138.197.3.97 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.35.84	attackbots	Oct 4 14:49:12 ns382633 sshd\[17445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84 user=root Oct 4 14:49:14 ns382633 sshd\[17445\]: Failed password for root from 138.197.35.84 port 44456 ssh2 Oct 4 15:07:37 ns382633 sshd\[20130\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84 user=root Oct 4 15:07:38 ns382633 sshd\[20130\]: Failed password for root from 138.197.35.84 port 43326 ssh2 Oct 4 15:11:10 ns382633 sshd\[20940\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84 user=root	2020-10-05 02:16:31
138.197.35.84	attackspam	Oct 4 07:18:43 ws26vmsma01 sshd[24986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84 Oct 4 07:18:45 ws26vmsma01 sshd[24986]: Failed password for invalid user netflow from 138.197.35.84 port 58938 ssh2 ...	2020-10-04 17:58:44
138.197.36.189	attackbotsspam	TCP (SYN) 138.197.36.189:50691 -> port 28599, len 44	2020-10-04 06:13:08
138.197.36.189	attackbots	Port 22 Scan, PTR: None	2020-10-03 22:16:00
138.197.36.189	attackbotsspam	TCP (SYN) 138.197.36.189:56771 -> port 24354, len 44	2020-10-03 13:59:06
138.197.36.189	attackspam	TCP port : 11804	2020-09-09 20:23:45
138.197.36.189	attack	Port scan denied	2020-09-09 14:21:20
138.197.36.189	attackspam	Port Scan detected from 138.197.36.189 (US/United States/New Jersey/Clifton/-). 4 hits in the last 261 seconds	2020-09-09 06:32:13
138.197.35.84	attackspam	Aug 28 17:15:33 ip40 sshd[14766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84 Aug 28 17:15:35 ip40 sshd[14766]: Failed password for invalid user t from 138.197.35.84 port 54238 ssh2 ...	2020-08-29 00:40:09
138.197.35.84	attackspam	Invalid user marimo from 138.197.35.84 port 33458	2020-08-23 19:00:21
138.197.35.84	attackbots	Lines containing failures of 138.197.35.84 Aug 20 06:08:04 rancher sshd[11366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84 user=r.r Aug 20 06:08:06 rancher sshd[11366]: Failed password for r.r from 138.197.35.84 port 56074 ssh2 Aug 20 06:08:07 rancher sshd[11366]: Received disconnect from 138.197.35.84 port 56074:11: Bye Bye [preauth] Aug 20 06:08:07 rancher sshd[11366]: Disconnected from authenticating user r.r 138.197.35.84 port 56074 [preauth] Aug 20 06:16:30 rancher sshd[11549]: Invalid user ghostname from 138.197.35.84 port 56210 Aug 20 06:16:30 rancher sshd[11549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84 Aug 20 06:16:32 rancher sshd[11549]: Failed password for invalid user ghostname from 138.197.35.84 port 56210 ssh2 Aug 20 06:16:33 rancher sshd[11549]: Received disconnect from 138.197.35.84 port 56210:11: Bye Bye [preauth] Aug 20 06:16:33 ranch........ ------------------------------	2020-08-23 01:37:25
138.197.3.233	attackbotsspam		2020-08-14 22:50:16
138.197.36.189	attackspam	Port scan: Attack repeated for 24 hours	2020-08-04 07:50:29
138.197.32.150	attack	Exploited Host.	2020-07-26 02:57:39
138.197.36.189	attackspam	Port scan denied	2020-07-13 23:57:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.3.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8314
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.3.97.			IN	A

;; AUTHORITY SECTION:
.			187	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 17:31:29 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 97.3.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 97.3.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.211	attackbotsspam	Unauthorized connection attempt detected from IP address 218.92.0.211 to port 22 [J]	2020-01-08 02:16:23
123.241.112.94	attackspam	20/1/7@07:58:59: FAIL: Alarm-Telnet address from=123.241.112.94 ...	2020-01-08 02:08:22
106.12.221.86	attackspam	Unauthorized connection attempt detected from IP address 106.12.221.86 to port 2220 [J]	2020-01-08 01:47:38
103.207.0.150	attackspam	1578401941 - 01/07/2020 13:59:01 Host: 103.207.0.150/103.207.0.150 Port: 445 TCP Blocked	2020-01-08 02:05:39
222.186.30.35	attackbots	Jan 7 14:44:05 vps46666688 sshd[31587]: Failed password for root from 222.186.30.35 port 53494 ssh2 Jan 7 14:44:08 vps46666688 sshd[31587]: Failed password for root from 222.186.30.35 port 53494 ssh2 ...	2020-01-08 01:50:57
5.178.86.74	attack	winbox attack	2020-01-08 01:51:50
181.48.28.13	attackbots	Unauthorized connection attempt detected from IP address 181.48.28.13 to port 2220 [J]	2020-01-08 02:10:18
157.230.226.7	attackbotsspam	Unauthorized connection attempt detected from IP address 157.230.226.7 to port 2220 [J]	2020-01-08 01:53:48
36.67.81.41	attackbotsspam	Unauthorized connection attempt detected from IP address 36.67.81.41 to port 2220 [J]	2020-01-08 01:48:25
49.233.136.245	attackspambots	Jan 7 18:30:22 meumeu sshd[19903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.136.245 Jan 7 18:30:24 meumeu sshd[19903]: Failed password for invalid user office from 49.233.136.245 port 43556 ssh2 Jan 7 18:34:07 meumeu sshd[20565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.136.245 ...	2020-01-08 01:54:52
144.217.170.235	attackbotsspam	$f2bV_matches	2020-01-08 01:54:11
111.72.193.245	attackspambots	2020-01-07 06:58:13 dovecot_login authenticator failed for (vrldd) [111.72.193.245]:56250 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lipeng@lerctr.org) 2020-01-07 06:58:20 dovecot_login authenticator failed for (gcspt) [111.72.193.245]:56250 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lipeng@lerctr.org) 2020-01-07 06:58:32 dovecot_login authenticator failed for (xmkwh) [111.72.193.245]:56250 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=lipeng@lerctr.org) ...	2020-01-08 02:20:37
50.62.134.196	attack	Jan 7 14:50:16 vps46666688 sshd[32006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.62.134.196 Jan 7 14:50:18 vps46666688 sshd[32006]: Failed password for invalid user router from 50.62.134.196 port 60936 ssh2 ...	2020-01-08 02:06:44
45.95.35.244	attack	Postfix RBL failed	2020-01-08 01:55:18
62.90.235.90	attack	Jan 7 17:14:19 xeon sshd[50330]: Failed password for invalid user test2 from 62.90.235.90 port 52239 ssh2	2020-01-08 02:10:33

Recently Reported IPs

138.197.31.216	138.197.34.85	138.197.3.165	138.197.4.132
138.197.30.54	138.197.4.17	138.197.45.51	138.197.48.125
138.197.48.144	138.197.49.246	138.197.49.7	138.197.5.148
138.197.50.247	138.197.5.52	138.197.51.38	138.197.5.109
138.197.52.91	138.197.52.191	138.197.50.34	138.197.53.126