197.52.5.39 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Egypt

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
197.52.51.13	attackspambots	Mar 6 05:50:38 v22019058497090703 sshd[20189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.52.51.13 Mar 6 05:50:40 v22019058497090703 sshd[20189]: Failed password for invalid user admin from 197.52.51.13 port 58824 ssh2 ...	2020-03-06 19:09:01
197.52.57.81	attackspambots	Honeypot hit.	2019-07-07 07:21:31
197.52.57.52	attackspambots	Lines containing failures of 197.52.57.52 Jun 24 06:26:32 shared12 sshd[32012]: Invalid user admin from 197.52.57.52 port 55328 Jun 24 06:26:32 shared12 sshd[32012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.52.57.52 Jun 24 06:26:35 shared12 sshd[32012]: Failed password for invalid user admin from 197.52.57.52 port 55328 ssh2 Jun 24 06:26:35 shared12 sshd[32012]: Connection closed by invalid user admin 197.52.57.52 port 55328 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.52.57.52	2019-06-24 19:20:55

Type

Details

Datetime

197.52.51.13

attackspambots

Mar  6 05:50:38 v22019058497090703 sshd[20189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.52.51.13
Mar  6 05:50:40 v22019058497090703 sshd[20189]: Failed password for invalid user admin from 197.52.51.13 port 58824 ssh2
...

2020-03-06 19:09:01

197.52.57.81

attackspambots

Honeypot hit.

2019-07-07 07:21:31

197.52.57.52

attackspambots

Lines containing failures of 197.52.57.52
Jun 24 06:26:32 shared12 sshd[32012]: Invalid user admin from 197.52.57.52 port 55328
Jun 24 06:26:32 shared12 sshd[32012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.52.57.52
Jun 24 06:26:35 shared12 sshd[32012]: Failed password for invalid user admin from 197.52.57.52 port 55328 ssh2
Jun 24 06:26:35 shared12 sshd[32012]: Connection closed by invalid user admin 197.52.57.52 port 55328 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=197.52.57.52

2019-06-24 19:20:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.52.5.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65380
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;197.52.5.39.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 16:25:38 CST 2022
;; MSG SIZE  rcvd: 104

