Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
138.197.35.84 attackbots
Oct  4 14:49:12 ns382633 sshd\[17445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84  user=root
Oct  4 14:49:14 ns382633 sshd\[17445\]: Failed password for root from 138.197.35.84 port 44456 ssh2
Oct  4 15:07:37 ns382633 sshd\[20130\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84  user=root
Oct  4 15:07:38 ns382633 sshd\[20130\]: Failed password for root from 138.197.35.84 port 43326 ssh2
Oct  4 15:11:10 ns382633 sshd\[20940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84  user=root
2020-10-05 02:16:31
138.197.35.84 attackspam
Oct  4 07:18:43 ws26vmsma01 sshd[24986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84
Oct  4 07:18:45 ws26vmsma01 sshd[24986]: Failed password for invalid user netflow from 138.197.35.84 port 58938 ssh2
...
2020-10-04 17:58:44
138.197.36.189 attackbotsspam
 TCP (SYN) 138.197.36.189:50691 -> port 28599, len 44
2020-10-04 06:13:08
138.197.36.189 attackbots
Port 22 Scan, PTR: None
2020-10-03 22:16:00
138.197.36.189 attackbotsspam
 TCP (SYN) 138.197.36.189:56771 -> port 24354, len 44
2020-10-03 13:59:06
138.197.36.189 attackspam
TCP port : 11804
2020-09-09 20:23:45
138.197.36.189 attack
Port scan denied
2020-09-09 14:21:20
138.197.36.189 attackspam
*Port Scan* detected from 138.197.36.189 (US/United States/New Jersey/Clifton/-). 4 hits in the last 261 seconds
2020-09-09 06:32:13
138.197.35.84 attackspam
Aug 28 17:15:33 ip40 sshd[14766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84 
Aug 28 17:15:35 ip40 sshd[14766]: Failed password for invalid user t from 138.197.35.84 port 54238 ssh2
...
2020-08-29 00:40:09
138.197.35.84 attackspam
Invalid user marimo from 138.197.35.84 port 33458
2020-08-23 19:00:21
138.197.35.84 attackbots
Lines containing failures of 138.197.35.84
Aug 20 06:08:04 rancher sshd[11366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84  user=r.r
Aug 20 06:08:06 rancher sshd[11366]: Failed password for r.r from 138.197.35.84 port 56074 ssh2
Aug 20 06:08:07 rancher sshd[11366]: Received disconnect from 138.197.35.84 port 56074:11: Bye Bye [preauth]
Aug 20 06:08:07 rancher sshd[11366]: Disconnected from authenticating user r.r 138.197.35.84 port 56074 [preauth]
Aug 20 06:16:30 rancher sshd[11549]: Invalid user ghostname from 138.197.35.84 port 56210
Aug 20 06:16:30 rancher sshd[11549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.35.84
Aug 20 06:16:32 rancher sshd[11549]: Failed password for invalid user ghostname from 138.197.35.84 port 56210 ssh2
Aug 20 06:16:33 rancher sshd[11549]: Received disconnect from 138.197.35.84 port 56210:11: Bye Bye [preauth]
Aug 20 06:16:33 ranch........
------------------------------
2020-08-23 01:37:25
138.197.3.233 attackbotsspam
2020-08-14 22:50:16
138.197.36.189 attackspam
Port scan: Attack repeated for 24 hours
2020-08-04 07:50:29
138.197.32.150 attack
Exploited Host.
2020-07-26 02:57:39
138.197.36.189 attackspam
Port scan denied
2020-07-13 23:57:54
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.3.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8314
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.3.97.			IN	A

