138.197.148.56

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.148.135	attackbotsspam	Apr 5 18:24:23 gitlab-tf sshd\[23258\]: Invalid user user from 138.197.148.135Apr 5 18:26:16 gitlab-tf sshd\[23535\]: Invalid user apache from 138.197.148.135 ...	2020-04-06 02:50:17
138.197.148.135	attackbots	Mar 19 22:15:21 163-172-32-151 sshd[29932]: Invalid user ubuntu from 138.197.148.135 port 46606 ...	2020-03-20 05:55:15
138.197.148.135	attackspambots	Mar 9 20:44:33 wbs sshd\[11311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.148.135 user=umbrella-finder Mar 9 20:44:35 wbs sshd\[11311\]: Failed password for umbrella-finder from 138.197.148.135 port 36244 ssh2 Mar 9 20:48:31 wbs sshd\[11682\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.148.135 user=umbrella-finder Mar 9 20:48:33 wbs sshd\[11682\]: Failed password for umbrella-finder from 138.197.148.135 port 34206 ssh2 Mar 9 20:52:25 wbs sshd\[11996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.148.135 user=umbrella-finder	2020-03-10 15:02:04
138.197.148.135	attackspambots	SSH Brute-Force reported by Fail2Ban	2020-03-06 08:14:57
138.197.148.223	attackbotsspam	SIP/5060 Probe, BF, Hack -	2020-03-06 05:36:40
138.197.148.223	attackbotsspam	Input Traffic from this IP, but critial abuseconfidencescore	2020-03-05 08:39:50
138.197.148.135	attackspam	Detected by Fail2Ban	2020-03-04 07:28:27
138.197.148.223	attackbots	firewall-block, port(s): 22/tcp	2020-02-13 04:51:55
138.197.148.223	attackspam	Honeypot attack, port: 7, PTR: min-extra-scan-209-ca-prod.binaryedge.ninja.	2020-01-15 15:06:32
138.197.148.223	attackspam	Automatic report - Banned IP Access	2019-11-18 01:28:34
138.197.148.223	attack	scan r	2019-11-06 02:19:58
138.197.148.223	attackbots	3389BruteforceFW21	2019-11-03 06:30:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.148.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63511
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.148.56.			IN	A

;; AUTHORITY SECTION:
.			122	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 12:26:37 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 56.148.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 56.148.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.107.154.168	attackspam	2019-10-15T21:50:18.889923 sshd[17949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.107.154.168 user=root 2019-10-15T21:50:21.192032 sshd[17949]: Failed password for root from 200.107.154.168 port 52638 ssh2 2019-10-15T21:54:38.162163 sshd[18000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.107.154.168 user=root 2019-10-15T21:54:40.159914 sshd[18000]: Failed password for root from 200.107.154.168 port 35688 ssh2 2019-10-15T21:59:04.208264 sshd[18025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.107.154.168 user=root 2019-10-15T21:59:06.055519 sshd[18025]: Failed password for root from 200.107.154.168 port 46974 ssh2 ...	2019-10-16 04:46:56
51.38.231.130	attack	554	2019-10-16 05:03:29
193.32.160.139	attack	SPAM Delivery Attempt	2019-10-16 05:17:10
51.77.146.153	attackbots	Oct 15 10:42:01 friendsofhawaii sshd\[26249\]: Invalid user Admin1qaz1qaz from 51.77.146.153 Oct 15 10:42:01 friendsofhawaii sshd\[26249\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.ip-51-77-146.eu Oct 15 10:42:02 friendsofhawaii sshd\[26249\]: Failed password for invalid user Admin1qaz1qaz from 51.77.146.153 port 49190 ssh2 Oct 15 10:45:50 friendsofhawaii sshd\[26576\]: Invalid user qwe123 from 51.77.146.153 Oct 15 10:45:50 friendsofhawaii sshd\[26576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.ip-51-77-146.eu	2019-10-16 04:50:45
34.76.196.29	attackbotsspam	FTP	2019-10-16 05:13:35
31.154.93.97	attack	Brute force attempt	2019-10-16 04:41:35
37.139.13.105	attack	Triggered by Fail2Ban at Vostok web server	2019-10-16 04:57:38
189.212.123.63	attackspam	Automatic report - Port Scan Attack	2019-10-16 04:45:16
116.48.14.35	attackspam	5555/tcp 5555/tcp 5555/tcp... [2019-09-16/10-15]6pkt,1pt.(tcp)	2019-10-16 05:13:05
110.35.212.16	attackbots	23/tcp [2019-10-15]1pkt	2019-10-16 04:50:29
92.63.194.26	attackbots	Oct 15 21:58:57 ncomp sshd[27312]: Invalid user admin from 92.63.194.26 Oct 15 21:58:57 ncomp sshd[27312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.26 Oct 15 21:58:57 ncomp sshd[27312]: Invalid user admin from 92.63.194.26 Oct 15 21:58:59 ncomp sshd[27312]: Failed password for invalid user admin from 92.63.194.26 port 40372 ssh2	2019-10-16 04:53:09
159.89.235.61	attackspambots	Oct 15 10:10:53 friendsofhawaii sshd\[23653\]: Invalid user admin from 159.89.235.61 Oct 15 10:10:53 friendsofhawaii sshd\[23653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.235.61 Oct 15 10:10:55 friendsofhawaii sshd\[23653\]: Failed password for invalid user admin from 159.89.235.61 port 55716 ssh2 Oct 15 10:14:54 friendsofhawaii sshd\[23977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.235.61 user=root Oct 15 10:14:56 friendsofhawaii sshd\[23977\]: Failed password for root from 159.89.235.61 port 38758 ssh2	2019-10-16 04:44:09
81.22.45.107	attack	2019-10-15T23:09:10.139339+02:00 lumpi kernel: [996159.740966] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.107 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=58423 PROTO=TCP SPT=48649 DPT=6909 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-16 05:10:36
106.12.32.48	attack	2019-10-15T20:31:52.675250abusebot.cloudsearch.cf sshd\[11864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.32.48 user=root	2019-10-16 04:41:11
206.198.225.42	attackspam	Probing for vulnerable PHP code /r2ef3mxz.php	2019-10-16 05:09:28

Recently Reported IPs

138.197.144.86	138.197.15.69	138.197.150.185	138.197.151.240
138.197.149.253	138.197.152.62	138.197.153.182	138.197.145.73
138.197.150.179	138.197.146.93	138.197.154.115	138.197.154.117
138.197.154.120	138.197.153.86	138.197.156.137	138.197.158.226
138.197.157.82	138.197.160.150	138.197.16.235	138.197.161.180