138.185.239.69

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Powertech Informatica

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	445/tcp 445/tcp 445/tcp [2019-07-30]3pkt	2019-07-30 21:03:28

Comments on same subnet:

IP	Type	Details	Datetime
138.185.239.93	attackbotsspam	Unauthorized connection attempt detected from IP address 138.185.239.93 to port 1433 [J]	2020-01-26 04:12:23
138.185.239.93	attackbots	20/1/17@16:46:17: FAIL: Alarm-Intrusion address from=138.185.239.93 20/1/17@16:46:17: FAIL: Alarm-Intrusion address from=138.185.239.93 ...	2020-01-18 05:46:55
138.185.239.93	attack	Unauthorised access (Dec 28) SRC=138.185.239.93 LEN=44 TTL=231 ID=29558 TCP DPT=445 WINDOW=1024 SYN	2019-12-28 19:10:02

Type

Details

Datetime

138.185.239.93

attackbotsspam

Unauthorized connection attempt detected from IP address 138.185.239.93 to port 1433 [J]

2020-01-26 04:12:23

138.185.239.93

attackbots

20/1/17@16:46:17: FAIL: Alarm-Intrusion address from=138.185.239.93
20/1/17@16:46:17: FAIL: Alarm-Intrusion address from=138.185.239.93
...

2020-01-18 05:46:55

138.185.239.93

attack

Unauthorised access (Dec 28) SRC=138.185.239.93 LEN=44 TTL=231 ID=29558 TCP DPT=445 WINDOW=1024 SYN

2019-12-28 19:10:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.185.239.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38108
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.185.239.69.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073001 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 30 21:03:19 CST 2019
;; MSG SIZE  rcvd: 118

Host info

69.239.185.138.in-addr.arpa domain name pointer 138-185-239-69.dynamic.solucoespower.com.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
69.239.185.138.in-addr.arpa	name = 138-185-239-69.dynamic.solucoespower.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.54.186.1	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 01:43:13
45.152.33.182	attackspambots	(From eric@talkwithcustomer.com) Hello mifflintownchiro.com, People ask, “why does TalkWithCustomer work so well?” It’s simple. TalkWithCustomer enables you to connect with a prospective customer at EXACTLY the Perfect Time. - NOT one week, two weeks, three weeks after they’ve checked out your website mifflintownchiro.com. - NOT with a form letter style email that looks like it was written by a bot. - NOT with a robocall that could come at any time out of the blue. TalkWithCustomer connects you to that person within seconds of THEM asking to hear from YOU. They kick off the conversation. They take that first step. They ask to hear from you regarding what you have to offer and how it can make their life better. And it happens almost immediately. In real time. While they’re still looking over your website mifflintownchiro.com, trying to make up their mind whether you are right for them. When you connect with them at that very moment it’s the ultimate in Perfect Timing – as one	2020-02-19 01:46:23
42.114.204.18	attackbotsspam	1582032179 - 02/18/2020 14:22:59 Host: 42.114.204.18/42.114.204.18 Port: 445 TCP Blocked	2020-02-19 01:49:27
103.110.18.20	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 01:50:16
36.227.0.36	attackspam	Feb 18 13:08:09 uapps sshd[24478]: User mysql from 36-227-0-36.dynamic-ip.hinet.net not allowed because not listed in AllowUsers Feb 18 13:08:09 uapps sshd[24478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36-227-0-36.dynamic-ip.hinet.net user=mysql Feb 18 13:08:10 uapps sshd[24478]: Failed password for invalid user mysql from 36.227.0.36 port 37920 ssh2 Feb 18 13:08:11 uapps sshd[24478]: Received disconnect from 36.227.0.36: 11: Bye Bye [preauth] Feb 18 13:35:22 uapps sshd[26681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36-227-0-36.dynamic-ip.hinet.net Feb 18 13:35:24 uapps sshd[26681]: Failed password for invalid user nevie from 36.227.0.36 port 46634 ssh2 Feb 18 13:35:25 uapps sshd[26681]: Received disconnect from 36.227.0.36: 11: Bye Bye [preauth] Feb 18 13:38:05 uapps sshd[26815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36-2........ -------------------------------	2020-02-19 01:18:53
13.67.91.234	attackbots	Feb 18 13:46:24 web8 sshd\[20289\]: Invalid user rahul1 from 13.67.91.234 Feb 18 13:46:24 web8 sshd\[20289\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.67.91.234 Feb 18 13:46:26 web8 sshd\[20289\]: Failed password for invalid user rahul1 from 13.67.91.234 port 53808 ssh2 Feb 18 13:49:46 web8 sshd\[21910\]: Invalid user chuck from 13.67.91.234 Feb 18 13:49:46 web8 sshd\[21910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.67.91.234	2020-02-19 01:57:52
107.167.180.11	attackbots	Automatic report - Banned IP Access	2020-02-19 01:54:04
198.54.117.249	spam	Used undred times per day for SPAM, PHISHING, SCAM and SEXE on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS ! Especially by WhoisGuard, une SOUS MERDE de namecheap.com https://www.mywot.com/scorecard/.com	2020-02-19 01:35:53
59.152.196.154	attack	Feb 18 13:24:55 firewall sshd[30722]: Invalid user henny from 59.152.196.154 Feb 18 13:24:57 firewall sshd[30722]: Failed password for invalid user henny from 59.152.196.154 port 42060 ssh2 Feb 18 13:28:58 firewall sshd[30888]: Invalid user mailer from 59.152.196.154 ...	2020-02-19 01:32:06
188.166.64.211	attackbots	Feb 18 18:14:20 pornomens sshd\[32543\]: Invalid user ftpuser from 188.166.64.211 port 46786 Feb 18 18:14:20 pornomens sshd\[32543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.64.211 Feb 18 18:14:22 pornomens sshd\[32543\]: Failed password for invalid user ftpuser from 188.166.64.211 port 46786 ssh2 ...	2020-02-19 01:39:39
180.250.125.53	attackbots	2020-02-18T15:05:56.261418scmdmz1 sshd[15111]: Invalid user bwadmin from 180.250.125.53 port 56546 2020-02-18T15:05:56.264277scmdmz1 sshd[15111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.125.53 2020-02-18T15:05:56.261418scmdmz1 sshd[15111]: Invalid user bwadmin from 180.250.125.53 port 56546 2020-02-18T15:05:58.485459scmdmz1 sshd[15111]: Failed password for invalid user bwadmin from 180.250.125.53 port 56546 ssh2 2020-02-18T15:09:12.744789scmdmz1 sshd[15406]: Invalid user test from 180.250.125.53 port 48758 ...	2020-02-19 01:34:43
49.233.142.11	attack	Feb 18 14:18:52 MK-Soft-VM3 sshd[16033]: Failed password for daemon from 49.233.142.11 port 51496 ssh2 ...	2020-02-19 01:24:47
185.209.0.32	attackbots	firewall-block, port(s): 18500/tcp	2020-02-19 01:32:32
159.89.232.5	attackbotsspam	Automatic report - XMLRPC Attack	2020-02-19 01:18:14
193.31.24.113	attackbots	02/18/2020-18:28:50.598170 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2020-02-19 01:38:26

Recently Reported IPs

79.133.33.248	23.92.127.10	192.236.208.95	116.52.87.197
5.69.133.115	23.94.148.13	103.240.245.16	62.127.106.82
85.105.219.38	1.2.156.73	180.218.233.202	114.243.128.227
119.196.83.10	113.108.70.68	183.3.220.54	36.69.200.41
185.129.4.18	110.78.155.106	109.74.15.197	233.134.169.0