138.204.135.199

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Fiuza Informatica & Telecomunicacao Ltda ME

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 8 02:15:11 TCP Attack: SRC=138.204.135.199 DST=[Masked] LEN=238 TOS=0x00 PREC=0x00 TTL=48 DF PROTO=TCP SPT=26716 DPT=80 WINDOW=1800 RES=0x00 ACK PSH URGP=0	2019-08-08 17:09:07

Comments on same subnet:

IP	Type	Details	Datetime
138.204.135.116	attack	port scan and connect, tcp 80 (http)	2020-03-24 00:11:28
138.204.135.98	attackbotsspam	Unauthorized connection attempt detected from IP address 138.204.135.98 to port 80 [J]	2020-01-29 08:15:01
138.204.135.98	attackspam	Unauthorized connection attempt detected from IP address 138.204.135.98 to port 8080 [J]	2020-01-18 17:42:34

Type

Details

Datetime

138.204.135.116

attack

port scan and connect, tcp 80 (http)

2020-03-24 00:11:28

138.204.135.98

attackbotsspam

Unauthorized connection attempt detected from IP address 138.204.135.98 to port 80 [J]

2020-01-29 08:15:01

138.204.135.98

attackspam

Unauthorized connection attempt detected from IP address 138.204.135.98 to port 8080 [J]

2020-01-18 17:42:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.204.135.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5341
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.204.135.199.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 17:08:52 CST 2019
;; MSG SIZE  rcvd: 119

Host info

199.135.204.138.in-addr.arpa domain name pointer 199.135.204.138.venonconnect.com.

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 199.135.204.138.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
216.218.191.102	attackspambots	firewall-block, port(s): 389/udp	2019-07-20 08:45:59
185.30.161.146	attackspam	[ ?? ] From bounce6@pontualsegcorretora.com.br Fri Jul 19 12:41:17 2019 Received: from vale3.pontualsegcorretora.com.br ([185.30.161.146]:48419)	2019-07-20 08:23:31
202.29.70.46	attack	Triggered by Fail2Ban at Ares web server	2019-07-20 08:48:14
35.173.57.249	attackbots	Jul 19 16:33:49 TCP Attack: SRC=35.173.57.249 DST=[Masked] LEN=250 TOS=0x00 PREC=0x00 TTL=236 DF PROTO=TCP SPT=39702 DPT=80 WINDOW=913 RES=0x00 ACK PSH URGP=0	2019-07-20 08:39:28
200.3.16.83	attack	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-07-20 08:07:59
200.58.160.25	attack	Misuse of DNS server	2019-07-20 08:50:10
106.12.212.187	attack	Jul 20 00:45:37 mail sshd\[29703\]: Invalid user guest2 from 106.12.212.187\ Jul 20 00:45:39 mail sshd\[29703\]: Failed password for invalid user guest2 from 106.12.212.187 port 48045 ssh2\ Jul 20 00:47:45 mail sshd\[29728\]: Invalid user ark from 106.12.212.187\ Jul 20 00:47:47 mail sshd\[29728\]: Failed password for invalid user ark from 106.12.212.187 port 59097 ssh2\ Jul 20 00:49:50 mail sshd\[29736\]: Invalid user marie from 106.12.212.187\ Jul 20 00:49:52 mail sshd\[29736\]: Failed password for invalid user marie from 106.12.212.187 port 41911 ssh2\	2019-07-20 08:06:15
176.31.125.162	attackbots	176.31.125.162 - - [19/Jul/2019:22:45:45 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.31.125.162 - - [19/Jul/2019:22:45:45 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.31.125.162 - - [19/Jul/2019:22:45:45 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.31.125.162 - - [19/Jul/2019:22:45:46 +0200] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.31.125.162 - - [19/Jul/2019:22:45:46 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 176.31.125.162 - - [19/Jul/2019:22:45:46 +0200] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-20 08:18:09
223.202.201.220	attackbots	Jul 20 02:18:47 debian64 sshd\[4927\]: Invalid user misha from 223.202.201.220 port 39292 Jul 20 02:18:47 debian64 sshd\[4927\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.202.201.220 Jul 20 02:18:49 debian64 sshd\[4927\]: Failed password for invalid user misha from 223.202.201.220 port 39292 ssh2 ...	2019-07-20 08:32:51
62.210.111.127	attack	Probing data entry form.	2019-07-20 08:49:27
180.64.71.114	attack	Invalid user nagios from 180.64.71.114 port 57264	2019-07-20 08:39:59
174.138.56.93	attack	2019-07-19 UTC: 2x - emil,root	2019-07-20 08:44:21
193.39.71.34	attackspambots	Misuse of DNS server	2019-07-20 08:35:31
220.134.144.96	attackbotsspam	SSH Bruteforce	2019-07-20 08:16:04
117.3.70.183	attackbotsspam	WordPress brute force	2019-07-20 08:43:21

Recently Reported IPs

49.83.95.7	10.103.16.243	173.15.8.8	132.131.128.187
220.191.16.202	218.186.176.26	83.227.129.141	75.172.242.15
161.246.38.18	231.141.238.76	222.89.84.129	94.71.80.113
167.99.53.213	182.70.81.107	201.150.120.10	149.210.70.107
120.197.55.161	187.87.7.93	84.197.67.38	37.186.214.12