138.0.7.121 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: LRF Conections Servicos Ltda ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Brute forcing email accounts	2020-01-26 14:48:03
attackbots	Aug 27 11:02:10 ubuntu-2gb-nbg1-dc3-1 sshd[13985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.0.7.121 Aug 27 11:02:11 ubuntu-2gb-nbg1-dc3-1 sshd[13985]: Failed password for invalid user admin from 138.0.7.121 port 39727 ssh2 ...	2019-08-28 02:52:11

Type

Details

Datetime

attackbots

Brute forcing email accounts

2020-01-26 14:48:03

attackbots

Aug 27 11:02:10 ubuntu-2gb-nbg1-dc3-1 sshd[13985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.0.7.121
Aug 27 11:02:11 ubuntu-2gb-nbg1-dc3-1 sshd[13985]: Failed password for invalid user admin from 138.0.7.121 port 39727 ssh2
...

2019-08-28 02:52:11

Comments on same subnet:

IP	Type	Details	Datetime
138.0.7.143	attack	Unauthorized IMAP connection attempt	2020-05-17 03:06:35
138.0.7.194	attackspam	Invalid user admin from 138.0.7.194 port 54451	2020-04-21 01:42:46
138.0.7.218	attackspambots	Invalid user admin from 138.0.7.218 port 38529	2020-04-19 02:04:09
138.0.7.150	attackspam	Apr 14 05:45:22 host sshd\[19124\]: Invalid user admin from 138.0.7.150 port 49020	2020-04-14 19:52:06
138.0.7.90	attack	$f2bV_matches	2020-02-17 13:05:14
138.0.7.214	attack	Invalid user admin from 138.0.7.214 port 53649	2020-01-21 23:18:52
138.0.7.129	attackbots	Invalid user admin from 138.0.7.129 port 40582	2020-01-19 03:18:08
138.0.7.228	attack	Unauthorized connection attempt detected from IP address 138.0.7.228 to port 22 [J]	2020-01-18 16:49:05
138.0.7.129	attackspam	Invalid user admin from 138.0.7.129 port 40582	2020-01-18 05:11:30
138.0.7.109	attack	Dec 24 15:35:03 localhost sshd\[1728\]: Invalid user admin from 138.0.7.109 port 38992 Dec 24 15:35:03 localhost sshd\[1728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.0.7.109 Dec 24 15:35:05 localhost sshd\[1728\]: Failed password for invalid user admin from 138.0.7.109 port 38992 ssh2 ...	2019-12-25 00:50:23
138.0.7.226	attackspam	Oct 27 05:54:12 sauna sshd[16909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.0.7.226 Oct 27 05:54:14 sauna sshd[16909]: Failed password for invalid user admin from 138.0.7.226 port 50611 ssh2 ...	2019-10-27 14:43:21
138.0.7.133	attack	Invalid user admin from 138.0.7.133 port 38858	2019-10-11 21:13:11
138.0.7.205	attackspam	Invalid user admin from 138.0.7.205 port 50005	2019-10-11 21:12:56
138.0.7.229	attack	Oct 1 23:26:58 f201 sshd[13257]: Connection closed by 138.0.7.229 [preauth] Oct 2 02:26:18 f201 sshd[11336]: Connection closed by 138.0.7.229 [preauth] Oct 2 05:04:31 f201 sshd[18843]: Connection closed by 138.0.7.229 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.0.7.229	2019-10-02 15:57:24
138.0.73.253	attackbots	09/25/2019-08:19:47.519567 138.0.73.253 Protocol: 1 GPL ICMP_INFO PING *NIX	2019-09-26 00:18:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.0.7.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1507
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.0.7.121.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082701 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 28 02:52:06 CST 2019
;; MSG SIZE  rcvd: 115

