138.97.2.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.97.224.88	attack	Automatic report - Port Scan Attack	2020-10-01 08:47:47
138.97.224.88	attackspam	Automatic report - Port Scan Attack	2020-10-01 01:23:20
138.97.224.88	attackbotsspam	Automatic report - Port Scan Attack	2020-09-30 17:35:18
138.97.22.186	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-30 02:59:46
138.97.22.186	attack	SSH/22 MH Probe, BF, Hack -	2020-09-29 19:02:11
138.97.241.37	attackbots	Sep 26 16:13:02 server sshd[18441]: Failed password for invalid user openvpn from 138.97.241.37 port 42432 ssh2 Sep 26 16:16:43 server sshd[19383]: Failed password for invalid user dmdba from 138.97.241.37 port 34428 ssh2 Sep 26 16:20:29 server sshd[20264]: Failed password for invalid user transfer from 138.97.241.37 port 54654 ssh2	2020-09-27 00:49:16
138.97.241.37	attackbots	21125/tcp 9563/tcp 15319/tcp... [2020-08-31/09-26]19pkt,18pt.(tcp)	2020-09-26 16:40:09
138.97.23.190	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-09-25 05:18:57
138.97.241.37	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-13 21:56:34
138.97.241.37	attackspam	Sep 13 07:25:21 abendstille sshd\[21590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 13 07:25:23 abendstille sshd\[21590\]: Failed password for root from 138.97.241.37 port 33160 ssh2 Sep 13 07:29:54 abendstille sshd\[25756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 13 07:29:56 abendstille sshd\[25756\]: Failed password for root from 138.97.241.37 port 41632 ssh2 Sep 13 07:34:29 abendstille sshd\[30104\]: Invalid user it from 138.97.241.37 Sep 13 07:34:29 abendstille sshd\[30104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 ...	2020-09-13 13:51:43
138.97.241.37	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-13 05:35:24
138.97.212.245	attackbots	IP 138.97.212.245 attacked honeypot on port: 1433 at 9/9/2020 9:46:48 AM	2020-09-11 03:23:00
138.97.212.245	attackspambots	IP 138.97.212.245 attacked honeypot on port: 1433 at 9/9/2020 9:46:48 AM	2020-09-10 18:52:45
138.97.241.37	attackbotsspam	Sep 8 02:23:41 web9 sshd\[17871\]: Invalid user raudel from 138.97.241.37 Sep 8 02:23:41 web9 sshd\[17871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 Sep 8 02:23:42 web9 sshd\[17871\]: Failed password for invalid user raudel from 138.97.241.37 port 34302 ssh2 Sep 8 02:27:31 web9 sshd\[18342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 02:27:33 web9 sshd\[18342\]: Failed password for root from 138.97.241.37 port 60396 ssh2	2020-09-08 21:19:02
138.97.241.37	attackspam	Sep 8 04:42:19 ns382633 sshd\[23233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 04:42:21 ns382633 sshd\[23233\]: Failed password for root from 138.97.241.37 port 47262 ssh2 Sep 8 04:47:18 ns382633 sshd\[24132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root Sep 8 04:47:20 ns382633 sshd\[24132\]: Failed password for root from 138.97.241.37 port 58364 ssh2 Sep 8 04:51:08 ns382633 sshd\[24920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.241.37 user=root	2020-09-08 13:11:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.2.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54353
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.97.2.52.			IN	A

;; AUTHORITY SECTION:
.			514	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:58:24 CST 2022
;; MSG SIZE  rcvd: 104