Host info

39.5.52.197.in-addr.arpa domain name pointer host-197.52.5.39.tedata.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
39.5.52.197.in-addr.arpa	name = host-197.52.5.39.tedata.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.43.168.86	attack	202.43.168.86 - - [21/Sep/2019:23:32:08 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 202.43.168.86 - - [21/Sep/2019:23:32:09 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 202.43.168.86 - - [21/Sep/2019:23:32:10 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 202.43.168.86 - - [21/Sep/2019:23:32:11 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 202.43.168.86 - - [21/Sep/2019:23:32:12 +0200] "POST /wp-login.php HTTP/1.1" 200 4522 "http://mib-epas-consortium.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" 202.43.168.86 - - [21/Se	2019-09-22 08:27:46
151.76.113.201	attack	Sep 21 13:58:22 wbs sshd\[29786\]: Invalid user docker from 151.76.113.201 Sep 21 13:58:22 wbs sshd\[29786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.76.113.201 Sep 21 13:58:24 wbs sshd\[29786\]: Failed password for invalid user docker from 151.76.113.201 port 38272 ssh2 Sep 21 14:02:25 wbs sshd\[30147\]: Invalid user fernanda from 151.76.113.201 Sep 21 14:02:25 wbs sshd\[30147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.76.113.201	2019-09-22 08:41:55
168.232.156.205	attackspam	Sep 22 01:32:44 MainVPS sshd[7866]: Invalid user ftpadmin from 168.232.156.205 port 52641 Sep 22 01:32:44 MainVPS sshd[7866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.232.156.205 Sep 22 01:32:44 MainVPS sshd[7866]: Invalid user ftpadmin from 168.232.156.205 port 52641 Sep 22 01:32:46 MainVPS sshd[7866]: Failed password for invalid user ftpadmin from 168.232.156.205 port 52641 ssh2 Sep 22 01:38:32 MainVPS sshd[8286]: Invalid user util from 168.232.156.205 port 45056 ...	2019-09-22 08:44:55
45.63.71.86	attack	WP_xmlrpc_attack	2019-09-22 08:36:19
85.175.100.14	attackbots	Unauthorized connection attempt from IP address 85.175.100.14 on Port 445(SMB)	2019-09-22 08:32:50
51.15.171.46	attack	Sep 21 23:31:58 nextcloud sshd\[20282\]: Invalid user groupoffice from 51.15.171.46 Sep 21 23:31:58 nextcloud sshd\[20282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.171.46 Sep 21 23:32:00 nextcloud sshd\[20282\]: Failed password for invalid user groupoffice from 51.15.171.46 port 55810 ssh2 ...	2019-09-22 08:43:03
79.137.35.70	attackbotsspam	Automatic report - Banned IP Access	2019-09-22 08:34:16
51.83.78.109	attackspam	Invalid user admin from 51.83.78.109 port 52594	2019-09-22 08:35:52
180.150.189.206	attack	Sep 21 23:09:19 hcbbdb sshd\[10657\]: Invalid user fi from 180.150.189.206 Sep 21 23:09:19 hcbbdb sshd\[10657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.150.189.206 Sep 21 23:09:20 hcbbdb sshd\[10657\]: Failed password for invalid user fi from 180.150.189.206 port 34091 ssh2 Sep 21 23:13:36 hcbbdb sshd\[11227\]: Invalid user nrg from 180.150.189.206 Sep 21 23:13:36 hcbbdb sshd\[11227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.150.189.206	2019-09-22 08:54:17
206.214.2.71	attack	Chat Spam	2019-09-22 08:32:03
103.248.14.90	attackspambots	Sep 21 14:44:46 php1 sshd\[7931\]: Invalid user cap from 103.248.14.90 Sep 21 14:44:46 php1 sshd\[7931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.14.90 Sep 21 14:44:48 php1 sshd\[7931\]: Failed password for invalid user cap from 103.248.14.90 port 54292 ssh2 Sep 21 14:49:24 php1 sshd\[8462\]: Invalid user deploy from 103.248.14.90 Sep 21 14:49:24 php1 sshd\[8462\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.14.90	2019-09-22 08:59:40
117.205.228.20	attackspambots	Unauthorized connection attempt from IP address 117.205.228.20 on Port 445(SMB)	2019-09-22 08:38:54
49.88.112.69	attack	Sep 21 23:50:27 hcbbdb sshd\[16159\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.69 user=root Sep 21 23:50:29 hcbbdb sshd\[16159\]: Failed password for root from 49.88.112.69 port 43315 ssh2 Sep 21 23:54:05 hcbbdb sshd\[16603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.69 user=root Sep 21 23:54:07 hcbbdb sshd\[16603\]: Failed password for root from 49.88.112.69 port 57712 ssh2 Sep 21 23:54:09 hcbbdb sshd\[16603\]: Failed password for root from 49.88.112.69 port 57712 ssh2	2019-09-22 08:22:28
34.74.205.72	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/34.74.205.72/ US - 1H : (288) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN15169 IP : 34.74.205.72 CIDR : 34.72.0.0/14 PREFIX COUNT : 602 UNIQUE IP COUNT : 8951808 WYKRYTE ATAKI Z ASN15169 : 1H - 2 3H - 3 6H - 4 12H - 11 24H - 15 INFO : SERVER - ABB - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-09-22 08:49:16
14.192.17.145	attack	Sep 22 03:38:19 server sshd\[24821\]: Invalid user vnc from 14.192.17.145 port 35325 Sep 22 03:38:19 server sshd\[24821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.192.17.145 Sep 22 03:38:21 server sshd\[24821\]: Failed password for invalid user vnc from 14.192.17.145 port 35325 ssh2 Sep 22 03:43:18 server sshd\[4842\]: Invalid user chiara from 14.192.17.145 port 56165 Sep 22 03:43:18 server sshd\[4842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.192.17.145	2019-09-22 08:51:30

Recently Reported IPs

197.52.213.71	197.52.59.137	197.52.75.246	197.52.6.137
197.53.100.49	197.52.238.255	197.53.131.241	197.52.78.68
197.53.166.92	197.53.187.29	197.53.55.36	197.54.164.59
197.54.115.174	197.55.168.195	197.53.90.53	197.55.180.162
197.55.190.174	197.54.16.251	197.54.53.65	197.55.209.34