138.197.213.192

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.213.160	attack	138.197.213.160 - - [13/Oct/2020:23:18:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2386 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.213.160 - - [13/Oct/2020:23:18:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2319 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.213.160 - - [13/Oct/2020:23:18:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-14 07:06:35
138.197.213.241	attackspambots	$f2bV_matches	2020-10-05 02:35:36
138.197.213.241	attackspam	Invalid user mikael from 138.197.213.241 port 49748	2020-10-04 18:18:38
138.197.213.233	attackbots	Sep 24 14:43:22 piServer sshd[25154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 Sep 24 14:43:24 piServer sshd[25154]: Failed password for invalid user 1111 from 138.197.213.233 port 34588 ssh2 Sep 24 14:47:07 piServer sshd[25533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 ...	2020-09-24 20:50:12
138.197.213.233	attackspam	2020-09-24T06:20:29+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-09-24 12:47:17
138.197.213.233	attackbots	'Fail2Ban'	2020-09-24 04:16:01
138.197.213.233	attackspambots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-18T16:42:57Z	2020-09-19 00:46:41
138.197.213.233	attackbots	SSH Brute-Force reported by Fail2Ban	2020-09-18 16:49:17
138.197.213.134	attack	Sep 16 11:34:37 gamehost-one sshd[27144]: Failed password for root from 138.197.213.134 port 40410 ssh2 Sep 16 11:35:41 gamehost-one sshd[27213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 Sep 16 11:35:43 gamehost-one sshd[27213]: Failed password for invalid user admin from 138.197.213.134 port 53436 ssh2 ...	2020-09-16 18:39:11
138.197.213.233	attackspam	sshd: Failed password for .... from 138.197.213.233 port 58242 ssh2 (9 attempts)	2020-09-09 20:50:08
138.197.213.233	attackspam	(sshd) Failed SSH login from 138.197.213.233 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 14:56:58 server sshd[11116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root Sep 8 14:57:01 server sshd[11116]: Failed password for root from 138.197.213.233 port 50444 ssh2 Sep 8 15:09:39 server sshd[14891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root Sep 8 15:09:41 server sshd[14891]: Failed password for root from 138.197.213.233 port 37672 ssh2 Sep 8 15:12:24 server sshd[15846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root	2020-09-09 14:47:14
138.197.213.233	attackspam	(sshd) Failed SSH login from 138.197.213.233 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 14:56:58 server sshd[11116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root Sep 8 14:57:01 server sshd[11116]: Failed password for root from 138.197.213.233 port 50444 ssh2 Sep 8 15:09:39 server sshd[14891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root Sep 8 15:09:41 server sshd[14891]: Failed password for root from 138.197.213.233 port 37672 ssh2 Sep 8 15:12:24 server sshd[15846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=root	2020-09-09 06:58:15
138.197.213.134	attack	Lines containing failures of 138.197.213.134 (max 1000) Sep 7 12:31:44 localhost sshd[7999]: User r.r from 138.197.213.134 not allowed because listed in DenyUsers Sep 7 12:31:44 localhost sshd[7999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 user=r.r Sep 7 12:31:46 localhost sshd[7999]: Failed password for invalid user r.r from 138.197.213.134 port 37984 ssh2 Sep 7 12:31:48 localhost sshd[7999]: Received disconnect from 138.197.213.134 port 37984:11: Bye Bye [preauth] Sep 7 12:31:48 localhost sshd[7999]: Disconnected from invalid user r.r 138.197.213.134 port 37984 [preauth] Sep 7 12:34:24 localhost sshd[9325]: User r.r from 138.197.213.134 not allowed because listed in DenyUsers Sep 7 12:34:24 localhost sshd[9325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.197.213.13	2020-09-08 23:49:25
138.197.213.134	attackbots	Lines containing failures of 138.197.213.134 (max 1000) Sep 7 12:31:44 localhost sshd[7999]: User r.r from 138.197.213.134 not allowed because listed in DenyUsers Sep 7 12:31:44 localhost sshd[7999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 user=r.r Sep 7 12:31:46 localhost sshd[7999]: Failed password for invalid user r.r from 138.197.213.134 port 37984 ssh2 Sep 7 12:31:48 localhost sshd[7999]: Received disconnect from 138.197.213.134 port 37984:11: Bye Bye [preauth] Sep 7 12:31:48 localhost sshd[7999]: Disconnected from invalid user r.r 138.197.213.134 port 37984 [preauth] Sep 7 12:34:24 localhost sshd[9325]: User r.r from 138.197.213.134 not allowed because listed in DenyUsers Sep 7 12:34:24 localhost sshd[9325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.197.213.13	2020-09-08 15:23:51
138.197.213.134	attackspambots	Lines containing failures of 138.197.213.134 (max 1000) Sep 7 12:31:44 localhost sshd[7999]: User r.r from 138.197.213.134 not allowed because listed in DenyUsers Sep 7 12:31:44 localhost sshd[7999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 user=r.r Sep 7 12:31:46 localhost sshd[7999]: Failed password for invalid user r.r from 138.197.213.134 port 37984 ssh2 Sep 7 12:31:48 localhost sshd[7999]: Received disconnect from 138.197.213.134 port 37984:11: Bye Bye [preauth] Sep 7 12:31:48 localhost sshd[7999]: Disconnected from invalid user r.r 138.197.213.134 port 37984 [preauth] Sep 7 12:34:24 localhost sshd[9325]: User r.r from 138.197.213.134 not allowed because listed in DenyUsers Sep 7 12:34:24 localhost sshd[9325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.197.213.13	2020-09-08 07:56:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.213.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55723
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.213.192.		IN	A

