JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.197.175.63

138.197.175.63 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.197.175.63

Whois 138.197.175.63

IP Abuse Reports for 138.197.175.63:

This IP address has been reported a total of 26 times from 22 distinct sources. 138.197.175.63 was first reported on February 27th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-03-17 23:45:00 (2 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇳🇱 ras07	2026-03-17 07:00:14 (2 months ago)	Brute force SSH login attempts.	Brute-Force SSH
🇫🇮 pr0vieh	2026-03-17 06:29:10 (2 months ago)	2026-03-17T06:28:46.386372+00:00 Linux13 sshd-session[3340253]: Failed password for invalid user tes ... show more 2026-03-17T06:28:46.386372+00:00 Linux13 sshd-session[3340253]: Failed password for invalid user testuser1 from 138.197.175.63 port 57460 ssh2 2026-03-17T06:28:50.591782+00:00 Linux13 sshd-session[3340670]: Invalid user administrador from 138.197.175.63 port 46950 2026-03-17T06:28:50.953307+00:00 Linux13 sshd-session[3340670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.175.63 2026-03-17T06:28:53.330429+00:00 Linux13 sshd-session[3340670]: Failed password for invalid user administrador from 138.197.175.63 port 46950 ssh2 2026-03-17T06:28:58.820185+00:00 Linux13 sshd-session[3341092]: Invalid user alex from 138.197.175.63 port 43772 2026-03-17T06:28:59.402740+00:00 Linux13 sshd-session[3341092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.175.63 2026-03-17T06:29:01.343393+00:00 Linux13 sshd-session[3341092]: Failed password for invalid user alex from 138.197.175.63 port 43772 ssh2 202 ... show less	Brute-Force SSH
🇳🇱 gbzret4d	2026-03-17 06:28:52 (2 months ago)	Blocked by CrowdSec. Scenario: crowdsecurity/ssh-bf	Brute-Force SSH
🇩🇪 formality	2026-03-17 06:28:42 (2 months ago)	Invalid user testuser1 from 138.197.175.63 port 40136	Brute-Force SSH
🇦🇹 ipi.at	2026-03-17 06:28:41 (2 months ago)	2026-03-17T07:28:38.656272+01:00 n23 sshd[2621113]: pam_unix(sshd:auth): authentication failure; log ... show more 2026-03-17T07:28:38.656272+01:00 n23 sshd[2621113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.175.63 user=root 2026-03-17T07:28:40.643061+01:00 n23 sshd[2621113]: Failed password for root from 138.197.175.63 port 45578 ssh2 ... show less	Brute-Force SSH
🇧🇾 lns.bz	2026-03-17 06:28:39 (2 months ago)	SSH bruteforce [BY]	SSH
🇵🇱 sefinek.net	2026-03-11 00:40:33 (3 months ago)	Honeypot hit: HTTP/1.1 request on 9000 GET / User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKi ... show more Honeypot hit: HTTP/1.1 request on 9000 GET / User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate; 9000 [2] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇯🇵 mkaraki	2026-03-01 22:57:17 (3 months ago)	1772405825 # Service_probe # SIGNATURE_SEND # source_ip:138.197.175.63 # dst_port:15000 ...	Port Scan
🇺🇸 xmission.com	2026-03-01 22:33:14 (3 months ago)	Blocked by UFW (TCP on 55555) Source port: 61010 TTL: 241 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 55555) Source port: 61010 TTL: 241 Packet length: 44 TOS: 0x08 This report (for 138.197.175.63) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 masterguru	2026-03-01 12:25:01 (3 months ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 138.197.175.63 (CA/Canada/-): 1 in th ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 138.197.175.63 (CA/Canada/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 MPL	2025-08-19 18:33:25 (9 months ago)	tcp/4000 (2 or more attempts)	Port Scan
🇵🇱 Niko's Stuff	2025-08-18 00:41:22 (9 months ago)	[1x] F2B \| Suspicious activity blocked on: ufw \| BanTime: 604800s \| Suspicious TCP packet from 138.1 ... show more [1x] F2B \| Suspicious activity blocked on: ufw \| BanTime: 604800s \| Suspicious TCP packet from 138.197.175.63:61003 → port 8082 \| TTL: 242, LEN: 44, TOS: 0x00, PREC: 0x00, Interface: eth0 show less	Port Scan
🇺🇸 Hobby Bob	2025-08-18 00:29:06 (9 months ago)	Aug 18 00:29:06 server dovecot: pop3-login: Disconnected: Disconnected: Too many bad commands (no au ... show more Aug 18 00:29:06 server dovecot: pop3-login: Disconnected: Disconnected: Too many bad commands (no auth attempts in 0 secs): user=, rip=138.197.175.63, lip=X.X.X.X session= show less	Port Scan Hacking
🇳🇱 bontekoe.technology	2025-08-18 00:17:47 (9 months ago)	138.197.175.63 banned on rtr - Threshold reached: 3 failures	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.192.97.179

🇵🇭 112.202.97.225

🇧🇩 103.124.237.201

🇲🇽 201.163.125.227

🇲🇦 160.177.142.108

🇲🇦 154.144.224.159

🇭🇰 154.83.13.181

🇦🇪 139.185.55.154

🇨🇳 115.191.64.182

🇮🇳 110.225.255.179

🇺🇸 45.3.48.189

🇻🇳 27.79.5.139

🇻🇳 14.228.77.73

🇺🇸 198.46.246.49

🇨🇳 175.149.64.12

🇺🇸 160.153.176.197

🇧🇷 136.248.121.226

🇮🇳 122.176.122.24

🇻🇳 113.182.69.54

🇿🇦 82.27.245.119