138.197.145.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.145.163	attackbots	Sent packet to closed port: 10394	2020-08-09 12:36:59
138.197.145.163	attackspambots	17087/tcp 14465/tcp 31783/tcp... [2020-06-22/08-04]112pkt,43pt.(tcp)	2020-08-05 06:04:02
138.197.145.163	attackspambots	Fail2Ban Ban Triggered	2020-07-28 23:02:10
138.197.145.26	attackspambots	Jul 27 11:20:58 mout sshd[4165]: Invalid user iwan from 138.197.145.26 port 37396	2020-07-27 17:31:36
138.197.145.26	attackbots	firewall-block, port(s): 8113/tcp	2020-07-26 15:25:19
138.197.145.26	attack	Scanned 3 times in the last 24 hours on port 22	2020-07-25 08:36:15
138.197.145.26	attackbots	Jul 24 10:54:47 vpn01 sshd[2993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 24 10:54:49 vpn01 sshd[2993]: Failed password for invalid user batal from 138.197.145.26 port 53418 ssh2 ...	2020-07-24 17:20:04
138.197.145.26	attackbots	Jul 18 15:58:36 ns382633 sshd\[12725\]: Invalid user sdo from 138.197.145.26 port 41884 Jul 18 15:58:36 ns382633 sshd\[12725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 18 15:58:38 ns382633 sshd\[12725\]: Failed password for invalid user sdo from 138.197.145.26 port 41884 ssh2 Jul 18 16:00:58 ns382633 sshd\[13430\]: Invalid user user from 138.197.145.26 port 45014 Jul 18 16:00:58 ns382633 sshd\[13430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26	2020-07-19 02:24:34
138.197.145.26	attack	srv02 Mass scanning activity detected Target: 25369 ..	2020-07-18 13:38:06
138.197.145.26	attackspam	Exploited Host.	2020-07-16 02:26:50
138.197.145.163	attack	firewall-block, port(s): 135/tcp	2020-07-11 22:47:12
138.197.145.26	attackbotsspam	Jul 9 23:55:58 santamaria sshd\[24973\]: Invalid user newsmagazine from 138.197.145.26 Jul 9 23:55:58 santamaria sshd\[24973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Jul 9 23:56:00 santamaria sshd\[24973\]: Failed password for invalid user newsmagazine from 138.197.145.26 port 39498 ssh2 ...	2020-07-10 06:27:33
138.197.145.26	attackspam	SSH Login Bruteforce	2020-07-09 13:22:45
138.197.145.26	attack	21 attempts against mh-ssh on echoip	2020-07-04 05:12:45
138.197.145.26	attackspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-06-29 00:57:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.145.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59159
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.145.1.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:34:14 CST 2022
;; MSG SIZE  rcvd: 106

