138.97.2.249 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.97.224.88	attack	Automatic report - Port Scan Attack	2020-10-01 08:47:47
138.97.224.88	attackspam	Automatic report - Port Scan Attack	2020-10-01 01:23:20
138.97.224.88	attackbotsspam	Automatic report - Port Scan Attack	2020-09-30 17:35:18
138.97.22.186	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-30 02:59:46
138.97.22.186	attack	SSH/22 MH Probe, BF, Hack -	2020-09-29 19:02:11
138.97.241.37	attackbots	Sep 26 16:13:02 server sshd[18441]: Failed password for invalid user openvpn from 138.97.241.37 port 42432 ssh2 Sep 26 16:16:43 server sshd[19383]: Failed password for invalid user dmdba from 138.97.241.37 port 34428 ssh2 Sep 26 16:20:29 server sshd[20264]: Failed password for invalid user transfer from 138.97.241.37 port 54654 ssh2	2020-09-27 00:49:16
138.97.241.37	attackbots	21125/tcp 9563/tcp 15319/tcp... [2020-08-31/09-26]19pkt,18pt.(tcp)	2020-09-26 16:40:09
138.97.23.190	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 05:18:57
138.97.241.37	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-13 21:56:34
138.97.241.37	attackspam	Sep 13 07:25:21 abendstille sshd\[21590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 13 07:25:23 abendstille sshd\[21590\]: Failed password for root from 138.97.241.37 port 33160 ssh2 Sep 13 07:29:54 abendstille sshd\[25756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 13 07:29:56 abendstille sshd\[25756\]: Failed password for root from 138.97.241.37 port 41632 ssh2 Sep 13 07:34:29 abendstille sshd\[30104\]: Invalid user it from 138.97.241.37 Sep 13 07:34:29 abendstille sshd\[30104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 ...	2020-09-13 13:51:43
138.97.241.37	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-13 05:35:24
138.97.212.245	attackbots	IP 138.97.212.245 attacked honeypot on port: 1433 at 9/9/2020 9:46:48 AM	2020-09-11 03:23:00
138.97.212.245	attackspambots	IP 138.97.212.245 attacked honeypot on port: 1433 at 9/9/2020 9:46:48 AM	2020-09-10 18:52:45
138.97.241.37	attackbotsspam	Sep 8 02:23:41 web9 sshd\[17871\]: Invalid user raudel from 138.97.241.37 Sep 8 02:23:41 web9 sshd\[17871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 Sep 8 02:23:42 web9 sshd\[17871\]: Failed password for invalid user raudel from 138.97.241.37 port 34302 ssh2 Sep 8 02:27:31 web9 sshd\[18342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 02:27:33 web9 sshd\[18342\]: Failed password for root from 138.97.241.37 port 60396 ssh2	2020-09-08 21:19:02
138.97.241.37	attackspam	Sep 8 04:42:19 ns382633 sshd\[23233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 04:42:21 ns382633 sshd\[23233\]: Failed password for root from 138.97.241.37 port 47262 ssh2 Sep 8 04:47:18 ns382633 sshd\[24132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 04:47:20 ns382633 sshd\[24132\]: Failed password for root from 138.97.241.37 port 58364 ssh2 Sep 8 04:51:08 ns382633 sshd\[24920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root	2020-09-08 13:11:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.2.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26351
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.97.2.249.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:58:20 CST 2022
;; MSG SIZE  rcvd: 105

