138.197.136.159

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.136.163	attack	Bruteforce detected by fail2ban	2020-09-30 03:10:28
138.197.136.163	attack	Invalid user oracle from 138.197.136.163 port 37458	2020-09-29 19:14:00
138.197.136.30	attack	2020-08-26T12:41:16.767587snf-827550 sshd[26410]: Failed password for invalid user hxn from 138.197.136.30 port 58790 ssh2 2020-08-26T12:51:06.675287snf-827550 sshd[26435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.136.30 user=root 2020-08-26T12:51:08.066895snf-827550 sshd[26435]: Failed password for root from 138.197.136.30 port 52754 ssh2 ...	2020-08-26 17:55:02
138.197.136.72	attack	138.197.136.72 - - [23/Aug/2020:22:54:54 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [23/Aug/2020:22:54:56 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [23/Aug/2020:22:54:56 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-24 08:11:55
138.197.136.72	attack	WordPress wp-login brute force :: 138.197.136.72 0.100 - [19/Aug/2020:12:28:51 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-08-20 01:18:46
138.197.136.72	attackspam	138.197.136.72 - - [17/Aug/2020:08:21:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [17/Aug/2020:08:21:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [17/Aug/2020:08:21:59 +0100] "POST /wp-login.php HTTP/1.1" 200 1887 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-17 16:17:00
138.197.136.72	attackspambots	138.197.136.72 - - [07/Aug/2020:12:08:57 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [07/Aug/2020:12:09:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2066 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [07/Aug/2020:12:09:06 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-07 19:21:04
138.197.136.72	attack	WordPress Login Brute Force Attempt , PTR: PTR record not found	2020-08-06 21:57:06
138.197.136.72	attackbotsspam	138.197.136.72 - - [31/Jul/2020:01:36:22 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [31/Jul/2020:01:36:23 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [31/Jul/2020:01:36:23 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [31/Jul/2020:01:36:23 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [31/Jul/2020:01:36:23 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [31/Jul/2020:01:36:24 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-07-31 08:07:30
138.197.136.72	attackspam	Automatic report - Banned IP Access	2020-07-27 19:16:32
138.197.136.72	attack	138.197.136.72 - - [16/Jul/2020:07:24:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [16/Jul/2020:07:24:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2020 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [16/Jul/2020:07:24:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2019 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-16 19:11:46
138.197.136.72	attackspambots	138.197.136.72 - - \[06/Jul/2020:15:43:30 +0200\] "POST /wp-login.php HTTP/1.1" 200 9954 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - \[06/Jul/2020:15:43:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 9823 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2020-07-06 21:46:38
138.197.136.72	attackspam	Automatic report - XMLRPC Attack	2020-07-01 05:00:31
138.197.136.72	attackspambots	138.197.136.72 - - [27/Jun/2020:23:55:25 +0100] "POST /wp-login.php HTTP/1.1" 200 1792 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [27/Jun/2020:23:55:26 +0100] "POST /wp-login.php HTTP/1.1" 200 1768 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.136.72 - - [27/Jun/2020:23:55:27 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-28 07:29:02
138.197.136.72	attack	10 attempts against mh-misc-ban on heat	2020-06-14 02:29:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.136.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57060
