138.204.235.95

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.204.235.170	attackbots	Honeypot attack, port: 445, PTR: static-170.nossaredetelecom.com.br.	2020-01-12 05:53:22
138.204.235.30	attackspam	Nov 6 11:03:54 legacy sshd[25899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 Nov 6 11:03:55 legacy sshd[25899]: Failed password for invalid user connect from 138.204.235.30 port 39969 ssh2 Nov 6 11:08:41 legacy sshd[26039]: Failed password for root from 138.204.235.30 port 59516 ssh2 ...	2019-11-06 19:44:26
138.204.235.30	attackbots	Nov 6 05:00:58 vtv3 sshd\[19402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 user=root Nov 6 05:01:00 vtv3 sshd\[19402\]: Failed password for root from 138.204.235.30 port 46213 ssh2 Nov 6 05:05:34 vtv3 sshd\[22298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 user=root Nov 6 05:05:36 vtv3 sshd\[22298\]: Failed password for root from 138.204.235.30 port 37500 ssh2 Nov 6 05:10:22 vtv3 sshd\[25215\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 user=root Nov 6 05:24:30 vtv3 sshd\[1082\]: Invalid user cn from 138.204.235.30 port 59149 Nov 6 05:24:30 vtv3 sshd\[1082\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 Nov 6 05:24:32 vtv3 sshd\[1082\]: Failed password for invalid user cn from 138.204.235.30 port 59149 ssh2 Nov 6 05:29:16 vtv3 sshd\[4242\]: Invali	2019-11-06 13:29:38
138.204.235.30	attackspam	Lines containing failures of 138.204.235.30 Oct 29 01:42:35 shared11 sshd[7816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 user=r.r Oct 29 01:42:38 shared11 sshd[7816]: Failed password for r.r from 138.204.235.30 port 51014 ssh2 Oct 29 01:42:38 shared11 sshd[7816]: Received disconnect from 138.204.235.30 port 51014:11: Bye Bye [preauth] Oct 29 01:42:38 shared11 sshd[7816]: Disconnected from authenticating user r.r 138.204.235.30 port 51014 [preauth] Oct 29 01:57:12 shared11 sshd[12485]: Invalid user asconex from 138.204.235.30 port 40713 Oct 29 01:57:12 shared11 sshd[12485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 Oct 29 01:57:14 shared11 sshd[12485]: Failed password for invalid user asconex from 138.204.235.30 port 40713 ssh2 Oct 29 01:57:14 shared11 sshd[12485]: Received disconnect from 138.204.235.30 port 40713:11: Bye Bye [preauth] Oct 29 01:57........ ------------------------------	2019-11-03 06:09:13
138.204.235.30	attackbotsspam	2019-11-02T04:43:21.134156shield sshd\[26264\]: Invalid user q1w2e3r4 from 138.204.235.30 port 48644 2019-11-02T04:43:21.142369shield sshd\[26264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 2019-11-02T04:43:23.482582shield sshd\[26264\]: Failed password for invalid user q1w2e3r4 from 138.204.235.30 port 48644 ssh2 2019-11-02T04:47:58.576752shield sshd\[27482\]: Invalid user Blood123 from 138.204.235.30 port 39622 2019-11-02T04:47:58.582282shield sshd\[27482\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30	2019-11-02 14:13:17
138.204.235.30	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2019-11-01 06:24:25
138.204.235.30	attackbotsspam	Lines containing failures of 138.204.235.30 Oct 29 01:42:35 shared11 sshd[7816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 user=r.r Oct 29 01:42:38 shared11 sshd[7816]: Failed password for r.r from 138.204.235.30 port 51014 ssh2 Oct 29 01:42:38 shared11 sshd[7816]: Received disconnect from 138.204.235.30 port 51014:11: Bye Bye [preauth] Oct 29 01:42:38 shared11 sshd[7816]: Disconnected from authenticating user r.r 138.204.235.30 port 51014 [preauth] Oct 29 01:57:12 shared11 sshd[12485]: Invalid user asconex from 138.204.235.30 port 40713 Oct 29 01:57:12 shared11 sshd[12485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 Oct 29 01:57:14 shared11 sshd[12485]: Failed password for invalid user asconex from 138.204.235.30 port 40713 ssh2 Oct 29 01:57:14 shared11 sshd[12485]: Received disconnect from 138.204.235.30 port 40713:11: Bye Bye [preauth] Oct 29 01:57........ ------------------------------	2019-10-31 16:48:00
138.204.235.30	attack	Lines containing failures of 138.204.235.30 Oct 29 01:42:35 shared11 sshd[7816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 user=r.r Oct 29 01:42:38 shared11 sshd[7816]: Failed password for r.r from 138.204.235.30 port 51014 ssh2 Oct 29 01:42:38 shared11 sshd[7816]: Received disconnect from 138.204.235.30 port 51014:11: Bye Bye [preauth] Oct 29 01:42:38 shared11 sshd[7816]: Disconnected from authenticating user r.r 138.204.235.30 port 51014 [preauth] Oct 29 01:57:12 shared11 sshd[12485]: Invalid user asconex from 138.204.235.30 port 40713 Oct 29 01:57:12 shared11 sshd[12485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 Oct 29 01:57:14 shared11 sshd[12485]: Failed password for invalid user asconex from 138.204.235.30 port 40713 ssh2 Oct 29 01:57:14 shared11 sshd[12485]: Received disconnect from 138.204.235.30 port 40713:11: Bye Bye [preauth] Oct 29 01:57........ ------------------------------	2019-10-31 00:04:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.204.235.95
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45808
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.204.235.95.			IN	A

