AbuseIPDB » 138.197.85.15

138.197.85.15 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 36%: ?

36%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 138.197.85.15

Whois 138.197.85.15

IP Abuse Reports for 138.197.85.15:

This IP address has been reported a total of 19 times from 16 distinct sources. 138.197.85.15 was first reported on February 16th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Vegascosmetics	2025-02-17 22:51:32 (1 month ago)	Kingcopy(AI-IDS): IP is wandering around the site and acting suspiciously.	Bad Web Bot
rtbh.com.tr	2025-02-17 20:49:44 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
rtbh.com.tr	2025-02-16 20:49:46 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Joe-Mark	2025-02-16 16:07:00 (1 month ago)	Listed on zen-spamhaus / proto=6 . srcport=40671 . dstport=80 HTTP . (1318)	Port Scan
jmart	2025-02-16 11:51:06 (1 month ago)	138.197.85.15 - - [16/Feb/2025:06:51:05 -0500] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x1F\xE3\x95\x ... show more138.197.85.15 - - [16/Feb/2025:06:51:05 -0500] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x1F\xE3\x95\x17\xF9=A\xE8\xC8\xDA\x024\xC5\xBA\x99\x06\x1E\xB8\x8F\xCFx\x97f!zT\xCEGI\xC2\x87a\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0" 400 145 "-" "-" 138.197.85.15 - - [16/Feb/2025:06:51:05 -0500] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03@U\xD1\x85H\xA2\xB8~\xFB\x0F\xE4\xC4*\x11+\x9A3\xDE\xA0\xD7\x94RE\xB7FT\xF0'\x9E\xBD\xEC\x88\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0" 400 145 "-" "-" ... show less	Bad Web Bot Web App Attack
SkyDancer	2025-02-16 10:25:57 (1 month ago)	Multiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by ... show moreMultiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-A show less	Hacking Brute-Force SSH
vestibtech	2025-02-16 10:01:59 (1 month ago)	[Sun Feb 16 03:01:57.814287 2025] [proxy_fcgi:error] [pid 107923:tid 108187] [client 138.197.85.15:4 ... show more[Sun Feb 16 03:01:57.814287 2025] [proxy_fcgi:error] [pid 107923:tid 108187] [client 138.197.85.15:41032] AH01071: Got error 'Primary script unknown' [Sun Feb 16 03:01:58.457569 2025] [proxy_fcgi:error] [pid 107923:tid 108238] [client 138.197.85.15:41064] AH01071: Got error 'Primary script unknown' [Sun Feb 16 03:01:58.751061 2025] [proxy_fcgi:error] [pid 107922:tid 108174] [client 138.197.85.15:41080] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
kumiko	2025-02-16 09:29:11 (1 month ago)	[2025-02-16 09:29:10] Probing for exploits [1 requests] "\x16\x03\x01" 301	Brute-Force Bad Web Bot Web App Attack
SilverZippo	2025-02-16 07:48:24 (1 month ago)	Web App Attack	Web App Attack
gu-alvareza	2025-02-16 07:05:16 (1 month ago)	SystemBC.Botnet	DDoS Attack Hacking
SkyDancer	2025-02-16 03:55:43 (1 month ago)	Multiple web intrusion attempts or RDP/SSH hacking using wrong credentials. Attack automatically blo ... show moreMultiple web intrusion attempts or RDP/SSH hacking using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Ai-D show less	Hacking Brute-Force SSH
nomzamo	2025-02-16 03:30:02 (1 month ago)	Fail2Ban reported: nginx-noscript	Brute-Force Bad Web Bot
Anonymous	2025-02-16 03:20:38 (1 month ago)	Fail2Ban triggered	Web App Attack
Study Bitcoin 🤗	2025-02-16 01:53:10 (1 month ago)	Port probe to tcp/80 (http) [srv135]	Port Scan Bad Web Bot Web App Attack
www.elivecd.org	2025-02-16 01:48:29 (1 month ago)	2025/02/16 01:48:28 [error] 2348453#2348453: *2325 FastCGI sent in stderr: "PHP message: BOT WARNING ... show more2025/02/16 01:48:28 [error] 2348453#2348453: *2325 FastCGI sent in stderr: "PHP message: BOT WARNING: visitor used the honeypot: 138.197.85.15, url was '78.141.243.157' and abuseipdb '15', function: ELP_site_live" while reading response header from upstream, client: 138.197.85.15, server: www.elivecd.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php8.2-fpm-elivewp.sock:", host: "78.141.243.157" ... show less	Web Spam Email Spam

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