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.136.159.		IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 160 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:33:58 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 159.136.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.136.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.146.217.163	attackspam	Mar 26 10:59:01 serwer sshd\[28038\]: Invalid user uo from 5.146.217.163 port 57460 Mar 26 10:59:01 serwer sshd\[28038\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.146.217.163 Mar 26 10:59:02 serwer sshd\[28038\]: Failed password for invalid user uo from 5.146.217.163 port 57460 ssh2 ...	2020-03-26 19:03:01
218.63.225.253	attackbots	Unauthorised access (Mar 26) SRC=218.63.225.253 LEN=40 TTL=52 ID=49799 TCP DPT=8080 WINDOW=30119 SYN Unauthorised access (Mar 25) SRC=218.63.225.253 LEN=40 TTL=52 ID=20398 TCP DPT=8080 WINDOW=22064 SYN	2020-03-26 19:21:21
106.12.221.86	attackbotsspam	B: Abusive ssh attack	2020-03-26 19:17:07
39.71.69.5	attack	Unauthorized connection attempt detected from IP address 39.71.69.5 to port 22 [T]	2020-03-26 19:20:29
218.154.139.20	attackspambots	Mar 26 04:50:10 debian-2gb-nbg1-2 kernel: \[7453687.622602\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=218.154.139.20 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=54777 PROTO=TCP SPT=32568 DPT=23 WINDOW=24936 RES=0x00 SYN URGP=0	2020-03-26 18:49:51
51.89.149.213	attackspambots	Mar 26 06:37:05 pi sshd[9913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.149.213 Mar 26 06:37:06 pi sshd[9913]: Failed password for invalid user wilberforce from 51.89.149.213 port 49422 ssh2	2020-03-26 19:09:47
113.168.143.178	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 26-03-2020 03:50:13.	2020-03-26 18:46:18
121.52.215.196	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-03-26 19:23:33
222.186.15.166	attack	Unauthorized connection attempt detected from IP address 222.186.15.166 to port 22 [T]	2020-03-26 18:52:21
50.77.122.250	attackspam	Mar 26 04:33:38 Tower sshd[1756]: Connection from 50.77.122.250 port 52714 on 192.168.10.220 port 22 rdomain "" Mar 26 04:33:42 Tower sshd[1756]: Invalid user tigg from 50.77.122.250 port 52714 Mar 26 04:33:42 Tower sshd[1756]: error: Could not get shadow information for NOUSER Mar 26 04:33:42 Tower sshd[1756]: Failed password for invalid user tigg from 50.77.122.250 port 52714 ssh2 Mar 26 04:33:42 Tower sshd[1756]: Received disconnect from 50.77.122.250 port 52714:11: Bye Bye [preauth] Mar 26 04:33:42 Tower sshd[1756]: Disconnected from invalid user tigg 50.77.122.250 port 52714 [preauth]	2020-03-26 19:05:51
177.92.66.226	attack	2020-03-26T09:43:09.134387abusebot-7.cloudsearch.cf sshd[20194]: Invalid user lee from 177.92.66.226 port 36428 2020-03-26T09:43:09.141035abusebot-7.cloudsearch.cf sshd[20194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mvx-177-92-66-226.mundivox.com 2020-03-26T09:43:09.134387abusebot-7.cloudsearch.cf sshd[20194]: Invalid user lee from 177.92.66.226 port 36428 2020-03-26T09:43:11.457694abusebot-7.cloudsearch.cf sshd[20194]: Failed password for invalid user lee from 177.92.66.226 port 36428 ssh2 2020-03-26T09:51:49.989955abusebot-7.cloudsearch.cf sshd[20865]: Invalid user idkadm from 177.92.66.226 port 55812 2020-03-26T09:51:49.994892abusebot-7.cloudsearch.cf sshd[20865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mvx-177-92-66-226.mundivox.com 2020-03-26T09:51:49.989955abusebot-7.cloudsearch.cf sshd[20865]: Invalid user idkadm from 177.92.66.226 port 55812 2020-03-26T09:51:51.366741abusebot-7.clou ...	2020-03-26 19:08:21
14.233.83.12	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 26-03-2020 03:50:15.	2020-03-26 18:43:17
139.198.121.63	attack	k+ssh-bruteforce	2020-03-26 19:19:00
116.52.164.10	attackbotsspam	Invalid user HTTP from 116.52.164.10 port 25514	2020-03-26 19:16:54
46.219.3.139	attackspambots	k+ssh-bruteforce	2020-03-26 19:09:28

Recently Reported IPs

138.197.136.135	138.197.137.251	138.197.137.242	138.197.137.237
138.197.138.171	138.197.137.41	138.197.137.4	138.197.138.64
138.197.138.37	138.197.139.11	138.197.139.1	138.197.139.187
138.197.139.71	138.197.139.135	138.197.139.243	138.197.139.208
118.175.172.38	138.197.14.107	138.197.14.117	138.197.14.103