138.97.1.243 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.97.171.105	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: CableLink-138-97-171-105.PCs.InterCable.net.	2020-10-08 01:53:27
138.97.171.105	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: CableLink-138-97-171-105.PCs.InterCable.net.	2020-10-07 18:02:10
138.97.181.169	attack	port scan and connect, tcp 23 (telnet)	2020-08-16 08:45:14
138.97.154.142	attackspambots	Attempted connection to port 445.	2020-07-25 03:02:54
138.97.123.176	attack	cctv illegal login	2020-07-06 23:54:52
138.97.123.12	attack	cctv illegal login	2020-07-06 23:53:45
138.97.15.125	attackbots	Invalid user admin from 138.97.15.125 port 35876	2020-06-18 05:47:33
138.97.161.78	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-02 17:30:10
138.97.165.209	attackspam	1587038961 - 04/16/2020 14:09:21 Host: 138.97.165.209/138.97.165.209 Port: 445 TCP Blocked	2020-04-17 02:54:14
138.97.145.148	attack	Automatic report - Port Scan Attack	2020-04-04 23:43:17
138.97.124.13	attackbotsspam	2020-03-07T16:10:54.347097linuxbox-skyline sshd[28933]: Invalid user uno85123 from 138.97.124.13 port 58210 ...	2020-03-08 08:53:25
138.97.159.217	attackbots	From: Walgreens Rewards Repetitive Walgreens reward spam - likely fraud – primarily Ukraine ISP; targeted Google phishing redirect; repetitive blacklisted phishing redirect spam links. No entity name; BBB results for "8 The Green, Dover, DE 19901": … The websites collect personal information and then transfer it to lenders and other service providers and marketing companies. BBB suggests caution in dealing with these websites. … Unsolicited bulk spam - (EHLO betrothment.clausloan.eu) (138.97.159.217) – repetitive UBE from IP range 138.97.156.* Spam link clausloan.eu = 138.97.159.10 My Tech BZ – blacklisted – phishing redirect: - www.google.com – effective URL; phishing redirect - lukkins.com = 139.99.70.208 Ovh Sas - link.agnesta.com = 62.113.207.188 23Media GmbH (previous domain link.orcelsor.com) - kq6.securessl.company = 104.223.205.137, 104.223.205.138 Global Frag Networks	2020-03-05 23:25:42
138.97.159.10	attackspam	From: Walgreens Rewards Repetitive Walgreens reward spam - likely fraud – primarily Ukraine ISP; targeted Google phishing redirect; repetitive blacklisted phishing redirect spam links. No entity name; BBB results for "8 The Green, Dover, DE 19901": … The websites collect personal information and then transfer it to lenders and other service providers and marketing companies. BBB suggests caution in dealing with these websites. … Unsolicited bulk spam - (EHLO betrothment.clausloan.eu) (138.97.159.217) – repetitive UBE from IP range 138.97.156.* Spam link clausloan.eu = 138.97.159.10 My Tech BZ – blacklisted – phishing redirect: - www.google.com – effective URL; phishing redirect - lukkins.com = 139.99.70.208 Ovh Sas - link.agnesta.com = 62.113.207.188 23Media GmbH (previous domain link.orcelsor.com) - kq6.securessl.company = 104.223.205.137, 104.223.205.138 Global Frag Networks	2020-03-05 22:38:17
138.97.124.13	attack	Mar 4 08:46:42 server sshd[1193695]: Failed password for invalid user info from 138.97.124.13 port 52798 ssh2 Mar 4 08:57:53 server sshd[1197063]: Failed password for invalid user wp-user from 138.97.124.13 port 35458 ssh2 Mar 4 09:09:03 server sshd[1200630]: Failed password for invalid user isa from 138.97.124.13 port 46350 ssh2	2020-03-04 16:13:49
138.97.147.3	attackbots	Unauthorized connection attempt detected from IP address 138.97.147.3 to port 8080	2020-03-02 04:03:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.1.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61562
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.97.1.243.			IN	A

;; AUTHORITY SECTION:
.			454	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:56:33 CST 2022
;; MSG SIZE  rcvd: 105