Host info

121.7.0.138.in-addr.arpa domain name pointer 138-0-7-121.static.lrfconections.com.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
121.7.0.138.in-addr.arpa	name = 138-0-7-121.static.lrfconections.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.165.167.10	attack	leo_www	2020-03-24 00:25:32
49.73.61.26	attack	$f2bV_matches	2020-03-24 00:50:10
111.250.84.131	attackbots	Hits on port : 26	2020-03-24 00:32:40
64.202.187.152	attack	Mar 23 17:28:12 ns3042688 sshd\[14444\]: Invalid user qb from 64.202.187.152 Mar 23 17:28:12 ns3042688 sshd\[14444\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.202.187.152 Mar 23 17:28:14 ns3042688 sshd\[14444\]: Failed password for invalid user qb from 64.202.187.152 port 48778 ssh2 Mar 23 17:32:03 ns3042688 sshd\[15763\]: Invalid user nc from 64.202.187.152 Mar 23 17:32:03 ns3042688 sshd\[15763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.202.187.152 ...	2020-03-24 00:36:32
83.239.80.118	attackspambots	Brute-force general attack.	2020-03-24 00:40:26
106.54.164.208	attackspambots	Automatic report - SSH Brute-Force Attack	2020-03-24 00:03:27
190.66.52.252	attackbots	Mar 23 17:04:36 plex sshd[26741]: Invalid user camilla from 190.66.52.252 port 54242 Mar 23 17:04:38 plex sshd[26741]: Failed password for invalid user camilla from 190.66.52.252 port 54242 ssh2 Mar 23 17:04:36 plex sshd[26741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.66.52.252 Mar 23 17:04:36 plex sshd[26741]: Invalid user camilla from 190.66.52.252 port 54242 Mar 23 17:04:38 plex sshd[26741]: Failed password for invalid user camilla from 190.66.52.252 port 54242 ssh2	2020-03-24 00:25:05
200.236.117.104	attackspam	Automatic report - Port Scan Attack	2020-03-24 00:10:32
139.199.98.175	attackbots	$f2bV_matches	2020-03-23 23:59:50
145.239.78.59	attack	Mar 23 17:13:50 legacy sshd[32246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.78.59 Mar 23 17:13:51 legacy sshd[32246]: Failed password for invalid user tian from 145.239.78.59 port 43116 ssh2 Mar 23 17:17:26 legacy sshd[32308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.78.59 ...	2020-03-24 00:36:03
202.182.120.62	attack	Mar 23 16:42:17 Ubuntu-1404-trusty-64-minimal sshd\[30807\]: Invalid user influxdb from 202.182.120.62 Mar 23 16:42:17 Ubuntu-1404-trusty-64-minimal sshd\[30807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.182.120.62 Mar 23 16:42:18 Ubuntu-1404-trusty-64-minimal sshd\[30807\]: Failed password for invalid user influxdb from 202.182.120.62 port 51230 ssh2 Mar 23 16:54:18 Ubuntu-1404-trusty-64-minimal sshd\[3840\]: Invalid user kq from 202.182.120.62 Mar 23 16:54:18 Ubuntu-1404-trusty-64-minimal sshd\[3840\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.182.120.62	2020-03-24 00:07:36
222.186.30.209	attackbotsspam	Mar 23 17:33:21 vmanager6029 sshd\[22338\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root Mar 23 17:33:23 vmanager6029 sshd\[22336\]: error: PAM: Authentication failure for root from 222.186.30.209 Mar 23 17:33:23 vmanager6029 sshd\[22339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.209 user=root	2020-03-24 00:43:33
148.70.159.5	attackspam	Mar 23 22:46:28 itv-usvr-02 sshd[14656]: Invalid user kdm from 148.70.159.5 port 36472 Mar 23 22:46:28 itv-usvr-02 sshd[14656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.159.5 Mar 23 22:46:28 itv-usvr-02 sshd[14656]: Invalid user kdm from 148.70.159.5 port 36472 Mar 23 22:46:31 itv-usvr-02 sshd[14656]: Failed password for invalid user kdm from 148.70.159.5 port 36472 ssh2 Mar 23 22:50:39 itv-usvr-02 sshd[14958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.159.5 user=mail Mar 23 22:50:41 itv-usvr-02 sshd[14958]: Failed password for mail from 148.70.159.5 port 53914 ssh2	2020-03-24 00:26:25
159.65.144.64	attackspambots	Mar 23 09:46:02 home sshd[18114]: Invalid user cpanelrrdtool from 159.65.144.64 port 46514 Mar 23 09:46:02 home sshd[18114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.144.64 Mar 23 09:46:02 home sshd[18114]: Invalid user cpanelrrdtool from 159.65.144.64 port 46514 Mar 23 09:46:04 home sshd[18114]: Failed password for invalid user cpanelrrdtool from 159.65.144.64 port 46514 ssh2 Mar 23 09:52:04 home sshd[18156]: Invalid user user from 159.65.144.64 port 32938 Mar 23 09:52:04 home sshd[18156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.144.64 Mar 23 09:52:04 home sshd[18156]: Invalid user user from 159.65.144.64 port 32938 Mar 23 09:52:06 home sshd[18156]: Failed password for invalid user user from 159.65.144.64 port 32938 ssh2 Mar 23 09:56:27 home sshd[18168]: Invalid user developer from 159.65.144.64 port 49430 Mar 23 09:56:27 home sshd[18168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 eu	2020-03-24 00:13:11
185.220.100.245	attackspambots	Mar 23 16:49:02 vpn01 sshd[21343]: Failed password for root from 185.220.100.245 port 24188 ssh2 Mar 23 16:49:04 vpn01 sshd[21343]: Failed password for root from 185.220.100.245 port 24188 ssh2 ...	2020-03-24 00:23:46

Recently Reported IPs

24.198.206.123	54.36.189.105	36.228.225.162	116.209.164.2
14.247.172.54	138.121.206.122	123.235.71.135	118.165.228.109
93.185.27.179	1.1.230.122	213.131.47.178	200.35.214.184
213.178.54.226	178.172.224.19	193.138.50.7	144.217.93.130
82.112.34.47	1.198.30.108	103.74.111.32	189.40.184.23