138.121.128.20

Basic Info

City: Teresina

Region: Piaui

Country: Brazil

Internet Service Provider: Itech Telecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Icarus honeypot on github	2020-06-15 00:17:58
attack	1433/tcp 445/tcp... [2019-09-15/11-07]7pkt,2pt.(tcp)	2019-11-07 17:54:34

Comments on same subnet:

IP	Type	Details	Datetime
138.121.128.19	attackspambots	Bruteforce detected by fail2ban	2020-08-28 22:36:41
138.121.128.19	attackspam	SSH login attempts.	2020-08-27 04:12:52
138.121.128.19	attackspam	Aug 20 12:07:00 scw-6657dc sshd[7596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.128.19 user=root Aug 20 12:07:00 scw-6657dc sshd[7596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.128.19 user=root Aug 20 12:07:02 scw-6657dc sshd[7596]: Failed password for root from 138.121.128.19 port 34650 ssh2 ...	2020-08-20 21:41:38
138.121.128.19	attackspam	Aug 16 11:13:11 ip106 sshd[21276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.128.19 Aug 16 11:13:14 ip106 sshd[21276]: Failed password for invalid user els from 138.121.128.19 port 54574 ssh2 ...	2020-08-16 17:40:47
138.121.128.19	attackspam	2020-08-12 23:16:34.372024-0500 localhost sshd[1565]: Failed password for root from 138.121.128.19 port 35192 ssh2	2020-08-13 18:23:37
138.121.128.19	attack	Aug 1 07:48:38 buvik sshd[7773]: Failed password for root from 138.121.128.19 port 51614 ssh2 Aug 1 07:52:14 buvik sshd[8385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.128.19 user=root Aug 1 07:52:16 buvik sshd[8385]: Failed password for root from 138.121.128.19 port 46428 ssh2 ...	2020-08-01 13:53:51
138.121.128.19	attackbots	Invalid user jira from 138.121.128.19 port 39228	2020-07-31 02:26:10
138.121.128.94	attackbotsspam	Unauthorized connection attempt detected from IP address 138.121.128.94 to port 8080	2020-07-22 20:46:44
138.121.128.19	attack	$f2bV_matches	2020-07-14 14:36:17
138.121.128.19	attackbots	Jul 12 21:56:25 meumeu sshd[487515]: Invalid user admin1 from 138.121.128.19 port 41802 Jul 12 21:56:25 meumeu sshd[487515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.128.19 Jul 12 21:56:25 meumeu sshd[487515]: Invalid user admin1 from 138.121.128.19 port 41802 Jul 12 21:56:27 meumeu sshd[487515]: Failed password for invalid user admin1 from 138.121.128.19 port 41802 ssh2 Jul 12 21:59:54 meumeu sshd[487606]: Invalid user redmine from 138.121.128.19 port 37862 Jul 12 21:59:54 meumeu sshd[487606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.128.19 Jul 12 21:59:54 meumeu sshd[487606]: Invalid user redmine from 138.121.128.19 port 37862 Jul 12 21:59:55 meumeu sshd[487606]: Failed password for invalid user redmine from 138.121.128.19 port 37862 ssh2 Jul 12 22:03:22 meumeu sshd[488035]: Invalid user kos from 138.121.128.19 port 33926 ...	2020-07-13 04:05:02
138.121.128.19	attackspam	Jun 30 21:05:34 vps sshd[15244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.128.19 Jun 30 21:05:36 vps sshd[15244]: Failed password for invalid user upload from 138.121.128.19 port 46862 ssh2 Jun 30 21:19:25 vps sshd[16402]: Failed password for root from 138.121.128.19 port 56782 ssh2 ...	2020-07-02 02:25:39
138.121.128.19	attackbots	Jun 20 14:13:56 sip sshd[713615]: Failed password for invalid user cynthia from 138.121.128.19 port 56554 ssh2 Jun 20 14:17:52 sip sshd[713652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.121.128.19 user=root Jun 20 14:17:54 sip sshd[713652]: Failed password for root from 138.121.128.19 port 56166 ssh2 ...	2020-06-20 23:07:34
138.121.128.19	attackspam	frenzy	2020-06-20 14:08:36
138.121.128.46	attack	Port Scan detected! ...	2020-05-27 06:42:30
138.121.128.46	attackspam	Connection by 138.121.128.46 on port: 23 got caught by honeypot at 5/14/2020 4:50:39 AM	2020-05-14 15:28:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.121.128.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.121.128.20.			IN	A

