138.122.20.69 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: RM Informatica Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - Port Scan Attack	2019-09-25 23:30:17

Comments on same subnet:

IP	Type	Details	Datetime
138.122.20.255	attackbots	Automatic report - Port Scan Attack	2020-05-21 22:24:10
138.122.20.93	attackbotsspam	DATE:2020-05-13 14:34:32, IP:138.122.20.93, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-14 01:44:14
138.122.202.200	attack	fail2ban	2020-04-12 22:29:28
138.122.202.200	attackspambots	(sshd) Failed SSH login from 138.122.202.200 (CO/Colombia/Departamento del Valle del Cauca/Buenaventura/dsl-emcali-138.122.202.200.emcali.net.co/[AS10299 EMPRESAS MUNICIPALES DE CALI E.I.C.E. E.S.P.]): 1 in the last 3600 secs	2020-04-09 06:43:42
138.122.202.200	attackspam	Mar 1 14:16:45 MK-Soft-VM7 sshd[4915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.122.202.200 Mar 1 14:16:47 MK-Soft-VM7 sshd[4915]: Failed password for invalid user andoria from 138.122.202.200 port 48186 ssh2 ...	2020-03-02 05:09:52
138.122.20.74	attack	unauthorized connection attempt	2020-02-07 17:58:12
138.122.20.81	attack	Unauthorized connection attempt detected from IP address 138.122.20.81 to port 80 [J]	2020-01-25 16:04:02
138.122.202.200	attack	$f2bV_matches	2020-01-10 06:28:23
138.122.202.200	attack	Unauthorized connection attempt detected from IP address 138.122.202.200 to port 2220 [J]	2020-01-07 18:22:46
138.122.202.200	attackspam	Unauthorized connection attempt detected from IP address 138.122.202.200 to port 2220 [J]	2020-01-04 22:52:13
138.122.20.79	attackspam	Automatic report - Port Scan Attack	2019-12-21 07:18:16
138.122.20.5	attackspambots	Honeypot attack, port: 445, PTR: 138-122-20-5.rminet.com.br.	2019-11-27 20:44:54
138.122.20.5	attackbots	1433/tcp 1433/tcp 445/tcp [2019-10-09/11-15]3pkt	2019-11-16 08:30:49
138.122.20.95	attack	19/11/12@09:40:45: FAIL: IoT-Telnet address from=138.122.20.95 ...	2019-11-12 23:52:23
138.122.202.200	attackbots	2019-11-06T08:52:08.991770abusebot-5.cloudsearch.cf sshd\[5455\]: Invalid user hirano from 138.122.202.200 port 36430	2019-11-06 20:47:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.122.20.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27432
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.122.20.69.			IN	A

;; AUTHORITY SECTION:
.			488	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092500 1800 900 604800 86400

;; Query time: 606 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 25 23:30:12 CST 2019
;; MSG SIZE  rcvd: 117

Host info

69.20.122.138.in-addr.arpa domain name pointer 138-122-20-69.rminet.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
69.20.122.138.in-addr.arpa	name = 138-122-20-69.rminet.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.183.150.15	attackspambots	60001/tcp [2019-07-17]1pkt	2019-07-18 05:44:21
91.242.61.9	attack	From firstbanknigeria.com	2019-07-18 05:49:26
113.204.225.198	attackbots	Jul 18 01:36:58 webhost01 sshd[6972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.204.225.198 Jul 18 01:37:01 webhost01 sshd[6972]: Failed password for invalid user hector from 113.204.225.198 port 32958 ssh2 ...	2019-07-18 05:34:35
109.19.16.40	attack	Jul 17 22:08:25 cvbmail sshd\[3520\]: Invalid user v from 109.19.16.40 Jul 17 22:08:25 cvbmail sshd\[3520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.19.16.40 Jul 17 22:08:27 cvbmail sshd\[3520\]: Failed password for invalid user v from 109.19.16.40 port 35730 ssh2	2019-07-18 05:52:57
178.170.254.175	attackbotsspam	[portscan] Port scan	2019-07-18 06:06:44
203.95.212.41	attackbots	Jul 17 17:17:31 TORMINT sshd\[30729\]: Invalid user studio from 203.95.212.41 Jul 17 17:17:31 TORMINT sshd\[30729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.95.212.41 Jul 17 17:17:33 TORMINT sshd\[30729\]: Failed password for invalid user studio from 203.95.212.41 port 10596 ssh2 ...	2019-07-18 05:41:38
112.85.42.180	attack	Jul 17 18:42:36 arianus sshd\[22587\]: Unable to negotiate with 112.85.42.180 port 18203: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 \[preauth\] ...	2019-07-18 05:52:27
59.25.197.154	attackbotsspam	Jul 17 21:28:52 MK-Soft-VM5 sshd\[31977\]: Invalid user update from 59.25.197.154 port 33582 Jul 17 21:28:52 MK-Soft-VM5 sshd\[31977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.25.197.154 Jul 17 21:28:53 MK-Soft-VM5 sshd\[31977\]: Failed password for invalid user update from 59.25.197.154 port 33582 ssh2 ...	2019-07-18 05:43:03
87.103.214.172	attack	Unauthorized connection attempt from IP address 87.103.214.172 on Port 445(SMB)	2019-07-18 05:58:07
114.32.80.100	attackbots	" "	2019-07-18 05:42:32
51.77.140.244	attackspambots	Jul 17 17:47:04 vps200512 sshd\[13872\]: Invalid user jenkins from 51.77.140.244 Jul 17 17:47:04 vps200512 sshd\[13872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.244 Jul 17 17:47:06 vps200512 sshd\[13872\]: Failed password for invalid user jenkins from 51.77.140.244 port 58248 ssh2 Jul 17 17:52:09 vps200512 sshd\[13967\]: Invalid user ik from 51.77.140.244 Jul 17 17:52:09 vps200512 sshd\[13967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.244	2019-07-18 05:57:07
140.143.69.34	attack	Jul 17 18:42:09 [munged] sshd[12648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.69.34 user=ftp Jul 17 18:42:11 [munged] sshd[12648]: Failed password for ftp from 140.143.69.34 port 34520 ssh2	2019-07-18 06:15:14
216.127.174.116	attack	failed_logins	2019-07-18 05:48:52
60.248.28.105	attack	Jul 17 23:20:59 srv206 sshd[10651]: Invalid user sandy from 60.248.28.105 ...	2019-07-18 05:47:35
40.124.4.131	attack	Jul 17 19:46:47 ncomp sshd[17210]: Invalid user rocco from 40.124.4.131 Jul 17 19:46:47 ncomp sshd[17210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.124.4.131 Jul 17 19:46:47 ncomp sshd[17210]: Invalid user rocco from 40.124.4.131 Jul 17 19:46:49 ncomp sshd[17210]: Failed password for invalid user rocco from 40.124.4.131 port 45338 ssh2	2019-07-18 05:35:45

Recently Reported IPs

30.88.110.161	222.140.48.100	79.131.211.153	172.231.150.204
82.128.71.84	158.73.204.220	130.177.161.81	45.76.33.221
132.232.112.217	212.9.99.147	65.151.7.111	121.201.38.109
105.177.94.153	159.46.203.108	141.26.54.54	193.189.119.118
19.229.205.44	126.245.28.109	153.123.3.209	251.95.17.103