;; AUTHORITY SECTION:
.			187	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 17:31:29 CST 2022
;; MSG SIZE  rcvd: 105
Host info
Host 97.3.197.138.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 97.3.197.138.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
114.33.127.115 attack
Thu Feb 13 21:52:21 2020 - Child process 87787 handling connection
Thu Feb 13 21:52:21 2020 - New connection from: 114.33.127.115:53067
Thu Feb 13 21:52:21 2020 - Sending data to client: [Login: ]
Thu Feb 13 21:52:21 2020 - Child process 87788 handling connection
Thu Feb 13 21:52:21 2020 - New connection from: 114.33.127.115:53068
Thu Feb 13 21:52:21 2020 - Sending data to client: [Login: ]
Thu Feb 13 21:52:21 2020 - Got data: root
Thu Feb 13 21:52:22 2020 - Sending data to client: [Password: ]
Thu Feb 13 21:52:22 2020 - Got data: 1234
Thu Feb 13 21:52:24 2020 - Child 87787 exiting
Thu Feb 13 21:52:24 2020 - Child 87794 granting shell
Thu Feb 13 21:52:24 2020 - Sending data to client: [Logged in]
Thu Feb 13 21:52:24 2020 - Sending data to client: [Welcome to MX990 Embedded Linux]
Thu Feb 13 21:52:24 2020 - Sending data to client: [[root@dvrdvs /]# ]
Thu Feb 13 21:52:25 2020 - Got data: enable
system
shell
sh
Thu Feb 13 21:52:25 2020 - Sending data to client: [Command not found]
T
2020-02-14 19:28:11
84.96.22.15 attackbotsspam
Honeypot attack, port: 445, PTR: 15.22.96.84.rev.sfr.net.
2020-02-14 19:23:50
92.79.179.89 attackspambots
Feb 14 05:53:06 [snip] sshd[18832]: Invalid user lamarche from 92.79.179.89 port 20226
Feb 14 05:53:06 [snip] sshd[18832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.79.179.89
Feb 14 05:53:08 [snip] sshd[18832]: Failed password for invalid user lamarche from 92.79.179.89 port 20226 ssh2[...]
2020-02-14 18:38:56
114.34.229.196 attackspam
Honeypot attack, port: 81, PTR: 114-34-229-196.HINET-IP.hinet.net.
2020-02-14 19:15:41
117.254.108.21 attack
1581655982 - 02/14/2020 05:53:02 Host: 117.254.108.21/117.254.108.21 Port: 445 TCP Blocked
2020-02-14 18:46:27
120.89.64.8 attackspambots
Feb 14 10:49:54 ns382633 sshd\[5262\]: Invalid user temp from 120.89.64.8 port 39274
Feb 14 10:49:54 ns382633 sshd\[5262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.89.64.8
Feb 14 10:49:56 ns382633 sshd\[5262\]: Failed password for invalid user temp from 120.89.64.8 port 39274 ssh2
Feb 14 10:56:44 ns382633 sshd\[6677\]: Invalid user fly from 120.89.64.8 port 33210
Feb 14 10:56:44 ns382633 sshd\[6677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.89.64.8
2020-02-14 18:54:05
85.99.98.182 attackbotsspam
Automatic report - Banned IP Access
2020-02-14 18:56:00
187.29.240.74 attackbots
Unauthorized connection attempt detected from IP address 187.29.240.74 to port 445
2020-02-14 18:49:13
88.247.214.6 attackbots
Automatic report - Port Scan Attack
2020-02-14 18:57:46
186.251.7.203 attackspam
1581655947 - 02/14/2020 05:52:27 Host: 186.251.7.203/186.251.7.203 Port: 22 TCP Blocked
2020-02-14 19:14:50
119.206.86.8 attack
MultiHost/MultiPort Probe, Scan, Hack -
2020-02-14 19:07:17
196.194.221.121 attack
Unauthorized Brute Force Email Login Fail
2020-02-14 18:40:09
80.211.225.143 attackspambots
Feb 14 06:22:28 srv-ubuntu-dev3 sshd[46743]: Invalid user cristiane from 80.211.225.143
Feb 14 06:22:28 srv-ubuntu-dev3 sshd[46743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.225.143
Feb 14 06:22:28 srv-ubuntu-dev3 sshd[46743]: Invalid user cristiane from 80.211.225.143
Feb 14 06:22:30 srv-ubuntu-dev3 sshd[46743]: Failed password for invalid user cristiane from 80.211.225.143 port 42494 ssh2
Feb 14 06:25:31 srv-ubuntu-dev3 sshd[48190]: Invalid user upload from 80.211.225.143
Feb 14 06:25:31 srv-ubuntu-dev3 sshd[48190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.225.143
Feb 14 06:25:31 srv-ubuntu-dev3 sshd[48190]: Invalid user upload from 80.211.225.143
Feb 14 06:25:33 srv-ubuntu-dev3 sshd[48190]: Failed password for invalid user upload from 80.211.225.143 port 43952 ssh2
Feb 14 06:28:41 srv-ubuntu-dev3 sshd[65478]: Invalid user wolwerine123 from 80.211.225.143
...
2020-02-14 19:03:17
59.127.43.194 attackspam
Honeypot attack, port: 81, PTR: 59-127-43-194.HINET-IP.hinet.net.
2020-02-14 19:00:12
176.113.70.60 attackspam
176.113.70.60 was recorded 9 times by 3 hosts attempting to connect to the following ports: 1900. Incident counter (4h, 24h, all-time): 9, 68, 2054
2020-02-14 18:52:06

Recently Reported IPs

138.197.31.216 138.197.34.85 138.197.3.165 138.197.4.132
138.197.30.54 138.197.4.17 138.197.45.51 138.197.48.125
138.197.48.144 138.197.49.246 138.197.49.7 138.197.5.148
138.197.50.247 138.197.5.52 138.197.51.38 138.197.5.109
138.197.52.91 138.197.52.191 138.197.50.34 138.197.53.126