138.36.1.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.36.193.21	attackspam	Sep 23 18:48:27 mail.srvfarm.net postfix/smtps/smtpd[196163]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed: Sep 23 18:48:28 mail.srvfarm.net postfix/smtps/smtpd[196163]: lost connection after AUTH from unknown[138.36.193.21] Sep 23 18:49:34 mail.srvfarm.net postfix/smtps/smtpd[191709]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed: Sep 23 18:49:34 mail.srvfarm.net postfix/smtps/smtpd[191709]: lost connection after AUTH from unknown[138.36.193.21] Sep 23 18:56:50 mail.srvfarm.net postfix/smtps/smtpd[197152]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed:	2020-09-24 20:41:35
138.36.193.21	attackspam	Sep 23 18:48:27 mail.srvfarm.net postfix/smtps/smtpd[196163]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed: Sep 23 18:48:28 mail.srvfarm.net postfix/smtps/smtpd[196163]: lost connection after AUTH from unknown[138.36.193.21] Sep 23 18:49:34 mail.srvfarm.net postfix/smtps/smtpd[191709]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed: Sep 23 18:49:34 mail.srvfarm.net postfix/smtps/smtpd[191709]: lost connection after AUTH from unknown[138.36.193.21] Sep 23 18:56:50 mail.srvfarm.net postfix/smtps/smtpd[197152]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed:	2020-09-24 12:38:22
138.36.193.21	attackbotsspam	Sep 23 18:48:27 mail.srvfarm.net postfix/smtps/smtpd[196163]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed: Sep 23 18:48:28 mail.srvfarm.net postfix/smtps/smtpd[196163]: lost connection after AUTH from unknown[138.36.193.21] Sep 23 18:49:34 mail.srvfarm.net postfix/smtps/smtpd[191709]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed: Sep 23 18:49:34 mail.srvfarm.net postfix/smtps/smtpd[191709]: lost connection after AUTH from unknown[138.36.193.21] Sep 23 18:56:50 mail.srvfarm.net postfix/smtps/smtpd[197152]: warning: unknown[138.36.193.21]: SASL PLAIN authentication failed:	2020-09-24 04:08:31
138.36.110.170	attack	Automatic report - Port Scan Attack	2020-09-14 02:14:25
138.36.110.170	attackbotsspam	Automatic report - Port Scan Attack	2020-09-13 18:11:38
138.36.108.46	attack	23/tcp [2020-08-31]1pkt	2020-08-31 21:48:28
138.36.168.158	attack	SS5,DEF GET /phpmyadmin/	2020-08-27 09:27:13
138.36.1.102	attackbotsspam	Invalid user zyn from 138.36.1.102 port 60660	2020-08-25 22:12:28
138.36.100.81	attackspambots	Automatic report - XMLRPC Attack	2020-08-24 21:19:19
138.36.180.154	attackspam	Automatic report - Port Scan Attack	2020-08-24 09:31:47
138.36.1.102	attack	Aug 20 00:31:18 vps639187 sshd\[11639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.36.1.102 user=root Aug 20 00:31:20 vps639187 sshd\[11639\]: Failed password for root from 138.36.1.102 port 61423 ssh2 Aug 20 00:35:37 vps639187 sshd\[11692\]: Invalid user dev from 138.36.1.102 port 36526 Aug 20 00:35:37 vps639187 sshd\[11692\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.36.1.102 ...	2020-08-20 08:27:04
138.36.1.102	attackbots	2020-08-03T07:02:32.288612snf-827550 sshd[9122]: Failed password for root from 138.36.1.102 port 9773 ssh2 2020-08-03T07:07:10.068920snf-827550 sshd[9137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.36.1.102 user=root 2020-08-03T07:07:12.077866snf-827550 sshd[9137]: Failed password for root from 138.36.1.102 port 43988 ssh2 ...	2020-08-03 18:12:51
138.36.168.36	attack	Exploited Host.	2020-07-26 02:53:25
138.36.193.20	attackspambots	Jul 24 10:09:46 mail.srvfarm.net postfix/smtpd[2178873]: warning: unknown[138.36.193.20]: SASL PLAIN authentication failed: Jul 24 10:09:46 mail.srvfarm.net postfix/smtpd[2178873]: lost connection after AUTH from unknown[138.36.193.20] Jul 24 10:11:47 mail.srvfarm.net postfix/smtps/smtpd[2179076]: warning: unknown[138.36.193.20]: SASL PLAIN authentication failed: Jul 24 10:11:48 mail.srvfarm.net postfix/smtps/smtpd[2179076]: lost connection after AUTH from unknown[138.36.193.20] Jul 24 10:19:24 mail.srvfarm.net postfix/smtps/smtpd[2179036]: warning: unknown[138.36.193.20]: SASL PLAIN authentication failed:	2020-07-25 03:41:55
138.36.177.11	attackbotsspam	Unauthorized connection attempt from IP address 138.36.177.11 on Port 445(SMB)	2020-07-16 03:26:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.36.1.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4220
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.36.1.4.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 211 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:46:55 CST 2022
;; MSG SIZE  rcvd: 103