;; AUTHORITY SECTION:
.			570	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 17:32:13 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 95.235.204.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 95.235.204.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.34.217.182	attack	Honeypot attack, port: 81, PTR: 1-34-217-182.HINET-IP.hinet.net.	2020-07-15 07:39:36
112.85.42.173	attackspam	Jul 15 01:17:42 vmd17057 sshd[27984]: Failed password for root from 112.85.42.173 port 43972 ssh2 Jul 15 01:17:47 vmd17057 sshd[27984]: Failed password for root from 112.85.42.173 port 43972 ssh2 ...	2020-07-15 07:32:28
122.255.5.42	attackspam	Jul 14 21:23:30 ajax sshd[18778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.255.5.42 Jul 14 21:23:33 ajax sshd[18778]: Failed password for invalid user testuser from 122.255.5.42 port 54210 ssh2	2020-07-15 07:50:20
89.144.12.17	attack	20 attempts against mh-misbehave-ban on sonic	2020-07-15 07:51:42
189.212.112.150	attackspam	[MK-VM1] Blocked by UFW	2020-07-15 07:26:28
24.145.138.131	attack	[DoS attack: LAND] attack packets in last 20 sec from ip [24.145.138.131], Tuesday, Jul 14,2020 12:04:38 [DoS attack: LAND] attack packets in last 20 sec from ip [24.145.138.131], Tuesday, Jul 14,2020 12:03:26 [DoS attack: LAND] attack packets in last 20 sec from ip [24.145.138.131], Tuesday, Jul 14,2020 12:00:18 [DoS attack: LAND] attack packets in last 20 sec from ip [24.145.138.131], Tuesday, Jul 14,2020 10:45:05	2020-07-15 07:55:00
54.37.158.218	attack	Jul 15 00:20:45 jane sshd[20459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.158.218 Jul 15 00:20:47 jane sshd[20459]: Failed password for invalid user sonar from 54.37.158.218 port 50297 ssh2 ...	2020-07-15 07:40:38
190.205.16.2	attack	(sshd) Failed SSH login from 190.205.16.2 (VE/Venezuela/190-205-16-2.dyn.dsl.cantv.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 14 20:38:55 amsweb01 sshd[14311]: Invalid user configure from 190.205.16.2 port 38624 Jul 14 20:38:57 amsweb01 sshd[14311]: Failed password for invalid user configure from 190.205.16.2 port 38624 ssh2 Jul 14 20:41:44 amsweb01 sshd[14785]: Invalid user nmt from 190.205.16.2 port 48034 Jul 14 20:41:46 amsweb01 sshd[14785]: Failed password for invalid user nmt from 190.205.16.2 port 48034 ssh2 Jul 14 20:44:30 amsweb01 sshd[15355]: Invalid user sam from 190.205.16.2 port 57443	2020-07-15 07:33:09
68.183.131.247	attackspam	Invalid user mb from 68.183.131.247 port 48380	2020-07-15 07:24:35
123.207.241.226	attackspambots	2020-07-14T13:25:55.099665linuxbox-skyline sshd[971896]: Invalid user shelley from 123.207.241.226 port 57722 ...	2020-07-15 07:44:29
192.241.213.70	attackspambots	Port Scan detected from 192.241.213.70 (US/United States/California/San Francisco/zg-0708a-54.stretchoid.com). 4 hits in the last 190 seconds	2020-07-15 07:41:23
58.59.25.2	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-15 07:32:50
82.194.24.200	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-15 07:47:23
5.182.39.88	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-14T21:59:53Z and 2020-07-14T21:59:55Z	2020-07-15 07:26:04
62.210.105.116	attackspam	abasicmove.de:80 62.210.105.116 - - [14/Jul/2020:20:38:27 +0200] "POST /xmlrpc.php HTTP/1.0" 301 493 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Safari/605.1.15" abasicmove.de 62.210.105.116 [14/Jul/2020:20:38:29 +0200] "POST /xmlrpc.php HTTP/1.0" 200 3643 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Safari/605.1.15"	2020-07-15 07:30:05

Recently Reported IPs

138.201.95.139	138.204.132.98	138.204.186.223	138.204.17.238
138.204.57.94	138.204.57.67	21.12.95.80	138.219.74.126
138.219.74.223	138.219.43.237	138.219.40.125	138.219.43.239
138.219.43.165	138.219.43.118	138.219.74.111	138.219.40.29
138.219.43.243	138.219.74.15	138.219.74.84	138.219.96.43