138.122.20.90 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.122.20.255	attackbots	Automatic report - Port Scan Attack	2020-05-21 22:24:10
138.122.20.93	attackbotsspam	DATE:2020-05-13 14:34:32, IP:138.122.20.93, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-14 01:44:14
138.122.202.200	attack	fail2ban	2020-04-12 22:29:28
138.122.202.200	attackspambots	(sshd) Failed SSH login from 138.122.202.200 (CO/Colombia/Departamento del Valle del Cauca/Buenaventura/dsl-emcali-138.122.202.200.emcali.net.co/[AS10299 EMPRESAS MUNICIPALES DE CALI E.I.C.E. E.S.P.]): 1 in the last 3600 secs	2020-04-09 06:43:42
138.122.202.200	attackspam	Mar 1 14:16:45 MK-Soft-VM7 sshd[4915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.122.202.200 Mar 1 14:16:47 MK-Soft-VM7 sshd[4915]: Failed password for invalid user andoria from 138.122.202.200 port 48186 ssh2 ...	2020-03-02 05:09:52
138.122.20.74	attack	unauthorized connection attempt	2020-02-07 17:58:12
138.122.20.81	attack	Unauthorized connection attempt detected from IP address 138.122.20.81 to port 80 [J]	2020-01-25 16:04:02
138.122.202.200	attack	$f2bV_matches	2020-01-10 06:28:23
138.122.202.200	attack	Unauthorized connection attempt detected from IP address 138.122.202.200 to port 2220 [J]	2020-01-07 18:22:46
138.122.202.200	attackspam	Unauthorized connection attempt detected from IP address 138.122.202.200 to port 2220 [J]	2020-01-04 22:52:13
138.122.20.79	attackspam	Automatic report - Port Scan Attack	2019-12-21 07:18:16
138.122.20.5	attackspambots	Honeypot attack, port: 445, PTR: 138-122-20-5.rminet.com.br.	2019-11-27 20:44:54
138.122.20.5	attackbots	1433/tcp 1433/tcp 445/tcp [2019-10-09/11-15]3pkt	2019-11-16 08:30:49
138.122.20.95	attack	19/11/12@09:40:45: FAIL: IoT-Telnet address from=138.122.20.95 ...	2019-11-12 23:52:23
138.122.202.200	attackbots	2019-11-06T08:52:08.991770abusebot-5.cloudsearch.cf sshd\[5455\]: Invalid user hirano from 138.122.202.200 port 36430	2019-11-06 20:47:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.122.20.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9536
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.122.20.90.			IN	A

;; AUTHORITY SECTION:
.			326	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:24:07 CST 2022
;; MSG SIZE  rcvd: 106

