138.197.14.107

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.146.75	attack	Scan port	2023-10-18 12:53:52
138.197.146.75	attack	Scan port	2023-09-23 19:49:04
138.197.146.75	attack	Scan port	2023-07-27 12:45:30
138.197.146.75	attack	port scan	2023-02-03 13:47:17
138.197.146.75	attack	Port scan	2022-12-23 13:51:21
138.197.146.132	attackbots	138.197.146.132 - - [30/Sep/2020:23:11:08 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:23:11:10 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:23:11:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-01 05:49:46
138.197.146.132	attackbotsspam	Wordpress framework attack - hard filter	2020-09-30 22:07:30
138.197.146.132	attack	138.197.146.132 - - [30/Sep/2020:04:04:40 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:40 +0200] "POST /wp-login.php HTTP/1.1" 200 2104 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:46 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:47 +0200] "POST /wp-login.php HTTP/1.1" 200 2090 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:47 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [30/Sep/2020:04:04:53 +0200] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/ ...	2020-09-30 14:40:08
138.197.146.132	attackspam	MYH,DEF GET /wp-login.php	2020-09-27 03:38:24
138.197.146.132	attackbots	138.197.146.132 - - [26/Sep/2020:11:29:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2302 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [26/Sep/2020:11:29:08 +0100] "POST /wp-login.php HTTP/1.1" 200 2238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [26/Sep/2020:11:29:10 +0100] "POST /wp-login.php HTTP/1.1" 200 2234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-26 19:37:03
138.197.149.97	attack	Sep 10 20:00:19 ns308116 sshd[31485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.149.97 user=root Sep 10 20:00:21 ns308116 sshd[31485]: Failed password for root from 138.197.149.97 port 34136 ssh2 Sep 10 20:06:07 ns308116 sshd[4933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.149.97 user=root Sep 10 20:06:09 ns308116 sshd[4933]: Failed password for root from 138.197.149.97 port 40806 ssh2 Sep 10 20:09:31 ns308116 sshd[8395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.149.97 user=root ...	2020-09-11 03:27:57
138.197.146.132	attackbotsspam	138.197.146.132 - - [10/Sep/2020:10:56:20 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:20 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:20 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:21 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:26 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.146.132 - - [10/Sep/2020:10:56:26 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/ ...	2020-09-10 23:58:21
138.197.149.97	attack	$f2bV_matches	2020-09-10 18:58:20
138.197.146.132	attackspam	CMS (WordPress or Joomla) login attempt.	2020-09-10 15:22:37
138.197.146.132	attack	Automatic report generated by Wazuh	2020-09-10 05:59:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.14.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64063
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.14.107.			IN	A

