JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.197.97.170

138.197.97.170 was found in our database!

This IP was reported 1,198 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.197.97.170

Whois 138.197.97.170

IP Abuse Reports for 138.197.97.170:

This IP address has been reported a total of 1,198 times from 469 distinct sources. 138.197.97.170 was first reported on October 30th 2022, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bulletz	2026-06-07 21:59:43 (3 hours ago)	2026-06-07T23:31:09.822468+02:00 vps sshd[24021]: Failed password for invalid user postgres from 138 ... show more 2026-06-07T23:31:09.822468+02:00 vps sshd[24021]: Failed password for invalid user postgres from 138.197.97.170 port 47250 ssh2 2026-06-07T23:59:41.049024+02:00 vps sshd[25364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.97.170 user=root 2026-06-07T23:59:43.365881+02:00 vps sshd[25364]: Failed password for root from 138.197.97.170 port 48754 ssh2 ... show less	Brute-Force SSH
🇫🇷 evvsk	2026-06-07 19:27:39 (6 hours ago)	SSH Brute Force: 10+ attempts.	Brute-Force SSH
🇳🇱 Webhoster	2026-06-07 17:24:53 (8 hours ago)	{"level":"debug","time":"2026-06-07T19:18:23.760","sender":"connection_failed","client_ip":"138.197. ... show more {"level":"debug","time":"2026-06-07T19:18:23.760","sender":"connection_failed","client_ip":"138.197.97.170","username":"root","login_type":"password","protocol":"SSH","error":"plugin auth error for user \"root\": rpc error: code = Unknown desc = user \"root\" does not exist, elapsed: 79.257676ms, auth scope: 1"} {"level":"debug","time":"2026-06-07T19:22:28.058","sender":"connection_failed","client_ip":"138.197.97.170","username":"root","login_type":"password","protocol":"SSH","error":"plugin auth error for user \"root\": rpc error: code = Unknown desc = user \"root\" does not exist, elapsed: 85.405355ms, auth scope: 1"} {"level":"debug","time":"2026-06-07T19:24:53.541","sender":"connection_failed","client_ip":"138.197.97.170","username":"root","login_type":"password","protocol":"SSH","error":"plugin auth error for user \"root\": rpc error: code = Unknown desc = user \"root\" does not exist, elapsed: 101.351866ms, auth scope: 1"} ... show less	Brute-Force SSH
🇵🇹 WebTejo	2026-06-07 06:16:02 (19 hours ago)	Detected multiple authentication failures and invalid user attempts from IP address 138.197.97.170 o ... show more Detected multiple authentication failures and invalid user attempts from IP address 138.197.97.170 on [PT] Otter Node. show less	Brute-Force SSH
🇧🇪 sid3windr	2026-06-06 16:01:39 (1 day ago)	SSH port scan (Tarpitted for 20s, wasted 8B)	Port Scan SSH
Anonymous	2026-06-06 15:25:12 (1 day ago)	(sshd) Failed SSH login from 138.197.97.170 (US/United States/-): 5 in the last 3600 secs; Ports: ; ... show more (sshd) Failed SSH login from 138.197.97.170 (US/United States/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_SSHD; Logs: Jun 6 17:05:42 server02 sshd[3978083]: Invalid user debian from 138.197.97.170 port 60816 Jun 6 17:05:44 server02 sshd[3978083]: Failed password for invalid user debian from 138.197.97.170 port 60816 ssh2 Jun 6 17:18:39 server02 sshd[3978626]: Invalid user walrus from 138.197.97.170 port 33130 Jun 6 17:18:41 server02 sshd[3978626]: Failed password for invalid user walrus from 138.197.97.170 port 33130 ssh2 Jun 6 17:25:09 server02 sshd[3978942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.97.170 user=root show less	Port Scan
🇨🇭 Mario Bretscher	2026-06-06 10:19:51 (1 day ago)	2026-06-06T12:16:20.099900+02:00 hades sshd[3401268]: pam_unix(sshd:auth): authentication failure; l ... show more 2026-06-06T12:16:20.099900+02:00 hades sshd[3401268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.97.170 2026-06-06T12:16:22.072135+02:00 hades sshd[3401268]: Failed password for invalid user web3 from 138.197.97.170 port 34780 ssh2 2026-06-06T12:19:50.110437+02:00 hades sshd[3401788]: Invalid user walrus from 138.197.97.170 port 48470 ... show less	SSH
🇩🇪 ipcop.net	2026-06-06 08:08:29 (1 day ago)	2026-06-06T10:01:21.362020+02:00 web1.wira-gmbh.de sshd[1352655]: Invalid user validator from 138.19 ... show more 2026-06-06T10:01:21.362020+02:00 web1.wira-gmbh.de sshd[1352655]: Invalid user validator from 138.197.97.170 port 34876 2026-06-06T10:01:21.466375+02:00 web1.wira-gmbh.de sshd[1352655]: Connection closed by invalid user validator 138.197.97.170 port 34876 [preauth] 2026-06-06T10:02:53.187635+02:00 web1.wira-gmbh.de sshd[1354264]: Invalid user seed from 138.197.97.170 port 49474 2026-06-06T10:02:53.288436+02:00 web1.wira-gmbh.de sshd[1354264]: Connection closed by invalid user seed 138.197.97.170 port 49474 [preauth] 2026-06-06T10:08:23.970567+02:00 web1.wira-gmbh.de sshd[1360040]: Connection closed by authenticating user zabbix 138.197.97.170 port 50206 [preauth] show less	Brute-Force
