52.138.20.101 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt detected from IP address 52.138.20.101 to port 23	2020-07-22 16:51:08
attackspam	Port Scan detected! ...	2020-07-22 12:32:36

Comments on same subnet:

IP	Type	Details	Datetime
52.138.20.136	attackbots	Feb 26 19:31:28 s1 sshd\[6618\]: Invalid user tvjahn-wolfsburg from 52.138.20.136 port 43966 Feb 26 19:31:28 s1 sshd\[6618\]: Failed password for invalid user tvjahn-wolfsburg from 52.138.20.136 port 43966 ssh2 Feb 26 19:31:29 s1 sshd\[6620\]: Invalid user tvjahn-wolfsburg from 52.138.20.136 port 44114 Feb 26 19:31:29 s1 sshd\[6620\]: Failed password for invalid user tvjahn-wolfsburg from 52.138.20.136 port 44114 ssh2 Feb 26 19:31:30 s1 sshd\[6622\]: Invalid user tvjahn-wolfsburg from 52.138.20.136 port 44278 Feb 26 19:31:30 s1 sshd\[6622\]: Failed password for invalid user tvjahn-wolfsburg from 52.138.20.136 port 44278 ssh2 ...	2020-02-27 03:21:04
52.138.206.116	attack	RDP Bruteforce	2019-07-15 09:05:12

Type

Details

Datetime

52.138.20.136

attackbots

Feb 26 19:31:28 s1 sshd\[6618\]: Invalid user tvjahn-wolfsburg from 52.138.20.136 port 43966
Feb 26 19:31:28 s1 sshd\[6618\]: Failed password for invalid user tvjahn-wolfsburg from 52.138.20.136 port 43966 ssh2
Feb 26 19:31:29 s1 sshd\[6620\]: Invalid user tvjahn-wolfsburg from 52.138.20.136 port 44114
Feb 26 19:31:29 s1 sshd\[6620\]: Failed password for invalid user tvjahn-wolfsburg from 52.138.20.136 port 44114 ssh2
Feb 26 19:31:30 s1 sshd\[6622\]: Invalid user tvjahn-wolfsburg from 52.138.20.136 port 44278
Feb 26 19:31:30 s1 sshd\[6622\]: Failed password for invalid user tvjahn-wolfsburg from 52.138.20.136 port 44278 ssh2
...

2020-02-27 03:21:04

52.138.206.116

attack

RDP Bruteforce

2019-07-15 09:05:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.138.20.101
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4305
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.138.20.101.			IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072102 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 22 12:32:29 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 101.20.138.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 101.20.138.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.146.92.254	attackspambots	22/tcp [2019-08-09]1pkt	2019-08-09 16:31:49
106.12.56.17	attackspam	Automatic report - Banned IP Access	2019-08-09 15:52:46
37.59.107.100	attack	Aug 9 10:54:51 www sshd\[17713\]: Invalid user leona from 37.59.107.100 Aug 9 10:54:51 www sshd\[17713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.107.100 Aug 9 10:54:53 www sshd\[17713\]: Failed password for invalid user leona from 37.59.107.100 port 47414 ssh2 ...	2019-08-09 16:02:45
40.77.167.69	attackspam	Automatic report - Banned IP Access	2019-08-09 16:07:57
114.232.62.8	attack	2323/tcp [2019-08-09]1pkt	2019-08-09 16:36:10
47.106.80.53	attack	3389BruteforceFW21	2019-08-09 16:30:48
191.242.76.223	attackspam	Aug 9 09:00:16 xeon postfix/smtpd[23479]: warning: unknown[191.242.76.223]: SASL PLAIN authentication failed: authentication failure	2019-08-09 15:57:33
174.141.231.74	attackbotsspam	xmlrpc attack	2019-08-09 16:13:32
206.189.39.183	attackspambots	Aug 9 10:08:22 [host] sshd[19230]: Invalid user reseller from 206.189.39.183 Aug 9 10:08:22 [host] sshd[19230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.39.183 Aug 9 10:08:24 [host] sshd[19230]: Failed password for invalid user reseller from 206.189.39.183 port 48658 ssh2	2019-08-09 16:17:45
58.210.238.114	attackbots	Aug 9 08:05:19 MK-Soft-VM5 sshd\[12955\]: Invalid user xian from 58.210.238.114 port 35552 Aug 9 08:05:19 MK-Soft-VM5 sshd\[12955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.210.238.114 Aug 9 08:05:21 MK-Soft-VM5 sshd\[12955\]: Failed password for invalid user xian from 58.210.238.114 port 35552 ssh2 ...	2019-08-09 16:10:05
195.201.16.172	attackbots	Multiple SQL Injection probes/attacks	2019-08-09 16:22:35
187.162.46.253	attackspambots	Automatic report - Port Scan Attack	2019-08-09 16:12:53
113.161.49.136	attack	445/tcp [2019-08-09]1pkt	2019-08-09 16:18:11
73.247.27.209	attack	Aug 9 10:43:18 www2 sshd\[56182\]: Invalid user arnold from 73.247.27.209Aug 9 10:43:20 www2 sshd\[56182\]: Failed password for invalid user arnold from 73.247.27.209 port 51746 ssh2Aug 9 10:47:37 www2 sshd\[56695\]: Failed password for root from 73.247.27.209 port 45938 ssh2 ...	2019-08-09 16:09:28
14.229.62.242	attack	445/tcp [2019-08-09]1pkt	2019-08-09 16:22:06

Recently Reported IPs

216.200.199.204	174.76.35.25	45.129.33.21	164.90.177.220
122.51.160.62	177.98.104.67	153.126.152.153	66.249.75.104
253.163.132.97	14.252.50.200	91.92.231.224	23.96.45.241
194.87.138.32	212.156.87.194	106.75.231.250	207.191.163.241
112.134.12.163	120.79.180.193	228.162.96.189	187.178.70.223