03-11T00:40:19.242517tim.mtkrbti.by sshd[26806]: Failed password for root from 138.197.171.221 port 34130 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.202.9.120

🇨🇳 220.181.108.155

🇺🇸 216.25.89.155

🇲🇾 202.165.29.123

🇧🇷 201.182.62.226

🇭🇰 152.32.252.65

🇧🇷 129.159.56.14

🇺🇸 35.222.38.39

🇺🇸 20.168.6.15

🇺🇸 147.185.132.203

🇨🇳 42.231.126.97

🇧🇷 201.63.223.138

🇨🇳 182.242.168.243

🇺🇸 162.216.150.98

🇩🇪 156.236.31.85

🇱🇦 103.114.147.217

🇿🇦 102.64.33.176

🇧🇬 85.187.190.108

🇮🇶 37.236.201.10

🇺🇸 20.163.10.186