138.197.135.127

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.135.102	attackspambots	138.197.135.102 - - [19/Sep/2020:07:11:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2451 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.135.102 - - [19/Sep/2020:07:11:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2431 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.135.102 - - [19/Sep/2020:07:11:24 +0100] "POST /wp-login.php HTTP/1.1" 200 2431 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-20 03:49:48
138.197.135.102	attack	138.197.135.102 - - [19/Sep/2020:07:11:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2451 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.135.102 - - [19/Sep/2020:07:11:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2431 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.135.102 - - [19/Sep/2020:07:11:24 +0100] "POST /wp-login.php HTTP/1.1" 200 2431 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-19 19:55:09
138.197.135.102	attack	138.197.135.102 - - [10/Sep/2020:21:13:11 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-11 03:27:35
138.197.135.102	attackspam	CMS (WordPress or Joomla) login attempt.	2020-09-10 18:58:01
138.197.135.102	attackbots	CMS (WordPress or Joomla) login attempt.	2020-09-08 00:12:36
138.197.135.102	attackbotsspam	Brute forcing Wordpress login	2020-09-07 08:07:25
138.197.135.102	attackbotsspam	xmlrpc attack	2020-08-20 17:21:32
138.197.135.102	attackbotsspam	xmlrpc attack	2020-07-14 17:32:46
138.197.135.199	attack	$f2bV_matches	2020-07-04 05:49:49
138.197.135.199	attackspam	Invalid user netadmin from 138.197.135.199 port 38328	2020-07-01 07:13:34
138.197.135.102	attack	CMS (WordPress or Joomla) login attempt.	2020-06-02 00:26:52
138.197.135.102	attackspambots	138.197.135.102 - - \[25/May/2020:23:09:07 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.197.135.102 - - \[25/May/2020:23:09:09 +0200\] "POST /wp-login.php HTTP/1.0" 200 6267 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.197.135.102 - - \[25/May/2020:23:09:11 +0200\] "POST /wp-login.php HTTP/1.0" 200 6263 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-26 05:34:31
138.197.135.102	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-04-28 16:13:50
138.197.135.102	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-04-27 07:22:23
138.197.135.102	attackspambots	xmlrpc attack	2020-04-22 16:52:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.135.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24816
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.135.127.		IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:33:56 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 127.135.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 127.135.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.96.232.49	attackbots	SSH-BruteForce	2019-08-01 10:36:40
115.59.12.210	attackbots	Honeypot attack, port: 23, PTR: hn.kd.ny.adsl.	2019-08-01 10:26:29
60.20.227.33	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-01 10:41:25
157.230.253.128	attackbots	Aug 1 04:22:24 django sshd[110994]: Invalid user carina from 157.230.253.128 Aug 1 04:22:24 django sshd[110994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.253.128 Aug 1 04:22:27 django sshd[110994]: Failed password for invalid user carina from 157.230.253.128 port 43550 ssh2 Aug 1 04:22:27 django sshd[110995]: Received disconnect from 157.230.253.128: 11: Bye Bye Aug 1 04:29:29 django sshd[111923]: Invalid user truman from 157.230.253.128 Aug 1 04:29:29 django sshd[111923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.253.128 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.230.253.128	2019-08-01 10:43:37
189.103.69.191	attack	Apr 22 08:54:31 ubuntu sshd[21358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.103.69.191 Apr 22 08:54:33 ubuntu sshd[21358]: Failed password for invalid user bp from 189.103.69.191 port 46488 ssh2 Apr 22 08:58:00 ubuntu sshd[21457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.103.69.191 Apr 22 08:58:01 ubuntu sshd[21457]: Failed password for invalid user joc from 189.103.69.191 port 43032 ssh2	2019-08-01 10:05:38
95.181.217.13	attackbots	B: Magento admin pass test (abusive)	2019-08-01 10:18:28
185.234.218.210	attack	IP: 185.234.218.210 ASN: AS197226 sprint S.A. Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 31/07/2019 9:49:59 PM UTC	2019-08-01 10:13:57
139.211.60.255	attack	Honeypot attack, port: 23, PTR: 255.60.211.139.adsl-pool.jlccptt.net.cn.	2019-08-01 10:43:20
187.120.138.203	attackspam	Try access to SMTP/POP/IMAP server.	2019-08-01 10:37:50
51.38.186.207	attackspambots	May 25 14:32:08 ubuntu sshd[19672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.207 May 25 14:32:10 ubuntu sshd[19672]: Failed password for invalid user server from 51.38.186.207 port 46694 ssh2 May 25 14:35:00 ubuntu sshd[19773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.207 May 25 14:35:03 ubuntu sshd[19773]: Failed password for invalid user maura from 51.38.186.207 port 46854 ssh2	2019-08-01 10:34:46
67.207.84.165	attack	10s of requests to none existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined node-superagent/4.1.0	2019-08-01 10:18:54
189.100.156.207	attackspambots	Apr 26 05:42:40 ubuntu sshd[24600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.100.156.207 Apr 26 05:42:41 ubuntu sshd[24600]: Failed password for invalid user joe from 189.100.156.207 port 56144 ssh2 Apr 26 05:49:11 ubuntu sshd[24764]: Failed password for redis from 189.100.156.207 port 45105 ssh2	2019-08-01 10:14:22
129.28.196.92	attack	Aug 1 02:44:37 nextcloud sshd\[531\]: Invalid user ubuntu from 129.28.196.92 Aug 1 02:44:37 nextcloud sshd\[531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.196.92 Aug 1 02:44:38 nextcloud sshd\[531\]: Failed password for invalid user ubuntu from 129.28.196.92 port 59710 ssh2 ...	2019-08-01 10:06:21
180.126.130.40	attack	2019-07-31T18:37:29.554114abusebot-8.cloudsearch.cf sshd\[14041\]: Invalid user NetLinx from 180.126.130.40 port 45931	2019-08-01 10:51:15
119.202.14.158	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-01 10:40:00

Recently Reported IPs

240.142.179.196	138.197.135.237	138.197.135.71	138.197.136.125
138.197.135.219	118.175.172.36	138.197.136.177	138.197.136.132
138.197.136.135	138.197.136.159	138.197.137.251	138.197.137.242
138.197.137.237	138.197.138.171	138.197.137.41	138.197.137.4
138.197.138.64	138.197.138.37	138.197.139.11	138.197.139.1