138.97.2.118 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.97.224.88	attack	Automatic report - Port Scan Attack	2020-10-01 08:47:47
138.97.224.88	attackspam	Automatic report - Port Scan Attack	2020-10-01 01:23:20
138.97.224.88	attackbotsspam	Automatic report - Port Scan Attack	2020-09-30 17:35:18
138.97.22.186	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-30 02:59:46
138.97.22.186	attack	SSH/22 MH Probe, BF, Hack -	2020-09-29 19:02:11
138.97.241.37	attackbots	Sep 26 16:13:02 server sshd[18441]: Failed password for invalid user openvpn from 138.97.241.37 port 42432 ssh2 Sep 26 16:16:43 server sshd[19383]: Failed password for invalid user dmdba from 138.97.241.37 port 34428 ssh2 Sep 26 16:20:29 server sshd[20264]: Failed password for invalid user transfer from 138.97.241.37 port 54654 ssh2	2020-09-27 00:49:16
138.97.241.37	attackbots	21125/tcp 9563/tcp 15319/tcp... [2020-08-31/09-26]19pkt,18pt.(tcp)	2020-09-26 16:40:09
138.97.23.190	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 05:18:57
138.97.241.37	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-13 21:56:34
138.97.241.37	attackspam	Sep 13 07:25:21 abendstille sshd\[21590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 13 07:25:23 abendstille sshd\[21590\]: Failed password for root from 138.97.241.37 port 33160 ssh2 Sep 13 07:29:54 abendstille sshd\[25756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 13 07:29:56 abendstille sshd\[25756\]: Failed password for root from 138.97.241.37 port 41632 ssh2 Sep 13 07:34:29 abendstille sshd\[30104\]: Invalid user it from 138.97.241.37 Sep 13 07:34:29 abendstille sshd\[30104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 ...	2020-09-13 13:51:43
138.97.241.37	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-13 05:35:24
138.97.212.245	attackbots	IP 138.97.212.245 attacked honeypot on port: 1433 at 9/9/2020 9:46:48 AM	2020-09-11 03:23:00
138.97.212.245	attackspambots	IP 138.97.212.245 attacked honeypot on port: 1433 at 9/9/2020 9:46:48 AM	2020-09-10 18:52:45
138.97.241.37	attackbotsspam	Sep 8 02:23:41 web9 sshd\[17871\]: Invalid user raudel from 138.97.241.37 Sep 8 02:23:41 web9 sshd\[17871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 Sep 8 02:23:42 web9 sshd\[17871\]: Failed password for invalid user raudel from 138.97.241.37 port 34302 ssh2 Sep 8 02:27:31 web9 sshd\[18342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 02:27:33 web9 sshd\[18342\]: Failed password for root from 138.97.241.37 port 60396 ssh2	2020-09-08 21:19:02
138.97.241.37	attackspam	Sep 8 04:42:19 ns382633 sshd\[23233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 04:42:21 ns382633 sshd\[23233\]: Failed password for root from 138.97.241.37 port 47262 ssh2 Sep 8 04:47:18 ns382633 sshd\[24132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 04:47:20 ns382633 sshd\[24132\]: Failed password for root from 138.97.241.37 port 58364 ssh2 Sep 8 04:51:08 ns382633 sshd\[24920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root	2020-09-08 13:11:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.2.118
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21980
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.97.2.118.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:57:52 CST 2022
;; MSG SIZE  rcvd: 105

Host info

118.2.97.138.in-addr.arpa domain name pointer 118-2-97-138.clickturbo.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
118.2.97.138.in-addr.arpa	name = 118-2-97-138.clickturbo.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.222.211.3	attack	24.07.2019 05:31:02 SMTP access blocked by firewall	2019-07-24 15:02:48
84.55.65.13	attackspambots	Jul 24 08:38:51 OPSO sshd\[13096\]: Invalid user student from 84.55.65.13 port 56264 Jul 24 08:38:51 OPSO sshd\[13096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.55.65.13 Jul 24 08:38:53 OPSO sshd\[13096\]: Failed password for invalid user student from 84.55.65.13 port 56264 ssh2 Jul 24 08:43:35 OPSO sshd\[13893\]: Invalid user plano from 84.55.65.13 port 52108 Jul 24 08:43:35 OPSO sshd\[13893\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.55.65.13	2019-07-24 14:48:32
193.70.33.75	attackbotsspam	Invalid user service from 193.70.33.75 port 47556	2019-07-24 15:44:44
188.153.238.38	attackbots	Telnet Server BruteForce Attack	2019-07-24 14:45:01
142.44.243.126	attack	Jul 24 06:34:51 localhost sshd\[41376\]: Invalid user courses from 142.44.243.126 port 54458 Jul 24 06:34:51 localhost sshd\[41376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.243.126 Jul 24 06:34:53 localhost sshd\[41376\]: Failed password for invalid user courses from 142.44.243.126 port 54458 ssh2 Jul 24 06:39:40 localhost sshd\[41559\]: Invalid user ping from 142.44.243.126 port 50904 Jul 24 06:39:40 localhost sshd\[41559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.243.126 ...	2019-07-24 14:45:31
218.153.159.206	attackbotsspam	Invalid user steam from 218.153.159.206 port 55226	2019-07-24 15:39:11
188.254.0.124	attack	Invalid user san from 188.254.0.124 port 44472 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.124 Failed password for invalid user san from 188.254.0.124 port 44472 ssh2 Invalid user adminuser from 188.254.0.124 port 38108 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.124	2019-07-24 14:45:59
190.119.190.122	attackspambots	SSH bruteforce (Triggered fail2ban)	2019-07-24 15:46:03
187.189.93.10	attackbotsspam	Jul 24 05:27:19 localhost sshd\[39312\]: Invalid user pi from 187.189.93.10 port 12243 Jul 24 05:27:19 localhost sshd\[39313\]: Invalid user pi from 187.189.93.10 port 12241 Jul 24 05:27:19 localhost sshd\[39312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.93.10 Jul 24 05:27:19 localhost sshd\[39313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.93.10 Jul 24 05:27:21 localhost sshd\[39312\]: Failed password for invalid user pi from 187.189.93.10 port 12243 ssh2 ...	2019-07-24 15:31:26
187.109.169.228	attackspambots	Jul 24 01:28:35 web1 postfix/smtpd[30356]: warning: unknown[187.109.169.228]: SASL PLAIN authentication failed: authentication failure ...	2019-07-24 15:09:29
222.127.30.130	attack	Invalid user oracle2 from 222.127.30.130 port 10430	2019-07-24 15:38:17
51.68.230.54	attackspam	Invalid user oracle from 51.68.230.54 port 38804	2019-07-24 15:28:39
223.83.155.77	attack	Invalid user search from 223.83.155.77 port 33784	2019-07-24 15:37:45
158.140.189.62	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-07-24 15:05:36
109.99.54.59	attackbotsspam	Mail sent to address hacked/leaked from Gamigo	2019-07-24 15:14:36

Recently Reported IPs

118.190.24.141	138.97.2.110	138.97.2.114	138.97.2.123
138.97.2.125	138.97.2.12	138.97.2.121	138.97.2.126
118.190.24.37	138.97.2.132	138.97.2.128	138.97.2.136
138.97.2.14	138.97.2.138	138.97.2.135	138.97.2.150
138.97.2.145	138.97.2.140	138.97.2.152	138.97.2.148