JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.197.3.114

138.197.3.114 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.197.3.114

Whois 138.197.3.114

IP Abuse Reports for 138.197.3.114:

This IP address has been reported a total of 56 times from 35 distinct sources. 138.197.3.114 was first reported on October 25th 2022, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Cyber Crusader	2025-09-25 02:12:31 (8 months ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇺🇸 drewf.ink	2025-08-14 20:34:33 (10 months ago)	[20:34] Port scanning. Port(s) scanned: TCP/3389	Port Scan
🇷🇸 Smel	2024-07-14 08:30:22 (1 year ago)	MH/MP Probe, Scan, Hack -	Port Scan Hacking
🇿🇦 IrisFlower	2022-11-01 05:52:31 (3 years ago)	Unauthorized connection attempt detected from IP address 138.197.3.114 to port 5601 [J]	Port Scan Hacking
🇺🇸 MPL	2022-11-01 05:33:13 (3 years ago)	tcp/5601 (2 or more attempts)	Port Scan
🇿🇦 IrisFlower	2022-11-01 05:32:16 (3 years ago)	Unauthorized connection attempt detected from IP address 138.197.3.114 to port 5601 [J]	Port Scan Hacking
🇮🇳 Parth Maniar	2022-10-28 08:42:28 (3 years ago)	SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect ... show more SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Brute-Force SSH
🇮🇳 Parth Maniar	2022-10-26 15:54:06 (3 years ago)	SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect ... show more SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Brute-Force SSH
🇩🇪 formality	2022-10-26 13:48:54 (3 years ago)	Invalid user es from 138.197.3.114 port 37450	Brute-Force SSH
🇫🇮 bittiguru.fi	2022-10-26 13:44:31 (3 years ago)	Oct 26 20:40:34 www sshd\[65244\]: Invalid user bharat from 138.197.3.114Oct 26 20:40:35 www sshd\[6 ... show more Oct 26 20:40:34 www sshd\[65244\]: Invalid user bharat from 138.197.3.114Oct 26 20:40:35 www sshd\[65244\]: Failed password for invalid user bharat from 138.197.3.114 port 52492 ssh2Oct 26 20:44:29 www sshd\[65278\]: Failed password for root from 138.197.3.114 port 49578 ssh2 ... show less	Brute-Force SSH
🇩🇪 www.blocklist.de	2022-10-26 13:22:00 (3 years ago)	Oct 26 00:15:52 host sshd[148366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= ... show more Oct 26 00:15:52 host sshd[148366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.3.114 user=r.r Oct 26 00:15:54 host sshd[148366]: Failed password for r.r from 138.197.3.114 port 50608 ssh2 Oct 26 00:15:56 host sshd[148366]: Received disconnect from 138.197.3.114 port 50608:11: Bye Bye [preauth] Oct 26 00:15:56 host sshd[148366]: Disconnected from authenticating user r.r 138.197.3.114 port 50608 [preauth] Oct 26 00:20:53 host sshd[783691]: AD user fuk from 138.197.3.114 port 57856 Oct 26 00:20:53 host sshd[783691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.3.114 Oct 26 00:20:55 host sshd[783691]: Failed password for AD user fuk from 138.197.3.114 port 57856 ssh2 Oct 26 00:20:55 host sshd[783691]: Received disconnect from 138.197.3.114 port 57856:11: Bye Bye [preauth] Oct 26 00:20:55 host sshd[783691]: Disconnected from AD user fuk 138.197.3.114 port 57856 [preauth] O........ ------------------------------- show less	FTP Brute-Force Hacking
🇬🇧 sverre26	2022-10-26 13:04:36 (3 years ago)	Bruteforce detected by fail2ban	Brute-Force SSH
🇩🇪 www.blocklist.de	2022-10-26 11:41:38 (3 years ago)	Oct 26 00:15:52 host sshd[148366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= ... show more Oct 26 00:15:52 host sshd[148366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.3.114 user=r.r Oct 26 00:15:54 host sshd[148366]: Failed password for r.r from 138.197.3.114 port 50608 ssh2 Oct 26 00:15:56 host sshd[148366]: Received disconnect from 138.197.3.114 port 50608:11: Bye Bye [preauth] Oct 26 00:15:56 host sshd[148366]: Disconnected from authenticating user r.r 138.197.3.114 port 50608 [preauth] Oct 26 00:20:53 host sshd[783691]: AD user fuk from 138.197.3.114 port 57856 Oct 26 00:20:53 host sshd[783691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.3.114 Oct 26 00:20:55 host sshd[783691]: Failed password for AD user fuk from 138.197.3.114 port 57856 ssh2 Oct 26 00:20:55 host sshd[783691]: Received disconnect from 138.197.3.114 port 57856:11: Bye Bye [preauth] Oct 26 00:20:55 host sshd[783691]: Disconnected from AD user fuk 138.197.3.114 port 57856 [preauth] O........ ------------------------------- show less	FTP Brute-Force Hacking
🇩🇪 www.blocklist.de	2022-10-26 11:22:09 (3 years ago)	Oct 26 00:15:52 host sshd[148366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= ... show more Oct 26 00:15:52 host sshd[148366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.3.114 user=r.r Oct 26 00:15:54 host sshd[148366]: Failed password for r.r from 138.197.3.114 port 50608 ssh2 Oct 26 00:15:56 host sshd[148366]: Received disconnect from 138.197.3.114 port 50608:11: Bye Bye [preauth] Oct 26 00:15:56 host sshd[148366]: Disconnected from authenticating user r.r 138.197.3.114 port 50608 [preauth] Oct 26 00:20:53 host sshd[783691]: AD user fuk from 138.197.3.114 port 57856 Oct 26 00:20:53 host sshd[783691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.3.114 Oct 26 00:20:55 host sshd[783691]: Failed password for AD user fuk from 138.197.3.114 port 57856 ssh2 Oct 26 00:20:55 host sshd[783691]: Received disconnect from 138.197.3.114 port 57856:11: Bye Bye [preauth] Oct 26 00:20:55 host sshd[783691]: Disconnected from AD user fuk 138.197.3.114 port 57856 [preauth] O........ ------------------------------- show less	FTP Brute-Force Hacking
🇺🇸 SANYALnet Labs	2022-10-26 11:20:07 (3 years ago)	Oct 26 15:20:04 sanyalnet-cloud-vps2 sshd[59876]: pam_unix(sshd:auth): authentication failure; logna ... show more Oct 26 15:20:04 sanyalnet-cloud-vps2 sshd[59876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.3.114 Oct 26 15:20:06 sanyalnet-cloud-vps2 sshd[59876]: Failed password for invalid user laura from 138.197.3.114 port 38884 ssh2 Oct 26 15:20:06 sanyalnet-cloud-vps2 sshd[59876]: Disconnected from invalid user laura 138.197.3.114 port 38884 [preauth] ... show less	Brute-Force

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:961a:8001

🇬🇧 188.166.149.116

🇧🇷 181.218.9.86

🇷🇺 178.213.116.67

🇧🇩 103.153.130.34

🇫🇷 85.217.140.22

🇸🇬 66.90.98.90

🇨🇳 61.153.184.151

🇩🇪 34.40.99.146

🇱🇰 220.247.224.226

🇳🇱 195.178.110.30

🇸🇬 194.5.82.15

🇧🇩 182.48.94.9

🇺🇸 148.153.32.3

🇬🇧 134.122.105.56

🇨🇳 117.50.51.198

🇺🇸 107.170.40.174

🇺🇸 2604:a880:400:d1:0:4:961d:c001

🇺🇸 198.98.56.205

🇵🇱 194.180.49.70