;; AUTHORITY SECTION:
.			423	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 21:18:34 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 192.213.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 192.213.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
199.249.230.118	attackbots	199.249.230.118 - - \[05/Jul/2020:05:53:49 +0200\] "GET /index.php\?id=ausland%27%2F%2A\&id=%2A%2FUNION%2F%2A\&id=%2A%2FALL%2F%2A\&id=%2A%2FSELECT%2F%2A\&id=%2A%2F2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=2157\&id=CHR%28113%29%7C%7CCHR%2898%29%7C%7CCHR%28122%29%7C%7CCHR%28107%29%7C%7CCHR%28113%29%7C%7CCHR%28103%29%7C%7CCHR%28121%29%7C%7CCHR%28101%29%7C%7CCHR%2880%29%7C%7CCHR%2881%29%7C%7CCHR%2867%	2020-07-05 14:46:28
222.175.223.74	attackbotsspam	$f2bV_matches	2020-07-05 14:31:51
107.161.177.66	attackbots	Automatic report - XMLRPC Attack	2020-07-05 14:33:09
192.241.218.215	attack	" "	2020-07-05 14:36:56
139.186.84.46	attackbots	Jul 5 08:34:04 serwer sshd\[12551\]: Invalid user postgres from 139.186.84.46 port 37632 Jul 5 08:34:04 serwer sshd\[12551\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.186.84.46 Jul 5 08:34:06 serwer sshd\[12551\]: Failed password for invalid user postgres from 139.186.84.46 port 37632 ssh2 ...	2020-07-05 14:56:07
118.70.239.146	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-07-05 14:24:30
192.3.139.56	attack	1593930254 - 07/05/2020 08:24:14 Host: 192.3.139.56/192.3.139.56 Port: 15 TCP Blocked	2020-07-05 15:00:24
45.143.221.54	attackspam	Jul 5 09:46:49 server2 sshd\[10130\]: User root from 45.143.221.54 not allowed because not listed in AllowUsers Jul 5 09:47:08 server2 sshd\[10153\]: User root from 45.143.221.54 not allowed because not listed in AllowUsers Jul 5 09:47:53 server2 sshd\[10164\]: User root from 45.143.221.54 not allowed because not listed in AllowUsers Jul 5 09:48:18 server2 sshd\[10187\]: User root from 45.143.221.54 not allowed because not listed in AllowUsers Jul 5 09:48:38 server2 sshd\[10189\]: User root from 45.143.221.54 not allowed because not listed in AllowUsers Jul 5 09:49:02 server2 sshd\[10216\]: User root from 45.143.221.54 not allowed because not listed in AllowUsers	2020-07-05 14:49:46
159.89.236.71	attackspambots	Jul 5 02:17:31 NPSTNNYC01T sshd[24785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.236.71 Jul 5 02:17:33 NPSTNNYC01T sshd[24785]: Failed password for invalid user mrl from 159.89.236.71 port 44338 ssh2 Jul 5 02:20:40 NPSTNNYC01T sshd[25105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.236.71 ...	2020-07-05 14:26:01
218.92.0.248	attackspambots	$f2bV_matches	2020-07-05 14:41:48
31.221.81.222	attackbotsspam	Jul 5 08:00:00 vps sshd[888598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.221.81.222 Jul 5 08:00:02 vps sshd[888598]: Failed password for invalid user rkb from 31.221.81.222 port 54916 ssh2 Jul 5 08:03:21 vps sshd[909588]: Invalid user admin from 31.221.81.222 port 53448 Jul 5 08:03:21 vps sshd[909588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.221.81.222 Jul 5 08:03:23 vps sshd[909588]: Failed password for invalid user admin from 31.221.81.222 port 53448 ssh2 ...	2020-07-05 14:19:37
158.69.38.240	attackbotsspam	eintrachtkultkellerfulda.de 158.69.38.240 [05/Jul/2020:05:54:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 578 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" eintrachtkultkellerfulda.de 158.69.38.240 [05/Jul/2020:05:54:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 578 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"	2020-07-05 14:21:59
145.239.7.56	attackspambots	5x Failed Password	2020-07-05 14:38:44
141.98.10.208	attackbotsspam	2020-07-05T08:38:05.101461www postfix/smtpd[3161]: warning: unknown[141.98.10.208]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-07-05T08:45:52.499758www postfix/smtpd[3226]: warning: unknown[141.98.10.208]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-07-05T08:50:08.408994www postfix/smtpd[3226]: warning: unknown[141.98.10.208]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-05 14:55:43
118.97.55.65	attack	VNC brute force attack detected by fail2ban	2020-07-05 14:18:34

Recently Reported IPs

186.33.74.89	86.131.152.239	94.156.199.21	81.136.37.237
81.234.68.253	175.100.60.107	168.227.96.242	125.59.25.246
194.104.11.65	112.156.90.102	2.92.127.195	41.92.134.130
39.105.154.47	27.6.155.39	1.179.239.81	46.49.40.108
219.154.156.21	222.254.34.48	85.57.98.138	201.150.186.211