Host info

243.1.97.138.in-addr.arpa domain name pointer 243-1-97-138.clickturbo.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
243.1.97.138.in-addr.arpa	name = 243-1-97-138.clickturbo.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.86.58.113	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-06 05:22:26
222.186.180.19	attack	Oct 5 22:41:22 dedicated sshd[18635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.19 user=root Oct 5 22:41:24 dedicated sshd[18635]: Failed password for root from 222.186.180.19 port 25332 ssh2	2019-10-06 04:48:13
49.88.112.80	attackspambots	Oct 5 22:47:28 MK-Soft-VM7 sshd[9191]: Failed password for root from 49.88.112.80 port 60873 ssh2 Oct 5 22:47:31 MK-Soft-VM7 sshd[9191]: Failed password for root from 49.88.112.80 port 60873 ssh2 ...	2019-10-06 04:51:48
81.30.201.186	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/81.30.201.186/ RU - 1H : (447) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN60095 IP : 81.30.201.186 CIDR : 81.30.192.0/20 PREFIX COUNT : 5 UNIQUE IP COUNT : 10496 WYKRYTE ATAKI Z ASN60095 : 1H - 1 3H - 1 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-05 21:40:32 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-06 04:56:05
162.247.72.199	attackspambots	Automatic report - Banned IP Access	2019-10-06 04:59:11
109.123.117.244	attack	firewall-block, port(s): 7000/tcp	2019-10-06 05:12:27
162.243.175.62	attackbotsspam	Oct 5 10:37:51 eddieflores sshd\[31029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.175.62 user=root Oct 5 10:37:53 eddieflores sshd\[31029\]: Failed password for root from 162.243.175.62 port 34694 ssh2 Oct 5 10:42:02 eddieflores sshd\[31471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.175.62 user=root Oct 5 10:42:04 eddieflores sshd\[31471\]: Failed password for root from 162.243.175.62 port 48540 ssh2 Oct 5 10:46:14 eddieflores sshd\[31879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.175.62 user=root	2019-10-06 04:59:26
94.230.208.148	attackbotsspam	Automatic report - XMLRPC Attack	2019-10-06 05:10:06
222.186.190.65	attack	SSH Brute Force, server-1 sshd[15374]: Failed password for root from 222.186.190.65 port 49063 ssh2	2019-10-06 04:49:04
150.136.247.230	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-06 05:14:37
131.221.80.193	attack	Oct 5 22:43:52 sso sshd[2681]: Failed password for root from 131.221.80.193 port 30721 ssh2 ...	2019-10-06 05:12:03
176.31.250.160	attackbotsspam	Oct 5 16:35:04 ny01 sshd[5904]: Failed password for root from 176.31.250.160 port 48018 ssh2 Oct 5 16:39:12 ny01 sshd[6562]: Failed password for root from 176.31.250.160 port 59918 ssh2	2019-10-06 04:44:52
104.168.201.55	attackspambots	Oct 5 10:30:14 php1 sshd\[26555\]: Invalid user Winter2017 from 104.168.201.55 Oct 5 10:30:14 php1 sshd\[26555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.201.55 Oct 5 10:30:16 php1 sshd\[26555\]: Failed password for invalid user Winter2017 from 104.168.201.55 port 51986 ssh2 Oct 5 10:34:23 php1 sshd\[26976\]: Invalid user Tueur123 from 104.168.201.55 Oct 5 10:34:23 php1 sshd\[26976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.201.55	2019-10-06 04:41:50
201.228.121.230	attackbotsspam	Oct 5 23:21:46 server sshd\[27069\]: Invalid user 123Blade from 201.228.121.230 port 53440 Oct 5 23:21:46 server sshd\[27069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.228.121.230 Oct 5 23:21:48 server sshd\[27069\]: Failed password for invalid user 123Blade from 201.228.121.230 port 53440 ssh2 Oct 5 23:27:37 server sshd\[8112\]: Invalid user Porn123 from 201.228.121.230 port 37160 Oct 5 23:27:37 server sshd\[8112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.228.121.230	2019-10-06 04:40:44
104.236.224.69	attackspam	Oct 5 19:52:08 game-panel sshd[17580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.224.69 Oct 5 19:52:10 game-panel sshd[17580]: Failed password for invalid user Welcome_1234 from 104.236.224.69 port 58149 ssh2 Oct 5 19:56:07 game-panel sshd[18585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.224.69	2019-10-06 05:03:37

Recently Reported IPs

138.97.1.244	138.97.1.246	118.190.200.139	138.97.1.240
138.97.1.248	138.97.1.28	138.97.1.253	138.97.1.24
138.97.1.30	138.97.1.255	138.97.1.27	118.190.201.106
138.97.1.4	138.97.1.42	138.97.1.40	138.97.1.36
138.97.1.44	138.97.1.52	138.97.1.43	138.97.1.55