138.197.72.109

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.72.48	attack	Aug 29 10:19:30 dallas01 sshd[23262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48 Aug 29 10:19:32 dallas01 sshd[23262]: Failed password for invalid user steam from 138.197.72.48 port 37756 ssh2 Aug 29 10:24:46 dallas01 sshd[24018]: Failed password for root from 138.197.72.48 port 53062 ssh2	2020-01-28 07:12:00
138.197.72.48	attack	2019-08-30T00:46:40.087209wiz-ks3 sshd[8637]: Invalid user steam from 138.197.72.48 port 32900 2019-08-30T00:46:40.089424wiz-ks3 sshd[8637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48 2019-08-30T00:46:40.087209wiz-ks3 sshd[8637]: Invalid user steam from 138.197.72.48 port 32900 2019-08-30T00:46:42.000491wiz-ks3 sshd[8637]: Failed password for invalid user steam from 138.197.72.48 port 32900 ssh2 2019-08-30T00:51:25.071104wiz-ks3 sshd[8660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48 user=root 2019-08-30T00:51:27.112865wiz-ks3 sshd[8660]: Failed password for root from 138.197.72.48 port 48218 ssh2 2019-08-30T00:56:31.370104wiz-ks3 sshd[8667]: Invalid user admin from 138.197.72.48 port 35284 2019-08-30T00:56:31.372240wiz-ks3 sshd[8667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48 2019-08-30T00:56:31.370104wiz-ks3 sshd[8667]: Invalid user	2019-08-31 09:45:01
138.197.72.48	attack	Aug 30 18:35:26 * sshd[8194]: Failed password for invalid user steam from 138.197.72.48 port 56356 ssh2 Aug 30 18:45:23 * sshd[8509]: Failed password for invalid user admin from 138.197.72.48 port 58736 ssh2	2019-08-31 04:03:46
138.197.72.48	attackspam	"Fail2Ban detected SSH brute force attempt"	2019-08-30 16:31:40
138.197.72.48	attackspambots	SSH Brute-Force attacks	2019-08-28 12:38:34
138.197.72.48	attack	$f2bV_matches	2019-08-26 03:17:56
138.197.72.48	attack	Triggered by Fail2Ban at Vostok web server	2019-08-25 11:27:19
138.197.72.48	attack	Aug 24 20:18:54 ns37 sshd[7830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48 Aug 24 20:18:56 ns37 sshd[7830]: Failed password for invalid user adm from 138.197.72.48 port 50628 ssh2 Aug 24 20:23:21 ns37 sshd[8064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48	2019-08-25 02:42:51
138.197.72.48	attackbotsspam	Aug 23 14:25:15 SilenceServices sshd[29254]: Failed password for root from 138.197.72.48 port 51766 ssh2 Aug 23 14:29:54 SilenceServices sshd[825]: Failed password for root from 138.197.72.48 port 38840 ssh2	2019-08-23 20:55:27
138.197.72.48	attackbotsspam	$f2bV_matches	2019-08-21 09:19:58
138.197.72.48	attack	Invalid user user from 138.197.72.48 port 52834	2019-08-18 08:06:15
138.197.72.48	attackspambots	Aug 17 04:28:07 cvbmail sshd\[2530\]: Invalid user user from 138.197.72.48 Aug 17 04:28:07 cvbmail sshd\[2530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.72.48 Aug 17 04:28:09 cvbmail sshd\[2530\]: Failed password for invalid user user from 138.197.72.48 port 56820 ssh2	2019-08-17 10:29:52
138.197.72.48	attackspam	SSH Brute-Force reported by Fail2Ban	2019-08-13 16:20:45
138.197.72.48	attack	Brute force SMTP login attempted. ...	2019-08-10 03:03:40
138.197.72.48	attackbotsspam	2019-07-29T04:38:16.475421abusebot-7.cloudsearch.cf sshd\[19315\]: Invalid user hadoop from 138.197.72.48 port 48722	2019-07-29 14:08:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.72.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43231
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.72.109.			IN	A

;; AUTHORITY SECTION:
.			153	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:54:19 CST 2022
;; MSG SIZE  rcvd: 107

Host info

109.72.197.138.in-addr.arpa domain name pointer lightning2-1.rb-com.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
109.72.197.138.in-addr.arpa	name = lightning2-1.rb-com.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.41.2.53	attackspam	Feb 2 12:34:43 mail kernel: [52744.364750] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=171.41.2.53 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=32164 PROTO=TCP SPT=4416 DPT=23 WINDOW=60876 RES=0x00 SYN URGP=0 ...	2020-02-02 19:50:18
124.29.236.163	attackbots	Feb 2 08:36:17 server sshd[3207]: Failed password for invalid user demo3 from 124.29.236.163 port 50554 ssh2 Feb 2 08:43:41 server sshd[4254]: Failed password for invalid user upload from 124.29.236.163 port 42130 ssh2 Feb 2 08:47:10 server sshd[4290]: Failed password for invalid user sftp from 124.29.236.163 port 44676 ssh2	2020-02-02 19:43:38
24.28.73.180	attackspam	Unauthorized connection attempt detected from IP address 24.28.73.180 to port 2220 [J]	2020-02-02 19:40:19
89.163.132.37	attack	Unauthorized connection attempt detected from IP address 89.163.132.37 to port 2220 [J]	2020-02-02 20:11:10
95.227.95.233	attack	Unauthorized connection attempt detected from IP address 95.227.95.233 to port 2220 [J]	2020-02-02 19:35:54
167.172.115.108	attackspambots	RDP Bruteforce	2020-02-02 19:33:20
45.30.121.27	attack	20 attempts against mh-ssh on sea	2020-02-02 20:00:10
219.237.222.87	attackspam	Unauthorized connection attempt detected from IP address 219.237.222.87 to port 2220 [J]	2020-02-02 19:47:14
118.25.46.60	attack	Unauthorized connection attempt detected from IP address 118.25.46.60 to port 2220 [J]	2020-02-02 19:34:42
176.36.192.193	attackbots	Unauthorized connection attempt detected from IP address 176.36.192.193 to port 2220 [J]	2020-02-02 19:49:25
49.112.198.45	attackbotsspam	GPON Home Routers Remote Code Execution Vulnerability CVE 2018-10562, PTR: PTR record not found	2020-02-02 19:44:51
148.66.133.91	attack	2020-02-02T04:10:32.802371vostok sshd\[25069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.133.91 user=root \| Triggered by Fail2Ban at Vostok web server	2020-02-02 20:10:13
103.8.119.166	attackbots	Jun 18 21:43:27 ms-srv sshd[51856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.8.119.166 Jun 18 21:43:29 ms-srv sshd[51856]: Failed password for invalid user jacks from 103.8.119.166 port 44162 ssh2	2020-02-02 19:32:10
93.99.154.134	attackbots	Unauthorized connection attempt detected from IP address 93.99.154.134 to port 81 [J]	2020-02-02 19:53:35
112.85.42.87	attackbots	2020-02-01 UTC: 3x - root(3x)	2020-02-02 19:56:17

Recently Reported IPs

138.197.68.56	138.197.7.118	138.197.72.136	138.197.62.43
138.197.72.88	138.197.74.186	138.197.75.193	138.197.75.60
138.197.77.210	138.197.79.147	138.197.76.174	138.197.76.202
138.197.74.135	138.197.88.149	138.197.9.183	138.197.90.38
138.197.92.110	138.197.96.40	138.197.97.239	138.197.97.207