138.197.95.53 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.95.2	attackbots	138.197.95.2 - - [24/Aug/2020:14:22:53 +0200] "GET /wp-login.php HTTP/1.1" 200 9040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.95.2 - - [24/Aug/2020:14:22:54 +0200] "POST /wp-login.php HTTP/1.1" 200 9357 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.95.2 - - [24/Aug/2020:14:22:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-24 20:42:17
138.197.95.2	attackbotsspam	Automatic report generated by Wazuh	2020-08-14 13:58:21
138.197.95.2	attackspam	138.197.95.2 - - [27/Jul/2020:07:43:58 +0200] "POST /xmlrpc.php HTTP/1.1" 403 10518 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.95.2 - - [27/Jul/2020:08:01:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 16471 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-27 17:30:47
138.197.95.2	attackbots	138.197.95.2 - - [26/Jul/2020:15:52:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.95.2 - - [26/Jul/2020:15:52:10 +0100] "POST /wp-login.php HTTP/1.1" 200 1923 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.95.2 - - [26/Jul/2020:15:52:11 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-27 02:28:49
138.197.95.2	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-18 01:46:44
138.197.95.2	attackbots	138.197.95.2 - - [11/Jul/2020:09:46:27 +0200] "POST /wp-login.php HTTP/1.1" 200 3434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-11 16:36:01
138.197.95.2	attack	138.197.95.2 - - [08/Jul/2020:08:00:35 +0200] "blog.ruhnke.cloud" "POST /wp-login.php HTTP/1.1" 200 4994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" ...	2020-07-08 14:10:29
138.197.95.2	attackspambots	xmlrpc attack	2020-05-24 13:13:34
138.197.95.2	attack	138.197.95.2 - - [03/Apr/2020:23:41:08 +0200] "GET /wp-login.php HTTP/1.1" 200 6136 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.95.2 - - [03/Apr/2020:23:41:11 +0200] "POST /wp-login.php HTTP/1.1" 200 7014 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.197.95.2 - - [03/Apr/2020:23:41:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-04 06:37:38
138.197.95.2	attackspam	Automatic report - XMLRPC Attack	2020-03-27 22:58:47
138.197.95.2	attack	xmlrpc attack	2020-01-21 13:05:46
138.197.95.2	attackbots	GET /wp-login.php	2019-12-27 00:21:58
138.197.95.2	attackspambots	Automatic report - Banned IP Access	2019-12-10 05:42:01
138.197.95.2	attack	WordPress login Brute force / Web App Attack on client site.	2019-12-02 05:09:54
138.197.95.2	attack	138.197.95.2 - - \[16/Nov/2019:04:55:20 +0000\] "POST /wp/wp-login.php HTTP/1.1" 200 4205 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.197.95.2 - - \[16/Nov/2019:04:55:21 +0000\] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-16 14:04:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.95.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29540
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.197.95.53.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025081700 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 17 21:00:59 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 53.95.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 53.95.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.85.12	attackbots	Oct 23 05:20:45 auw2 sshd\[15019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.12 user=root Oct 23 05:20:47 auw2 sshd\[15019\]: Failed password for root from 106.12.85.12 port 57881 ssh2 Oct 23 05:26:45 auw2 sshd\[15512\]: Invalid user kafka from 106.12.85.12 Oct 23 05:26:45 auw2 sshd\[15512\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.12 Oct 23 05:26:48 auw2 sshd\[15512\]: Failed password for invalid user kafka from 106.12.85.12 port 40192 ssh2	2019-10-24 04:05:46
220.92.16.78	attackbots	Oct 23 18:02:38 XXX sshd[51192]: Invalid user ofsaa from 220.92.16.78 port 54842	2019-10-24 03:59:04
39.107.14.121	attack	WordPress login Brute force / Web App Attack on client site.	2019-10-24 04:11:10
66.249.64.69	attackbots	404 NOT FOUND	2019-10-24 04:08:10
222.180.162.8	attackspambots	Oct 23 08:09:16 ny01 sshd[26725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.180.162.8 Oct 23 08:09:18 ny01 sshd[26725]: Failed password for invalid user Access from 222.180.162.8 port 38877 ssh2 Oct 23 08:13:26 ny01 sshd[27110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.180.162.8	2019-10-24 04:07:37
49.69.209.178	attackspam	SSH Scan	2019-10-24 04:02:31
180.250.115.98	attackspam	$f2bV_matches	2019-10-24 03:48:51
104.236.246.16	attack	Oct 23 16:17:56 mail sshd\[9187\]: Invalid user admin from 104.236.246.16 Oct 23 16:17:56 mail sshd\[9187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.246.16 ...	2019-10-24 04:21:32
43.239.145.43	attack	Unauthorised access (Oct 23) SRC=43.239.145.43 LEN=52 TOS=0x08 TTL=113 ID=21444 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-24 03:46:13
218.161.26.90	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-24 04:12:37
63.159.251.21	attack	firewall-block, port(s): 445/tcp	2019-10-24 04:06:03
108.179.208.126	attackspam	108.179.208.126 - - [23/Oct/2019:22:17:49 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 108.179.208.126 - - [23/Oct/2019:22:17:52 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 108.179.208.126 - - [23/Oct/2019:22:17:52 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 108.179.208.126 - - [23/Oct/2019:22:17:54 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 108.179.208.126 - - [23/Oct/2019:22:17:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 108.179.208.126 - - [23/Oct/2019:22:17:56 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" .	2019-10-24 04:23:29
58.219.225.240	attackbotsspam	SSH Scan	2019-10-24 03:53:59
77.247.110.173	attack	Automatic report - Port Scan	2019-10-24 04:03:18
198.199.117.143	attack	Oct 23 22:17:57 andromeda sshd\[44375\]: Invalid user epicor from 198.199.117.143 port 51900 Oct 23 22:17:57 andromeda sshd\[44375\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.117.143 Oct 23 22:17:59 andromeda sshd\[44375\]: Failed password for invalid user epicor from 198.199.117.143 port 51900 ssh2	2019-10-24 04:19:49

Recently Reported IPs

154.9.234.47	154.9.234.46	140.157.234.82	139.59.16.234
117.14.159.23	91.224.92.14	59.52.103.246	134.209.237.188
112.112.182.231	110.177.179.115	27.46.125.228	4.103.242.120
113.122.203.195	204.76.203.192	20.168.122.88	87.252.212.94
87.236.176.138	117.208.248.245	171.226.85.178	27.46.125.210