;; AUTHORITY SECTION:
.			417	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110700 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Nov 07 17:54:30 CST 2019
;; MSG SIZE  rcvd: 118

Host info

20.128.121.138.in-addr.arpa domain name pointer 20.128.121.138.itechtelecom.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.128.121.138.in-addr.arpa	name = 20.128.121.138.itechtelecom.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
84.53.198.125	attackspambots	Automatic report - Port Scan Attack	2020-02-21 22:51:12
188.166.111.207	attack	188.166.111.207 - - \[21/Feb/2020:14:19:24 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 188.166.111.207 - - \[21/Feb/2020:14:19:30 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 188.166.111.207 - - \[21/Feb/2020:14:19:36 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-21 22:45:05
188.119.30.80	attackbotsspam	suspicious action Fri, 21 Feb 2020 10:19:17 -0300	2020-02-21 23:02:04
103.48.192.203	attack	103.48.192.203 - - \[21/Feb/2020:14:19:28 +0100\] "POST /wp-login.php HTTP/1.0" 200 6640 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 103.48.192.203 - - \[21/Feb/2020:14:19:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 103.48.192.203 - - \[21/Feb/2020:14:19:35 +0100\] "POST /wp-login.php HTTP/1.0" 200 6453 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-21 22:46:17
123.108.34.70	attackbots	21 attempts against mh-ssh on cloud	2020-02-21 23:04:36
200.7.10.139	attackbotsspam	DATE:2020-02-21 14:17:29, IP:200.7.10.139, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-21 22:52:35
187.63.184.227	attackbotsspam	20/2/21@08:18:48: FAIL: Alarm-Network address from=187.63.184.227 ...	2020-02-21 23:21:48
141.155.177.180	attackbotsspam	suspicious action Fri, 21 Feb 2020 10:19:23 -0300	2020-02-21 22:58:26
207.154.246.51	attack	Feb 21 09:39:42 ny01 sshd[8495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.246.51 Feb 21 09:39:44 ny01 sshd[8495]: Failed password for invalid user 12345 from 207.154.246.51 port 59441 ssh2 Feb 21 09:42:04 ny01 sshd[9435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.246.51	2020-02-21 23:15:13
54.38.242.233	attackspam	$f2bV_matches	2020-02-21 22:45:37
124.65.129.126	attackspam	21.02.2020 13:29:26 Connection to port 1433 blocked by firewall	2020-02-21 23:10:11
106.12.4.109	attackbotsspam	Feb 21 15:23:10 MK-Soft-VM8 sshd[6625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.4.109 Feb 21 15:23:12 MK-Soft-VM8 sshd[6625]: Failed password for invalid user testuser from 106.12.4.109 port 49834 ssh2 ...	2020-02-21 22:42:27
41.222.249.236	attackspam	Feb 21 11:20:47 firewall sshd[575]: Invalid user work from 41.222.249.236 Feb 21 11:20:49 firewall sshd[575]: Failed password for invalid user work from 41.222.249.236 port 53829 ssh2 Feb 21 11:24:04 firewall sshd[681]: Invalid user ncuser from 41.222.249.236 ...	2020-02-21 22:50:42
193.31.24.113	attackspam	02/21/2020-16:05:32.435714 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2020-02-21 23:20:39
109.124.176.138	attack	Feb 21 15:43:17 jane sshd[29242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.124.176.138 Feb 21 15:43:19 jane sshd[29242]: Failed password for invalid user dial from 109.124.176.138 port 49716 ssh2 ...	2020-02-21 23:16:34

Recently Reported IPs

31.47.0.106	90.159.28.67	170.238.215.80	59.125.81.174
45.125.66.31	36.72.112.117	183.131.85.4	112.198.27.4
129.205.19.100	94.237.120.97	94.21.100.60	80.151.61.108
107.161.91.46	35.225.55.241	212.92.112.121	185.245.84.244
171.117.73.219	37.120.217.52	172.245.206.17	51.158.189.247