138.97.54.231 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Fusion Telecomunicacoes - Eireli

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Automatic report - Port Scan Attack	2020-09-30 09:02:35
attackbots	Automatic report - Port Scan Attack	2020-09-30 01:55:15
attack	Automatic report - Port Scan Attack	2020-09-29 17:55:13

Comments on same subnet:

IP	Type	Details	Datetime
138.97.54.62	attack	(sshd) Failed SSH login from 138.97.54.62 (BR/Brazil/138-97-54-62.fusionet.srv.br): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 7 14:01:56 ubnt-55d23 sshd[15692]: Invalid user admin from 138.97.54.62 port 51396 May 7 14:01:58 ubnt-55d23 sshd[15692]: Failed password for invalid user admin from 138.97.54.62 port 51396 ssh2	2020-05-07 20:51:42
138.97.54.8	attackbotsspam	smtp probe/invalid login attempt	2020-01-15 15:28:48

Type

Details

Datetime

138.97.54.62

attack

(sshd) Failed SSH login from 138.97.54.62 (BR/Brazil/138-97-54-62.fusionet.srv.br): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May  7 14:01:56 ubnt-55d23 sshd[15692]: Invalid user admin from 138.97.54.62 port 51396
May  7 14:01:58 ubnt-55d23 sshd[15692]: Failed password for invalid user admin from 138.97.54.62 port 51396 ssh2

2020-05-07 20:51:42

138.97.54.8

attackbotsspam

smtp probe/invalid login attempt

2020-01-15 15:28:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.54.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26856
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.97.54.231.			IN	A

;; AUTHORITY SECTION:
.			390	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092900 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 29 17:55:08 CST 2020
;; MSG SIZE  rcvd: 117

Host info

231.54.97.138.in-addr.arpa domain name pointer 138-97-54-231.fusionet.srv.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
231.54.97.138.in-addr.arpa	name = 138-97-54-231.fusionet.srv.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.248.211.146	attack	RDP Bruteforce	2020-09-18 05:37:27
74.62.86.11	attack	RDP Bruteforce	2020-09-18 05:40:06
106.12.88.246	attackspam	Sep 17 21:11:49 server sshd[27965]: Failed password for root from 106.12.88.246 port 53146 ssh2 Sep 17 21:14:45 server sshd[29415]: Failed password for invalid user sair from 106.12.88.246 port 39744 ssh2 Sep 17 21:17:31 server sshd[30662]: Failed password for root from 106.12.88.246 port 54574 ssh2	2020-09-18 06:10:03
149.72.131.90	attackbots	Financial threat/phishing scam	2020-09-18 05:44:09
51.83.97.44	attackbotsspam	Sep 17 22:05:43 vm1 sshd[20623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.97.44 Sep 17 22:05:45 vm1 sshd[20623]: Failed password for invalid user mininet from 51.83.97.44 port 47062 ssh2 ...	2020-09-18 06:00:17
12.165.80.213	attackbots	RDP Bruteforce	2020-09-18 05:42:30
188.19.32.218	attack	Port probing on unauthorized port 445	2020-09-18 05:54:01
124.160.96.249	attackspambots	Sep 17 23:58:58 pve1 sshd[28815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.96.249 Sep 17 23:59:00 pve1 sshd[28815]: Failed password for invalid user usuario from 124.160.96.249 port 5256 ssh2 ...	2020-09-18 06:06:26
41.41.219.251	attack	Brute forcing RDP port 3389	2020-09-18 05:56:46
66.42.95.46	attackspam	Port Scan detected from 66.42.95.46 (US/United States/Georgia/Atlanta (Knight Park/Howell Station)/66.42.95.46.vultr.com). 4 hits in the last 15 seconds	2020-09-18 06:05:36
106.13.163.236	attackspambots	Sep 17 22:05:24 lunarastro sshd[22894]: Failed password for root from 106.13.163.236 port 39056 ssh2	2020-09-18 05:57:03
45.143.221.41	attackbotsspam	\[Sep 18 05:45:34\] NOTICE\[31025\] chan_sip.c: Registration from '"105" \' failed for '45.143.221.41:6012' - Wrong password \[Sep 18 05:45:34\] NOTICE\[31025\] chan_sip.c: Registration from '"105" \' failed for '45.143.221.41:6012' - Wrong password \[Sep 18 05:45:34\] NOTICE\[31025\] chan_sip.c: Registration from '"105" \' failed for '45.143.221.41:6012' - Wrong password \[Sep 18 05:45:34\] NOTICE\[31025\] chan_sip.c: Registration from '"105" \' failed for '45.143.221.41:6012' - Wrong password \[Sep 18 05:45:34\] NOTICE\[31025\] chan_sip.c: Registration from '"105" \' failed for '45.143.221.41:6012' - Wrong password \[Sep 18 05:45:34\] NOTICE\[31025\] chan_sip.c: Registration from '"105" \' failed for '45.143.221.41:6012' - Wrong password \[Sep 18 05:45:34\] NOTICE\[31025\] chan_sip.c: Registration from '"105" \< ...	2020-09-18 06:11:36
190.81.175.66	attack	RDP Bruteforce	2020-09-18 05:35:27
45.189.12.186	attackbotsspam	Sep 17 17:25:14 NPSTNNYC01T sshd[25099]: Failed password for root from 45.189.12.186 port 38908 ssh2 Sep 17 17:29:15 NPSTNNYC01T sshd[25442]: Failed password for root from 45.189.12.186 port 41708 ssh2 ...	2020-09-18 05:47:26
49.235.132.88	attackspambots	Fail2Ban Ban Triggered	2020-09-18 06:00:46

Recently Reported IPs

190.83.45.241	253.119.29.168	4.55.7.193	2.95.11.161
93.26.82.74	48.101.33.32	168.176.27.245	44.129.184.139
44.207.33.175	224.195.254.149	112.78.11.50	219.165.160.206
37.50.72.164	8.93.107.102	46.139.161.182	255.163.70.211
11.118.209.8	1.148.78.239	142.24.216.139	168.101.255.232