138.197.194.19

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.194.207	attack	138.197.194.207 - - \[01/Sep/2020:17:15:13 +0200\] "POST /wp-login.php HTTP/1.0" 200 3149 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.197.194.207 - - \[01/Sep/2020:17:15:16 +0200\] "POST /wp-login.php HTTP/1.0" 200 3152 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.197.194.207 - - \[01/Sep/2020:17:15:19 +0200\] "POST /wp-login.php HTTP/1.0" 200 3147 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-02 04:37:38
138.197.194.207	attackbots	plussize.fitness 138.197.194.207 [06/Aug/2020:13:33:33 +0200] "POST /wp-login.php HTTP/1.1" 200 5953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" plussize.fitness 138.197.194.207 [06/Aug/2020:13:33:34 +0200] "POST /wp-login.php HTTP/1.1" 200 5909 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-06 20:57:49
138.197.194.207	attackbots	138.197.194.207 - - [02/Aug/2020:22:26:50 +0100] "POST /wp-login.php HTTP/1.1" 200 2081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.194.207 - - [02/Aug/2020:22:26:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.194.207 - - [02/Aug/2020:22:26:57 +0100] "POST /wp-login.php HTTP/1.1" 200 2063 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-03 06:05:11
138.197.194.207	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-23 13:49:00
138.197.194.89	attack	xmlrpc attack	2020-07-13 15:09:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.194.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62221
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.194.19.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025060602 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 07 14:00:10 CST 2025
;; MSG SIZE  rcvd: 107

Host info

Host 19.194.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.194.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
172.105.106.62	attackbots	srvr3: (mod_security) mod_security (id:920350) triggered by 172.105.106.62 (CA/Canada/172.105.106.62.li.binaryedge.ninja): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/22 14:15:29 [error] 428444#0: 18733 [client 172.105.106.62] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/ws"] [unique_id "159809852949.795946"] [ref "o0,14v23,14"], client: 172.105.106.62, [redacted] request: "GET /ws HTTP/1.1" [redacted]	2020-08-22 21:19:58
186.234.249.196	attackbotsspam	Aug 22 14:30:08 h2779839 sshd[27080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.234.249.196 user=www-data Aug 22 14:30:09 h2779839 sshd[27080]: Failed password for www-data from 186.234.249.196 port 15264 ssh2 Aug 22 14:34:32 h2779839 sshd[27136]: Invalid user vladimir from 186.234.249.196 port 46696 Aug 22 14:34:32 h2779839 sshd[27136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.234.249.196 Aug 22 14:34:32 h2779839 sshd[27136]: Invalid user vladimir from 186.234.249.196 port 46696 Aug 22 14:34:34 h2779839 sshd[27136]: Failed password for invalid user vladimir from 186.234.249.196 port 46696 ssh2 Aug 22 14:38:47 h2779839 sshd[27228]: Invalid user admin from 186.234.249.196 port 29905 Aug 22 14:38:47 h2779839 sshd[27228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.234.249.196 Aug 22 14:38:47 h2779839 sshd[27228]: Invalid user admin from 186 ...	2020-08-22 20:50:01
218.92.0.145	attack	Aug 22 14:59:29 ip106 sshd[29592]: Failed password for root from 218.92.0.145 port 63302 ssh2 Aug 22 14:59:33 ip106 sshd[29592]: Failed password for root from 218.92.0.145 port 63302 ssh2 ...	2020-08-22 21:09:15
5.196.198.147	attack	SSH login attempts.	2020-08-22 20:56:21
176.113.115.52	attackspambots	firewall-block, port(s): 48291/tcp	2020-08-22 20:51:58
41.39.83.187	attackspam	SMB Server BruteForce Attack	2020-08-22 21:00:59
195.25.206.131	attackbots	Unauthorized connection attempt from IP address 195.25.206.131 on Port 445(SMB)	2020-08-22 21:04:13
4.7.94.244	attackspambots	SSH brute-force attempt	2020-08-22 21:02:24
51.83.41.120	attackspam	Aug 22 05:29:50 dignus sshd[17553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.41.120 Aug 22 05:29:52 dignus sshd[17553]: Failed password for invalid user ben from 51.83.41.120 port 38180 ssh2 Aug 22 05:33:19 dignus sshd[18103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.41.120 user=root Aug 22 05:33:22 dignus sshd[18103]: Failed password for root from 51.83.41.120 port 44886 ssh2 Aug 22 05:37:05 dignus sshd[18694]: Invalid user filip from 51.83.41.120 port 51594 ...	2020-08-22 21:13:25
110.78.114.236	attackbots	Aug 22 15:15:47 hosting sshd[24450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.78.114.236 user=root Aug 22 15:15:49 hosting sshd[24450]: Failed password for root from 110.78.114.236 port 51688 ssh2 ...	2020-08-22 20:57:38
118.69.55.101	attackbotsspam	Aug 22 13:33:55 ajax sshd[25882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.69.55.101 Aug 22 13:33:57 ajax sshd[25882]: Failed password for invalid user kevin from 118.69.55.101 port 51654 ssh2	2020-08-22 20:48:50
82.200.206.66	attackbots	Unauthorized connection attempt from IP address 82.200.206.66 on Port 445(SMB)	2020-08-22 21:03:14
206.189.124.254	attackspam	prod6 ...	2020-08-22 20:57:18
140.143.19.237	attack	Aug 22 14:03:06 Ubuntu-1404-trusty-64-minimal sshd\[13998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.19.237 user=root Aug 22 14:03:09 Ubuntu-1404-trusty-64-minimal sshd\[13998\]: Failed password for root from 140.143.19.237 port 55918 ssh2 Aug 22 14:15:58 Ubuntu-1404-trusty-64-minimal sshd\[20990\]: Invalid user vvn from 140.143.19.237 Aug 22 14:15:58 Ubuntu-1404-trusty-64-minimal sshd\[20990\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.19.237 Aug 22 14:16:00 Ubuntu-1404-trusty-64-minimal sshd\[20990\]: Failed password for invalid user vvn from 140.143.19.237 port 55926 ssh2	2020-08-22 20:45:49
195.175.45.226	attack	Unauthorized connection attempt from IP address 195.175.45.226 on Port 445(SMB)	2020-08-22 21:19:20

Recently Reported IPs

113.215.188.69	138.128.221.164	159.89.179.122	185.93.89.100
185.156.73.51	171.120.157.249	122.188.34.199	58.20.88.175
51.89.204.83	66.50.2.177	223.113.128.191	106.75.3.70
106.75.64.250	198.235.24.78	23.90.144.137	1.92.114.204
40.119.24.130	111.6.225.81	27.29.44.78	106.75.135.116