138.197.88.149

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.88.135	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-08-11 10:52:38
138.197.88.135	attackbotsspam	Aug 9 05:12:52 ip-172-31-62-245 sshd\[25847\]: Invalid user jarel from 138.197.88.135\ Aug 9 05:12:54 ip-172-31-62-245 sshd\[25847\]: Failed password for invalid user jarel from 138.197.88.135 port 49580 ssh2\ Aug 9 05:17:08 ip-172-31-62-245 sshd\[25863\]: Invalid user Jordan from 138.197.88.135\ Aug 9 05:17:10 ip-172-31-62-245 sshd\[25863\]: Failed password for invalid user Jordan from 138.197.88.135 port 41100 ssh2\ Aug 9 05:21:25 ip-172-31-62-245 sshd\[25880\]: Invalid user cloud from 138.197.88.135\	2019-08-09 14:24:02
138.197.88.135	attack	" "	2019-08-08 11:58:58
138.197.88.135	attackspambots	Aug 6 22:51:24 ip-172-31-62-245 sshd\[3377\]: Invalid user admin from 138.197.88.135\ Aug 6 22:51:26 ip-172-31-62-245 sshd\[3377\]: Failed password for invalid user admin from 138.197.88.135 port 33358 ssh2\ Aug 6 22:55:49 ip-172-31-62-245 sshd\[3410\]: Invalid user postmaster from 138.197.88.135\ Aug 6 22:55:51 ip-172-31-62-245 sshd\[3410\]: Failed password for invalid user postmaster from 138.197.88.135 port 55980 ssh2\ Aug 6 23:00:21 ip-172-31-62-245 sshd\[3429\]: Invalid user manuel from 138.197.88.135\	2019-08-07 07:24:47
138.197.88.135	attackspambots	29.07.2019 11:21:15 Connection to port 1712 blocked by firewall	2019-07-29 21:57:33
138.197.88.135	attackspambots	Jul 27 06:14:08 plusreed sshd[18313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.88.135 user=root Jul 27 06:14:11 plusreed sshd[18313]: Failed password for root from 138.197.88.135 port 55076 ssh2 ...	2019-07-27 21:05:16
138.197.88.135	attack	Splunk® : port scan detected: Jul 23 16:21:34 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=138.197.88.135 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=252 ID=1702 PROTO=TCP SPT=47585 DPT=1705 WINDOW=1024 RES=0x00 SYN URGP=0	2019-07-24 05:23:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.88.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7923
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.88.149.			IN	A