Host info

249.2.97.138.in-addr.arpa domain name pointer 249-2-97-138.clickturbo.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.2.97.138.in-addr.arpa	name = 249-2-97-138.clickturbo.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.106.219.57	attack	Unauthorized connection attempt from IP address 87.106.219.57 on Port 445(SMB)	2019-06-24 06:38:31
192.42.116.16	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.42.116.16 user=root Failed password for root from 192.42.116.16 port 42876 ssh2 Failed password for root from 192.42.116.16 port 42876 ssh2 Failed password for root from 192.42.116.16 port 42876 ssh2 Failed password for root from 192.42.116.16 port 42876 ssh2	2019-06-24 06:53:50
121.190.197.205	attackspambots	Jun 23 23:02:53 debian sshd\[32745\]: Invalid user audreym from 121.190.197.205 port 57497 Jun 23 23:02:53 debian sshd\[32745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.190.197.205 ...	2019-06-24 06:15:33
119.18.14.50	attack	TCP port 23 (Telnet) attempt blocked by firewall. [2019-06-23 22:05:21]	2019-06-24 06:47:32
178.159.7.11	attackbotsspam	Jun 24 00:10:28 mail postfix/smtpd\[31537\]: warning: unknown\[178.159.7.11\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 00:11:34 mail postfix/smtpd\[32499\]: warning: unknown\[178.159.7.11\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 00:12:40 mail postfix/smtpd\[32499\]: warning: unknown\[178.159.7.11\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-06-24 06:21:51
171.61.40.176	attackbotsspam	2019-06-23 21:42:35 H=(ebyfoow.com) [171.61.40.176]:1034 I=[10.100.18.25]:25 sender verify fail for : Unrouteable address 2019-06-23 x@x 2019-06-23 21:42:36 unexpected disconnection while reading SMTP command from (ebyfoow.com) [171.61.40.176]:1034 I=[10.100.18.25]:25 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=171.61.40.176	2019-06-24 06:15:03
162.243.94.34	attackspam	SSH-BRUTEFORCE	2019-06-24 06:49:34
5.144.130.15	attackspam	2019-06-23T21:07:13.384655beta postfix/smtpd[8110]: NOQUEUE: reject: RCPT from 5-144-130-15.static.hostiran.name[5.144.130.15]: 554 5.7.1 Service unavailable; Client host [5.144.130.15] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/5.144.130.15; from= to= proto=ESMTP helo=<5-144-130-15.static.hostiran.name> ...	2019-06-24 06:18:46
180.153.46.170	attack	Jun 19 14:53:54 josie sshd[21474]: Bad protocol version identification '' from 180.153.46.170 Jun 19 14:53:56 josie sshd[21479]: Invalid user support from 180.153.46.170 Jun 19 14:53:56 josie sshd[21479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.153.46.170 Jun 19 14:53:58 josie sshd[21479]: Failed password for invalid user support from 180.153.46.170 port 34135 ssh2 Jun 19 14:53:58 josie sshd[21481]: Connection closed by 180.153.46.170 Jun 19 14:54:00 josie sshd[21533]: Invalid user ubnt from 180.153.46.170 Jun 19 14:54:00 josie sshd[21533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.153.46.170 Jun 19 14:54:02 josie sshd[21533]: Failed password for invalid user ubnt from 180.153.46.170 port 34442 ssh2 Jun 19 14:54:02 josie sshd[21534]: Connection closed by 180.153.46.170 Jun 19 14:54:04 josie sshd[21631]: Invalid user cisco from 180.153.46.170 Jun 19 14:54:04 josie sshd........ -------------------------------	2019-06-24 06:32:41
77.243.23.32	attack	Hit on /wp-login.php	2019-06-24 06:51:55
106.13.70.29	attackspam	Jun 23 22:07:13 ncomp sshd[20169]: Invalid user jboss from 106.13.70.29 Jun 23 22:07:13 ncomp sshd[20169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.70.29 Jun 23 22:07:13 ncomp sshd[20169]: Invalid user jboss from 106.13.70.29 Jun 23 22:07:15 ncomp sshd[20169]: Failed password for invalid user jboss from 106.13.70.29 port 39184 ssh2	2019-06-24 06:18:02
138.197.24.220	attackspambots	TCP src-port=42820 dst-port=25 dnsbl-sorbs abuseat-org barracuda (1097)	2019-06-24 06:45:48
103.89.91.156	attack	RDP brute force attack detected by fail2ban	2019-06-24 06:15:54
151.40.81.246	attackspam	NAME : ADSL-NORTH-FIRENZE-40 CIDR : 151.40.81.246/17 DDoS attack Italy - block certain countries :) IP: 151.40.81.246 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-24 06:41:33
112.166.68.193	attack	ssh failed login	2019-06-24 06:51:18

Recently Reported IPs

118.190.37.211	138.97.2.252	138.97.2.31	138.97.2.26
138.97.2.254	138.97.2.42	138.97.2.38	138.97.2.40
138.97.2.4	138.97.2.37	138.97.2.34	118.190.42.97
138.97.2.49	138.97.2.50	138.97.2.52	118.190.43.59
118.190.52.60	118.190.55.251	118.190.58.52	118.190.60.196