🇺🇸 bigscoots.com	2026-06-05 18:18:18 (2 days ago)	138.197.97.170 (US/United States/-), 5 distributed sshd attacks on account [tomcat] in the last 3600 ... show more 138.197.97.170 (US/United States/-), 5 distributed sshd attacks on account [tomcat] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 5 13:18:10 15145 sshd[3461]: Invalid user tomcat from 134.209.144.138 port 53454 Jun 5 13:16:09 15145 sshd[2544]: Invalid user tomcat from 174.138.57.46 port 47822 Jun 5 13:15:39 15145 sshd[2239]: Invalid user tomcat from 138.197.97.170 port 34300 Jun 5 13:15:41 15145 sshd[2239]: Failed password for invalid user tomcat from 138.197.97.170 port 34300 ssh2 Jun 5 13:16:11 15145 sshd[2544]: Failed password for invalid user tomcat from 174.138.57.46 port 47822 ssh2 IP Addresses Blocked: 134.209.144.138 (IN/India/-) 174.138.57.46 (US/United States/-) show less	Brute-Force SSH
🇵🇱 alianet	2026-06-05 05:53:45 (2 days ago)	Jun 5 05:40:43 vps-eb8e942e sshd-session[1082168]: Connection closed by invalid user postgres 138.1 ... show more Jun 5 05:40:43 vps-eb8e942e sshd-session[1082168]: Connection closed by invalid user postgres 138.197.97.170 port 53752 [preauth] Jun 5 05:53:43 vps-eb8e942e sshd-session[1082945]: Connection from 138.197.97.170 port 42854 on 57.128.195.69 port 2222 rdomain "" Jun 5 05:53:44 vps-eb8e942e sshd-session[1082945]: Invalid user tomcat from 138.197.97.170 port 42854 ... show less	Brute-Force SSH
🇩🇪 ghostwarriors	2026-06-05 00:20:26 (3 days ago)	Unauthorized connection to FTP port 21	FTP Brute-Force Brute-Force
🇫🇷 bulletz	2026-06-04 23:44:56 (3 days ago)	2026-06-05T01:41:57.731688+02:00 vps sshd[31891]: pam_unix(sshd:auth): authentication failure; logna ... show more 2026-06-05T01:41:57.731688+02:00 vps sshd[31891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.97.170 2026-06-05T01:41:59.100666+02:00 vps sshd[31891]: Failed password for invalid user trader from 138.197.97.170 port 46064 ssh2 2026-06-05T01:44:56.130275+02:00 vps sshd[31940]: Invalid user validator from 138.197.97.170 port 40146 ... show less	Brute-Force SSH
Anonymous	2026-06-04 16:43:58 (3 days ago)	Honeypot hit: SSH handshake/banner (12 bytes of payload); 2222 [1] TCP Reported by: https://github.c ... show more Honeypot hit: SSH handshake/banner (12 bytes of payload); 2222 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	SSH
🇨🇭 lufi	2026-06-04 13:01:01 (3 days ago)	2026-06-04T14:47:00.457567+02:00 lufischer04 sshd[3156625]: Invalid user validator from 138.197.97.1 ... show more 2026-06-04T14:47:00.457567+02:00 lufischer04 sshd[3156625]: Invalid user validator from 138.197.97.170 port 34462 2026-06-04T14:50:00.551256+02:00 lufischer04 sshd[3160545]: Invalid user postgres from 138.197.97.170 port 56338 2026-06-04T14:55:01.386356+02:00 lufischer04 sshd[3166554]: Invalid user zabbix from 138.197.97.170 port 55530 2026-06-04T14:57:00.831249+02:00 lufischer04 sshd[3169107]: Invalid user bitcoin from 138.197.97.170 port 60206 2026-06-04T15:01:00.937245+02:00 lufischer04 sshd[3174599]: Invalid user tomcat from 138.197.97.170 port 37908 ... show less	Web Spam Brute-Force Hacking Web App Attack
🇩🇪 www.mammazone.it	2026-06-04 12:50:55 (3 days ago)	Jun 4 14:45:54 vps2 sshd[2099621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid ... show more Jun 4 14:45:54 vps2 sshd[2099621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.97.170 Jun 4 14:45:56 vps2 sshd[2099621]: Failed password for invalid user zabbix from 138.197.97.170 port 51260 ssh2 Jun 4 14:50:54 vps2 sshd[2100422]: Invalid user tomcat from 138.197.97.170 port 56006 ... show less	Hacking

Showing 1 to 15 of 1198 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.236

🇧🇪 198.235.24.255

🇧🇪 198.235.24.179

🇧🇪 198.235.24.170

🇨🇴 179.1.241.12

🇧🇷 177.124.78.135

🇺🇸 162.216.149.6

🇺🇸 107.167.34.125

🇺🇸 45.131.194.103

🇧🇷 34.39.201.237

🇨🇳 14.103.140.39

🇷🇴 2.57.121.25

🇧🇪 198.235.24.166

🇹🇼 198.235.24.104

🇳🇱 185.224.128.16

🇵🇰 175.107.201.149

🇩🇪 172.217.33.211

🇯🇵 152.32.201.80

🇺🇸 100.25.213.254

🇸🇳 74.244.85.61