;; AUTHORITY SECTION:
.			205	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:54:22 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 149.88.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.88.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.227	attack	Aug 8 10:09:36 s1 sshd\[21991\]: User root from 112.85.42.227 not allowed because not listed in AllowUsers Aug 8 10:09:37 s1 sshd\[21991\]: Failed password for invalid user root from 112.85.42.227 port 22307 ssh2 Aug 8 10:09:37 s1 sshd\[21991\]: Failed password for invalid user root from 112.85.42.227 port 22307 ssh2 Aug 8 10:09:37 s1 sshd\[21991\]: Failed password for invalid user root from 112.85.42.227 port 22307 ssh2 Aug 8 10:10:40 s1 sshd\[22915\]: User root from 112.85.42.227 not allowed because not listed in AllowUsers Aug 8 10:10:40 s1 sshd\[22915\]: Failed password for invalid user root from 112.85.42.227 port 64107 ssh2 ...	2019-08-08 20:04:14
148.72.212.161	attack	Automatic report - Banned IP Access	2019-08-08 19:22:22
169.197.112.102	attackspambots	2019-08-08T04:26:48.051305Z 190f659f1bab New connection: 169.197.112.102:48656 (172.17.0.3:2222) [session: 190f659f1bab] 2019-08-08T04:26:52.795279Z b993c493788e New connection: 169.197.112.102:50674 (172.17.0.3:2222) [session: b993c493788e]	2019-08-08 19:56:45
109.19.16.40	attackspam	frenzy	2019-08-08 19:35:37
218.92.0.196	attack	$f2bV_matches	2019-08-08 20:03:13
101.89.150.214	attackbots	$f2bV_matches	2019-08-08 19:38:06
77.247.110.22	attackbotsspam	Trying to (more than 3 packets) bruteforce (not in use) VoIP/SIP port 5060	2019-08-08 19:36:30
158.69.198.5	attackspam	2019-08-08T08:13:30.118953abusebot.cloudsearch.cf sshd\[29975\]: Invalid user murat from 158.69.198.5 port 46010	2019-08-08 19:53:21
54.37.254.57	attack	Aug 8 05:25:17 ks10 sshd[6713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.254.57 Aug 8 05:25:20 ks10 sshd[6713]: Failed password for invalid user postgres from 54.37.254.57 port 55972 ssh2 ...	2019-08-08 19:38:26
78.186.254.130	attackbotsspam	Unauthorised access (Aug 8) SRC=78.186.254.130 LEN=40 TTL=242 ID=63155 DF TCP DPT=8080 WINDOW=14600 SYN	2019-08-08 19:22:56
73.62.149.46	attackspam	Forbidden directory scan :: 2019/08/08 12:08:53 [error] 1106#1106: *1781912 access forbidden by rule, client: 73.62.149.46, server: [censored_1], request: "GET /knowledge-base/tech-tips-tricks/how-to-replace-character-with-new-line-using-notepad/.json HTTP/1.1", host: "www.[censored_1]", referrer: "https://www.[censored_1]/knowledge-base/tech-tips-tricks/how-to-replace-character-with-new-line-using-notepad/"	2019-08-08 19:52:20
80.82.55.71	attack	xmlrpc attack	2019-08-08 19:52:02
222.220.119.249	attackbots	Aug 8 10:06:46 toyboy sshd[13506]: Invalid user admin from 222.220.119.249 Aug 8 10:06:46 toyboy sshd[13506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.220.119.249 Aug 8 10:06:48 toyboy sshd[13506]: Failed password for invalid user admin from 222.220.119.249 port 40501 ssh2 Aug 8 10:06:50 toyboy sshd[13506]: Failed password for invalid user admin from 222.220.119.249 port 40501 ssh2 Aug 8 10:06:52 toyboy sshd[13506]: Failed password for invalid user admin from 222.220.119.249 port 40501 ssh2 Aug 8 10:06:55 toyboy sshd[13506]: Failed password for invalid user admin from 222.220.119.249 port 40501 ssh2 Aug 8 10:06:57 toyboy sshd[13506]: Failed password for invalid user admin from 222.220.119.249 port 40501 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=222.220.119.249	2019-08-08 20:10:23
3.19.69.120	attackbots	Aug 7 00:02:26 iago sshd[778]: Invalid user ivo from 3.19.69.120 Aug 7 00:02:26 iago sshd[778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-3-19-69-120.us-east-2.compute.amazonaws.com ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=3.19.69.120	2019-08-08 20:02:20
121.182.166.81	attackspambots	Aug 8 13:25:23 ArkNodeAT sshd\[5849\]: Invalid user ofsaa from 121.182.166.81 Aug 8 13:25:23 ArkNodeAT sshd\[5849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.182.166.81 Aug 8 13:25:25 ArkNodeAT sshd\[5849\]: Failed password for invalid user ofsaa from 121.182.166.81 port 29603 ssh2	2019-08-08 19:50:47

Recently Reported IPs

138.197.74.135	138.197.9.183	138.197.90.38	138.197.92.110
138.197.96.40	138.197.97.239	138.197.97.207	138.197.97.249
138.197.99.7	138.199.14.150	138.199.14.144	138.199.21.8
138.199.21.17	138.199.10.3	138.199.35.102	138.199.36.154
138.199.36.162	138.199.36.199	138.199.21.51	138.199.36.242