138.36.189.104

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Caweb Informatica Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	$f2bV_matches	2019-07-21 22:55:37

Comments on same subnet:

IP	Type	Details	Datetime
138.36.189.224	attackspambots	$f2bV_matches	2019-08-25 13:48:04
138.36.189.140	attack	failed_logins	2019-07-15 04:42:32
138.36.189.222	attack	SMTP-sasl brute force ...	2019-07-07 01:36:28
138.36.189.11	attack	Brute force attack to crack SMTP password (port 25 / 587)	2019-06-30 03:26:42
138.36.189.123	attackspam	SMTP-sasl brute force ...	2019-06-24 12:28:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.36.189.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42231
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.36.189.104.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 21 22:55:14 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 104.189.36.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 104.189.36.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
34.235.178.200	attackspam	2020-06-11T12:27:19.133737shield sshd\[24509\]: Invalid user wuwei from 34.235.178.200 port 56176 2020-06-11T12:27:19.137753shield sshd\[24509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-34-235-178-200.compute-1.amazonaws.com 2020-06-11T12:27:21.259423shield sshd\[24509\]: Failed password for invalid user wuwei from 34.235.178.200 port 56176 ssh2 2020-06-11T12:30:41.189137shield sshd\[25463\]: Invalid user sshadmin from 34.235.178.200 port 33022 2020-06-11T12:30:41.192984shield sshd\[25463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-34-235-178-200.compute-1.amazonaws.com	2020-06-11 20:36:31
84.52.82.124	attack	Jun 11 14:11:32 localhost sshd\[25646\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.52.82.124 user=root Jun 11 14:11:34 localhost sshd\[25646\]: Failed password for root from 84.52.82.124 port 57932 ssh2 Jun 11 14:14:53 localhost sshd\[25746\]: Invalid user admin from 84.52.82.124 Jun 11 14:14:53 localhost sshd\[25746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.52.82.124 Jun 11 14:14:55 localhost sshd\[25746\]: Failed password for invalid user admin from 84.52.82.124 port 59206 ssh2 ...	2020-06-11 20:22:02
190.143.119.228	attackbots	Repeated RDP login failures. Last user: administrator	2020-06-11 20:52:44
87.246.7.123	attack	Jun 11 14:14:26 srv1 postfix/smtpd[20691]: warning: unknown[87.246.7.123]: SASL LOGIN authentication failed: authentication failure Jun 11 14:14:33 srv1 postfix/smtpd[20691]: warning: unknown[87.246.7.123]: SASL LOGIN authentication failed: authentication failure Jun 11 14:14:40 srv1 postfix/smtpd[20691]: warning: unknown[87.246.7.123]: SASL LOGIN authentication failed: authentication failure Jun 11 14:14:46 srv1 postfix/smtpd[20691]: warning: unknown[87.246.7.123]: SASL LOGIN authentication failed: authentication failure Jun 11 14:14:53 srv1 postfix/smtpd[20691]: warning: unknown[87.246.7.123]: SASL LOGIN authentication failed: authentication failure ...	2020-06-11 20:29:32
83.33.136.91	attackspambots	Repeated RDP login failures. Last user: administrator	2020-06-11 20:47:52
74.122.121.120	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-11 20:35:40
50.63.196.204	attack	C1,DEF GET /wp/wp-includes/wlwmanifest.xml	2020-06-11 20:17:45
119.45.39.43	attack	Repeated RDP login failures. Last user: Demo	2020-06-11 20:45:12
192.241.202.169	attackspam	Failed password for invalid user fp from 192.241.202.169 port 47230 ssh2	2020-06-11 20:33:13
51.75.146.114	attack	VoIP Brute Force - 51.75.146.114 - Auto Report ...	2020-06-11 20:39:37
51.254.118.224	attack	2020-06-11 14:15:08,536 fail2ban.actions: WARNING [wp-login] Ban 51.254.118.224	2020-06-11 20:17:18
188.130.70.150	attack	Repeated RDP login failures. Last user: administrator	2020-06-11 20:53:36
5.188.87.49	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-11T11:34:24Z and 2020-06-11T12:14:56Z	2020-06-11 20:27:20
178.128.217.58	attack	2020-06-11T12:11:30.928022shield sshd\[20405\]: Invalid user minecraft from 178.128.217.58 port 50060 2020-06-11T12:11:30.932272shield sshd\[20405\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.217.58 2020-06-11T12:11:33.437487shield sshd\[20405\]: Failed password for invalid user minecraft from 178.128.217.58 port 50060 ssh2 2020-06-11T12:14:58.652647shield sshd\[21149\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.217.58 user=root 2020-06-11T12:15:00.379981shield sshd\[21149\]: Failed password for root from 178.128.217.58 port 49936 ssh2	2020-06-11 20:23:12
196.192.79.10	attackbotsspam	C1,DEF GET /wp-includes/wlwmanifest.xml	2020-06-11 20:32:59

Recently Reported IPs

38.144.3.243	150.189.95.99	123.24.235.88	34.227.180.119
93.169.236.246	115.77.127.137	42.115.138.69	183.80.137.191
56.165.50.119	103.24.124.222	157.143.109.58	195.186.156.153
41.92.7.105	14.163.251.90	183.111.122.11	144.48.110.218
129.79.253.226	132.170.251.180	94.142.63.26	130.75.128.207