;; AUTHORITY SECTION:
.			480	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:34:03 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 107.14.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.14.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.42.4	attack	2019-11-28T08:04:32.737161hub.schaetter.us sshd\[16122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root 2019-11-28T08:04:34.474976hub.schaetter.us sshd\[16122\]: Failed password for root from 222.186.42.4 port 11774 ssh2 2019-11-28T08:04:37.506913hub.schaetter.us sshd\[16122\]: Failed password for root from 222.186.42.4 port 11774 ssh2 2019-11-28T08:04:40.285182hub.schaetter.us sshd\[16122\]: Failed password for root from 222.186.42.4 port 11774 ssh2 2019-11-28T08:04:43.798331hub.schaetter.us sshd\[16122\]: Failed password for root from 222.186.42.4 port 11774 ssh2 ...	2019-11-28 16:06:27
222.186.180.147	attackbots	Nov 28 02:21:04 plusreed sshd[30751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.147 user=root Nov 28 02:21:06 plusreed sshd[30751]: Failed password for root from 222.186.180.147 port 20092 ssh2 ...	2019-11-28 15:23:04
45.160.148.149	attack	2019-10-16 02:59:44,598 fail2ban.actions [843]: NOTICE [sshd] Ban 45.160.148.149 2019-10-16 06:06:25,654 fail2ban.actions [843]: NOTICE [sshd] Ban 45.160.148.149 2019-10-16 09:11:51,293 fail2ban.actions [843]: NOTICE [sshd] Ban 45.160.148.149 ...	2019-11-28 15:40:17
190.1.203.180	attackspambots	Nov 28 13:28:08 areeb-Workstation sshd[8385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.1.203.180 Nov 28 13:28:10 areeb-Workstation sshd[8385]: Failed password for invalid user lombardini from 190.1.203.180 port 60346 ssh2 ...	2019-11-28 15:59:23
218.92.0.180	attackbotsspam	2019-11-28T07:38:04.173309shield sshd\[12154\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.180 user=root 2019-11-28T07:38:05.906028shield sshd\[12154\]: Failed password for root from 218.92.0.180 port 63734 ssh2 2019-11-28T07:38:09.309835shield sshd\[12154\]: Failed password for root from 218.92.0.180 port 63734 ssh2 2019-11-28T07:38:12.457799shield sshd\[12154\]: Failed password for root from 218.92.0.180 port 63734 ssh2 2019-11-28T07:38:15.684027shield sshd\[12154\]: Failed password for root from 218.92.0.180 port 63734 ssh2	2019-11-28 15:41:07
49.88.112.54	attackspam	Nov 28 08:27:48 tux-35-217 sshd\[25179\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.54 user=root Nov 28 08:27:50 tux-35-217 sshd\[25179\]: Failed password for root from 49.88.112.54 port 64207 ssh2 Nov 28 08:27:54 tux-35-217 sshd\[25179\]: Failed password for root from 49.88.112.54 port 64207 ssh2 Nov 28 08:27:58 tux-35-217 sshd\[25179\]: Failed password for root from 49.88.112.54 port 64207 ssh2 ...	2019-11-28 15:34:53
218.92.0.147	attackspambots	Nov 28 08:30:09 ns381471 sshd[28383]: Failed password for root from 218.92.0.147 port 49393 ssh2 Nov 28 08:30:22 ns381471 sshd[28383]: error: maximum authentication attempts exceeded for root from 218.92.0.147 port 49393 ssh2 [preauth]	2019-11-28 15:33:24
88.84.200.139	attackbots	2019-11-28T07:00:21.979501abusebot-6.cloudsearch.cf sshd\[7364\]: Invalid user host from 88.84.200.139 port 50375	2019-11-28 15:16:30
222.186.175.202	attackbots	Nov 27 21:18:01 sachi sshd\[17121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Nov 27 21:18:03 sachi sshd\[17121\]: Failed password for root from 222.186.175.202 port 4150 ssh2 Nov 27 21:18:14 sachi sshd\[17121\]: Failed password for root from 222.186.175.202 port 4150 ssh2 Nov 27 21:18:18 sachi sshd\[17136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Nov 27 21:18:20 sachi sshd\[17136\]: Failed password for root from 222.186.175.202 port 18880 ssh2	2019-11-28 15:21:33
49.88.112.58	attackspam	Nov 28 08:27:20 legacy sshd[19493]: Failed password for root from 49.88.112.58 port 47361 ssh2 Nov 28 08:27:33 legacy sshd[19493]: error: maximum authentication attempts exceeded for root from 49.88.112.58 port 47361 ssh2 [preauth] Nov 28 08:27:38 legacy sshd[19506]: Failed password for root from 49.88.112.58 port 16570 ssh2 ...	2019-11-28 15:30:31
104.168.245.253	attackspam	Nov 24 07:27:31 mxgate1 postfix/postscreen[13998]: CONNECT from [104.168.245.253]:42080 to [176.31.12.44]:25 Nov 24 07:27:31 mxgate1 postfix/dnsblog[14509]: addr 104.168.245.253 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 24 07:27:37 mxgate1 postfix/postscreen[13998]: PASS NEW [104.168.245.253]:42080 Nov 24 07:27:37 mxgate1 postfix/smtpd[14691]: connect from slot0.macrosltd.com[104.168.245.253] Nov 24 07:27:39 mxgate1 postfix/smtpd[14691]: NOQUEUE: reject: RCPT from slot0.macrosltd.com[104.168.245.253]: 450 4.1.1 : Recipient address rejected: unverified address: host pl3server.1awww.com[5.135.125.163] said: 550 5.1.1 : Recipient address rejected: User unknown in virtual mailbox table (in reply to RCPT TO command); from=x@x .... truncated .... /smtpd[14691]: x@x Nov 24 07:27:39 mxgate1 postfix/smtpd[14691]: disconnect from slot0.macrosltd.com[104.168.245.253] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Nov 24 07:57:39 mxgate1 postfix/........ -------------------------------	2019-11-28 15:29:59
218.92.0.148	attackspam	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.148 user=root Failed password for root from 218.92.0.148 port 38540 ssh2 Failed password for root from 218.92.0.148 port 38540 ssh2 Failed password for root from 218.92.0.148 port 38540 ssh2 Failed password for root from 218.92.0.148 port 38540 ssh2	2019-11-28 16:05:05
167.71.186.71	attackspambots	Looking for resource vulnerabilities	2019-11-28 15:24:24
36.112.128.99	attackbotsspam	2019-10-10 16:33:24,342 fail2ban.actions [843]: NOTICE [sshd] Ban 36.112.128.99 2019-10-10 19:38:30,319 fail2ban.actions [843]: NOTICE [sshd] Ban 36.112.128.99 2019-10-10 22:49:49,564 fail2ban.actions [843]: NOTICE [sshd] Ban 36.112.128.99 ...	2019-11-28 15:49:57
222.186.180.8	attack	v+ssh-bruteforce	2019-11-28 16:00:29

Recently Reported IPs

118.175.172.38	138.197.14.117	138.197.14.103	138.197.139.61
138.197.14.168	138.197.14.29	138.197.14.18	138.197.14.164
138.197.14.170	138.197.14.60	138.197.14.220	118.175.172.41
138.197.14.230	138.197.14.77	138.197.14.92	138.197.140.158
138.197.14.73	138.197.140.199	138.197.141.32	138.197.141.201