Host info

4.1.36.138.in-addr.arpa domain name pointer 138-36-1-4.texnet.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.1.36.138.in-addr.arpa	name = 138-36-1-4.texnet.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.206.60.41	attackspam	Unauthorized connection attempt detected from IP address 103.206.60.41 to port 445 [T]	2020-06-24 03:14:26
178.128.157.71	attackspam	Jun 24 03:40:53 web1 sshd[27080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.157.71 user=root Jun 24 03:40:55 web1 sshd[27080]: Failed password for root from 178.128.157.71 port 41566 ssh2 Jun 24 03:55:12 web1 sshd[9362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.157.71 user=ftp Jun 24 03:55:15 web1 sshd[9362]: Failed password for ftp from 178.128.157.71 port 47304 ssh2 Jun 24 03:58:20 web1 sshd[10044]: Invalid user teamspeak2 from 178.128.157.71 port 49654 Jun 24 03:58:20 web1 sshd[10044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.157.71 Jun 24 03:58:20 web1 sshd[10044]: Invalid user teamspeak2 from 178.128.157.71 port 49654 Jun 24 03:58:22 web1 sshd[10044]: Failed password for invalid user teamspeak2 from 178.128.157.71 port 49654 ssh2 Jun 24 04:01:25 web1 sshd[10834]: Invalid user musikbot from 178.128.157.71 port 52006 ...	2020-06-24 02:55:31
94.24.233.26	attackbots	Unauthorized connection attempt detected from IP address 94.24.233.26 to port 80 [T]	2020-06-24 03:16:09
222.105.157.3	attackbotsspam	Unauthorized connection attempt detected from IP address 222.105.157.3 to port 1997	2020-06-24 02:51:56
38.69.137.217	attackspam	Scanned 275 unique addresses for 2 unique TCP ports in 24 hours (ports 9525,18017)	2020-06-24 02:50:43
74.88.187.126	attackbots	TCP (SYN) 74.88.187.126:32352 -> port 23, len 44	2020-06-24 02:47:42
78.189.116.3	attackbots	Unauthorized connection attempt detected from IP address 78.189.116.3 to port 445 [T]	2020-06-24 03:19:17
191.100.10.88	attackspam	Unauthorized connection attempt detected from IP address 191.100.10.88 to port 80 [T]	2020-06-24 03:10:38
74.62.91.28	attackbots	1433/tcp 445/tcp... [2020-05-26/06-23]4pkt,2pt.(tcp)	2020-06-24 03:20:28
45.77.11.0	attackspam	Unauthorized connection attempt detected from IP address 45.77.11.0 to port 80 [T]	2020-06-24 03:04:58
31.204.17.134	attackbotsspam	Unauthorized connection attempt detected from IP address 31.204.17.134 to port 23 [T]	2020-06-24 03:23:53
51.83.69.84	attackspam	Automatic report - Banned IP Access	2020-06-24 02:48:37
124.196.11.6	attackbots	2020-06-23T19:20:42.766024+02:00 sshd[20140]: Failed password for root from 124.196.11.6 port 32411 ssh2	2020-06-24 02:57:28
193.118.53.194	attack	Unauthorized connection attempt detected from IP address 193.118.53.194 to port 6379 [T]	2020-06-24 03:09:08
88.208.200.57	attack	Unauthorized connection attempt detected from IP address 88.208.200.57 to port 445 [T]	2020-06-24 03:02:06

Recently Reported IPs

138.36.1.31	138.36.1.33	138.36.1.54	118.175.94.53
138.36.1.248	118.176.136.131	118.176.244.226	118.176.79.176
118.177.101.176	118.178.106.170	118.178.106.23	118.178.107.166
118.178.124.169	138.36.156.2	138.36.156.21	138.36.156.212
138.36.156.208	138.36.156.216	138.36.156.207	138.36.156.218