138.185.243.75

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.185.243.70	attack	Lines containing failures of 138.185.243.70 Aug 17 12:33:19 www sshd[12615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.243.70 user=r.r Aug 17 12:33:21 www sshd[12615]: Failed password for r.r from 138.185.243.70 port 53956 ssh2 Aug 17 12:33:21 www sshd[12615]: Received disconnect from 138.185.243.70 port 53956:11: Bye Bye [preauth] Aug 17 12:33:21 www sshd[12615]: Disconnected from authenticating user r.r 138.185.243.70 port 53956 [preauth] Aug 17 12:54:09 www sshd[17195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.243.70 user=r.r Aug 17 12:54:11 www sshd[17195]: Failed password for r.r from 138.185.243.70 port 46818 ssh2 Aug 17 12:54:12 www sshd[17195]: Received disconnect from 138.185.243.70 port 46818:11: Bye Bye [preauth] Aug 17 12:54:12 www sshd[17195]: Disconnected from authenticating user r.r 138.185.243.70 port 46818 [preauth] Aug 17 13:00:19 www sshd[1840........ ------------------------------	2020-08-17 21:44:02

Type

Details

Datetime

138.185.243.70

attack

Lines containing failures of 138.185.243.70
Aug 17 12:33:19 www sshd[12615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.243.70  user=r.r
Aug 17 12:33:21 www sshd[12615]: Failed password for r.r from 138.185.243.70 port 53956 ssh2
Aug 17 12:33:21 www sshd[12615]: Received disconnect from 138.185.243.70 port 53956:11: Bye Bye [preauth]
Aug 17 12:33:21 www sshd[12615]: Disconnected from authenticating user r.r 138.185.243.70 port 53956 [preauth]
Aug 17 12:54:09 www sshd[17195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.243.70  user=r.r
Aug 17 12:54:11 www sshd[17195]: Failed password for r.r from 138.185.243.70 port 46818 ssh2
Aug 17 12:54:12 www sshd[17195]: Received disconnect from 138.185.243.70 port 46818:11: Bye Bye [preauth]
Aug 17 12:54:12 www sshd[17195]: Disconnected from authenticating user r.r 138.185.243.70 port 46818 [preauth]
Aug 17 13:00:19 www sshd[1840........
------------------------------

2020-08-17 21:44:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.185.243.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29521
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.185.243.75.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 14:35:30 CST 2022
;; MSG SIZE  rcvd: 107

Host info

75.243.185.138.in-addr.arpa domain name pointer 75.243.185.138.masttelecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
75.243.185.138.in-addr.arpa	name = 75.243.185.138.masttelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.77.195.1	attackspambots	Failed password for invalid user takamatsu from 51.77.195.1 port 40168 ssh2 Invalid user activiti from 51.77.195.1 port 60306 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.195.1 Failed password for invalid user activiti from 51.77.195.1 port 60306 ssh2 Invalid user remote from 51.77.195.1 port 52212	2020-02-22 21:11:23
92.63.194.104	attackbots	suspicious action Sat, 22 Feb 2020 10:00:38 -0300	2020-02-22 21:09:33
177.200.41.78	attack	Feb 22 14:14:04 web2 sshd[1611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.200.41.78 Feb 22 14:14:06 web2 sshd[1611]: Failed password for invalid user aero-stoked from 177.200.41.78 port 42930 ssh2	2020-02-22 21:23:49
175.141.245.35	attackbotsspam	Automatic report - SSH Brute-Force Attack	2020-02-22 21:25:27
185.209.0.90	attackspam	02/22/2020-14:15:11.565667 185.209.0.90 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-22 21:16:58
201.41.148.228	attackbotsspam	Feb 22 13:27:30 server sshd\[2686\]: Invalid user guest from 201.41.148.228 Feb 22 13:27:30 server sshd\[2686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.41.148.228 Feb 22 13:27:32 server sshd\[2686\]: Failed password for invalid user guest from 201.41.148.228 port 55440 ssh2 Feb 22 13:41:23 server sshd\[5111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.41.148.228 user=root Feb 22 13:41:25 server sshd\[5111\]: Failed password for root from 201.41.148.228 port 35045 ssh2 ...	2020-02-22 21:03:45
146.88.240.4	attack	22.02.2020 13:28:33 Connection to port 1194 blocked by firewall	2020-02-22 21:19:16
177.1.213.19	attackbots	Feb 22 06:31:41 ns382633 sshd\[14997\]: Invalid user usuario from 177.1.213.19 port 6565 Feb 22 06:31:41 ns382633 sshd\[14997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.1.213.19 Feb 22 06:31:44 ns382633 sshd\[14997\]: Failed password for invalid user usuario from 177.1.213.19 port 6565 ssh2 Feb 22 06:45:50 ns382633 sshd\[17359\]: Invalid user bb2 from 177.1.213.19 port 52008 Feb 22 06:45:50 ns382633 sshd\[17359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.1.213.19	2020-02-22 20:57:36
41.93.50.8	attack	Feb 22 14:14:04 cp sshd[17555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.93.50.8	2020-02-22 21:24:13
92.63.194.108	attackspambots	Invalid user admin from 92.63.194.108 port 42395	2020-02-22 21:08:02
163.172.158.205	attack	2020-02-22T06:14:03.380727-07:00 suse-nuc sshd[20447]: Invalid user sito from 163.172.158.205 port 38646 ...	2020-02-22 21:25:51
92.63.194.7	attackspam	Feb 22 14:24:04 piServer sshd[12418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.7 Feb 22 14:24:06 piServer sshd[12418]: Failed password for invalid user operator from 92.63.194.7 port 42088 ssh2 Feb 22 14:24:25 piServer sshd[12497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.7 ...	2020-02-22 21:31:10
185.176.27.46	attack	scans 3 times in preceeding hours on the ports (in chronological order) 6020 6011 6006 resulting in total of 39 scans from 185.176.27.0/24 block.	2020-02-22 21:18:03
177.134.26.27	attackspambots	(sshd) Failed SSH login from 177.134.26.27 (BR/Brazil/177.134.26.27.dynamic.adsl.gvt.net.br): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 22 14:14:01 ubnt-55d23 sshd[23970]: Invalid user git from 177.134.26.27 port 48470 Feb 22 14:14:03 ubnt-55d23 sshd[23970]: Failed password for invalid user git from 177.134.26.27 port 48470 ssh2	2020-02-22 21:24:42
37.114.162.132	attackspam	Feb 22 04:42:17 gitlab-ci sshd\[11968\]: Invalid user admin from 37.114.162.132Feb 22 04:42:20 gitlab-ci sshd\[11971\]: Invalid user admin from 37.114.162.132 ...	2020-02-22 20:51:26

Recently Reported IPs

138.185.187.43	138.185.238.190	138.186.251.156	138.186.107.212
138.186.138.64	138.186.250.108	138.185.9.153	138.186.138.35
138.19.144.93	138.186.132.237	138.186.31.220	138.186.109.230
138.19.251.214	138.19.71.112	138.197.157.233	138.197.160.172
138.197.173.84	138.197.9.134	138.197.211.231	138.197.154.208