Host info

1.145.197.138.in-addr.arpa domain name pointer city-belleville.sdsriskassist.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.145.197.138.in-addr.arpa	name = city-belleville.sdsriskassist.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.71.238.16	attackbots	Automatic report - XMLRPC Attack	2020-01-16 17:14:32
103.120.220.1	attack	1579150164 - 01/16/2020 05:49:24 Host: 103.120.220.1/103.120.220.1 Port: 445 TCP Blocked	2020-01-16 16:47:35
162.241.176.39	attackbotsspam	162.241.176.39 - - \[16/Jan/2020:05:49:16 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 162.241.176.39 - - \[16/Jan/2020:05:49:18 +0100\] "POST /wp-login.php HTTP/1.0" 200 7425 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 162.241.176.39 - - \[16/Jan/2020:05:49:21 +0100\] "POST /wp-login.php HTTP/1.0" 200 7273 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-01-16 16:48:22
222.186.175.220	attack	Jan 16 09:55:51 vmd26974 sshd[20211]: Failed password for root from 222.186.175.220 port 58718 ssh2 Jan 16 09:56:03 vmd26974 sshd[20211]: error: maximum authentication attempts exceeded for root from 222.186.175.220 port 58718 ssh2 [preauth] ...	2020-01-16 16:57:22
216.244.66.202	attackbots	20 attempts against mh-misbehave-ban on float.magehost.pro	2020-01-16 17:10:24
182.76.206.194	attackbotsspam	Unauthorized connection attempt detected from IP address 182.76.206.194 to port 2220 [J]	2020-01-16 16:50:29
192.3.4.31	attackspam	(From eric@talkwithcustomer.com) Hi, Let’s take a quick trip to Tomorrow-land. I’m not talking about a theme park, I’m talking about your business’s future… Don’t worry, we won’t even need a crystal ball. Just imagine… … a future where the money you invest in driving traffic to your site andoverspinecenter.com pays off with tons of calls from qualified leads. And the difference between what you experienced in the past is staggering – you’re seeing 10X, 20X, 50X, even up to a 100X more leads coming from your website andoverspinecenter.com. Leads that are already engaged with what you have to offer and are ready to learn more and even open their wallets. Seeing all this taking place in your business, you think back: What did I do only a short time ago that made such a huge difference? And then it hits you: You took advantage of a free 14 day Test Drive of TalkWithCustomer. You installed TalkWithCustomer on andoverspinecenter.com – it was a snap. And practically overnight cus	2020-01-16 17:25:47
94.233.55.106	attackbotsspam	Unauthorized connection attempt detected from IP address 94.233.55.106 to port 445	2020-01-16 16:45:04
42.159.7.130	attackspambots	Jan 16 07:46:10 vps691689 sshd[28029]: Failed password for root from 42.159.7.130 port 38644 ssh2 Jan 16 07:49:00 vps691689 sshd[28157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.7.130 ...	2020-01-16 17:00:42
198.71.235.21	attackspambots	Automatic report - XMLRPC Attack	2020-01-16 16:48:02
42.49.216.35	attackbotsspam	Jan 16 06:23:42 vps691689 sshd[25215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.49.216.35 Jan 16 06:23:43 vps691689 sshd[25215]: Failed password for invalid user sftp from 42.49.216.35 port 56704 ssh2 ...	2020-01-16 17:08:06
167.172.139.65	attackspam	167.172.139.65 - - \[16/Jan/2020:08:09:16 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 167.172.139.65 - - \[16/Jan/2020:08:09:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 7242 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 167.172.139.65 - - \[16/Jan/2020:08:09:29 +0100\] "POST /wp-login.php HTTP/1.0" 200 7239 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-01-16 16:49:56
81.148.222.42	attack	Unauthorized connection attempt detected from IP address 81.148.222.42 to port 9000 [J]	2020-01-16 16:49:04
185.176.27.246	attackspam	01/16/2020-09:57:58.435928 185.176.27.246 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-16 17:21:06
200.52.80.34	attackbots	Jan 16 13:17:51 itv-usvr-02 sshd[16343]: Invalid user git from 200.52.80.34 port 47490 Jan 16 13:17:51 itv-usvr-02 sshd[16343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.52.80.34 Jan 16 13:17:51 itv-usvr-02 sshd[16343]: Invalid user git from 200.52.80.34 port 47490 Jan 16 13:17:52 itv-usvr-02 sshd[16343]: Failed password for invalid user git from 200.52.80.34 port 47490 ssh2 Jan 16 13:22:11 itv-usvr-02 sshd[16378]: Invalid user ftp from 200.52.80.34 port 48486	2020-01-16 16:55:06

Recently Reported IPs

138.197.145.222	138.197.145.232	138.197.145.66	138.197.146.101
138.197.145.79	138.197.145.77	138.197.146.111	138.197.146.114
118.175.174.88	118.175.174.90	118.175.174.92	138.197.163.79
138.197.163.182	138.197.163.87	138.197.163.225	138.197.163.125
138.197.163.206	138.197.163.253	138.197.163.247	138.197.163.15