197.174.109.138

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: CELL-C

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.174.109.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2886
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.174.109.138.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 15 00:24:42 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 138.109.174.197.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 138.109.174.197.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.154.171.135	attackspam	[Wed Feb 12 11:57:33.918154 2020] [:error] [pid 28215:tid 140538904831744] [client 178.154.171.135:35595] [client 178.154.171.135] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XkOFvf6AVtTKTbaYjADHbQAAAU0"] ...	2020-02-12 14:06:38
47.89.247.10	attackbotsspam	Automatic report - XMLRPC Attack	2020-02-12 14:13:19
89.29.128.101	attack	Feb 12 06:45:48 meumeu sshd[30953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.29.128.101 Feb 12 06:45:50 meumeu sshd[30953]: Failed password for invalid user test from 89.29.128.101 port 41916 ssh2 Feb 12 06:52:01 meumeu sshd[2328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.29.128.101 ...	2020-02-12 13:54:13
113.88.124.101	attackbots	Distributed brute force attack	2020-02-12 15:06:41
159.192.139.125	attack	Feb1205:57:11server6sshd[29292]:refusedconnectfrom159.192.139.125$159.192.139.125$Feb1205:57:11server6sshd[29293]:refusedconnectfrom159.192.139.125$159.192.139.125$Feb1205:57:11server6sshd[29294]:refusedconnectfrom159.192.139.125$159.192.139.125$Feb1205:57:11server6sshd[29295]:refusedconnectfrom159.192.139.125$159.192.139.125$Feb1205:57:19server6sshd[29304]:refusedconnectfrom159.192.139.125$159.192.139.125$	2020-02-12 14:16:51
45.79.39.236	attack	firewall-block, port(s): 5683/udp	2020-02-12 13:57:05
220.140.6.112	attackspam	20/2/11@23:57:07: FAIL: IoT-Telnet address from=220.140.6.112 ...	2020-02-12 14:25:15
85.172.107.10	attackbotsspam	Feb 12 02:59:56 firewall sshd[26397]: Invalid user tomcat from 85.172.107.10 Feb 12 02:59:58 firewall sshd[26397]: Failed password for invalid user tomcat from 85.172.107.10 port 50942 ssh2 Feb 12 03:05:25 firewall sshd[26652]: Invalid user dj from 85.172.107.10 ...	2020-02-12 14:21:35
211.171.186.98	attack	Feb 11 19:42:04 auw2 sshd\[5268\]: Invalid user elvira from 211.171.186.98 Feb 11 19:42:04 auw2 sshd\[5268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.171.186.98 Feb 11 19:42:06 auw2 sshd\[5268\]: Failed password for invalid user elvira from 211.171.186.98 port 44056 ssh2 Feb 11 19:45:16 auw2 sshd\[5557\]: Invalid user upload from 211.171.186.98 Feb 11 19:45:16 auw2 sshd\[5557\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.171.186.98	2020-02-12 13:55:12
153.36.34.225	attack	MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability, PTR: PTR record not found	2020-02-12 14:24:47
118.100.117.178	attack	DATE:2020-02-12 05:54:50, IP:118.100.117.178, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-12 15:13:10
193.202.82.133	spam	Tried to pretend to be someone he was not.	2020-02-12 14:37:20
113.167.246.79	attackspambots	1581483452 - 02/12/2020 05:57:32 Host: 113.167.246.79/113.167.246.79 Port: 445 TCP Blocked	2020-02-12 14:07:15
222.186.175.23	attackbots	SSH login attempts	2020-02-12 14:23:18
185.175.93.3	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 3390 proto: TCP cat: Misc Attack	2020-02-12 14:10:02

Recently Reported IPs

96.126.114.120	154.159.185.55	104.82.19.138	162.50.101.150
208.229.80.3	77.242.128.69	167.250.160.150	31.129.63.61
80.32.194.124	109.62.32.13	168.23.229.43	160.220.109.70
46.10.229.101	103.15.6.192	49.241.5.200	159.203.191.49
114.56.245.167	4.113.243.96	158.96.54.126	179.6.194.45