138.197.152.12

Basic Info

City: Toronto

Region: Ontario

Country: Canada

Internet Service Provider: ALO

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.197.152.148	attackbotsspam	Port Scan ...	2020-10-12 07:08:45
138.197.152.148	attackbots	TCP port : 31881	2020-10-11 23:19:23
138.197.152.148	attackspam	firewall-block, port(s): 10363/tcp	2020-10-11 15:17:56
138.197.152.148	attackspam	firewall-block, port(s): 31881/tcp	2020-10-11 08:38:04
138.197.152.148	attackspam	Found on CINS badguys / proto=6 . srcport=54742 . dstport=8167 . (2866)	2020-10-05 01:54:57
138.197.152.148	attack	firewall-block, port(s): 8167/tcp	2020-10-04 17:37:55
138.197.152.148	attackspambots	TCP port : 24105	2020-09-16 19:24:34
138.197.152.122	attackspambots	138.197.152.122 - - [11/Sep/2020:18:52:57 +0200] "HEAD / HTTP/1.1" 405 0 "-" "Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36"	2020-09-12 16:24:13
138.197.152.148	attackspam	TCP (SYN) 138.197.152.148:44516 -> port 10395, len 44	2020-08-31 18:04:58
138.197.152.148	attackspambots	TCP (SYN) 138.197.152.148:43140 -> port 14078, len 44	2020-08-31 02:53:04
138.197.152.148	attack	firewall-block, port(s): 13226/tcp	2020-08-26 23:59:39
138.197.152.148	attack	SIP/5060 Probe, BF, Hack -	2020-08-21 16:54:01
138.197.152.148	attackspambots	Attempted to establish connection to non opened port 11055	2020-08-08 21:57:20
138.197.152.148	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-08-06 07:22:45
138.197.152.148	attackspam	TCP (SYN) 138.197.152.148:54324 -> port 29435, len 44	2020-07-27 01:33:47

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.197.152.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40503
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.197.152.12.			IN	A

;; AUTHORITY SECTION:
.			253	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020120100 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 01 16:21:51 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 12.152.197.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.152.197.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.140.243.221	attack	Unauthorized connection attempt detected from IP address 112.140.243.221 to port 23 [J]	2020-02-29 19:27:52
183.129.52.137	attack	2020-02-29 01:09:51 H=(hjr.com) [183.129.52.137]:65232 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.2, 127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBL467964) 2020-02-29 01:14:38 H=(hjr.com) [183.129.52.137]:65475 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.11, 127.0.0.2, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-02-29 01:15:18 H=(hjr.com) [183.129.52.137]:50727 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.2, 127.0.0.4, 127.0.0.3, 127.0.0.11) (https://www.spamhaus.org/query/ip/183.129.52.137) ...	2020-02-29 19:16:57
194.55.12.252	attackspam	Feb 29 00:56:14 hanapaa sshd\[8238\]: Invalid user vbox from 194.55.12.252 Feb 29 00:56:14 hanapaa sshd\[8238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v22018114176276181.bestsrv.de Feb 29 00:56:16 hanapaa sshd\[8238\]: Failed password for invalid user vbox from 194.55.12.252 port 58318 ssh2 Feb 29 01:04:28 hanapaa sshd\[8859\]: Invalid user postgres from 194.55.12.252 Feb 29 01:04:28 hanapaa sshd\[8859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v22018114176276181.bestsrv.de	2020-02-29 19:14:48
94.181.94.12	attack	Feb 29 06:41:20 ks10 sshd[1368665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.181.94.12 Feb 29 06:41:22 ks10 sshd[1368665]: Failed password for invalid user hrm from 94.181.94.12 port 34344 ssh2 ...	2020-02-29 18:48:02
186.43.86.229	attackbotsspam	Automatic report - Port Scan Attack	2020-02-29 18:56:29
222.186.173.154	attackbots	Feb 29 11:48:19 server sshd[2660677]: Failed none for root from 222.186.173.154 port 2238 ssh2 Feb 29 11:48:21 server sshd[2660677]: Failed password for root from 222.186.173.154 port 2238 ssh2 Feb 29 11:48:26 server sshd[2660677]: Failed password for root from 222.186.173.154 port 2238 ssh2	2020-02-29 18:53:01
219.91.153.205	attackspambots	Brute-force attempt banned	2020-02-29 19:09:29
217.33.76.158	attack	Feb 29 11:16:33 ns382633 sshd\[2386\]: Invalid user amax from 217.33.76.158 port 50282 Feb 29 11:16:33 ns382633 sshd\[2386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.33.76.158 Feb 29 11:16:35 ns382633 sshd\[2386\]: Failed password for invalid user amax from 217.33.76.158 port 50282 ssh2 Feb 29 11:48:37 ns382633 sshd\[7522\]: Invalid user user from 217.33.76.158 port 54660 Feb 29 11:48:37 ns382633 sshd\[7522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.33.76.158	2020-02-29 19:21:22
123.124.79.147	attack	Port 1433 Scan	2020-02-29 18:49:44
77.40.62.243	attack	(smtpauth) Failed SMTP AUTH login from 77.40.62.243 (RU/Russia/243.62.pppoe.mari-el.ru): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-02-29 09:33:06 login authenticator failed for (localhost.localdomain) [77.40.62.243]: 535 Incorrect authentication data (set_id=care@safanicu.com)	2020-02-29 19:25:10
49.88.112.115	attackspambots	Feb 29 00:59:10 kapalua sshd\[722\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root Feb 29 00:59:12 kapalua sshd\[722\]: Failed password for root from 49.88.112.115 port 48494 ssh2 Feb 29 01:00:16 kapalua sshd\[797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root Feb 29 01:00:18 kapalua sshd\[797\]: Failed password for root from 49.88.112.115 port 52774 ssh2 Feb 29 01:01:23 kapalua sshd\[875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root	2020-02-29 19:04:17
131.108.130.31	attackbotsspam	Feb 29 16:38:15 our-server-hostname postfix/smtpd[5312]: connect from unknown[131.108.130.31] Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x Feb x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=131.108.130.31	2020-02-29 19:12:11
148.70.192.84	attack	$f2bV_matches	2020-02-29 18:57:13
37.59.52.44	attackspam	Automatic report - XMLRPC Attack	2020-02-29 19:24:09
59.152.196.154	attackbots	SSH Bruteforce attempt	2020-02-29 19:11:48

Recently Reported IPs

180.76.175.17	161.35.3.169	162.216.0.90	192.81.214.219
143.110.181.95	182.59.233.168	90.79.25.196	78.190.152.220
18.141.233.160	34.65.252.39	177.236.64.95	117.192.71.71
177.245.200.172	193.160.96.160	2806:103e:29:c46f:3053:1260:3eb:afc8	176.109.227.5
173.223.125.123	42.189.165.75	58.210.180.167	71.206.255.134