138.36.3.142 - IPInfo

Basic Info

City: Fortaleza

Region: Ceara

Country: Brazil

Internet Service Provider: Tex Net Servicos de Comunicacao em Informatica Ltd

Hostname: unknown

Organization: TEX NET SERVIÇOS DE COMUNICAÇÃO EM INFORMATICA LTD

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	port scan and connect, tcp 23 (telnet)	2020-03-26 14:13:03
attackspam	Automatic report - Port Scan Attack	2019-07-14 03:34:58

Comments on same subnet:

IP	Type	Details	Datetime
138.36.31.34	attackspam	Honeypot attack, port: 445, PTR: 138-36-31-34.ligo.net.br.	2020-04-23 00:13:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.36.3.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33869
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.36.3.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071301 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 03:34:52 CST 2019
;; MSG SIZE  rcvd: 116

Host info

142.3.36.138.in-addr.arpa domain name pointer 138-36-3-142.texnet.net.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.3.36.138.in-addr.arpa	name = 138-36-3-142.texnet.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.43.234.153	attackspam	leo_www	2020-07-01 08:53:36
54.37.68.33	attack	Jun 30 18:34:26 h1745522 sshd[26240]: Invalid user test from 54.37.68.33 port 54464 Jun 30 18:34:26 h1745522 sshd[26240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.68.33 Jun 30 18:34:26 h1745522 sshd[26240]: Invalid user test from 54.37.68.33 port 54464 Jun 30 18:34:28 h1745522 sshd[26240]: Failed password for invalid user test from 54.37.68.33 port 54464 ssh2 Jun 30 18:38:25 h1745522 sshd[26455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.68.33 user=root Jun 30 18:38:27 h1745522 sshd[26455]: Failed password for root from 54.37.68.33 port 53144 ssh2 Jun 30 18:42:05 h1745522 sshd[26825]: Invalid user avorion from 54.37.68.33 port 51840 Jun 30 18:42:05 h1745522 sshd[26825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.68.33 Jun 30 18:42:05 h1745522 sshd[26825]: Invalid user avorion from 54.37.68.33 port 51840 Jun 30 18:42:08 h1745522 ssh ...	2020-07-01 09:07:45
107.170.37.74	attackbotsspam	2020-06-30T16:21:57.981680mail.broermann.family sshd[16358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.37.74 2020-06-30T16:21:57.977517mail.broermann.family sshd[16358]: Invalid user info from 107.170.37.74 port 47813 2020-06-30T16:22:00.420285mail.broermann.family sshd[16358]: Failed password for invalid user info from 107.170.37.74 port 47813 ssh2 2020-06-30T16:28:40.392921mail.broermann.family sshd[16941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.37.74 user=root 2020-06-30T16:28:43.157538mail.broermann.family sshd[16941]: Failed password for root from 107.170.37.74 port 47931 ssh2 ...	2020-07-01 09:26:39
142.93.121.47	attack	Multiple SSH authentication failures from 142.93.121.47	2020-07-01 09:11:39
118.32.131.214	attack	Jun 30 10:52:16 server1 sshd\[18787\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.32.131.214 user=root Jun 30 10:52:18 server1 sshd\[18787\]: Failed password for root from 118.32.131.214 port 40278 ssh2 Jun 30 10:54:55 server1 sshd\[19277\]: Invalid user swc from 118.32.131.214 Jun 30 10:54:55 server1 sshd\[19277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.32.131.214 Jun 30 10:54:57 server1 sshd\[19277\]: Failed password for invalid user swc from 118.32.131.214 port 54414 ssh2 ...	2020-07-01 08:57:24
95.213.193.205	attackspambots	russian scam fraud rats! 2020-06-01 21:03:09 Access 95.213.193.205 200 GET /kontaktformular/ HTTP/1.0 /kontaktformular/ Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36 3.86 K SSL/TLS-Zugriff für Apache	2020-07-01 08:57:58
66.240.205.34	attackspam	Unauthorized connection attempt detected from IP address 66.240.205.34 to port 4444	2020-07-01 09:25:02
192.81.208.44	attackbots	Multiple SSH authentication failures from 192.81.208.44	2020-07-01 09:25:26
201.149.55.53	attackspam	Jun 30 19:03:21 itv-usvr-02 sshd[8359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 user=root Jun 30 19:03:22 itv-usvr-02 sshd[8359]: Failed password for root from 201.149.55.53 port 48310 ssh2 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: Invalid user fluffy from 201.149.55.53 port 51622 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.149.55.53 Jun 30 19:07:02 itv-usvr-02 sshd[8541]: Invalid user fluffy from 201.149.55.53 port 51622 Jun 30 19:07:05 itv-usvr-02 sshd[8541]: Failed password for invalid user fluffy from 201.149.55.53 port 51622 ssh2	2020-07-01 09:29:49
51.255.199.33	attackbots	2020-06-30T19:55:55.531802hostname sshd[18358]: Failed password for invalid user fcweb from 51.255.199.33 port 55170 ssh2 2020-06-30T20:01:07.578576hostname sshd[20539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=33.ip-51-255-199.eu user=root 2020-06-30T20:01:10.098824hostname sshd[20539]: Failed password for root from 51.255.199.33 port 53522 ssh2 ...	2020-07-01 08:49:12
103.89.176.74	attackspam	Jun 30 19:19:13 debian-2gb-nbg1-2 kernel: \[15796190.480997\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.89.176.74 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=42385 PROTO=TCP SPT=57614 DPT=24071 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-01 09:21:12
40.90.160.203	attackbotsspam	Jun 30 16:57:14 buvik sshd[2231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.90.160.203 Jun 30 16:57:16 buvik sshd[2231]: Failed password for invalid user agentegerais from 40.90.160.203 port 59770 ssh2 Jun 30 17:01:24 buvik sshd[3290]: Invalid user test from 40.90.160.203 ...	2020-07-01 09:17:42
151.80.60.151	attackspam	Jun 30 14:18:57 ws22vmsma01 sshd[179717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.60.151 Jun 30 14:18:58 ws22vmsma01 sshd[179717]: Failed password for invalid user anton from 151.80.60.151 port 42296 ssh2 ...	2020-07-01 09:03:24
46.165.230.5	attackbots	(mod_security) mod_security (id:210492) triggered by 46.165.230.5 (DE/Germany/tor-exit.dhalgren.org): 5 in the last 3600 secs	2020-07-01 08:49:57
116.22.199.156	attackspam	Port Scan detected! ...	2020-07-01 09:19:08

Recently Reported IPs

177.232.234.102	101.158.40.9	120.56.250.4	73.36.59.117
5.112.17.108	185.225.84.104	14.239.209.146	114.123.140.7
154.124.59.0	35.86.75.113	85.12.93.25	39.95.173.87
111.254.70.59	141.136.230.193	72.78.19.0	88.254.192.116
124.190.73.76	182.59.35.146	182.202.165.231	120.246.253.139