Host info

90.20.122.138.in-addr.arpa domain name pointer 138-122-20-90.rminet.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
90.20.122.138.in-addr.arpa	name = 138-122-20-90.rminet.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.20.231.251	attack	Telnet Server BruteForce Attack	2019-10-17 05:21:31
73.29.192.106	attack	Oct 16 22:55:53 server sshd\[10946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-73-29-192-106.hsd1.nj.comcast.net user=root Oct 16 22:55:55 server sshd\[10946\]: Failed password for root from 73.29.192.106 port 49654 ssh2 Oct 16 22:55:57 server sshd\[10946\]: Failed password for root from 73.29.192.106 port 49654 ssh2 Oct 16 22:55:59 server sshd\[10946\]: Failed password for root from 73.29.192.106 port 49654 ssh2 Oct 16 22:56:01 server sshd\[10946\]: Failed password for root from 73.29.192.106 port 49654 ssh2 ...	2019-10-17 04:53:49
61.153.210.66	attackspam	DATE:2019-10-16 21:27:21, IP:61.153.210.66, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2019-10-17 05:11:17
49.88.112.114	attack	Oct 16 17:17:58 plusreed sshd[1372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Oct 16 17:18:01 plusreed sshd[1372]: Failed password for root from 49.88.112.114 port 36655 ssh2 ...	2019-10-17 05:20:28
106.12.100.119	attack	2019-10-16T21:27:18.641629stark.klein-stark.info sshd\[5395\]: Invalid user test from 106.12.100.119 port 42929 2019-10-16T21:27:18.651088stark.klein-stark.info sshd\[5395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.100.119 2019-10-16T21:27:20.387551stark.klein-stark.info sshd\[5395\]: Failed password for invalid user test from 106.12.100.119 port 42929 ssh2 ...	2019-10-17 05:07:43
112.35.79.100	attackspambots	[WedOct1621:27:26.2589272019][:error][pid18409:tid46955524249344][client112.35.79.100:23811][client112.35.79.100]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\$\\|\?=\?f$\?:open\\|write$\?\\\\\\\\$\\|\\\\\\\\b\(\?:passthru\\|serialize\\|php_uname\\|phpinfo\\|shell_exec\\|preg_\\\\\\\\w \\|mysql_query\\|exec\\|eval\\|base64_decode\\|decode_base64\\|rot13\\|base64_url_decode\\|gz\(\?:inflate\\|decode\\|uncompress$\\|strrev\\|zlib_\\\\\\\\w \)\\\\\\\\b\?$\?..."atARGS:admin.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"767"][id"340095"][rev"53"][msg"Atomicorp.comWAFRules:AttackBlocked-PHPfunctioninArgument-thismaybeanattack."][data"die\(@md5\,ARGS:admin"][severity"CRITICAL"][hostname"136.243.224.51"][uri"/33e0f388/admin.php"][unique_id"XadvHrYUUxsaVw1YNQ@4vAAAAJE"][WedOct1621:27:26.8015672019][:error][pid13312:tid46955606578944][client112.35.79.100:23999][client112.35.79.100]ModSecurity:Accessdeniedwithcode403\(phase2$.Pa	2019-10-17 05:05:31
183.191.179.79	attackbotsspam	Unauthorised access (Oct 16) SRC=183.191.179.79 LEN=40 TTL=49 ID=13879 TCP DPT=8080 WINDOW=65058 SYN Unauthorised access (Oct 16) SRC=183.191.179.79 LEN=40 TTL=49 ID=3401 TCP DPT=8080 WINDOW=16799 SYN Unauthorised access (Oct 16) SRC=183.191.179.79 LEN=40 TTL=49 ID=44587 TCP DPT=8080 WINDOW=1463 SYN Unauthorised access (Oct 16) SRC=183.191.179.79 LEN=40 TTL=49 ID=55483 TCP DPT=8080 WINDOW=37442 SYN Unauthorised access (Oct 16) SRC=183.191.179.79 LEN=40 TTL=49 ID=39648 TCP DPT=8080 WINDOW=16799 SYN Unauthorised access (Oct 15) SRC=183.191.179.79 LEN=40 TTL=49 ID=64492 TCP DPT=8080 WINDOW=41168 SYN Unauthorised access (Oct 15) SRC=183.191.179.79 LEN=40 TTL=49 ID=30369 TCP DPT=8080 WINDOW=55238 SYN Unauthorised access (Oct 15) SRC=183.191.179.79 LEN=40 TTL=49 ID=972 TCP DPT=8080 WINDOW=5728 SYN	2019-10-17 05:31:10
118.99.93.144	attackbots	CMS brute force ...	2019-10-17 05:09:10
132.232.58.52	attackbotsspam	$f2bV_matches_ltvn	2019-10-17 05:33:17
171.221.230.220	attack	F2B jail: sshd. Time: 2019-10-16 22:14:39, Reported by: VKReport	2019-10-17 05:15:57
188.166.251.87	attackbotsspam	2019-10-16T20:30:21.547690abusebot.cloudsearch.cf sshd\[730\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.251.87 user=root	2019-10-17 05:05:47
190.112.228.99	attack	SSH Scan	2019-10-17 05:23:42
59.39.177.195	attackbots	Oct 16 15:27:06 web1 postfix/smtpd[14814]: warning: unknown[59.39.177.195]: SASL LOGIN authentication failed: authentication failure ...	2019-10-17 05:18:41
5.226.11.125	attack	Oct 16 16:01:22 mxgate1 postfix/postscreen[7584]: CONNECT from [5.226.11.125]:35673 to [176.31.12.44]:25 Oct 16 16:01:22 mxgate1 postfix/dnsblog[7748]: addr 5.226.11.125 listed by domain b.barracudacentral.org as 127.0.0.2 Oct 16 16:01:28 mxgate1 postfix/postscreen[7584]: PASS NEW [5.226.11.125]:35673 Oct 16 16:01:30 mxgate1 postfix/smtpd[8207]: connect from unknown[5.226.11.125] Oct x@x Oct 16 16:01:37 mxgate1 postfix/smtpd[8207]: disconnect from unknown[5.226.11.125] helo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Oct 16 21:16:35 mxgate1 postfix/postscreen[19323]: CONNECT from [5.226.11.125]:36946 to [176.31.12.44]:25 Oct 16 21:16:35 mxgate1 postfix/dnsblog[19346]: addr 5.226.11.125 listed by domain b.barracudacentral.org as 127.0.0.2 Oct 16 21:16:36 mxgate1 postfix/dnsblog[19343]: addr 5.226.11.125 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Oct 16 21:16:36 mxgate1 postfix/postscreen[19323]: DNSBL rank 2 for [5.226.11.125]:36946 Oct x@x Oct 16 21:16:36 mxgate1........ -------------------------------	2019-10-17 04:59:11
193.147.168.251	attack	Oct 16 11:08:54 php1 sshd\[22228\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=imus4.us.es user=root Oct 16 11:08:56 php1 sshd\[22228\]: Failed password for root from 193.147.168.251 port 36374 ssh2 Oct 16 11:12:59 php1 sshd\[22856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=imus4.us.es user=root Oct 16 11:13:01 php1 sshd\[22856\]: Failed password for root from 193.147.168.251 port 56467 ssh2 Oct 16 11:17:02 php1 sshd\[23384\]: Invalid user smkim from 193.147.168.251	2019-10-17 05:26:43

Recently Reported IPs

138.122.209.229	138.122.202.215	138.122.202.210	138.122.211.86
118.174.82.98	138.122.204.205	138.122.211.203	138.122.206.165
138.122.204.11	138.122.204.201	138.122.204.52	138.122.216.153
138.122.222.64	118.174.83.126	138.122.23.15	138.122.222.241
138.122.222.79	138.122.238.35	138.122.228.12	138.122.230.75