Host info

52.2.97.138.in-addr.arpa domain name pointer 52-2-97-138.clickturbo.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.2.97.138.in-addr.arpa	name = 52-2-97-138.clickturbo.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
219.73.60.230	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/219.73.60.230/ HK - 1H : (59) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : HK NAME ASN : ASN4760 IP : 219.73.60.230 CIDR : 219.73.32.0/19 PREFIX COUNT : 283 UNIQUE IP COUNT : 1705728 ATTACKS DETECTED ASN4760 : 1H - 1 3H - 3 6H - 5 12H - 12 24H - 17 DateTime : 2019-11-18 15:45:51 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-11-19 06:53:23
196.9.24.40	attackbotsspam	Nov 18 23:49:49 legacy sshd[28017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.9.24.40 Nov 18 23:49:51 legacy sshd[28017]: Failed password for invalid user bmike from 196.9.24.40 port 47880 ssh2 Nov 18 23:54:38 legacy sshd[28125]: Failed password for root from 196.9.24.40 port 56496 ssh2 ...	2019-11-19 06:57:23
180.183.54.148	attackspam	/var/log/messages:Nov 17 23:06:53 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1574032013.750:217994): pid=12683 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=12684 suid=74 rport=38370 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=180.183.54.148 terminal=? res=success' /var/log/messages:Nov 17 23:06:53 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1574032013.754:217995): pid=12683 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=12684 suid=74 rport=38370 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=180.183.54.148 terminal=? res=success' /var/log/messages:Nov 17 23:06:54 sanyalnet-cloud-vps fail2ban.filter[1538]: INFO [sshd] F........ -------------------------------	2019-11-19 07:04:45
129.213.194.201	attackspambots	Nov 18 23:49:39 * sshd[23313]: Failed password for root from 129.213.194.201 port 50796 ssh2	2019-11-19 07:05:09
222.186.180.41	attackbots	Nov 18 18:57:31 server sshd\[23413\]: Failed password for root from 222.186.180.41 port 56528 ssh2 Nov 19 02:01:36 server sshd\[32481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root Nov 19 02:01:38 server sshd\[32481\]: Failed password for root from 222.186.180.41 port 41568 ssh2 Nov 19 02:01:38 server sshd\[32484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root Nov 19 02:01:40 server sshd\[32484\]: Failed password for root from 222.186.180.41 port 60154 ssh2 ...	2019-11-19 07:09:28
43.239.122.12	attack	43.239.122.4 Hit the server 1600 times in a few seconds then switched to .15 .6 .5 all on the same page.	2019-11-19 06:37:38
110.225.241.54	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/110.225.241.54/ IN - 1H : (116) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN24560 IP : 110.225.241.54 CIDR : 110.225.224.0/19 PREFIX COUNT : 1437 UNIQUE IP COUNT : 2610176 ATTACKS DETECTED ASN24560 : 1H - 2 3H - 3 6H - 7 12H - 8 24H - 13 DateTime : 2019-11-18 15:46:03 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-19 06:43:58
176.226.244.60	attack	Honeypot attack, port: 23, PTR: pool-176-226-244-60.is74.ru.	2019-11-19 06:59:56
185.220.101.57	attackbots	fell into ViewStateTrap:oslo	2019-11-19 06:47:51
139.159.47.22	attack	Unauthorized connection attempt from IP address 139.159.47.22 on Port 445(SMB)	2019-11-19 06:45:47
222.186.180.17	attack	2019-11-18T22:54:37.464068abusebot-3.cloudsearch.cf sshd\[20381\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root	2019-11-19 06:58:45
202.182.52.130	attackbots	Nov 18 15:45:46 srv01 sshd[30888]: Did not receive identification string from 202.182.52.130 port 57934 Nov 18 15:46:08 srv01 sshd[30894]: Invalid user Adminixxxr from 202.182.52.130 port 57116 Nov 18 15:46:09 srv01 sshd[30894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.182.52.130 Nov 18 15:46:08 srv01 sshd[30894]: Invalid user Adminixxxr from 202.182.52.130 port 57116 Nov 18 15:46:12 srv01 sshd[30894]: Failed password for invalid user Adminixxxr from 202.182.52.130 port 57116 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=202.182.52.130	2019-11-19 06:35:20
175.6.32.128	attackspam	Nov 18 22:41:38 marvibiene sshd[5616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.32.128 user=mysql Nov 18 22:41:40 marvibiene sshd[5616]: Failed password for mysql from 175.6.32.128 port 37769 ssh2 Nov 18 22:54:26 marvibiene sshd[5741]: Invalid user vana from 175.6.32.128 port 56754 ...	2019-11-19 07:08:41
157.230.42.76	attack	Nov 18 11:51:48 * sshd[18422]: Failed password for invalid user guest from 157.230.42.76 port 48182 ssh2 Nov 18 12:07:07 * sshd[18543]: Failed password for invalid user ubuntu from 157.230.42.76 port 51237 ssh2 Nov 18 12:14:05 * sshd[18625]: Failed password for invalid user melsom from 157.230.42.76 port 57422 ssh2 Nov 18 12:20:28 * sshd[18666]: Failed password for invalid user gyves from 157.230.42.76 port 33780 ssh2 Nov 18 12:36:03 * sshd[18788]: Failed password for invalid user noto from 157.230.42.76 port 51500 ssh2 Nov 18 12:43:12 * sshd[18940]: Failed password for invalid user adrian from 157.230.42.76 port 56807 ssh2 Nov 18 12:49:54 * sshd[18974]: Failed password for invalid user hacluster from 157.230.42.76 port 58251 ssh2 Nov 18 12:55:10 * sshd[18998]: Failed password for invalid user Stuart from 157.230.42.76 port 55031 ssh2 Nov 18 13:01:25 * sshd[19039]: Failed password for invalid user webmaster from 157.230.42.76 port 54314 ssh2 Nov 18 13:07:27 * sshd[19136]: Failed password f	2019-11-19 06:45:24
51.77.140.36	attack	Nov 18 21:40:25 itv-usvr-01 sshd[6057]: Invalid user guest from 51.77.140.36 Nov 18 21:40:25 itv-usvr-01 sshd[6057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 Nov 18 21:40:25 itv-usvr-01 sshd[6057]: Invalid user guest from 51.77.140.36 Nov 18 21:40:28 itv-usvr-01 sshd[6057]: Failed password for invalid user guest from 51.77.140.36 port 60304 ssh2 Nov 18 21:46:06 itv-usvr-01 sshd[6281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 user=root Nov 18 21:46:08 itv-usvr-01 sshd[6281]: Failed password for root from 51.77.140.36 port 41010 ssh2	2019-11-19 06:37:46

Recently Reported IPs

138.97.2.50	118.190.43.59	118.190.52.60	118.190.55.251
118.190.58.52	118.190.60.196	118.190.66.157	118.190.66.41
138.97.225.12	138.97.225.149	138.97.225.158	138.97.225.14
138.97.225.128	138.97.225.174	138.97.225.160	138.97.225.156
138.97.225.172	138.97.225.152	138.97.225.124	138.97.225.162