138.185.239.69

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Powertech Informatica

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	445/tcp 445/tcp 445/tcp [2019-07-30]3pkt	2019-07-30 21:03:28

Comments on same subnet:

IP	Type	Details	Datetime
138.185.239.93	attackbotsspam	Unauthorized connection attempt detected from IP address 138.185.239.93 to port 1433 [J]	2020-01-26 04:12:23
138.185.239.93	attackbots	20/1/17@16:46:17: FAIL: Alarm-Intrusion address from=138.185.239.93 20/1/17@16:46:17: FAIL: Alarm-Intrusion address from=138.185.239.93 ...	2020-01-18 05:46:55
138.185.239.93	attack	Unauthorised access (Dec 28) SRC=138.185.239.93 LEN=44 TTL=231 ID=29558 TCP DPT=445 WINDOW=1024 SYN	2019-12-28 19:10:02

Type

Details

Datetime

138.185.239.93

attackbotsspam

Unauthorized connection attempt detected from IP address 138.185.239.93 to port 1433 [J]

2020-01-26 04:12:23

138.185.239.93

attackbots

20/1/17@16:46:17: FAIL: Alarm-Intrusion address from=138.185.239.93
20/1/17@16:46:17: FAIL: Alarm-Intrusion address from=138.185.239.93
...

2020-01-18 05:46:55

138.185.239.93

attack

Unauthorised access (Dec 28) SRC=138.185.239.93 LEN=44 TTL=231 ID=29558 TCP DPT=445 WINDOW=1024 SYN

2019-12-28 19:10:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.185.239.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38108
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.185.239.69.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073001 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 30 21:03:19 CST 2019
;; MSG SIZE  rcvd: 118

Host info

69.239.185.138.in-addr.arpa domain name pointer 138-185-239-69.dynamic.solucoespower.com.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
69.239.185.138.in-addr.arpa	name = 138-185-239-69.dynamic.solucoespower.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.145.242.238	attack	Aug 15 06:27:07 abendstille sshd\[19167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.242.238 user=root Aug 15 06:27:10 abendstille sshd\[19167\]: Failed password for root from 132.145.242.238 port 45126 ssh2 Aug 15 06:30:58 abendstille sshd\[22529\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.242.238 user=root Aug 15 06:31:01 abendstille sshd\[22529\]: Failed password for root from 132.145.242.238 port 49963 ssh2 Aug 15 06:34:51 abendstille sshd\[26077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.242.238 user=root ...	2020-08-15 14:11:28
23.94.5.52	attackspambots	(From eric@talkwithwebvisitor.com) Hey, my name’s Eric and for just a second, imagine this… - Someone does a search and winds up at hughesfamilychiro.com. - They hang out for a minute to check it out. “I’m interested… but… maybe…” - And then they hit the back button and check out the other search results instead. - Bottom line – you got an eyeball, but nothing else to show for it. - There they go. This isn’t really your fault – it happens a LOT – studies show 7 out of 10 visitors to any site disappear without leaving a trace. But you CAN fix that. Talk With Web Visitor is a software widget that’s works on your site, ready to capture any visitor’s Name, Email address and Phone Number. It lets you know right then and there – enabling you to call that lead while they’re literally looking over your site. CLICK HERE http://www.talkwithwebvisitors.com to try out a Live Demo with Talk With Web Visitor now to see exactly how it works. Time is money when it comes to connecting with lea	2020-08-15 14:31:56
94.102.49.159	attackbots	Aug 15 08:05:44 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.49.159 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=41383 PROTO=TCP SPT=45696 DPT=22092 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 15 08:10:49 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.49.159 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=10752 PROTO=TCP SPT=45696 DPT=23476 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 15 08:16:24 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.49.159 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=52777 PROTO=TCP SPT=45696 DPT=22157 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 15 08:20:06 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.49.159 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=6156 PROTO=TCP SPT=45696 DPT=22139 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 15 08:22:54 * ...	2020-08-15 14:33:48
159.65.181.225	attackspambots	frenzy	2020-08-15 14:21:42
61.181.128.242	attack	$f2bV_matches	2020-08-15 14:22:27
179.124.19.240	attackbots	Attempted Brute Force (dovecot)	2020-08-15 14:24:19
218.92.0.148	attack	Aug 14 23:38:31 dignus sshd[24910]: Failed password for root from 218.92.0.148 port 58601 ssh2 Aug 14 23:38:34 dignus sshd[24910]: Failed password for root from 218.92.0.148 port 58601 ssh2 Aug 14 23:38:37 dignus sshd[24910]: Failed password for root from 218.92.0.148 port 58601 ssh2 Aug 14 23:38:40 dignus sshd[24930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.148 user=root Aug 14 23:38:41 dignus sshd[24930]: Failed password for root from 218.92.0.148 port 36169 ssh2 ...	2020-08-15 14:40:11
139.186.68.226	attack	frenzy	2020-08-15 14:16:27
154.120.242.70	attackbots	2020-08-15T06:03:15.512181randservbullet-proofcloud-66.localdomain sshd[15704]: Invalid user abse from 154.120.242.70 port 51148 2020-08-15T06:03:15.516945randservbullet-proofcloud-66.localdomain sshd[15704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.120.242.70 2020-08-15T06:03:15.512181randservbullet-proofcloud-66.localdomain sshd[15704]: Invalid user abse from 154.120.242.70 port 51148 2020-08-15T06:03:17.418676randservbullet-proofcloud-66.localdomain sshd[15704]: Failed password for invalid user abse from 154.120.242.70 port 51148 ssh2 ...	2020-08-15 14:29:55
183.89.115.240	attackspam	1597463779 - 08/15/2020 05:56:19 Host: 183.89.115.240/183.89.115.240 Port: 445 TCP Blocked	2020-08-15 14:09:14
183.144.74.40	attackspambots	" "	2020-08-15 14:29:42
36.72.249.181	attack	Icarus honeypot on github	2020-08-15 14:13:00
51.178.41.60	attackspambots	frenzy	2020-08-15 14:13:50
146.0.228.195	attackspam	UDP 146.0.228.195:27959 -> port 161, len 85	2020-08-15 14:36:25
36.84.80.31	attackspam	Aug 15 07:06:55 server sshd[29389]: Failed password for root from 36.84.80.31 port 62273 ssh2 Aug 15 07:18:03 server sshd[33807]: Failed password for root from 36.84.80.31 port 38081 ssh2 Aug 15 07:33:31 server sshd[40525]: Failed password for root from 36.84.80.31 port 64737 ssh2	2020-08-15 14:17:44

Recently Reported IPs

79.133.33.248	23.92.127.10	192.236.208.95	116.52.87.197
5.69.133.115	23.94.148.13	103.240.245.16	62.127.106.82
85.105.219.38	1.2.156.73	180.218.233.202	114.243.128.227
119.196.83.10	113.108.70.68	183.3.220.54	36.69.200.41
185.129.4.18	110.78.155.106	109.74.15.197	233.134.169.0