131.196.243.140

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Alison Junior de A. Dos Santos

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port probing on unauthorized port 445	2020-04-21 16:59:11

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 131.196.243.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45369
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.196.243.140.		IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042100 1800 900 604800 86400

;; Query time: 195 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 16:59:07 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 140.243.196.131.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.243.196.131.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.219.133.7	attackspam	Lines containing failures of 114.219.133.7 Aug 12 02:03:55 shared09 sshd[14412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.219.133.7 user=r.r Aug 12 02:03:57 shared09 sshd[14412]: Failed password for r.r from 114.219.133.7 port 2591 ssh2 Aug 12 02:03:57 shared09 sshd[14412]: Received disconnect from 114.219.133.7 port 2591:11: Bye Bye [preauth] Aug 12 02:03:57 shared09 sshd[14412]: Disconnected from authenticating user r.r 114.219.133.7 port 2591 [preauth] Aug 12 02:21:18 shared09 sshd[24645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.219.133.7 user=r.r Aug 12 02:21:20 shared09 sshd[24645]: Failed password for r.r from 114.219.133.7 port 2592 ssh2 Aug 12 02:21:20 shared09 sshd[24645]: Received disconnect from 114.219.133.7 port 2592:11: Bye Bye [preauth] Aug 12 02:21:20 shared09 sshd[24645]: Disconnected from authenticating user r.r 114.219.133.7 port 2592 [preauth] Aug ........ ------------------------------	2020-08-14 06:56:42
167.71.40.105	attack	2020-08-13T15:27:58.049583correo.[domain] sshd[42693]: Failed password for root from 167.71.40.105 port 33814 ssh2 2020-08-13T15:32:06.871971correo.[domain] sshd[43328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.40.105 user=root 2020-08-13T15:32:08.500206correo.[domain] sshd[43328]: Failed password for root from 167.71.40.105 port 44840 ssh2 ...	2020-08-14 06:42:55
112.85.42.104	attackbots	Aug 13 23:05:00 rush sshd[10801]: Failed password for root from 112.85.42.104 port 56556 ssh2 Aug 13 23:05:10 rush sshd[10803]: Failed password for root from 112.85.42.104 port 17774 ssh2 Aug 13 23:05:12 rush sshd[10803]: Failed password for root from 112.85.42.104 port 17774 ssh2 ...	2020-08-14 07:10:51
112.85.42.176	attack	Aug 14 00:53:20 ip106 sshd[12159]: Failed password for root from 112.85.42.176 port 26725 ssh2 Aug 14 00:53:24 ip106 sshd[12159]: Failed password for root from 112.85.42.176 port 26725 ssh2 ...	2020-08-14 06:57:15
94.74.190.33	attackbots	$f2bV_matches	2020-08-14 06:45:42
60.183.30.16	attack	Hacking	2020-08-14 07:01:37
165.227.191.15	attack	Aug 13 22:40:35 ns382633 sshd\[13595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.191.15 user=root Aug 13 22:40:37 ns382633 sshd\[13595\]: Failed password for root from 165.227.191.15 port 47108 ssh2 Aug 13 22:42:38 ns382633 sshd\[13731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.191.15 user=root Aug 13 22:42:40 ns382633 sshd\[13731\]: Failed password for root from 165.227.191.15 port 52276 ssh2 Aug 13 22:44:18 ns382633 sshd\[13899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.191.15 user=root	2020-08-14 07:10:25
180.126.230.153	attack	"fail2ban match"	2020-08-14 06:49:01
211.208.225.110	attackbotsspam	web-1 [ssh_2] SSH Attack	2020-08-14 07:09:44
111.74.11.85	attack	Lines containing failures of 111.74.11.85 Aug 11 23:55:30 penfold sshd[12948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.74.11.85 user=r.r Aug 11 23:55:32 penfold sshd[12948]: Failed password for r.r from 111.74.11.85 port 25092 ssh2 Aug 11 23:55:33 penfold sshd[12948]: Received disconnect from 111.74.11.85 port 25092:11: Bye Bye [preauth] Aug 11 23:55:33 penfold sshd[12948]: Disconnected from authenticating user r.r 111.74.11.85 port 25092 [preauth] Aug 12 00:09:51 penfold sshd[13874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.74.11.85 user=r.r Aug 12 00:09:53 penfold sshd[13874]: Failed password for r.r from 111.74.11.85 port 65422 ssh2 Aug 12 00:09:53 penfold sshd[13874]: Received disconnect from 111.74.11.85 port 65422:11: Bye Bye [preauth] Aug 12 00:09:53 penfold sshd[13874]: Disconnected from authenticating user r.r 111.74.11.85 port 65422 [preauth] Aug 12 00:14:24........ ------------------------------	2020-08-14 07:11:42
51.77.163.177	attackspambots	Aug 14 00:40:21 fhem-rasp sshd[24077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.163.177 user=root Aug 14 00:40:23 fhem-rasp sshd[24077]: Failed password for root from 51.77.163.177 port 37550 ssh2 ...	2020-08-14 06:42:07
159.65.146.72	attack	159.65.146.72 - - [13/Aug/2020:22:44:28 +0200] "GET /wp-login.php HTTP/1.1" 200 8691 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.146.72 - - [13/Aug/2020:22:44:30 +0200] "POST /wp-login.php HTTP/1.1" 200 8921 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.146.72 - - [13/Aug/2020:22:44:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-14 06:55:47
134.209.235.106	attack	134.209.235.106 - - [13/Aug/2020:22:48:34 +0200] "GET /wp-login.php HTTP/1.1" 200 9032 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.235.106 - - [13/Aug/2020:22:48:35 +0200] "POST /wp-login.php HTTP/1.1" 200 9283 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 134.209.235.106 - - [13/Aug/2020:22:48:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-14 07:14:01
159.203.30.50	attackspam	Aug 14 05:47:42 webhost01 sshd[9931]: Failed password for root from 159.203.30.50 port 51698 ssh2 ...	2020-08-14 07:07:38
61.133.232.254	attack	Aug 14 00:58:30 eventyay sshd[12266]: Failed password for root from 61.133.232.254 port 49735 ssh2 Aug 14 01:02:04 eventyay sshd[12374]: Failed password for root from 61.133.232.254 port 4158 ssh2 ...	2020-08-14 07:17:14

Recently Reported IPs

200.194.39.184	45.95.169.232	91.216.164.252	20.48.40.93
45.238.229.241	185.209.0.79	162.243.128.32	18.163.29.88
174.110.88.87	188.16.147.225	180.247.2.12	223.206.219.169
146.90.99.105	51.75.175.26	50.87.253.242	14.232.7.69
54.39.96.155	117.244.89.29	231.78.141.61	212.129.154.148